CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/modules/encoders/x86/nonalpha.rb
Views: 1904
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45require 'rex/encoder/nonalpha'67class MetasploitModule < Msf::Encoder::NonAlpha8Rank = LowRanking910def initialize11super(12'Name' => "Non-Alpha Encoder",13'Description' => %q{14Encodes payloads as non-alpha based bytes. This allows15payloads to bypass both toupper() and tolower() calls,16but will fail isalpha(). Table based design from17Russel Sanford.18},19'Author' => [ 'pusscat'],20'Arch' => ARCH_X86,21'License' => BSD_LICENSE,22'EncoderType' => Msf::Encoder::Type::NonAlpha,23'Decoder' =>24{25'BlockSize' => 1,26})27end2829#30# Returns the decoder stub that is adjusted for the size of the buffer31# being encoded.32#33def decoder_stub(state)34state.key = ""35state.decoder_key_size = 036Rex::Encoder::NonAlpha::gen_decoder()37end3839#40# Encodes a one byte block with the current index of the length of the41# payload.42#43def encode_block(state, block)44begin45newchar, state.key, state.decoder_key_size = Rex::Encoder::NonAlpha::encode_byte(block.unpack('C')[0], state.key, state.decoder_key_size)46rescue RuntimeError => e47raise BadcharError if e.message == "BadChar"48end49return newchar50end5152#53# Fix stuff, and add the table :)54#55def encode_end(state)56state.encoded.gsub!(/A/, state.decoder_key_size.chr)57state.encoded.gsub!(/B/, (state.decoder_key_size+5).chr)58state.encoded[0x24, 0] = state.key59end60end616263