infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bleh.. a bit of tabs vs spaces 

git-svn-id: file:///home/svn/framework3/trunk@7171 4d416f70-5f16-0410-b530-b9f4589650da
unstable
kris 2009-10-16 18:27:18 +00:00
parent 378b7f29d5
commit efe44ba6b5
14 changed files with 293 additions and 299 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/msf/core/data_store.rb
View File

@ -106,7 +106,7 @@ class DataStore < Hash
# Remove trailing whitespaces from the value
val.gsub!(/\s+$/, '')
# Store the value
hash[var] = val
}

26
lib/msf/core/db.rb
View File

@ -425,22 +425,22 @@ class DBManager
Note.delete_all(["host_id = ?", host[:id]])
Host.delete(host[:id])
end
#
# Deletes a port and associated vulns matching this port
#
def del_service(context, address, proto, port, comm='')
host = get_host(context, address, comm)
return unless host
#
# Deletes a port and associated vulns matching this port
#
def del_service(context, address, proto, port, comm='')
host = get_host(context, address, comm)
services = Service.find(:all, :conditions => ["host_id = ? and proto = ? and port = ?", host[:id], proto, port]).map { |s| s[:id] }
return unless host
services.each do |sid|
Vuln.delete_all(["service_id = ?", sid])
Service.delete(sid)
end
end
services = Service.find(:all, :conditions => ["host_id = ? and proto = ? and port = ?", host[:id], proto, port]).map { |s| s[:id] }
services.each do |sid|
Vuln.delete_all(["service_id = ?", sid])
Service.delete(sid)
end
end
#
# Find a reference matching this name

16
lib/msf/core/encoder.rb
View File

@ -91,14 +91,14 @@ class Encoder < Module
# Unicode-safe 'a' - 'z', 'A' - 'Z', '0' - '9'
#
AlphanumUnicodeMixed = "alpha_unicode_mixed"
#
# toupper/tolower safe ascii - not 'a' - 'z', 'A' - 'Z'
#
NonAlpha = "non_alpha"
#
# tolower safe ascii - not 'A' - 'Z' (more flexable than nonalpha)
#
NonUpper = "non_upper"
#
# toupper/tolower safe ascii - not 'a' - 'z', 'A' - 'Z'
#
NonAlpha = "non_alpha"
#
# tolower safe ascii - not 'A' - 'Z' (more flexable than nonalpha)
#
NonUpper = "non_upper"
#
# tolower safe ascii UTF8-safe (<= 0x7f only)
#

16
lib/msf/core/exploit.rb
View File

@ -729,7 +729,7 @@ class Exploit < Msf::Module
#
def compatible_encoders
encoders = []
c_platform = (target and target.platform) ? target.platform : platform
c_arch = (target and target.arch) ? target.arch : (arch == []) ? nil : arch
@ -738,7 +738,7 @@ class Exploit < Msf::Module
encoders << [ name, mod ]
}
return encoders;
end
@ -1036,12 +1036,12 @@ class Exploit < Msf::Module
# characters.
#
def rand_text_highascii(length, bad=payload_badchars)
if debugging?
"A" * length
else
Rex::Text.rand_text_highascii(length, bad)
end
end
if debugging?
"A" * length
else
Rex::Text.rand_text_highascii(length, bad)
end
end
#
# Generate random alpha characters avoiding the exploit's bad

