vbs transform
Meatballs
parent
5040347521
commit
7370fc3f4e
|
|
@ -1,5 +1,5 @@
|
|||
Function %{var_func}()
|
||||
%{var_bytes}=%{var_shellcode}
|
||||
%{var_shellcode}
|
||||
|
||||
Dim %{var_obj}
|
||||
Set %{var_obj} = CreateObject("Scripting.FileSystemObject")
|
||||
|
|
|
|||
|
|
@ -41,6 +41,8 @@ module Buffer
|
|||
buf = Rex::Text.to_java(buf)
|
||||
when 'powershell', 'ps1'
|
||||
buf = Rex::Text.to_powershell(buf)
|
||||
when 'vbscript'
|
||||
buf = Rex::Text.to_vbscript(buf)
|
||||
else
|
||||
raise ArgumentError, "Unsupported buffer format: #{fmt}", caller
|
||||
end
|
||||
|
|
@ -80,7 +82,18 @@ module Buffer
|
|||
# Returns the list of supported formats
|
||||
#
|
||||
def self.transform_formats
|
||||
['raw','ruby','rb','perl','pl','bash','sh','c','csharp','js_be','js_le','java','python','py', 'powershell', 'ps1']
|
||||
['raw',
|
||||
'ruby','rb',
|
||||
'perl','pl',
|
||||
'bash','sh',
|
||||
'c',
|
||||
'csharp',
|
||||
'js_be',
|
||||
'js_le',
|
||||
'java',
|
||||
'python','py',
|
||||
'powershell','ps1',
|
||||
'vbscript']
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
|||
|
|
@ -907,8 +907,6 @@ def self.to_vba(framework,code,opts={})
|
|||
delay = opts[:delay] || 5
|
||||
persist = opts[:persist] || false
|
||||
|
||||
exe = exes.unpack('C*')
|
||||
|
||||
hash_sub = {}
|
||||
hash_sub[:var_shellcode] = ""
|
||||
hash_sub[:var_bytes] = Rex::Text.rand_text_alpha(rand(4)+4) # repeated a large number of times, so keep this one small
|
||||
|
|
@ -921,18 +919,7 @@ def self.to_vba(framework,code,opts={})
|
|||
hash_sub[:var_tempexe] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
hash_sub[:var_basedir] = Rex::Text.rand_text_alpha(rand(8)+8)
|
||||
|
||||
lines = "Chr(#{exe[0]})"
|
||||
1.upto(exe.length-1) do |byte|
|
||||
if(byte % 100 == 0)
|
||||
lines << "\r\n\t#{hash_sub[:var_bytes]}=#{hash_sub[:var_bytes]}"
|
||||
end
|
||||
# exe is an Array of bytes, not a String, thanks to the unpack
|
||||
# above, so the following line is not subject to the different
|
||||
# treatments of String#[] between ruby 1.8 and 1.9
|
||||
lines << "&Chr(#{exe[byte]})"
|
||||
end
|
||||
|
||||
hash_sub[:var_shellcode] = lines
|
||||
hash_sub[:var_shellcode] = Rex::Text.to_vbscript(exes, hash_sub[:var_bytes])
|
||||
|
||||
hash_sub[:init] = ""
|
||||
|
||||
|
|
|
|||
|
|
@ -215,6 +215,25 @@ module Text
|
|||
return buff
|
||||
end
|
||||
|
||||
#
|
||||
# Converts a raw string to a vbscript byte array
|
||||
#
|
||||
def self.to_vbscript(str, name = "buf")
|
||||
code = str.unpack('C*')
|
||||
buff = "#{name}=Chr(#{code[0]})"
|
||||
1.upto(code.length-1) do |byte|
|
||||
if(byte % 100 == 0)
|
||||
buff << "\r\n#{name}=#{name}"
|
||||
end
|
||||
# exe is an Array of bytes, not a String, thanks to the unpack
|
||||
# above, so the following line is not subject to the different
|
||||
# treatments of String#[] between ruby 1.8 and 1.9
|
||||
buff << "&Chr(#{code[byte]})"
|
||||
end
|
||||
|
||||
return buff
|
||||
end
|
||||
|
||||
#
|
||||
# Creates a perl-style comment
|
||||
#
|
||||
|
|
|
|||
Loading…
Reference in New Issue