From 1e2d860ae12697c099f4bca11b7c1406ded31fee Mon Sep 17 00:00:00 2001 From: sinn3r Date: Tue, 30 Sep 2014 12:19:27 -0500 Subject: [PATCH 1/2] Fix #3914 - Inconsistent unicode names --- lib/msf/core/exploit/http/server.rb | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/lib/msf/core/exploit/http/server.rb b/lib/msf/core/exploit/http/server.rb index 3ce4904f88..7ff68253de 100644 --- a/lib/msf/core/exploit/http/server.rb +++ b/lib/msf/core/exploit/http/server.rb @@ -676,6 +676,16 @@ module Exploit::Remote::HttpServer::HTML include Msf::Exploit::Remote::HttpServer + UTF_NONE = 'none' + UTF_7 = 'utf-7' + UTF_7_ALL = 'utf-7-all' + UTF_8 = 'utf-8' + UTF_16_LE = 'utf-16le' + UTF_16_BE = 'utf-16be' + UTF_16_BE_MARKER = 'utf-16be-marker' + UTF_32_LE = 'utf-32le' + UTF_32_BE = 'utf-32be' + protected def initialize(info = {}) @@ -687,7 +697,7 @@ protected # most browsers. as such, they are not added by default. The # mixin supports encoding using them, however they are not # listed in the Option. - OptEnum.new('HTML::unicode', [false, 'Enable HTTP obfuscation via unicode', 'none', ['none', 'utf-16le', 'utf-16be', 'utf-16be-marker', 'utf-32le', 'utf-32be']]), + OptEnum.new('HTML::unicode', [false, 'Enable HTTP obfuscation via unicode', UTF_NONE, [UTF_NONE, UTF_16_LE, UTF_16_BE, UTF_16_BE_MARKER, UTF_32_LE, UTF_32_BE]]), OptEnum.new('HTML::base64', [false, 'Enable HTML obfuscation via an embeded base64 html object (IE not supported)', 'none', ['none', 'plain', 'single_pad', 'double_pad', 'random_space_injection']]), OptInt.new('HTML::javascript::escape', [false, 'Enable HTML obfuscation via HTML escaping (number of iterations)', 0]), ], Exploit::Remote::HttpServer::HTML) @@ -881,19 +891,19 @@ protected } end - if ['utf-16le','utf-16be','utf32-le','utf32-be','utf-7','utf-8'].include?(datastore['HTML::unicode']) + if [UTF_16_LE,UTF_16_BE,UTF_32_LE,UTF_32_BE,UTF_7,UTF_8].include?(datastore['HTML::unicode']) headers['Content-Type'] = 'text/html; charset= ' + datastore['HTML::unicode'] body = Rex::Text.to_unicode(body, datastore['HTML::unicode']) else # special cases case datastore['HTML::unicode'] - when 'utf-16be-marker' + when UTF_16_BE_MARKER headers['Content-Type'] = 'text/html' - body = "\xFE\xFF" + Rex::Text.to_unicode(body, 'utf-16be') - when 'utf-7-all' - headers['Content-Type'] = 'text/html; charset=utf-7' - body = Rex::Text.to_unicode(body, 'utf-7', 'all') - when 'none' + body = "\xFE\xFF" + Rex::Text.to_unicode(body, UTF_16_BE) + when UTF_7_ALL + headers['Content-Type'] = "text/html; charset=#{UTF_7}" + body = Rex::Text.to_unicode(body, UTF_7, 'all') + when UTF_NONE # do nothing else raise RuntimeError, 'Invalid unicode. how did you get here?' From dbc199ad77f25dc8047b073c47988b80ad854b14 Mon Sep 17 00:00:00 2001 From: jvazquez-r7 Date: Wed, 8 Oct 2014 13:56:59 -0500 Subject: [PATCH 2/2] space after commas --- lib/msf/core/exploit/http/server.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/msf/core/exploit/http/server.rb b/lib/msf/core/exploit/http/server.rb index 7ff68253de..7a5013cd99 100644 --- a/lib/msf/core/exploit/http/server.rb +++ b/lib/msf/core/exploit/http/server.rb @@ -891,7 +891,7 @@ protected } end - if [UTF_16_LE,UTF_16_BE,UTF_32_LE,UTF_32_BE,UTF_7,UTF_8].include?(datastore['HTML::unicode']) + if [UTF_16_LE, UTF_16_BE, UTF_32_LE, UTF_32_BE, UTF_7, UTF_8].include?(datastore['HTML::unicode']) headers['Content-Type'] = 'text/html; charset= ' + datastore['HTML::unicode'] body = Rex::Text.to_unicode(body, datastore['HTML::unicode']) else