Issue #6637: Adds msfvenom option --sec-name to specify custom new section header name
parent
c131b21af4
commit
484329f6a0
|
@ -32,7 +32,12 @@ module Exe
|
||||||
|
|
||||||
# Create a new section
|
# Create a new section
|
||||||
s = Metasm::PE::Section.new
|
s = Metasm::PE::Section.new
|
||||||
|
if @secname.blank?
|
||||||
s.name = '.' + Rex::Text.rand_text_alpha_lower(4)
|
s.name = '.' + Rex::Text.rand_text_alpha_lower(4)
|
||||||
|
else
|
||||||
|
s.name = '.' + @secname
|
||||||
|
$stderr.puts "Created custom section \".#{secname}\""
|
||||||
|
end
|
||||||
s.encoded = payload_stub prefix
|
s.encoded = payload_stub prefix
|
||||||
s.characteristics = %w[MEM_READ MEM_WRITE MEM_EXECUTE]
|
s.characteristics = %w[MEM_READ MEM_WRITE MEM_EXECUTE]
|
||||||
|
|
||||||
|
|
|
@ -10,13 +10,14 @@ module Exe
|
||||||
attr_accessor :template
|
attr_accessor :template
|
||||||
attr_accessor :arch
|
attr_accessor :arch
|
||||||
attr_accessor :buffer_register
|
attr_accessor :buffer_register
|
||||||
|
attr_accessor :secname
|
||||||
|
|
||||||
def initialize(opts = {})
|
def initialize(opts = {})
|
||||||
@payload = opts[:payload]
|
@payload = opts[:payload]
|
||||||
@template = opts[:template]
|
@template = opts[:template]
|
||||||
@arch = opts[:arch] || :x86
|
@arch = opts[:arch] || :x86
|
||||||
@buffer_register = opts[:buffer_register]
|
@buffer_register = opts[:buffer_register]
|
||||||
|
@secname = opts[:secname]
|
||||||
x86_regs = %w{eax ecx edx ebx edi esi}
|
x86_regs = %w{eax ecx edx ebx edi esi}
|
||||||
x64_regs = %w{rax rcx rdx rbx rdi rsi} + (8..15).map{|n| "r#{n}" }
|
x64_regs = %w{rax rcx rdx rbx rdi rsi} + (8..15).map{|n| "r#{n}" }
|
||||||
|
|
||||||
|
|
|
@ -44,6 +44,9 @@ module Msf
|
||||||
# @!attribute encoder
|
# @!attribute encoder
|
||||||
# @return [String] The encoder(s) you want applied to the payload
|
# @return [String] The encoder(s) you want applied to the payload
|
||||||
attr_accessor :encoder
|
attr_accessor :encoder
|
||||||
|
# @!attribute secname
|
||||||
|
# @return [String] The name of the new section within the generated Windows binary
|
||||||
|
attr_accessor :secname
|
||||||
# @!attribute format
|
# @!attribute format
|
||||||
# @return [String] The format you want the payload returned in
|
# @return [String] The format you want the payload returned in
|
||||||
attr_accessor :format
|
attr_accessor :format
|
||||||
|
@ -101,6 +104,7 @@ module Msf
|
||||||
# @option opts [String] :payload (see #payload)
|
# @option opts [String] :payload (see #payload)
|
||||||
# @option opts [String] :format (see #format)
|
# @option opts [String] :format (see #format)
|
||||||
# @option opts [String] :encoder (see #encoder)
|
# @option opts [String] :encoder (see #encoder)
|
||||||
|
# @option opts [String] :secname (see #secname)
|
||||||
# @option opts [Integer] :iterations (see #iterations)
|
# @option opts [Integer] :iterations (see #iterations)
|
||||||
# @option opts [String] :arch (see #arch)
|
# @option opts [String] :arch (see #arch)
|
||||||
# @option opts [String] :platform (see #platform)
|
# @option opts [String] :platform (see #platform)
|
||||||
|
@ -124,6 +128,7 @@ module Msf
|
||||||
@cli = opts.fetch(:cli, false)
|
@cli = opts.fetch(:cli, false)
|
||||||
@datastore = opts.fetch(:datastore, {})
|
@datastore = opts.fetch(:datastore, {})
|
||||||
@encoder = opts.fetch(:encoder, '')
|
@encoder = opts.fetch(:encoder, '')
|
||||||
|
@secname = opts.fetch(:secname, '')
|
||||||
@format = opts.fetch(:format, 'raw')
|
@format = opts.fetch(:format, 'raw')
|
||||||
@iterations = opts.fetch(:iterations, 1)
|
@iterations = opts.fetch(:iterations, 1)
|
||||||
@keep = opts.fetch(:keep, false)
|
@keep = opts.fetch(:keep, false)
|
||||||
|
@ -285,6 +290,9 @@ module Msf
|
||||||
opts[:template_path] = File.dirname(template)
|
opts[:template_path] = File.dirname(template)
|
||||||
opts[:template] = File.basename(template)
|
opts[:template] = File.basename(template)
|
||||||
end
|
end
|
||||||
|
unless secname.blank?