107
lib/msf/core/exploit/http.rb
View File

@ -32,10 +32,10 @@ module Exploit::Remote::HttpClient
register_advanced_options(
[
OptString.new('UserAgent', [false, 'The User-Agent header to use for all requests'])
OptString.new('UserAgent', [false, 'The User-Agent header to use for all requests'])
], self.class
)
register_evasion_options(
[
OptEnum.new('HTTP::uri_encode_mode', [false, 'Enable URI encoding', 'hex-normal', ['none', 'hex-normal', 'hex-all', 'hex-random', 'u-normal', 'u-all', 'u-random']]),
@ -174,7 +174,7 @@ module Exploit::Remote::HttpClient
def send_request_raw(opts={}, timeout = -1)
begin
c = connect(opts)
r = c.request_raw(opts)
r = c.request_raw(opts)
c.send_recv(r, opts[:timeout] ? opts[:timeout] : timeout)
rescue ::RuntimeError => e
print_error("An error occurred sending this request: #{e}")
@ -190,7 +190,7 @@ module Exploit::Remote::HttpClient
def send_request_cgi(opts={}, timeout = -1)
begin
c = connect(opts)
r = c.request_cgi(opts)
r = c.request_cgi(opts)
c.send_recv(r, opts[:timeout] ? opts[:timeout] : timeout)
rescue ::RuntimeError => e
print_error("An error occurred sending this request: #{e}")
@ -266,17 +266,15 @@ module Exploit::Remote::HttpServer
[
OptString.new('URIPATH', [ false, "The URI to use for this exploit (default is random)"]),
], Exploit::Remote::HttpServer
)
register_evasion_options(
[
OptBool.new('HTTP::chunked', [false, 'Enable chunking of HTTP responses via "Transfer-Encoding: chunked"', 'false']),
OptBool.new('HTTP::header_folding', [false, 'Enable folding of HTTP headers', 'false']),
OptBool.new('HTTP::junk_headers', [false, 'Enable insertion of random junk HTTP headers', 'false']),
OptEnum.new('HTTP::compression', [false, 'Enable compression of HTTP responses via content encoding', 'none', ['none','gzip','deflate']]),
], Exploit::Remote::HttpServer
)
)
register_evasion_options(
[
OptBool.new('HTTP::chunked', [false, 'Enable chunking of HTTP responses via "Transfer-Encoding: chunked"', 'false']),
OptBool.new('HTTP::header_folding', [false, 'Enable folding of HTTP headers', 'false']),
OptBool.new('HTTP::junk_headers', [false, 'Enable insertion of random junk HTTP headers', 'false']),
OptEnum.new('HTTP::compression', [false, 'Enable compression of HTTP responses via content encoding', 'none', ['none','gzip','deflate']]),
], Exploit::Remote::HttpServer)
end
#
@ -293,7 +291,7 @@ module Exploit::Remote::HttpServer
#
def use_zlib
if (!Rex::Text.zlib_present? and datastore['HTTP::compression'] == true)
raise RuntimeError, "zlib support was not detected, yet the HTTP::compression option was set. Don't do that!"
raise RuntimeError, "zlib support was not detected, yet the HTTP::compression option was set. Don't do that!"
end
end
@ -500,39 +498,39 @@ module Exploit::Remote::HttpServer
res
end
#
# Transmits a response to the supplied client, default content-type is text/html
#
# Payload evasions are implemented here!
#
def send_response(cli, body, headers = {})
response = create_response
