infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add Rex::RandomIdentifierGenerator.

bug/bundler_fix
Joe Vennix 2014-03-03 16:43:49 -06:00
parent e8b10db73b
commit bfecf9525d
2 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lib/rex/exploitation/jsobfu.rb
View File

@ -1,6 +1,7 @@
# -*- coding: binary -*- # -*- coding: binary -*-
require 'rex/text' require 'rex/text'
require 'rex/random_identifier_generator'
require 'rkelly' require 'rkelly'
module Rex module Rex
@ -69,6 +70,11 @@ class JSObfu
@funcs = {} @funcs = {}
@vars = {} @vars = {}
@debug = false @debug = false
@rand_gen = Rex::RandomIdentifierGenerator.new(
:max_length => 15,
:first_char_set => Rex::Text::Alpha+"_$",
:char_set => Rex::Text::AlphaNumeric+"_$",
)
end end
# #
@ -119,7 +125,7 @@ class JSObfu
# @return [String] a unique random var name that is not a reserved keyword # @return [String] a unique random var name that is not a reserved keyword
def random_var_name def random_var_name
loop do loop do
text = Rex::Text.rand_text_alpha(3+rand(12)) text = random_string
unless @vars.has_value?(text) or RESERVED_KEYWORDS.include?(text) unless @vars.has_value?(text) or RESERVED_KEYWORDS.include?(text)
return text return text
end end
@ -128,6 +134,11 @@ class JSObfu
protected protected
# @return [String] a random string
def random_string
@rand_gen.generate
end
# #
# Recursive method to obfuscate the given +ast+. # Recursive method to obfuscate the given +ast+.
# #

13
spec/lib/rex/exploitation/jsobfu_spec.rb
View File

@ -1,3 +1,4 @@
require 'spec_helper'
require 'rex/exploitation/jsobfu' require 'rex/exploitation/jsobfu'
describe Rex::Exploitation::JSObfu do describe Rex::Exploitation::JSObfu do
@ -12,13 +13,21 @@ describe Rex::Exploitation::JSObfu do
it { should be_a String } it { should be_a String }
it { should_not be_empty } it { should_not be_empty }
it 'is alphanumeric' do
expect(random_var_name).to match(/\A[a-zA-Z0-9]+\Z/)
end
it 'does not start with a number' do
expect(random_var_name).not_to match(/\A[0-9]/)
end
context 'when a reserved word is generated' do context 'when a reserved word is generated' do
let(:reserved) { described_class::RESERVED_KEYWORDS.first } let(:reserved) { described_class::RESERVED_KEYWORDS.first }
let(:random) { 'abcdef' } let(:random) { 'abcdef' }
let(:generated) { [reserved, reserved, reserved, random] } let(:generated) { [reserved, reserved, reserved, random] }
before do before do
Rex::Text.stub(:rand_text_alpha) { generated.shift } jsobfu.stub(:random_string) { generated.shift }
end end
it { should eq random } it { should eq random }
@ -31,7 +40,7 @@ describe Rex::Exploitation::JSObfu do
let(:generated) { [preexisting, preexisting, preexisting, random] } let(:generated) { [preexisting, preexisting, preexisting, random] }
before do before do
Rex::Text.stub(:rand_text_alpha) { generated.shift } jsobfu.stub(:random_string) { generated.shift }
jsobfu.instance_variable_set("@vars", vars) jsobfu.instance_variable_set("@vars", vars)
end end