From 2242c1f7580efe40872ef04fbd10fe882c0f2050 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Wed, 24 Apr 2019 05:43:28 -0500 Subject: [PATCH] prefer File.binread for reading binary file contents --- modules/exploits/windows/fileformat/winrar_ace.rb | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/modules/exploits/windows/fileformat/winrar_ace.rb b/modules/exploits/windows/fileformat/winrar_ace.rb index 7b460fdb10..56aeef2bf1 100644 --- a/modules/exploits/windows/fileformat/winrar_ace.rb +++ b/modules/exploits/windows/fileformat/winrar_ace.rb @@ -101,7 +101,7 @@ class MetasploitModule < Msf::Exploit::Remote # create headers and append file data after header unless datastore["FILE_LIST"].empty? print_status("Using the provided list of files @ #{datastore["FILE_LIST"]}...") - File.read(datastore["FILE_LIST"]).each_line do |file| + File.binread(datastore["FILE_LIST"]).each_line do |file| file = file.chomp file_header_and_data = create_file_header_and_data(file, false, false) ace_file << file_header_and_data @@ -151,22 +151,15 @@ class MetasploitModule < Msf::Exploit::Remote -(~crc) - 1 end - # copypasta from lib/msf/core/exploit/exe.rb - def get_file_contents(path) - file_contents = nil - ::File.open(path,'rb') {|f| file_contents = f.read(f.stat.size)} - file_contents - end - # create file headers for each file to put into the output ACE file def create_file_header_and_data(path, is_payload, is_custom_payload) #print_status("Length of #{path}: #{path.length}") if is_payload and is_custom_payload - file_data = get_file_contents(path.from(72)) + file_data = File.binread(path.from(72)) elsif is_payload and !is_custom_payload file_data = generate_payload_exe else - file_data = get_file_contents(::File.basename(path)) + file_data = File.binread(File.basename(path)) end file_data_crc32 = crc32(file_data).to_i