#
# Transmits a response to the supplied client, default content-type is text/html
#
# Payload evasions are implemented here!
#
def send_response(cli, body, headers = {})
response = create_response
response['Content-Type'] = 'text/html'
response.body = body
if (datastore['HTTP::compression'])
self.use_zlib # make sure...
response.compress = datastore['HTTP::compression']
end
response.body = body
if (datastore['HTTP::chunked'] == true)
response.auto_cl = false
response.transfer_chunked = true
end
if (datastore['HTTP::compression'])
self.use_zlib # make sure...
response.compress = datastore['HTTP::compression']
end
if (datastore['HTTP::header_folding'] == true)
response.headers.fold = 1
end
if (datastore['HTTP::junk_headers'] == true)
response.headers.junk_headers = 1
end
if (datastore['HTTP::chunked'] == true)
response.auto_cl = false
response.transfer_chunked = true
end
if (datastore['HTTP::header_folding'] == true)
response.headers.fold = 1
end
if (datastore['HTTP::junk_headers'] == true)
response.headers.junk_headers = 1
end
headers.each_pair { |k,v| response[k] = v }
cli.send_response(response)
end
end
#
# Sends a 302 redirect to the client
#
@ -643,17 +641,16 @@ protected
def initialize(info = {})
super
register_evasion_options(
[
register_evasion_options(
[
# utf-8, utf-7 and utf-7-all are currently not supported by
# most browsers. as such, they are not added by default. The
# mixin supports encoding using them, however they are not
# listed in the Option.
OptEnum.new('HTML::unicode', [false, 'Enable HTTP obfuscation via unicode', 'none', ['none', 'utf-16le', 'utf-16be', 'utf-16be-marker', 'utf-32le', 'utf-32be']]),
OptEnum.new('HTML::unicode', [false, 'Enable HTTP obfuscation via unicode', 'none', ['none', 'utf-16le', 'utf-16be', 'utf-16be-marker', 'utf-32le', 'utf-32be']]),
OptEnum.new('HTML::base64', [false, 'Enable HTML obfuscation via an embeded base64 html object', 'none', ['none', 'plain', 'single_pad', 'double_pad', 'random_space_injection']]),
OptInt.new('HTML::javascript::escape', [false, 'Enable HTML obfuscation via HTML escaping (number of iterations)', 0]),
], Exploit::Remote::HttpServer::HTML
)
], Exploit::Remote::HttpServer::HTML)
end
#
@ -667,14 +664,14 @@ protected
return js
end
#
# Encrypts a given javascript string using the provided key.
#
# Returns a string containing the encrypted string and a loader
#
def encrypt_js(javascript, key)
js_encoded = Rex::Exploitation::EncryptJS.encrypt(javascript, key)
end
#
# Encrypts a given javascript string using the provided key.
#
# Returns a string containing the encrypted string and a loader
#
def encrypt_js(javascript, key)
js_encoded = Rex::Exploitation::EncryptJS.encrypt(javascript, key)
end
#
# Returns the heaplib javascript, including any custom javascript supplied
@ -898,7 +895,7 @@ protected
body = Rex::Text.encode_base64(body)
new = ''
while (body.size > 0)
new << body.slice!(0, rand(3) + 1) + Rex::Text.rand_text(rand(5) + 1, '', " \n")
new << body.slice!(0, rand(3) + 1) + Rex::Text.rand_text(rand(5) + 1, '', " \n")
end
body = new
end

