infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* a more complete selection of various unicode types supported by most browsers 

git-svn-id: file:///home/svn/incoming/trunk@3523 4d416f70-5f16-0410-b530-b9f4589650da
unstable
bmc 2006-02-10 17:29:37 +00:00
parent 1c51681efe
commit a0af1e9598
1 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
lib/msf/core/exploit/http.rb
View File

@ -461,7 +461,11 @@ protected
register_evasion_options(
[
OptEnum.new('HTML::unicode', [false, 'Enable HTTP obfuscation via unicode', 'none', ['none','little', 'big']]),
# utf-7 and utf-7-all are currently not supported by most
# browsers, so remove them from the defaults. support for them
# is enabled in the mixin if you override the Enum on a per
# exploit basis.
OptEnum.new('HTML::unicode', [false, 'Enable HTTP obfuscation via unicode', 'none', ['none', 'utf-16le', 'utf-16be', 'utf-16be-marker', 'utf-32le', 'utf-32be']]),
OptEnum.new('HTML::base64', [false, 'Enable HTML obfuscation via an embeded base64 html object', 'none', ['none', 'plain', 'single_pad', 'double_pad', 'random_space_injection']]),
OptInt.new('HTML::javascript::escape', [false, 'Enable HTML obfuscation via HTML escaping (number of iterations)', 0]),
], Exploit::Remote::HttpServer::Html
@ -499,11 +503,34 @@ protected
body = '<script>document.write(unescape("' + Rex::Text.to_hex(body, '%') + '"))</script>'
}
end
if datastore['HTML::unicode'] == 'little'
body = Rex::Text.to_unicode(body)
elsif datastore['HTML::unicode'] == 'big'
body = "\xFE\xFF" + Rex::Text.to_unicode(body, 1)
case datastore['HTML::unicode']
when 'utf-16le'
headers['Content-Type'] = 'text/html; charset: utf-16le'
body = Rex::Text.to_unicode(body, 'utf-16le')
when 'utf-16be'
headers['Content-Type'] = 'text/html; charset: utf-16be'
body = Rex::Text.to_unicode(body, 'utf-16be')
when 'utf-16be-marker'
headers['Content-Type'] = 'text/html'
body = "\xFE\xFF" + Rex::Text.to_unicode(body, 'utf-16be')
when 'utf-32le'
headers['Content-Type'] = 'text/html; charset: utf-32le'
body = Rex::Text.to_unicode(body, 'utf-32le')
when 'utf-32be'
headers['Content-Type'] = 'text/html; charset: utf-32be'
body = Rex::Text.to_unicode(body, 'utf-32be')
when 'utf-7'
headers['Content-Type'] = 'text/html; charset: utf-7'
body = Rex::Text.to_unicode(body, 'utf-7')
when 'utf-7-all'
headers['Content-Type'] = 'text/html; charset: utf-7'
body = Rex::Text.to_unicode(body, 'utf-7-all')
when 'none'
# do nothing
else
raise RuntimeError, 'Invalid unicode. how did you get here?'
end
super(cli, body, headers)