From 04f499031844087f721d5cdbbc06cef150190867 Mon Sep 17 00:00:00 2001 From: h00die Date: Thu, 11 Jul 2024 18:28:50 +0000 Subject: [PATCH] Further x11 updates --- .../auxiliary/gather/x11_keyboard_spy.md | 6 +++++- lib/rex/proto/x11/window.rb | 20 +++++++++++-------- lib/rex/proto/x11/xkeyboard.rb | 4 +--- modules/auxiliary/gather/x11_keyboard_spy.rb | 6 +++--- spec/lib/rex/proto/x11/xkeyboard.rb | 2 +- 5 files changed, 22 insertions(+), 16 deletions(-) diff --git a/documentation/modules/auxiliary/gather/x11_keyboard_spy.md b/documentation/modules/auxiliary/gather/x11_keyboard_spy.md index b048040f3ee0..f545f665d1a8 100644 --- a/documentation/modules/auxiliary/gather/x11_keyboard_spy.md +++ b/documentation/modules/auxiliary/gather/x11_keyboard_spy.md @@ -101,11 +101,15 @@ Getting X11 to listen on a TCP port is rather taxing, so we use socat to facilit ## Options -### ListenerTimeout +### LISTENER_TIMEOUT How many seconds to keylog for. If set to `0`, wait forever. Defaults to `600`, 10 minutes. +### PRINTERVAL + +The interval to print keylogs in seconds. Defaults to `60`. + ## Scenarios ### Ubuntu 22.04 diff --git a/lib/rex/proto/x11/window.rb b/lib/rex/proto/x11/window.rb index 4bceca86e36d..a789ad572a00 100644 --- a/lib/rex/proto/x11/window.rb +++ b/lib/rex/proto/x11/window.rb @@ -210,19 +210,23 @@ def create_overlay_map(screen_width, screen_height, windows) end class X11Image - def initialize(width, height, image_reply, color_reply) - @width = width - @height = height - @image_reply = image_reply - @color_reply = color_reply + def initialize(width, height, image_data, color_data) + @width = width # integer, 1024 in 1024×768 + @height = height # integer, 768 in 1024×768 + @image_data = image_data # from X11GetImageResponse + @color_data = color_data # from X11GetColorsResponse + end + + self.from_replies(width, height, image_reply, color_reply) + self.new(width, height, image_reply.image_data, color_reply.colors) end def create_image - # Extract relevant data from @image_reply and @color_reply + # Extract relevant data from @image_data and @color_data width = @width height = @height - pixel_data = @image_reply.image_data - colors = @color_reply.colors + pixel_data = @image_data + colors = @color_data # Create an image object image = ChunkyPNG::Image.new(width, height, ChunkyPNG::Color::TRANSPARENT) diff --git a/lib/rex/proto/x11/xkeyboard.rb b/lib/rex/proto/x11/xkeyboard.rb index ffb2cb2a8e31..4208a847adcd 100644 --- a/lib/rex/proto/x11/xkeyboard.rb +++ b/lib/rex/proto/x11/xkeyboard.rb @@ -15,9 +15,7 @@ class X11KeyModMap < BinData::Record end # https://xcb.freedesktop.org/manual/structxcb__xkb__key__sym__map__iterator__t.html - class X11Sym < BinData::Record - endian :little - uint32 :syms + class X11Sym < BinData::Uint32le end # https://xcb.freedesktop.org/manual/structxcb__xkb__key__sym__map__t.html diff --git a/modules/auxiliary/gather/x11_keyboard_spy.rb b/modules/auxiliary/gather/x11_keyboard_spy.rb index 7f1d4be68f43..845ec4af120a 100644 --- a/modules/auxiliary/gather/x11_keyboard_spy.rb +++ b/modules/auxiliary/gather/x11_keyboard_spy.rb @@ -53,8 +53,8 @@ def initialize(info = {}) ) ) register_options [ - OptInt.new('ListenerTimeout', [ true, 'The maximum number of seconds to keylog', 600 ]), # 10 minutes - OptInt.new('PRINTERVAL', [ true, 'The interval to print keyloggs in seconds', 60 ]) # 1 minutes + OptInt.new('LISTENER_TIMEOUT', [ true, 'The maximum number of seconds to keylog', 600 ]), # 10 minutes + OptInt.new('PRINTERVAL', [ true, 'The interval to print keylogs in seconds', 60 ]) # 1 minutes ] end @@ -233,7 +233,7 @@ def run # loop mechanics stolen from exploit/multi/handler stime = Time.now.to_f print_timer = Time.now.to_f - timeout = datastore['ListenerTimeout'].to_i + timeout = datastore['LISTENER_TIMEOUT'].to_i printerval = datastore['PRINTERVAL'].to_i begin loop do diff --git a/spec/lib/rex/proto/x11/xkeyboard.rb b/spec/lib/rex/proto/x11/xkeyboard.rb index aa481385273c..e0e57076b925 100644 --- a/spec/lib/rex/proto/x11/xkeyboard.rb +++ b/spec/lib/rex/proto/x11/xkeyboard.rb @@ -401,7 +401,7 @@ expect(response.n_key_sym).to eq(248) # spot check a few of the key_map_array items - expect(response.key_map_array[247].key_sym_array[0].syms).to eq(269025205) + expect(response.key_map_array[247].key_sym_array[0]).to eq(269025205) expect(response.total_mod_map_key).to eq(15) # spot check a few of the key_mod_map_array items