12
lib/msf/core/exploit/oracle.rb
View File

@ -16,14 +16,14 @@ module Exploit::ORACLE
register_options(
[
OptString.new('RHOST', [ true, 'The Oracle host.', '']),
OptString.new('RPORT', [ true, 'The TNS port.', '1521']),
OptString.new('SID', [ true, 'The sid to authenticate with.', 'ORCL']),
OptString.new('DBUSER', [ true, 'The username to authenticate with.', 'SCOTT']),
OptString.new('DBPASS', [ true, 'The password to authenticate with.', 'TIGER']),
OptString.new('RHOST', [ true, 'The Oracle host.', '']),
OptString.new('RPORT', [ true, 'The TNS port.', '1521']),
OptString.new('SID', [ true, 'The sid to authenticate with.', 'ORCL']),
OptString.new('DBUSER', [ true, 'The username to authenticate with.', 'SCOTT']),
OptString.new('DBPASS', [ true, 'The password to authenticate with.', 'TIGER']),
], Msf::Exploit::ORACLE
)
begin
require 'rubygems'
gem 'dbi'

61
lib/msf/core/exploit/smtp_deliver.rb
View File

@ -34,51 +34,52 @@ module Exploit::Remote::SMTPDeliver
# This method connects to the server and sends a message
def send_message(data)
if datastore['VERBOSE']
print_status("Connecting to SMTP server #{rhost}:#{rport}...")
end
if datastore['VERBOSE']
print_status("Connecting to SMTP server #{rhost}:#{rport}...")
end
msock = connect(false)
res = msock.get_once
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
res = raw_send_recv("EHLO #{Rex::Text.rand_text_alpha(rand(32)+1)}\r\n", msock)
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
res = raw_send_recv("MAIL FROM: #{datastore['MAILFROM']}\r\n", msock)
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
res = raw_send_recv("RCPT TO: #{datastore['MAILTO']}\r\n", msock)
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("Sending the message (#{data.length} bytes)...")
end
if datastore['VERBOSE']
print_status("Sending the message (#{data.length} bytes)...")
end
res = raw_send_recv("DATA\r\n", msock)
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
res = raw_send_recv("#{data}\r\n.\r\n", msock)
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("Closing the connection...")
end
if datastore['VERBOSE']
print_status("Closing the connection...")
end
res = raw_send_recv("QUIT\r\n", msock)
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
if datastore['VERBOSE']
print_status("SMTP: #{res.strip}")
end
msock.close
end

10
lib/msf/core/payload/php.rb
View File

@ -13,7 +13,7 @@ module Msf::Payload::Php
dis = options[:disabled_varname] || '$' + Rex::Text.rand_text_alpha(rand(4) + 4)
dis = '$' + dis if (dis[0,1] != '$')
@dis = dis
@dis = dis
preamble = "
@set_time_limit(0); @ignore_user_abort(1); @ini_set('max_execution_time',0);
@ -34,9 +34,9 @@ module Msf::Payload::Php
dis = options[:disabled_varname] || @dis || '$' + Rex::Text.rand_text_alpha(rand(4) + 4)
output = options[:output_varname] || '$' + Rex::Text.rand_text_alpha(rand(4) + 4)
if (@dis.nil?)
@dis = dis
end
if (@dis.nil?)
@dis = dis
end
cmd = '$' + cmd if (cmd[0,1] != '$')
dis = '$' + dis if (dis[0,1] != '$')
@ -143,4 +143,4 @@ module Msf::Payload::Php
return buf
end
end
end

17
lib/msf/core/payload/windows.rb
View File

@ -51,8 +51,8 @@ module Msf::Payload::Windows
[
Msf::OptRaw.new('EXITFUNC', [ true, "Exit technique: #{@@exit_types.keys.join(", ")}", 'thread' ])
], Msf::Payload::Windows )
ret
ret
end
#
@ -77,13 +77,12 @@ module Msf::Payload::Windows
# ensure that the entire stage is read in.
#
def handle_intermediate_stage(conn, payload)
if( self.module_info['Stager']['RequiresMidstager'] == false )
conn.put( [ payload.length ].pack('V') )
# returning false allows stager.rb!handle_connection() to prepend the stage_prefix if needed
return false
end
if( self.module_info['Stager']['RequiresMidstager'] == false )
conn.put( [ payload.length ].pack('V') )
# returning false allows stager.rb!handle_connection() to prepend the stage_prefix if needed
return false
end
return false if (payload.length < 512)
# The mid-stage works by reading in a four byte length in host-byte

