Module: Rex::Payloads::Win32::Kernel

Defined in:
lib/rex/payloads/win32/kernel.rb,
lib/rex/payloads/win32/kernel/common.rb,
lib/rex/payloads/win32/kernel/stager.rb,
lib/rex/payloads/win32/kernel/recovery.rb,
lib/rex/payloads/win32/kernel/migration.rb

Defined Under Namespace

Modules: Common, Migration, Recovery, Stager

Class Method Summary collapse

Class Method Details

.construct(opts = {}) ⇒ Object

Constructs a kernel-mode payload using the supplied options. The options can be:

Recovery : The recovery method to use, such as ‘spin’. Stager : The stager method to use, such as ‘sud_syscall_hook’. RecoveryStub : The recovery stub that should be used, if any. UserModeStub : The user-mode payload to execute, if any. KernelModeStub: The kernel-mode payload to execute, if any.



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/rex/payloads/win32/kernel.rb', line 23

def self.construct(opts = {})
	payload = nil

	# Generate the recovery stub
	if opts['Recovery'] and Kernel::Recovery.respond_to?(opts['Recovery'])
		opts['RecoveryStub'] = Kernel::Recovery.send(opts['Recovery'], opts)
	end

	# Append supplied recovery stub information in case there is some
	# context specific recovery that must be done.
	if opts['AppendRecoveryStub']
		opts['RecoveryStub'] = (opts['RecoveryStub'] || '') + opts['AppendRecoveryStub']
	end

	# Generate the stager
	if opts['Stager'] and Kernel::Stager.respond_to?(opts['Stager'])
		payload = Kernel::Stager.send(opts['Stager'], opts)
	# Or, generate the migrator
	elsif opts['Migrator'] and Kernel::Migration.respond_to?(opts['Migrator'])
		payload = Kernel::Migration.send(opts['Migrator'], opts)
	else
		raise ArgumentError, "A stager or a migrator must be specified."
	end

	payload
end