diff --git a/lib/msf/core/encoded_payload.rb b/lib/msf/core/encoded_payload.rb index ee46f41405..4b0b43f535 100644 --- a/lib/msf/core/encoded_payload.rb +++ b/lib/msf/core/encoded_payload.rb @@ -97,6 +97,10 @@ class EncodedPayload # Try encoding with the current encoder begin self.encoded = self.encoder.encode(self.raw, reqs['BadChars']) + rescue SyntaxError, ArgumentError + wlog("#{pinst.refname}: Failed to encode payload with encoder #{encoder.refname}: #{$!}\n#{$@.join("\n")}", + 'core', LEV_2) + next rescue wlog("#{pinst.refname}: Failed to encode payload with encoder #{encoder.refname}: #{$!}", 'core', LEV_2) diff --git a/lib/rex/arch/x86.rb b/lib/rex/arch/x86.rb index 8d29485f31..401cae04de 100644 --- a/lib/rex/arch/x86.rb +++ b/lib/rex/arch/x86.rb @@ -111,19 +111,19 @@ module X86 # try push BYTE val; pop dst begin return _check_badchars(push_byte(val) + pop_dword(dst), badchars) - rescue RuntimeError, RangeError + rescue ::ArgumentError, RuntimeError, RangeError end # try clear dst, mov BYTE dst begin return _check_badchars(clear(dst, badchars) + mov_byte(dst, val), badchars) - rescue RuntimeError, RangeError + rescue ::ArgumentError, RuntimeError, RangeError end # try clear dst, mov WORD dst begin return _check_badchars(clear(dst, badchars) + mov_word(dst, val), badchars) - rescue RuntimeError, RangeError + rescue ::ArgumentError, RuntimeError, RangeError end raise RuntimeError, "No valid set instruction could be created!", caller() diff --git a/modules/encoders/generic/none.rb.ut.rb b/modules/encoders/generic/none.rb.ut.rb index fde902fa56..fdf5f24de3 100644 --- a/modules/encoders/generic/none.rb.ut.rb +++ b/modules/encoders/generic/none.rb.ut.rb @@ -1,6 +1,7 @@ #!/usr/bin/ruby $:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib')) +$:.unshift(File.dirname(__FILE__)) require 'test/unit' require 'rex/ui' diff --git a/modules/encoders/x86/call4_dword_xor.rb.ut.rb b/modules/encoders/x86/call4_dword_xor.rb.ut.rb index e03dca2e1e..c126f0cb9f 100644 --- a/modules/encoders/x86/call4_dword_xor.rb.ut.rb +++ b/modules/encoders/x86/call4_dword_xor.rb.ut.rb @@ -1,6 +1,7 @@ #!/usr/bin/ruby $:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib')) +$:.unshift(File.dirname(__FILE__)) require 'test/unit' require 'rex/ui' diff --git a/modules/encoders/x86/countdown.rb b/modules/encoders/x86/countdown.rb index 62273af79d..c8f663b02e 100644 --- a/modules/encoders/x86/countdown.rb +++ b/modules/encoders/x86/countdown.rb @@ -28,8 +28,9 @@ class Countdown < Msf::Encoder::Xor # def decoder_stub(state) decoder = - Rex::Arch::X86.set(state.buf.length - 1, + Rex::Arch::X86.set( Rex::Arch::X86::ECX, + state.buf.length - 1, state.badchars) + "\xe8\xff\xff\xff" + "\xff\xc1" + diff --git a/modules/encoders/x86/countdown.rb.ut.rb b/modules/encoders/x86/countdown.rb.ut.rb new file mode 100644 index 0000000000..d78159bfd0 --- /dev/null +++ b/modules/encoders/x86/countdown.rb.ut.rb @@ -0,0 +1,43 @@ +#!/usr/bin/ruby + +$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib')) +$:.unshift(File.dirname(__FILE__)) + +require 'test/unit' +require 'rex/ui' +require 'msf/core' +require 'countdown' + +class Msf::Encoders::X86::Countdown::UnitTest < Test::Unit::TestCase + + Klass = Msf::Encoders::X86::Countdown + + def test_encoder + + k = Klass.new + + { + "\xcc\xcc\xcc\xcc" => + [ + "\x6a\x03\x59\xe8\xff\xff\xff\xff\xc1\x5e\x30\x4c\x0e\x07" + + "\xe2\xfa\xcd\xce\xcf\xc8", + 4 + ], + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" => + [ + "\x6a\x19\x59\xe8\xff\xff\xff\xff\xc1\x5e\x30\x4c\x0e\x07" + + "\xe2\xfa\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40" + + "\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40\x40", + 4 + ] + }.each_pair { |raw, real| + offset = real[1] || 0 + + encoded = k.encode(raw, '') + + assert_equal(real[0][offset, -1], encoded[offset, -1]) + } + + end + +end diff --git a/modules/encoders/x86/fnstenv_mov.rb b/modules/encoders/x86/fnstenv_mov.rb index 8f52427b75..81e1a03cd8 100644 --- a/modules/encoders/x86/fnstenv_mov.rb +++ b/modules/encoders/x86/fnstenv_mov.rb @@ -29,8 +29,9 @@ class FnstenvMov < Msf::Encoder::Xor # def decoder_stub(state) decoder = - Rex::Arch::X86.set((((state.buf.length - 1) / 4) + 1), + Rex::Arch::X86.set( Rex::Arch::X86::ECX, + (((state.buf.length - 1) / 4) + 1), state.badchars) + "\xd9\xee" + # fldz "\xd9\x74\x24\xf4" + # fnstenv [esp - 12] diff --git a/modules/encoders/x86/fnstenv_mov.rb.ut.rb b/modules/encoders/x86/fnstenv_mov.rb.ut.rb new file mode 100644 index 0000000000..e75a317879 --- /dev/null +++ b/modules/encoders/x86/fnstenv_mov.rb.ut.rb @@ -0,0 +1,44 @@ +#!/usr/bin/ruby + +$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib')) +$:.unshift(File.dirname(__FILE__)) + +require 'test/unit' +require 'rex/ui' +require 'msf/core' +require 'fnstenv_mov' + +class Msf::Encoders::X86::FnstenvMov::UnitTest < Test::Unit::TestCase + + Klass = Msf::Encoders::X86::FnstenvMov + + def test_encoder + + k = Klass.new + + { + "\xcc\xcc\xcc\xcc" => + [ + "\x6a\x01\x59\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x3e" + + "\x33\x75\x05\x83\xeb\xfc\xe2\xf4\xf2\xff\xb9\xc9", + 4 + ], + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" => + [ + "\x6a\x07\x59\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x39" + + "\xaf\x73\x32\x83\xeb\xfc\xe2\xf4\x78\xed\x30\x76\x7c\xe9" + + "\x34\x7a\x70\xe5\x38\x7e\x74\xe1\x3c\x62\x68\xfd\x20\x66" + + "\x6c\xf9\x24\x6a\x60\xf5\x73\x32", + 4 + ] + }.each_pair { |raw, real| + offset = real[1] || 0 + + encoded = k.encode(raw, '') + + assert_equal(real[0][offset, -1], encoded[offset, -1]) + } + + end + +end diff --git a/modules/encoders/x86/jmp_call_additive.rb.ut.rb b/modules/encoders/x86/jmp_call_additive.rb.ut.rb index eaf4b5db4c..38d4ab3aa7 100644 --- a/modules/encoders/x86/jmp_call_additive.rb.ut.rb +++ b/modules/encoders/x86/jmp_call_additive.rb.ut.rb @@ -1,6 +1,7 @@ #!/usr/bin/ruby $:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib')) +$:.unshift(File.dirname(__FILE__)) require 'test/unit' require 'rex/ui' diff --git a/modules/modules.rb.ts.rb b/modules/modules.rb.ts.rb new file mode 100644 index 0000000000..a4b9eaf7a1 --- /dev/null +++ b/modules/modules.rb.ts.rb @@ -0,0 +1,26 @@ +#!/usr/bin/ruby -I../lib + +$:.unshift(File.join(File.dirname(__FILE__), '..', 'lib')) + +require 'test/unit' + +require 'encoders/generic/none.rb.ut' +require 'encoders/x86/call4_dword_xor.rb.ut' +require 'encoders/x86/countdown.rb.ut' +require 'encoders/x86/fnstenv_mov.rb.ut' +require 'encoders/x86/jmp_call_additive.rb.ut' + +class Rex::TestSuite + def self.suite + suite = Test::Unit::TestSuite.new("Rex") + + # General + suite << Msf::Encoders::Generic::None::UnitTest.suite + suite << Msf::Encoders::X86::Call4Dword::UnitTest.suite + suite << Msf::Encoders::X86::Countdown::UnitTest.suite + suite << Msf::Encoders::X86::FnstenvMov::UnitTest.suite + suite << Msf::Encoders::X86::JmpCallAdditive::UnitTest.suite + + return suite; + end +end