infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixes #5361 by adding --encoder-space to msfvenom

unstable
HD Moore 2015-05-18 14:27:52 -05:00
parent 8bd41a3834
commit a82168d7bb
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/msf/core/payload_generator.rb
View File

@ -64,6 +64,9 @@ module Msf
# @!attribute space # @!attribute space
# @return [Fixnum] The maximum size in bytes of the payload # @return [Fixnum] The maximum size in bytes of the payload
attr_accessor :space attr_accessor :space
# @!attribute encoder_space
# @return [Fixnum] The maximum size in bytes of the encoded payload
attr_accessor :encoder_space
# @!attribute stdin # @!attribute stdin
# @return [String] The raw bytes of a payload taken from STDIN # @return [String] The raw bytes of a payload taken from STDIN
attr_accessor :stdin attr_accessor :stdin
@ -85,6 +88,7 @@ module Msf
# @option opts [String] :badchars (see #badchars) # @option opts [String] :badchars (see #badchars)
# @option opts [String] :template (see #template) # @option opts [String] :template (see #template)
# @option opts [Fixnum] :space (see #space) # @option opts [Fixnum] :space (see #space)
# @option opts [Fixnum] :encoder_space (see #encoder_space)
# @option opts [Fixnum] :nops (see #nops) # @option opts [Fixnum] :nops (see #nops)
# @option opts [String] :add_code (see #add_code) # @option opts [String] :add_code (see #add_code)
# @option opts [Boolean] :keep (see #keep) # @option opts [Boolean] :keep (see #keep)
@ -109,6 +113,7 @@ module Msf
@stdin = opts.fetch(:stdin, nil) @stdin = opts.fetch(:stdin, nil)
@template = opts.fetch(:template, '') @template = opts.fetch(:template, '')
@var_name = opts.fetch(:var_name, 'buf') @var_name = opts.fetch(:var_name, 'buf')
@encoder_space = opts.fetch(:encoder_space, @space)
@framework = opts.fetch(:framework) @framework = opts.fetch(:framework)
@ -200,7 +205,7 @@ module Msf
encoder_list.each do |encoder_mod| encoder_list.each do |encoder_mod|
cli_print "Attempting to encode payload with #{iterations} iterations of #{encoder_mod.refname}" cli_print "Attempting to encode payload with #{iterations} iterations of #{encoder_mod.refname}"
begin begin
encoder_mod.available_space = @space encoder_mod.available_space = @encoder_space
return run_encoder(encoder_mod, shellcode.dup) return run_encoder(encoder_mod, shellcode.dup)
rescue ::Msf::EncoderSpaceViolation => e rescue ::Msf::EncoderSpaceViolation => e
cli_print "#{encoder_mod.refname} failed with #{e.message}" cli_print "#{encoder_mod.refname} failed with #{e.message}"
@ -395,7 +400,7 @@ module Msf
iterations.times do |x| iterations.times do |x|
shellcode = encoder_module.encode(shellcode.dup, badchars, nil, platform_list) shellcode = encoder_module.encode(shellcode.dup, badchars, nil, platform_list)
cli_print "#{encoder_module.refname} succeeded with size #{shellcode.length} (iteration=#{x})" cli_print "#{encoder_module.refname} succeeded with size #{shellcode.length} (iteration=#{x})"
if shellcode.length > space if shellcode.length > encoder_space
raise EncoderSpaceViolation, "encoder has made a buffer that is too big" raise EncoderSpaceViolation, "encoder has made a buffer that is too big"
end end
end end

4
msfvenom
View File

@ -97,6 +97,10 @@ require 'msf/core/payload_generator'
opts[:space] = s opts[:space] = s
end end
opt.on('--encoder-space <length>', Integer, 'The maximum size of the encoded payload (defaults to the -s value)') do |s|
opts[:encoder_space] = s
end
opt.on('-b', '--bad-chars <list>', String, 'The list of characters to avoid example: \'\x00\xff\'') do |b| opt.on('-b', '--bad-chars <list>', String, 'The list of characters to avoid example: \'\x00\xff\'') do |b|
opts[:badchars] = Rex::Text.hex_to_raw(b) opts[:badchars] = Rex::Text.hex_to_raw(b)
end end