148
lib/rex/encoder/ndr.rb
View File

@ -5,83 +5,83 @@ module Encoder
module NDR
# Provide padding to align the string to the 32bit boundary
def NDR.align(string)
return "\x00" * ((4 - (string.length & 3)) & 3)
end
# Encode a 4 byte long
# use to encode:
# long element_1;
def NDR.long(string)
return [string].pack('V')
end
# Encode a 2 byte short
# use to encode:
# short element_1;
def NDR.short(string)
return [string].pack('v')
end
# Encode a single byte
# use to encode:
# byte element_1;
def NDR.byte(string)
return [string].pack('c')
end
# Encode a byte array
# use to encode:
# char element_1
def NDR.UniConformantArray(string)
return long(string.length) + string + align(string)
end
def NDR.align(string)
return "\x00" * ((4 - (string.length & 3)) & 3)
end
# Encode a string
# use to encode:
# char *element_1;
def NDR.string(string)
string << "\x00" # null pad
return long(string.length) + long(0) + long(string.length) + string + align(string)
end
# Encode a string
# use to encode:
# w_char *element_1;
def NDR.wstring(string)
string << "\x00" # null pad
return long(string.length) + long(0) + long(string.length) + Rex::Text.to_unicode(string) + align(Rex::Text.to_unicode(string))
end
# Encode a 4 byte long
# use to encode:
# long element_1;
def NDR.long(string)
return [string].pack('V')
end
# Encode a string and make it unique
# use to encode:
# [unique] w_char *element_1;
def NDR.uwstring(string)
string << "\x00" # null pad
return long(rand(0xffffffff))+long(string.length) + long(0) + long(string.length) + Rex::Text.to_unicode(string) + align(Rex::Text.to_unicode(string))
end
# Encode a string that is already unicode encoded
# use to encode:
# w_char *element_1;
def NDR.wstring_prebuilt(string)
# if the string len is odd, thats bad!
if string.length % 2 > 0
string << "\x00"
end
len = string.length / 2;
return long(len) + long(0) + long(len) + string + align(string)
end
# Encode a 2 byte short
# use to encode:
# short element_1;
def NDR.short(string)
return [string].pack('v')
end
# Encode a single byte
# use to encode:
# byte element_1;
def NDR.byte(string)
return [string].pack('c')
end
# alias to wstring, going away soon
def NDR.UnicodeConformantVaryingString(string)
NDR.wstring(string)
end
# alias to wstring_prebuilt, going away soon
def NDR.UnicodeConformantVaryingStringPreBuilt(string)
NDR.wstring_prebuilt(string)
end
# Encode a byte array
# use to encode:
# char element_1
def NDR.UniConformantArray(string)
return long(string.length) + string + align(string)
end
# Encode a string
# use to encode:
# char *element_1;
def NDR.string(string)
string << "\x00" # null pad
return long(string.length) + long(0) + long(string.length) + string + align(string)
end
# Encode a string
# use to encode:
# w_char *element_1;
def NDR.wstring(string)
string << "\x00" # null pad
return long(string.length) + long(0) + long(string.length) + Rex::Text.to_unicode(string) + align(Rex::Text.to_unicode(string))
end
# Encode a string and make it unique
# use to encode:
# [unique] w_char *element_1;
def NDR.uwstring(string)
string << "\x00" # null pad
return long(rand(0xffffffff))+long(string.length) + long(0) + long(string.length) + Rex::Text.to_unicode(string) + align(Rex::Text.to_unicode(string))
end
# Encode a string that is already unicode encoded
# use to encode:
# w_char *element_1;
def NDR.wstring_prebuilt(string)
# if the string len is odd, thats bad!
if string.length % 2 > 0
string << "\x00"
end
len = string.length / 2;
return long(len) + long(0) + long(len) + string + align(string)
end
# alias to wstring, going away soon
def NDR.UnicodeConformantVaryingString(string)
NDR.wstring(string)
end
# alias to wstring_prebuilt, going away soon
def NDR.UnicodeConformantVaryingStringPreBuilt(string)
NDR.wstring_prebuilt(string)
end
end
end

