rex-exploitation 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/.gitignore +6 -1
  5. data/lib/rex/exploitation/cmdstager/echo.rb +18 -3
  6. data/lib/rex/exploitation/version.rb +1 -1
  7. metadata +2 -2
  8. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: db83c76f7bf06ed1b44befaf6ea881c32b07f73d
4
- data.tar.gz: 3c57b994f8c5484e25e6bf7dd17da346227dac29
3
+ metadata.gz: 3a9908242d2efc6117d8624bf750b6f7155b7499
4
+ data.tar.gz: feb396f96d5edaaeb2dcdf142b9de516b95136e3
5
5
  SHA512:
6
- metadata.gz: 777be5970698c74ba085fe7fcc7c5db0f5ddb2c1745d77dc2ab581c3d6622ed23ce2498b09539d1511aa093a15da699894b415cd073acd38ef0994515c7d7bb8
7
- data.tar.gz: cff271b09dd699abc5df5b30e366c7bd1f678022d7a720a03bda41e1fbce3fb1b15da0a8ea0eca9f50d791223fcd718ddfbb02cec203005eaea2c2c3f57d0753
6
+ metadata.gz: 57f496dc9e7b45e3fb8024456265d1a8d884cc8dd77532cf46458b5cd26e4c956fbec3ef32c294116244c4f17f4bf3cf7aeeb0a52a0d710340693d1aa8be1882
7
+ data.tar.gz: b61a3b3b5a470135cd7a5b58b99a194e17fb887b59b3d110162a22e9e9b36e51a436dc9b3093d7db9cd71a1c53a917a17b6788a4dd51cfd62c7edf59a045c0bb
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/.gitignore CHANGED
@@ -8,4 +8,9 @@
8
8
  /spec/reports/
9
9
  /tmp/
10
10
  /.ruby-version
11
- /.ruby-gemset
11
+ /.ruby-gemset
12
+ .DS_Store
13
+ *.swp
14
+ *.orig
15
+ *.rej
16
+ *~
data/lib/rex/exploitation/cmdstager/echo.rb CHANGED
@@ -10,8 +10,10 @@ module Exploitation
10
10
  class CmdStagerEcho < CmdStagerBase
11
11
 
12
12
  ENCODINGS = {
13
- 'hex' => "\\\\x",
14
- 'octal' => "\\\\"
13
+ 'hex' => "\\\\x",
14
+ 'octal' => "\\\\",
15
+ 'hex_double_quoted' => "\\x",
16
+ 'hex_single_quoted' => "\\x",
15
17
  }
16
18
 
17
19
  def initialize(exe)
@@ -55,6 +57,9 @@ class CmdStagerEcho < CmdStagerBase
55
57
 
56
58
  @cmd_end = ">>#{@tempdir}#{@var_elf}"
57
59
  xtra_len = @cmd_start.length + @cmd_end.length
60
+ if opts[:enc_format].to_s =~ /quoted/
61
+ xtra_len += 2
62
+ end
58
63
  opts.merge!({ :extra => xtra_len })
59
64
 
60
65
  @prefix = opts[:prefix] || ENCODINGS[opts[:enc_format]]
@@ -92,7 +97,13 @@ class CmdStagerEcho < CmdStagerBase
92
97
  parts.map do |p|
93
98
  cmd = ''
94
99
  cmd << @cmd_start
95
- cmd << p
100
+ if opts[:enc_format] == 'hex_double_quoted'
101
+ cmd << %Q{"#{p}"}
102
+ elsif opts[:enc_format] == 'hex_single_quoted'
103
+ cmd << %Q{'#{p}'}
104
+ else
105
+ cmd << p
106
+ end
96
107
  cmd << @cmd_end
97
108
  cmd
98
109
  end
@@ -146,6 +157,10 @@ class CmdStagerEcho < CmdStagerBase
146
157
  while (fixed_part.length > 0 && fixed_part[-5, @prefix.length] != @prefix)
147
158
  fixed_part.chop!
148
159
  end
160
+ when /hex_.*_quoted/
161
+ while (fixed_part.length > 0 && fixed_part[-4, @prefix.length] != @prefix)
162
+ fixed_part.chop!
163
+ end
149
164
  when 'octal'
150
165
  if remaining.length > fixed_part.length and remaining[fixed_part.length, @prefix.length] != @prefix
151
166
  pos = fixed_part.rindex('\\')
data/lib/rex/exploitation/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rex
2
2
  module Exploitation
3
- VERSION = "0.1.3"
3
+ VERSION = "0.1.4"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rex-exploitation
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Maloney
@@ -88,7 +88,7 @@ cert_chain:
88
88
  G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
89
89
  8mVuTXnyJOKRJA==
90
90
  -----END CERTIFICATE-----
91
- date: 2016-11-21 00:00:00.000000000 Z
91
+ date: 2016-12-06 00:00:00.000000000 Z
92
92
  dependencies:
93
93
  - !ruby/object:Gem::Dependency
94
94
  name: bundler
metadata.gz.sig CHANGED
Binary file