From 19e47d5e82d041885d08c0709b19e1f478db0ba0 Mon Sep 17 00:00:00 2001 From: Meatballs Date: Sun, 25 Aug 2013 00:06:31 +0100 Subject: [PATCH 1/4] Really fix war --- lib/msf/util/exe.rb | 2 +- lib/rex/zip/archive.rb | 6 +++++- lib/rex/zip/entry.rb | 4 ++-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/lib/msf/util/exe.rb b/lib/msf/util/exe.rb index 2b9702dba6..02896b1651 100755 --- a/lib/msf/util/exe.rb +++ b/lib/msf/util/exe.rb @@ -1061,7 +1061,7 @@ def self.to_vba(framework,code,opts={}) web_xml.gsub!(/PAYLOAD/, jsp_name) zip = Rex::Zip::Archive.new - zip.add_file('META-INF/', nil, meta_inf) + zip.add_file('META-INF/', '', meta_inf) zip.add_file('META-INF/MANIFEST.MF', manifest) zip.add_file('WEB-INF/', '') zip.add_file('WEB-INF/web.xml', web_xml) diff --git a/lib/rex/zip/archive.rb b/lib/rex/zip/archive.rb index b8b068f75f..2163ef133c 100644 --- a/lib/rex/zip/archive.rb +++ b/lib/rex/zip/archive.rb @@ -21,6 +21,10 @@ class Archive # # Create a new Entry and add it to the archive. # + # If fdata is set, the file is populated with that data + # from the calling method. If fdata is nil, then the + # fs is checked for the file. + # def add_file(fname, fdata=nil, xtra=nil, comment=nil) if (not fdata) begin @@ -32,7 +36,7 @@ class Archive ts = st.mtime if (st.directory?) attrs = EFA_ISDIR - fname += '/' + fdata = '' else f = File.open(fname, 'rb') fdata = f.read(f.stat.size) diff --git a/lib/rex/zip/entry.rb b/lib/rex/zip/entry.rb index 5f5193360b..b063b6a72e 100644 --- a/lib/rex/zip/entry.rb +++ b/lib/rex/zip/entry.rb @@ -12,8 +12,8 @@ class Entry attr_reader :data def initialize(fname, data, compmeth, timestamp=nil, attrs=nil, xtra=nil, comment=nil) - @name = fname.unpack("C*").pack("C*") if fname - @data = data.unpack("C*").pack("C*") if data + @name = fname.unpack("C*").pack("C*") + @data = data.unpack("C*").pack("C*") @xtra = xtra @xtra ||= '' @comment = comment From 83da0b3a577f7515c2e144ebaf7419bbf19330b3 Mon Sep 17 00:00:00 2001 From: Meatballs Date: Sun, 25 Aug 2013 00:17:26 +0100 Subject: [PATCH 2/4] Correct fname --- lib/rex/zip/archive.rb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/rex/zip/archive.rb b/lib/rex/zip/archive.rb index 2163ef133c..e376f85f7e 100644 --- a/lib/rex/zip/archive.rb +++ b/lib/rex/zip/archive.rb @@ -37,6 +37,9 @@ class Archive if (st.directory?) attrs = EFA_ISDIR fdata = '' + unless fdata[-1] == '/' + fdata << '/' + end else f = File.open(fname, 'rb') fdata = f.read(f.stat.size) From d45d37bc381f8f696b27cf885ab4c4f0bd075e62 Mon Sep 17 00:00:00 2001 From: Meatballs Date: Sun, 25 Aug 2013 00:18:50 +0100 Subject: [PATCH 3/4] Really fix... --- lib/rex/zip/archive.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/rex/zip/archive.rb b/lib/rex/zip/archive.rb index e376f85f7e..bf4584dc04 100644 --- a/lib/rex/zip/archive.rb +++ b/lib/rex/zip/archive.rb @@ -37,8 +37,8 @@ class Archive if (st.directory?) attrs = EFA_ISDIR fdata = '' - unless fdata[-1] == '/' - fdata << '/' + unless fname[-1] == '/' + fname << '/' end else f = File.open(fname, 'rb') From 526e504531e1fc4763fec57f42aa6aeeabc0773c Mon Sep 17 00:00:00 2001 From: Meatballs Date: Sun, 25 Aug 2013 12:21:37 +0100 Subject: [PATCH 4/4] More fix --- lib/rex/zip/archive.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/rex/zip/archive.rb b/lib/rex/zip/archive.rb index bf4584dc04..60a6a5f426 100644 --- a/lib/rex/zip/archive.rb +++ b/lib/rex/zip/archive.rb @@ -37,8 +37,8 @@ class Archive if (st.directory?) attrs = EFA_ISDIR fdata = '' - unless fname[-1] == '/' - fname << '/' + unless fname[-1,1] == '/' + fname += '/' end else f = File.open(fname, 'rb')