metasploit-framework/modules/encoders/x86/alpha_upper.rb

76 lines
1.9 KiB
Ruby
Raw Normal View History

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'rex/encoder/alpha2/alpha_upper'
class Metasploit3 < Msf::Encoder::Alphanum
2013-08-30 21:28:54 +00:00
Rank = LowRanking
2013-08-30 21:28:54 +00:00
def initialize
super(
'Name' => "Alpha2 Alphanumeric Uppercase Encoder",
'Description' => %q{
Encodes payloads as alphanumeric uppercase text. This encoder uses
SkyLined's Alpha2 encoding suite.
},
'Author' => [ 'pusscat', 'skylined' ],
'Arch' => ARCH_X86,
'License' => BSD_LICENSE,
'EncoderType' => Msf::Encoder::Type::AlphanumUpper,
'Decoder' =>
{
'BlockSize' => 1,
})
end
2013-08-30 21:28:54 +00:00
#
# Returns the decoder stub that is adjusted for the size of the buffer
# being encoded.
#
def decoder_stub(state)
reg = datastore['BufferRegister']
off = (datastore['BufferOffset'] || 0).to_i
buf = ''
2013-08-30 21:28:54 +00:00
# We need to create a GetEIP stub for the exploit
if (not reg)
if(datastore['AllowWin32SEH'] and datastore['AllowWin32SEH'].to_s =~ /^(t|y|1)/i)
buf = 'VTX630WTX638VXH49HHHPVX5AAQQPVX5YYYYP5YYYD5KKYAPTTX638TDDNVDDX4Z4A63861816'
reg = 'ECX'
off = 0
else
res = Rex::Arch::X86.geteip_fpu(state.badchars)
if (not res)
2015-05-18 20:33:01 +00:00
raise EncodingError, "Unable to generate geteip code"
2013-08-30 21:28:54 +00:00
end
buf, reg, off = res
end
else
reg.upcase!
end
2013-08-30 21:28:54 +00:00
buf + Rex::Encoder::Alpha2::AlphaUpper::gen_decoder(reg, off)
end
2013-08-30 21:28:54 +00:00
#
# Encodes a one byte block with the current index of the length of the
# payload.
#
def encode_block(state, block)
return Rex::Encoder::Alpha2::AlphaUpper::encode_byte(block.unpack('C')[0], state.badchars)
end
2013-08-30 21:28:54 +00:00
#
# Tack on our terminator
#
def encode_end(state)
state.encoded += Rex::Encoder::Alpha2::AlphaUpper::add_terminator()
end
end