Fixing checksum uri generator again.
This time, it's ensured that generate_uri_checksum(sum) will succeed, provided the sum is an even number between 80 and 100 (tested) It's still not great for arbitrary checksum targets, but that's because there are lots of strings that cannot satisfy the requirement. I kind of think this is the fault of Rex.unstable
parent
d01bf496f0
commit
bd13720c45
|
@ -65,9 +65,12 @@ module ReverseHttp
|
||||||
# Create a URI that matches a given checksum
|
# Create a URI that matches a given checksum
|
||||||
#
|
#
|
||||||
def generate_uri_checksum(sum)
|
def generate_uri_checksum(sum)
|
||||||
|
chk = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
|
||||||
|
32.times do
|
||||||
uri = Rex::Text.rand_text_alphanumeric(3)
|
uri = Rex::Text.rand_text_alphanumeric(3)
|
||||||
("a".."z").sort_by {rand}.each do |x|
|
chk.sort_by {rand}.each do |x|
|
||||||
return(uri + x) if Rex::Text.checksum8(uri + x)
|
return(uri + x) if Rex::Text.checksum8(uri + x) == sum
|
||||||
|
end
|
||||||
end
|
end
|
||||||
raise RuntimeError, "Unable to generate a string with checksum #{sum}"
|
raise RuntimeError, "Unable to generate a string with checksum #{sum}"
|
||||||
end
|
end
|
||||||
|
|
|
@ -66,9 +66,12 @@ module ReverseHttps
|
||||||
# Create a URI that matches a given checksum
|
# Create a URI that matches a given checksum
|
||||||
#
|
#
|
||||||
def generate_uri_checksum(sum)
|
def generate_uri_checksum(sum)
|
||||||
|
chk = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
|
||||||
|
32.times do
|
||||||
uri = Rex::Text.rand_text_alphanumeric(3)
|
uri = Rex::Text.rand_text_alphanumeric(3)
|
||||||
("a".."z").sort_by {rand}.each do |x|
|
chk.sort_by {rand}.each do |x|
|
||||||
return(uri + x) if Rex::Text.checksum8(uri + x)
|
return(uri + x) if Rex::Text.checksum8(uri + x) == sum
|
||||||
|
end
|
||||||
end
|
end
|
||||||
raise RuntimeError, "Unable to generate a string with checksum #{sum}"
|
raise RuntimeError, "Unable to generate a string with checksum #{sum}"
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue