Add Rex::RandomIdentifierGenerator.

2014-03-03 16:43:49 -06:00 · 2014-03-03 16:43:49 -06:00 · bfecf9525d
parent e8b10db73b
commit bfecf9525d
2 changed files with 23 additions and 3 deletions
--- a/lib/rex/exploitation/jsobfu.rb
+++ b/lib/rex/exploitation/jsobfu.rb
@ -1,6 +1,7 @@
 # -*- coding: binary -*-

 require 'rex/text'
+require 'rex/random_identifier_generator'
 require 'rkelly'

 module Rex
@ -69,6 +70,11 @@ class JSObfu
    @funcs = {}
    @vars  = {}
    @debug = false
+    @rand_gen = Rex::RandomIdentifierGenerator.new(
+      :max_length => 15,
+      :first_char_set => Rex::Text::Alpha+"_$",
+      :char_set => Rex::Text::AlphaNumeric+"_$",
+    )
  end

  #
@ -119,7 +125,7 @@ class JSObfu
  # @return [String] a unique random var name that is not a reserved keyword
  def random_var_name
    loop do
-      text = Rex::Text.rand_text_alpha(3+rand(12))
+      text = random_string
      unless @vars.has_value?(text) or RESERVED_KEYWORDS.include?(text)
        return text
      end
@ -128,6 +134,11 @@ class JSObfu

 protected

+  # @return [String] a random string
+  def random_string
+    @rand_gen.generate
+  end
+
  #
  # Recursive method to obfuscate the given +ast+.
  #
--- a/spec/lib/rex/exploitation/jsobfu_spec.rb
+++ b/spec/lib/rex/exploitation/jsobfu_spec.rb
@ -1,3 +1,4 @@
+require 'spec_helper'
 require 'rex/exploitation/jsobfu'

 describe Rex::Exploitation::JSObfu do
@ -12,13 +13,21 @@ describe Rex::Exploitation::JSObfu do
    it { should be_a String }
    it { should_not be_empty }

+    it 'is alphanumeric' do
+      expect(random_var_name).to match(/\A[a-zA-Z0-9]+\Z/)
+    end
+
+    it 'does not start with a number' do
+      expect(random_var_name).not_to match(/\A[0-9]/)
+    end
+
    context 'when a reserved word is generated' do
      let(:reserved)  { described_class::RESERVED_KEYWORDS.first }
      let(:random)    { 'abcdef' }
      let(:generated) { [reserved, reserved, reserved, random] }

      before do
-        Rex::Text.stub(:rand_text_alpha) { generated.shift }
+        jsobfu.stub(:random_string) { generated.shift }
      end

      it { should eq random }
@ -31,7 +40,7 @@ describe Rex::Exploitation::JSObfu do
      let(:generated)   { [preexisting, preexisting, preexisting, random] }

      before do
-        Rex::Text.stub(:rand_text_alpha) { generated.shift }
+        jsobfu.stub(:random_string) { generated.shift }
        jsobfu.instance_variable_set("@vars", vars)
      end