85
lib/rex/encoder/nonalpha.rb
View File

@ -6,59 +6,56 @@ module Rex
module Encoder
class NonAlpha
def NonAlpha.gen_decoder()
decoder =
"\x66\xB9\xFF\xFF" +
"\xEB\x19" + # Jmp to table
"\x5E" + # pop esi
"\x8B\xFE" + # mov edi, esi - Get table addr
"\x83\xC7" + "A" + # add edi, tablelen - Get shellcode addr
"\x8B\xD7" + # mov edx, edi - Hold end of table ptr
"\x3B\xF2" + # cmp esi, edx
"\x7D\x0B" + # jle to end
"\xB0\x7B" + # mov eax, 0x7B - Set up eax with magic
"\xF2\xAE" + # repne scasb - Find magic!
"\xFF\xCF" + # dec edi - scasb purs us one ahead
"\xAC" + # lodsb
"\x28\x07" + # subb [edi], al
"\xEB\xF1" + # jmp BACK!
"\xEB" + "B" + # jmp [shellcode]
"\xE8\xE2\xFF\xFF\xFF"
end
decoder =
"\x66\xB9\xFF\xFF" +
"\xEB\x19" + # Jmp to table
"\x5E" + # pop esi
"\x8B\xFE" + # mov edi, esi - Get table addr
"\x83\xC7" + "A" + # add edi, tablelen - Get shellcode addr
"\x8B\xD7" + # mov edx, edi - Hold end of table ptr
"\x3B\xF2" + # cmp esi, edx
"\x7D\x0B" + # jle to end
"\xB0\x7B" + # mov eax, 0x7B - Set up eax with magic
"\xF2\xAE" + # repne scasb - Find magic!
"\xFF\xCF" + # dec edi - scasb purs us one ahead
"\xAC" + # lodsb
"\x28\x07" + # subb [edi], al
"\xEB\xF1" + # jmp BACK!
"\xEB" + "B" + # jmp [shellcode]
"\xE8\xE2\xFF\xFF\xFF"
end
def NonAlpha.encode_byte(block, table, tablelen)
if (tablelen > 255) or (block == 0x7B)
raise RuntimeError, "BadChar"
end
if (tablelen > 255) or (block == 0x7B)
raise RuntimeError, "BadChar"
end
if (block >= 0x41 and block <= 0x5A) or (block >= 0x61 and block <= 0x7A)
# gen offset, return magic
offset = 0x7b - block;
table += offset.chr
tablelen = tablelen + 1
block = 0x7B
end
if (block >= 0x41 and block <= 0x5A) or (block >= 0x61 and block <= 0x7A)
# gen offset, return magic
offset = 0x7b - block;
table += offset.chr
tablelen = tablelen + 1
block = 0x7B
end
return [block.chr, table, tablelen]
end
return [block.chr, table, tablelen]
end
def NonAlpha.encode(buf)
table = ""
tablelen = 0
nonascii = ""
encoded = gen_decoder()
buf.each_byte {
|block|
table = ""
tablelen = 0
nonascii = ""
encoded = gen_decoder()
buf.each_byte { |block|
newchar, table, tablelen = encode_byte(block.unpack('C')[0], table, tablelen)
nonascii += newchar
nonascii += newchar
}
encoded.gsub!(/A/, tablelen)
encoded.gsub!(/B/, tablelen+5)
encoded += table
encoded.gsub!(/A/, tablelen)
encoded.gsub!(/B/, tablelen+5)
encoded += table
encoded += nonascii
end
end end end
end end end

2
lib/rex/peparsey/pebase.rb
View File

@ -1456,7 +1456,7 @@ class PeBase
end
def _resource_lookup(i)
tbl = {
tbl = {
'1' => 'RT_CURSOR',
'2' => 'RT_BITMAP',
'3' => 'RT_ICON',

2
lib/rex/socket/ssl_tcp_server.rb
View File

@ -47,7 +47,7 @@ module Rex::Socket::SslTcpServer
t.peerhost = pn[1]
t.peerport = pn[2]
t.accept
t
t
rescue ::OpenSSL::SSL::SSLError
sock.close
nil

88
lib/rex/text.rb
View File

@ -324,18 +324,18 @@ module Text
raise TypeError, "Invalid codepage #{mode}, only 1252 supported for uhwtfms_half"
end
str.each_byte {|byte|
if ((byte >= 33 && byte <= 63) || (byte >= 96 && byte <= 126))
string << "\xFF" + [byte ^ 32].pack('C')
elsif (byte >= 64 && byte <= 95)
string << "\xFF" + [byte ^ 96].pack('C')
else
char = [byte].pack('C')
if ((byte >= 33 && byte <= 63) || (byte >= 96 && byte <= 126))
string << "\xFF" + [byte ^ 32].pack('C')
elsif (byte >= 64 && byte <= 95)
string << "\xFF" + [byte ^ 96].pack('C')
else
char = [byte].pack('C')
possible = @@codepage_map_cache[mode]['data'][char]
if possible.nil?
raise TypeError, "codepage #{mode} does not provide an encoding for 0x#{char.unpack('H*')[0]}"
end
string << possible[ rand(possible.length) ]
end
end
}
return string
else
@ -352,41 +352,41 @@ module Text
return str if mode == 'none' # fast track no encoding
all = /[^\/\\]+/
normal = /[^a-zA-Z0-9\/\\\.\-]+/
normal = /[^a-zA-Z0-9\/\\\.\-]+/
normal_na = /[a-zA-Z0-9\/\\\.\-]/
case mode
when 'hex-normal'
return str.gsub(normal) { |s| Rex::Text.to_hex(s, '%') }
when 'hex-all'
return str.gsub(all) { |s| Rex::Text.to_hex(s, '%') }
when 'hex-random'
res = ''
str.each_byte do |c|
b = c.chr
res << ((rand(2) == 0) ?
b.gsub(all) { |s| Rex::Text.to_hex(s, '%') } :
b.gsub(normal){ |s| Rex::Text.to_hex(s, '%') } )
end
return res
when 'u-normal'
return str.gsub(normal) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms'), '%u', 2) }
when 'u-all'
return str.gsub(all) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms'), '%u', 2) }
when 'u-random'
res = ''
str.each_byte do |c|
b = c.chr
res << ((rand(2) == 0) ?
b.gsub(all) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms'), '%u', 2) } :
b.gsub(normal){ |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms'), '%u', 2) } )
end
return res
when 'u-half'
return str.gsub(all) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms-half'), '%u', 2) }
else
raise TypeError, 'invalid mode'
end
case mode
when 'hex-normal'
return str.gsub(normal) { |s| Rex::Text.to_hex(s, '%') }
when 'hex-all'
return str.gsub(all) { |s| Rex::Text.to_hex(s, '%') }
when 'hex-random'
res = ''
str.each_byte do |c|
b = c.chr
res << ((rand(2) == 0) ?
b.gsub(all) { |s| Rex::Text.to_hex(s, '%') } :
b.gsub(normal){ |s| Rex::Text.to_hex(s, '%') } )
end
return res
when 'u-normal'
return str.gsub(normal) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms'), '%u', 2) }
when 'u-all'
return str.gsub(all) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms'), '%u', 2) }
when 'u-random'
res = ''
str.each_byte do |c|
b = c.chr
res << ((rand(2) == 0) ?
b.gsub(all) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms'), '%u', 2) } :
b.gsub(normal){ |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms'), '%u', 2) } )
end
return res
when 'u-half'
return str.gsub(all) { |s| Rex::Text.to_hex(Rex::Text.to_unicode(s, 'uhwtfms-half'), '%u', 2) }
else
raise TypeError, 'invalid mode'
end
end
# Encode a string in a manor useful for HTTP URIs and URI Parameters.
@ -940,10 +940,10 @@ module Text
# Generate random bytes of high ascii data
def self.rand_text_highascii(len, bad='')
foo = []
foo += (0x80 .. 0xff).map{ |c| c.chr }
rand_base(len, bad, *foo )
end
foo += (0x80 .. 0xff).map{ |c| c.chr }
rand_base(len, bad, *foo )
end
#
# Creates a pattern that can be used for offset calculation purposes. This
# routine is capable of generating patterns using a supplied set and a