Skip to content

Commit

Permalink
added js obfuscation for heap spray
Browse files Browse the repository at this point in the history
  • Loading branch information
jvazquez-r7 committed Sep 24, 2012
1 parent 8b8da0b commit 2784a5e
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions modules/exploits/windows/browser/ie_execcommand_uaf.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,12 @@ def initialize(info={})
'Privileged' => false,
'DisclosureDate' => "Sep 14 2012", # When it was spotted in the wild by eromang
'DefaultTarget' => 0))

register_options(
[
OptBool.new('OBFUSCATE', [false, 'Enable JavaScript obfuscation', false])
], self.class)

end

def get_target(agent)
Expand Down Expand Up @@ -283,6 +289,10 @@ def load_html1(cli, my_target)
end

js = heaplib(js, {:noobfu => true})
if datastore['OBFUSCATE']
js = ::Rex::Exploitation::JSObfu.new(js)
js.obfuscate
end

html = <<-EOS
<html>
Expand Down

0 comments on commit 2784a5e

Please sign in to comment.