Permalink
Browse files

Switches the executable template to something a little nicer and adds…

… exe output to msfencode

git-svn-id: file:///home/svn/framework3/trunk@5689 4d416f70-5f16-0410-b530-b9f4589650da
  • Loading branch information...
1 parent e341e46 commit 6d5ac7eead0b8e8290412ff24d6c1ecbf3eeb579 HD Moore committed Sep 26, 2008
Showing with 29 additions and 9 deletions.
  1. BIN data/templates/template.exe
  2. +1 −4 lib/rex/text.rb
  3. +26 −3 msfencode
  4. +2 −2 msfpayload
View
Binary file not shown.
View
@@ -591,10 +591,7 @@ def self.to_win32pe(code = "\xcc", note="")
fd.close
bo = pe.index('PAYLOAD:')
- co = pe.index('COMMENT:')
-
- pe[bo, 8192] = [code].pack('a8192') if bo
- pe[co, 512] = [note].pack('a512') if co
+ pe[bo, 1024] = [code].pack('a1024') if bo
return pe
end
View
@@ -19,6 +19,7 @@ $args = Rex::Parser::Arguments.new(
"-b" => [ true, "The list of characters to avoid: '\\x00\\xff'" ],
"-s" => [ true, "The maximum size of the encoded data" ],
"-e" => [ true, "The encoder to use" ],
+ "-o" => [ true, "The output file" ],
"-n" => [ false, "Dump encoder information" ],
"-h" => [ false, "Help banner" ],
"-l" => [ false, "List available encoders" ])
@@ -87,6 +88,7 @@ fmt = "c"
input = $stdin
options = ''
delim = '_|_'
+output = nil
# Parse the argument and rock that shit.
$args.parse(ARGV) { |opt, idx, val|
@@ -111,12 +113,14 @@ $args.parse(ARGV) { |opt, idx, val|
when "-s"
space = val.to_i
when "-t"
- if (val =~ /^(perl|ruby|raw|c)$/)
+ if (val =~ /^(perl|ruby|raw|c|exe)$/)
fmt = val
else
$stderr.puts(OutError + "Invalid format: #{val}")
exit
end
+ when "-o"
+ output = val
when "-e"
encoder = val
when "-h"
@@ -152,7 +156,7 @@ case cmd
# Imports options
enc.datastore.import_options_from_s(options, delim)
- # Encode it upt
+ # Encode it up
raw = enc.encode(buf, badchars)
# Is it too big?
@@ -163,7 +167,26 @@ case cmd
# Print it out
$stderr.puts(OutStatus + "#{enc.refname} succeeded, final size #{raw.length}\n\n")
- $stdout.print(Msf::Simple::Buffer.transform(raw, fmt))
+
+ if(fmt != "exe")
+ if(not output)
+ $stdout.print(Msf::Simple::Buffer.transform(raw, fmt))
+ else
+ File.open(output, "wb") do |fd|
+ fd.write(Msf::Simple::Buffer.transform(raw, fmt))
+ end
+ end
+ else
+ exe = Rex::Text.to_win32pe(buf, "")
+ if(not output)
+ $stdout.write(exe)
+ else
+ File.open(output, "wb") do |fd|
+ fd.write(exe)
+ end
+ end
+ end
+
exit
rescue
View
@@ -93,8 +93,8 @@ if (cmd =~ /^(p|y|r|c|j|x|b)/)
if (arch.index(ARCH_X86))
- # Automatically prepend stack adjustment
- buf = Rex::Arch.adjust_stack_pointer('x86', -3500) + buf
+ # XXX: Automatically prepend stack adjustment
+ # XXX: buf = Rex::Arch.adjust_stack_pointer('x86', -3500) + buf
if (plat.index(Msf::Module::Platform::Windows))
buf = Rex::Text.to_win32pe(buf, note)

0 comments on commit 6d5ac7e

Please sign in to comment.