Fixes #5361 by adding --encoder-space to msfvenom

2015-05-18 14:27:52 -05:00 · 2015-05-18 14:27:52 -05:00 · a82168d7bb
parent 8bd41a3834
commit a82168d7bb
2 changed files with 11 additions and 2 deletions
--- a/lib/msf/core/payload_generator.rb
+++ b/lib/msf/core/payload_generator.rb
@ -64,6 +64,9 @@ module Msf
    # @!attribute  space
    #   @return [Fixnum] The maximum size in bytes of the payload
    attr_accessor :space
+    # @!attribute  encoder_space
+    #   @return [Fixnum] The maximum size in bytes of the encoded payload
+    attr_accessor :encoder_space
    # @!attribute  stdin
    #   @return [String] The raw bytes of a payload taken from STDIN
    attr_accessor :stdin
@ -85,6 +88,7 @@ module Msf
    # @option opts [String] :badchars (see #badchars)
    # @option opts [String] :template (see #template)
    # @option opts [Fixnum] :space (see #space)
+    # @option opts [Fixnum] :encoder_space (see #encoder_space)
    # @option opts [Fixnum] :nops (see #nops)
    # @option opts [String] :add_code (see #add_code)
    # @option opts [Boolean] :keep (see #keep)
@ -109,6 +113,7 @@ module Msf
      @stdin      = opts.fetch(:stdin, nil)
      @template   = opts.fetch(:template, '')
      @var_name   = opts.fetch(:var_name, 'buf')
+      @encoder_space = opts.fetch(:encoder_space, @space)

      @framework  = opts.fetch(:framework)

@ -200,7 +205,7 @@ module Msf
        encoder_list.each do |encoder_mod|
          cli_print "Attempting to encode payload with #{iterations} iterations of #{encoder_mod.refname}"
          begin
-            encoder_mod.available_space = @space
+            encoder_mod.available_space = @encoder_space
            return run_encoder(encoder_mod, shellcode.dup)
          rescue ::Msf::EncoderSpaceViolation => e
            cli_print "#{encoder_mod.refname} failed with #{e.message}"
@ -395,7 +400,7 @@ module Msf
      iterations.times do |x|
        shellcode = encoder_module.encode(shellcode.dup, badchars, nil, platform_list)
        cli_print "#{encoder_module.refname} succeeded with size #{shellcode.length} (iteration=#{x})"
-        if shellcode.length > space
+        if shellcode.length > encoder_space
          raise EncoderSpaceViolation, "encoder has made a buffer that is too big"
        end
      end
--- a/4
+++ b/4
@ -97,6 +97,10 @@ require 'msf/core/payload_generator'
      opts[:space] = s
    end

+    opt.on('--encoder-space      <length>', Integer, 'The maximum size of the encoded payload (defaults to the -s value)') do |s|
+      opts[:encoder_space] = s
+    end
+
    opt.on('-b', '--bad-chars  <list>', String, 'The list of characters to avoid example: \'\x00\xff\'') do |b|
      opts[:badchars] = Rex::Text.hex_to_raw(b)
    end