Patches in from PC

git-svn-id: file:///home/svn/incoming/trunk@3441 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-24 23:08:20 +00:00 · 2006-01-24 23:08:20 +00:00 · ffd0ffe5b5
parent 98b9a977f4
commit ffd0ffe5b5
4 changed files with 51 additions and 26 deletions
--- a/lib/rex/encoder/alpha2/alpha_mixed.rb
+++ b/lib/rex/encoder/alpha2/alpha_mixed.rb
@ -9,23 +9,30 @@ module Alpha2
 class AlphaMixed < Generic

 	def self.gen_decoder_prefix(reg, offset)
-		if (offset > 16)
+		if (offset > 34)
 			raise "Critical: Offset is greater than 16"
 		end

 		# use inc ebx as a nop here so we still pad correctly
-		nop = 'C' * offset
-		dec = 'I' * (16 - offset) + nop + '7QZ'    # dec ecx,,, push ecx, pop edx
-
+		if (offset <= 16)
+			nop = 'C' * offset
+			mod = 'I' * (16 - offset) + nop + '7QZ'    # dec ecx,,, push ecx, pop edx
+			edxmod = 'J' * (17 - offset)
+		else
+			mod = 'A' * (offset - 16) 
+			nop = 'C' * (16 - mod.length)
+			mod += nop + '7QZ'
+			edxmod = 'B' * (17 - (offset - 16))
+		end
 		regprefix = {
-			'EAX'   => 'PY' + dec,                         # push eax, pop ecx
-			'ECX'   => 'I' + dec,                          # dec ecx
-			'EDX'   => 'J' * (17 - offset) + nop + '7RY',  # dec edx,,, push edx, pop ecx
-			'EBX'   => 'SY' + dec,                         # push ebx, pop ecx
-			'ESP'   => 'TY' + dec,                         # push esp, pop ecx
-			'EBP'   => 'UY' + dec,                         # push ebp, pop ecx
-			'ESI'   => 'VY' + dec,                         # push esi, pop ecx
-			'EDI'   => 'WY' + dec,                         # push edi, pop ecx
+			'EAX'   => 'PY' + mod,                         # push eax, pop ecx
+			'ECX'   => 'I' + mod,                          # dec ecx
+			'EDX'   =>  edxmod + nop + '7RY',			   # dec edx,,, push edx, pop ecx
+			'EBX'   => 'SY' + mod,                         # push ebx, pop ecx
+			'ESP'   => 'TY' + mod,                         # push esp, pop ecx
+			'EBP'   => 'UY' + mod,                         # push ebp, pop ecx
+			'ESI'   => 'VY' + mod,                         # push esi, pop ecx
+			'EDI'   => 'WY' + mod,                         # push edi, pop ecx
 		}

 		return regprefix[reg]
--- a/lib/rex/encoder/alpha2/alpha_upper.rb
+++ b/lib/rex/encoder/alpha2/alpha_upper.rb
@ -10,18 +10,25 @@ class AlphaUpper < Generic
 	@@accepted_chars = ('B' .. 'Z').to_a + ('0' .. '9').to_a
    
 	def self.gen_decoder_prefix(reg, offset)
-		if (offset > 10)
+		if (offset > 20)
 			raise "Critical: Offset is greater than 10"
 		end

 		# use inc ebx as a nop here so we still pad correctly
-		nop = 'C' * offset
-		dec = 'I' * (10 - offset) + nop + 'QZ'           # dec ecx,,, push ecx, pop edx
-
+        if (offset <= 10)
+            nop = 'C' * offset
+            mod = 'I' * (10 - offset) + nop + '7QZ'    # dec ecx,,, push ecx, pop edx
+            edxmod = 'J' * (11 - offset)
+        else
+            mod = 'A' * (offset - 10)
+            nop = 'C' * (10 - mod.length)
+            mod += nop + '7QZ'
+            edxmod = 'B' * (11 - (offset - 10))
+        end
 		regprefix = {
 			'EAX'   => 'PY' + dec,                        # push eax, pop ecx
 			'ECX'   => 'I' + dec,                         # dec ecx
-			'EDX'   => 'J' * (11 - offset) + nop + 'RY',  # dec edx,,, push edx, pop ecx
+			'EDX'   =>  edxmod + nop + 'RY',  			  # dec edx,,, push edx, pop ecx
 			'EBX'   => 'SY' + dec,                        # push ebx, pop ecx
 			'ESP'   => 'TY' + dec,                        # push esp, pop ecx
 			'EBP'   => 'UY' + dec,                        # push ebp, pop ecx
--- a/lib/rex/encoder/alpha2/unicode_mixed.rb
+++ b/lib/rex/encoder/alpha2/unicode_mixed.rb
@ -20,14 +20,19 @@ class UnicodeMixed < Generic
 	end
    
 	def self.gen_decoder_prefix(reg, offset)
-		if (offset > 14)
-			 raise "Critical: Offset is greater than 14"
+		if (offset > 28)
+			 raise "Critical: Offset is greater than 28"
 		end

 		# offset untested for unicode :(
-		nop = 'CP' * offset
-		dec = 'IA' * (14 - offset) + nop    # dec ecx,,, push ecx, pop edx
-
+        if (offset <= 14)
+            nop = 'CP' * offset
+            mod = 'IA' * (14 - offset) + nop    # dec ecx,,, push ecx, pop edx
+        else
+            mod = 'AA' * (offset - 14)			# inc ecx
+            nop = 'CP' * (14 - mod.length)
+            mod += nop
+        end	
 		regprefix = {                       # nops ignored below
 			'EAX'   => 'PPYA' + dec,         # push eax, pop ecx
 			'ECX'   =>  dec + "4444",        # dec ecx
--- a/lib/rex/encoder/alpha2/unicode_upper.rb
+++ b/lib/rex/encoder/alpha2/unicode_upper.rb
@ -21,13 +21,19 @@ class UnicodeUpper < Generic
 	end

 	def self.gen_decoder_prefix(reg, offset)
-		if (offset > 4)
-			raise "Critical: Offset is greater than 4"
+		if (offset > 8)
+			raise "Critical: Offset is greater than 8"
 		end

 		# offset untested for unicode :(
-		nop = 'CP' * offset
-		dec = 'IA' * (4 - offset) + nop    # dec ecx,,, push ecx, pop edx
+        if (offset <= 4)
+            nop = 'CP' * offset
+            mod = 'IA' * (4 - offset) + nop    # dec ecx,,, push ecx, pop edx
+        else
+            mod = 'AA' * (offset - 4)          # inc ecx
+            nop = 'CP' * (4 - mod.length)
+            mod += nop
+        end

 		regprefix = {                      # nops ignored below
 			'EAX'   => 'PPYA' + dec,        # push eax, pop ecx