|
||||||
|
opts[:secname] = @secname
|
||||||
|
end
|
||||||
opts
|
opts
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -249,7 +249,8 @@ require 'msf/core/exe/segment_appender'
|
||||||
injector = Msf::Exe::SegmentInjector.new({
|
injector = Msf::Exe::SegmentInjector.new({
|
||||||
:payload => code,
|
:payload => code,
|
||||||
:template => opts[:template],
|
:template => opts[:template],
|
||||||
:arch => :x86
|
:arch => :x86,
|
||||||
|
:secname => opts[:secname]
|
||||||
})
|
})
|
||||||
return injector.generate_pe
|
return injector.generate_pe
|
||||||
end
|
end
|
||||||
|
@ -270,7 +271,8 @@ require 'msf/core/exe/segment_appender'
|
||||||
appender = Msf::Exe::SegmentAppender.new({
|
appender = Msf::Exe::SegmentAppender.new({
|
||||||
:payload => code,
|
:payload => code,
|
||||||
:template => opts[:template],
|
:template => opts[:template],
|
||||||
:arch => :x86
|
:arch => :x86,
|
||||||
|
:secname => opts[:secname]
|
||||||
})
|
})
|
||||||
return appender.generate_pe
|
return appender.generate_pe
|
||||||
end
|
end
|
||||||
|
@ -603,7 +605,8 @@ require 'msf/core/exe/segment_appender'
|
||||||
injector = Msf::Exe::SegmentInjector.new({
|
injector = Msf::Exe::SegmentInjector.new({
|
||||||
:payload => code,
|
:payload => code,
|
||||||
:template => opts[:template],
|
:template => opts[:template],
|
||||||
:arch => :x64
|
:arch => :x64,
|
||||||
|
:secname => opts[:secname]
|
||||||
})
|
})
|
||||||
return injector.generate_pe
|
return injector.generate_pe
|
||||||
end
|
end
|
||||||
|
@ -612,7 +615,8 @@ require 'msf/core/exe/segment_appender'
|
||||||
appender = Msf::Exe::SegmentAppender.new({
|
appender = Msf::Exe::SegmentAppender.new({
|
||||||
:payload => code,
|
:payload => code,
|
||||||
:template => opts[:template],
|
:template => opts[:template],
|
||||||
:arch => :x64
|
:arch => :x64,
|
||||||
|
:secname => opts[:secname]
|
||||||
})
|
})
|
||||||
return appender.generate_pe
|
return appender.generate_pe
|
||||||
end
|
end
|
||||||
|
|
4
msfvenom
4
msfvenom
|
@ -97,6 +97,10 @@ def parse_args(args)
|
||||||
opts[:encoder] = e
|
opts[:encoder] = e
|
||||||
end
|
end
|
||||||
|
|
||||||
|
opt.on('--sec-name <value>', String, 'The new section name to use when generating Windows binaries. Default: random 4-character alpha string') do |s|
|
||||||
|
opts[:secname] = s
|
||||||
|
end
|
||||||
|
|
||||||
opt.on('--smallest', 'Generate the smallest possible payload using all available encoders') do
|
opt.on('--smallest', 'Generate the smallest possible payload using all available encoders') do
|
||||||
opts[:smallest] = true
|
opts[:smallest] = true
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue