Class: Msf::Encoder::Xor

Inherits:
Msf::Encoder show all
Defined in:
lib/msf/core/encoder/xor.rb

Overview

This class provides basic XOR encoding of buffers.

Direct Known Subclasses

XorAdditiveFeedback

Constant Summary

Constants inherited from Module

Module::REPLICANT_EXTENSION_DS_KEY

Constants included from Module::ModuleInfo

Module::ModuleInfo::UpdateableOptions

Instance Attribute Summary

Attributes inherited from Msf::Encoder

#available_space

Attributes inherited from Module

#error, #job_id, #license, #platform, #privileged, #references, #user_data

Attributes included from Framework::Offspring

#framework

Attributes included from Module::UUID

#uuid

Attributes included from Rex::Ui::Subscriber::Input

#user_input

Attributes included from Rex::Ui::Subscriber::Output

#user_output

Attributes included from Module::Privileged

#priveli, #privileged

Attributes included from Module::Options

#options

Attributes included from Module::ModuleStore

#module_store

Attributes included from Module::ModuleInfo

#module_info

Attributes included from Module::FullName

#aliased_as

Attributes included from Module::DataStore

#datastore

Attributes included from Module::Author

#author

Attributes included from Module::Arch

#arch

Attributes included from Module::Alert

#alerts, #you_have_been_warned

Instance Method Summary collapse

Methods inherited from Msf::Encoder

#can_preserve_registers?, #decoder_block_size, #decoder_hash, #decoder_key_offset, #decoder_key_pack, #decoder_key_size, #decoder_stub, #do_encode, #encode, #encode_begin, #encode_end, #encode_finalize_stub, #encoder_type, #find_context_key, #find_key, #find_key_verify, #has_badchars?, #init_platform, #init_state, #initialize, #integer_to_key_bytes, #key_bytes_to_buffer, #key_bytes_to_integer, #modified_registers, #obtain_key, #prepend_buf, #preserves_stack?, #to_native, type, #type

Methods inherited from Module

#adapted_refname, #adapter_refname, #black_listed_auth_filenames, cached?, #debugging?, #default_cred?, #fail_with, #file_path, #framework, #has_check?, #initialize, #orig_cls, #owner, #perform_extensions, #platform?, #platform_to_s, #post_auth?, #register_extensions, #register_parent, #replicant, #required_cred_options, #set_defaults, #stage_refname, #stager_refname, #workspace

Methods included from Module::Reliability

#reliability, #reliability_to_s

Methods included from Module::Stability

#stability, #stability_to_s

Methods included from Module::SideEffects

#side_effects, #side_effects_to_s

Methods included from Module::UUID

#generate_uuid

Methods included from Module::UI

#init_ui

Methods included from Module::UI::Message

#print_error, #print_good, #print_prefix, #print_status, #print_warning

Methods included from Module::UI::Message::Verbose

#vprint_error, #vprint_good, #vprint_status, #vprint_warning

Methods included from Module::UI::Line

#print_line, #print_line_prefix

Methods included from Module::UI::Line::Verbose

#vprint_line

Methods included from Rex::Ui::Subscriber

#copy_ui, #init_ui, #reset_ui

Methods included from Rex::Ui::Subscriber::Input

#gets

Methods included from Rex::Ui::Subscriber::Output

#flush, #print, #print_blank_line, #print_error, #print_good, #print_line, #print_status, #print_warning

Methods included from Module::Type

#auxiliary?, #encoder?, #evasion?, #exploit?, #nop?, #payload?, #post?, #type

Methods included from Module::Ranking

#rank, #rank_to_h, #rank_to_s

Methods included from Module::Privileged

#privileged?

Methods included from Module::Options

#deregister_options, #register_advanced_options, #register_evasion_options, #register_options, #validate

Methods included from Module::Network

#comm, #support_ipv6?, #target_host, #target_port

Methods included from Module::ModuleStore

#[], #[]=

Methods included from Module::ModuleInfo

#alias, #description, #disclosure_date, #info_fixups, #merge_check_key, #merge_info, #merge_info_advanced_options, #merge_info_alias, #merge_info_description, #merge_info_evasion_options, #merge_info_name, #merge_info_options, #merge_info_string, #merge_info_version, #name, #notes, #update_info

Methods included from Module::FullName

#aliases, #fullname, #promptname, #realname, #refname, #shortname

Methods included from Module::DataStore

#import_defaults, #import_target_defaults, #share_datastore

Methods included from Module::Compatibility

#compat, #compatible?, #init_compat

Methods included from Module::Author

#author_to_s, #each_author

Methods included from Module::Auth

#store_valid_credential

Methods included from Module::Arch

#arch?, #arch_to_s, #each_arch

Methods included from Module::Alert

#add_alert, #add_error, #add_warning, #alert_user, #errors, #get_alerts, included, #is_usable?, #warnings

Constructor Details

This class inherits a constructor from Msf::Encoder

Instance Method Details

#encode_block(state, block) ⇒ Object

Encodes a block using the XOR encoder from the Rex library.



13
14
15
16
17
18
19
20
21
22
# File 'lib/msf/core/encoder/xor.rb', line 13

def encode_block(state, block)
  encoder = case state.decoder_key_size
    when Rex::Encoding::Xor::Qword.keysize then Rex::Encoding::Xor::Qword
    when Rex::Encoding::Xor::Dword.keysize then	Rex::Encoding::Xor::Dword
    when Rex::Encoding::Xor::Word.keysize then Rex::Encoding::Xor::Word
    when Rex::Encoding::Xor::Byte.keysize then Rex::Encoding::Xor::Byte
    else Rex::Encoding::Xor::Dword
  end
  encoder.encode(block, [ state.key ].pack(state.decoder_key_pack))[0]
end

#find_bad_keys(buf, badchars) ⇒ Object

Finds keys that are incompatible with the supplied bad character list.



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# File 'lib/msf/core/encoder/xor.rb', line 27

def find_bad_keys(buf, badchars)
  # Short circuit if there are no badchars
  return super if badchars.length == 0

  bad_keys = Array.new(decoder_key_size) { Hash.new }
  byte_idx = 0

  # Scan through all the badchars and build out the bad_keys array
  # based on the XOR'd combinations that can occur at certain bytes
  # to produce bad characters
  buf.each_byte { |byte|
    badchars.each_byte { |badchar|
      bad_keys[byte_idx % decoder_key_size][byte ^ badchar] = true
    }
    byte_idx += 1
  }

  badchars.each_byte { |badchar|
    0.upto(decoder_key_size-1) { |i|
      bad_keys[i][badchar] = true
    }
  }

  return bad_keys
end