infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Another 1.9.1 compat change, this time for msfmachscan 

git-svn-id: file:///home/svn/framework3/trunk@6616 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2009-06-03 01:43:48 +00:00
parent 90af8f03db
commit 51f0e8fc53
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/rex/machscan/scanner.rb
View File

@ -76,7 +76,7 @@ class JmpRegScanner < Generic
end end
def _ret_size(offset) def _ret_size(offset)
case mach.read(offset, 1) case mach.read(offset, 1)
when "\xc3" when "\xc3"
return 1 return 1
when "\xc2" when "\xc2"
@ -107,10 +107,10 @@ class JmpRegScanner < Generic
parse_ret = false parse_ret = false
byte1 = mach.read(offset, 1)[0] byte1 = mach.read(offset, 1).unpack("C*")[0]
if byte1 == 0xff if byte1 == 0xff
byte2 = mach.read(offset+1, 1)[0] byte2 = mach.read(offset+1, 1).unpack("C*")[0]
regname = Rex::Arch::X86.reg_name32(byte2 & 0x7) regname = Rex::Arch::X86.reg_name32(byte2 & 0x7)
case byte2 & 0xf8 case byte2 & 0xf8
@ -161,8 +161,8 @@ class PopPopRetScanner < JmpRegScanner
message = '' message = ''
pops = mach.read(offset, 2) pops = mach.read(offset, 2)
reg1 = Rex::Arch::X86.reg_name32(pops[0] & 0x7) reg1 = Rex::Arch::X86.reg_name32(pops[0,1].unpack("C*")[0] & 0x7)
reg2 = Rex::Arch::X86.reg_name32(pops[1] & 0x7) reg2 = Rex::Arch::X86.reg_name32(pops[1,1].unpack("C*")[0] & 0x7)
message = "pop #{reg1}; pop #{reg2}; " message = "pop #{reg1}; pop #{reg2}; "
@ -213,4 +213,4 @@ end
end end
end end
end end