Donnerstag, 1. März 2012

IRB Hacking Extensions

I just wrote a little .irbrc file which extends the IRB to an easy to use hacking tool. Most of the features ("Monkey Patches") are only a kind of command aliasing to satisfy my laziness. But there are also some neat methods, like hexdump or decode_cisco7 which provide more complex functionalities.

Current features:
* IRB: Output Limit, TAB_Completion
* String: en/decode_url, en/decode_uri, en/decode_b64, decode_cisco7, hexdump, printable, to_md5, to_sha1

[EXAMPLE] TAB Completion

>> "this is a string".dec|TAB|TAB|TAB|
.decode_b64 .decode_cisco7 .decode_uri .decode_url
>> "this is a string".decode_

[EXAMPLE] Hexdump a range of a binary file

>> bin ='c:\windows\system32\calc.exe').read
=> "MZ\x90\x00\x03\x00\x00\x00\x04\x00\x00\x00\xFF\xFF\x00\x00\xB8\x00\x00\x00\x
00\x00\x00\x00@\x00\ ..."
>> bin.hexdump :range => (0x00..0x16)
000000: 4D 5A 90 00 03 00 00 00 - 04 00 00 00 FF FF 00 00 :MZ..............
000010: B8 00 00 00 00 00 :......
=> true

[EXAMPLE] Decode Cisco 7 Passwords

>> "07362E590E1B1C041B1E124C0A2F2E206832752E1A01134D".decode_cisco7
=> "You really need a life."


Install the extension gem:

$gem install pentex

To get the extensions persitently loaded on starting the IRB add the following line to your .irbrc file which in general resides in your home directory.
Note: You may need to create this file.

require 'pentex'

To determine the right directory you can use one of the following commands depending on your platform:
  • [Windows] echo %userprofile%
  • [Xnix] echo $HOME
  • [IRB] ENV['HOME']

If the installation was successful you should see something like this after starting irb:

>> loading libs
>> monkey patching ...

The most recent documentation is available via RubyGems.



Keine Kommentare: