rex-exploitation 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/.gitignore +6 -1
- data/lib/rex/exploitation/cmdstager/echo.rb +18 -3
- data/lib/rex/exploitation/version.rb +1 -1
- metadata +2 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3a9908242d2efc6117d8624bf750b6f7155b7499
|
4
|
+
data.tar.gz: feb396f96d5edaaeb2dcdf142b9de516b95136e3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 57f496dc9e7b45e3fb8024456265d1a8d884cc8dd77532cf46458b5cd26e4c956fbec3ef32c294116244c4f17f4bf3cf7aeeb0a52a0d710340693d1aa8be1882
|
7
|
+
data.tar.gz: b61a3b3b5a470135cd7a5b58b99a194e17fb887b59b3d110162a22e9e9b36e51a436dc9b3093d7db9cd71a1c53a917a17b6788a4dd51cfd62c7edf59a045c0bb
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
data/.gitignore
CHANGED
@@ -10,8 +10,10 @@ module Exploitation
|
|
10
10
|
class CmdStagerEcho < CmdStagerBase
|
11
11
|
|
12
12
|
ENCODINGS = {
|
13
|
-
'hex'
|
14
|
-
'octal'
|
13
|
+
'hex' => "\\\\x",
|
14
|
+
'octal' => "\\\\",
|
15
|
+
'hex_double_quoted' => "\\x",
|
16
|
+
'hex_single_quoted' => "\\x",
|
15
17
|
}
|
16
18
|
|
17
19
|
def initialize(exe)
|
@@ -55,6 +57,9 @@ class CmdStagerEcho < CmdStagerBase
|
|
55
57
|
|
56
58
|
@cmd_end = ">>#{@tempdir}#{@var_elf}"
|
57
59
|
xtra_len = @cmd_start.length + @cmd_end.length
|
60
|
+
if opts[:enc_format].to_s =~ /quoted/
|
61
|
+
xtra_len += 2
|
62
|
+
end
|
58
63
|
opts.merge!({ :extra => xtra_len })
|
59
64
|
|
60
65
|
@prefix = opts[:prefix] || ENCODINGS[opts[:enc_format]]
|
@@ -92,7 +97,13 @@ class CmdStagerEcho < CmdStagerBase
|
|
92
97
|
parts.map do |p|
|
93
98
|
cmd = ''
|
94
99
|
cmd << @cmd_start
|
95
|
-
|
100
|
+
if opts[:enc_format] == 'hex_double_quoted'
|
101
|
+
cmd << %Q{"#{p}"}
|
102
|
+
elsif opts[:enc_format] == 'hex_single_quoted'
|
103
|
+
cmd << %Q{'#{p}'}
|
104
|
+
else
|
105
|
+
cmd << p
|
106
|
+
end
|
96
107
|
cmd << @cmd_end
|
97
108
|
cmd
|
98
109
|
end
|
@@ -146,6 +157,10 @@ class CmdStagerEcho < CmdStagerBase
|
|
146
157
|
while (fixed_part.length > 0 && fixed_part[-5, @prefix.length] != @prefix)
|
147
158
|
fixed_part.chop!
|
148
159
|
end
|
160
|
+
when /hex_.*_quoted/
|
161
|
+
while (fixed_part.length > 0 && fixed_part[-4, @prefix.length] != @prefix)
|
162
|
+
fixed_part.chop!
|
163
|
+
end
|
149
164
|
when 'octal'
|
150
165
|
if remaining.length > fixed_part.length and remaining[fixed_part.length, @prefix.length] != @prefix
|
151
166
|
pos = fixed_part.rindex('\\')
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rex-exploitation
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Maloney
|
@@ -88,7 +88,7 @@ cert_chain:
|
|
88
88
|
G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
|
89
89
|
8mVuTXnyJOKRJA==
|
90
90
|
-----END CERTIFICATE-----
|
91
|
-
date: 2016-
|
91
|
+
date: 2016-12-06 00:00:00.000000000 Z
|
92
92
|
dependencies:
|
93
93
|
- !ruby/object:Gem::Dependency
|
94
94
|
name: bundler
|
metadata.gz.sig
CHANGED
Binary file
|