Class: Rex::Exploitation::Js::Memory

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/exploitation/js/memory.rb

Overview

Provides meomry manipulative functions in JavaScript

Class Method Summary collapse

Class Method Details

.explib2Object 



61
62
63
64
65
 
# File 'lib/rex/exploitation/js/memory.rb', line 61

def self.explib2
  js = ::File.read(::File.join(Msf::Config.data_directory, "js", "memory", "explib2", "lib", "explib2.js"))

  ::Rex::Exploitation::ObfuscateJS.obfuscate(js)
end

.explib2_payload(payload = "exec") ⇒ Object 



67
68
69
70
71
72
73
74
75
76
 
# File 'lib/rex/exploitation/js/memory.rb', line 67

def self.explib2_payload(payload="exec")
  case payload
  when "drop_exec"
    js = ::File.read(::File.join(Msf::Config.data_directory, "js", "memory", "explib2", "payload", "drop_exec.js"))
  else # "exec"
    js = ::File.read(::File.join(Msf::Config.data_directory, "js", "memory", "explib2", "payload", "exec.js"))
  end

  ::Rex::Exploitation::ObfuscateJS.obfuscate(js)
end

.heap_sprayObject 



50
51
52
53
54
55
56
57
58
59
 
# File 'lib/rex/exploitation/js/memory.rb', line 50

def self.heap_spray
  js = ::File.read(::File.join(Msf::Config.data_directory, "js", "memory", "heap_spray.js"))

  ::Rex::Exploitation::ObfuscateJS.new(js,
    {
      'Symbols' => {
        'Variables' => %w{ index heapSprayAddr_hi heapSprayAddr_lo retSlide heapBlockCnt }
      }
    }).obfuscate
end

.heaplib2(custom_js = '', opts = {}) ⇒ Object 



27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/rex/exploitation/js/memory.rb', line 27

def self.heaplib2(custom_js='', opts={})
  js = ::File.read(::File.join(Msf::Config.data_directory, "js", "memory", "heaplib2.js"))

  unless custom_js.to_s.empty?
    js << custom_js
  end

  js = ::Rex::Exploitation::JSObfu.new js
  js.obfuscate
  return js
end

.mstime_mallocObject 



14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/rex/exploitation/js/memory.rb', line 14

def self.mstime_malloc
  js = ::File.read(::File.join(Msf::Config.data_directory, "js", "memory", "mstime_malloc.js"))
  js = js.gsub(/W00TA/, Rex::Text.rand_text_hex(6))
  js = js.gsub(/W00TB/, Rex::Text.rand_text_hex(5))

  ::Rex::Exploitation::ObfuscateJS.new(js,
    {
      'Symbols' => {
        'Variables' => %w{ buf eleId acTag }
      }
    }).obfuscate
end

.property_sprayObject 



39
40
41
42
43
44
45
46
47
48
 
# File 'lib/rex/exploitation/js/memory.rb', line 39

def self.property_spray
  js = ::File.read(::File.join(Msf::Config.data_directory, "js", "memory", "property_spray.js"))

  ::Rex::Exploitation::ObfuscateJS.new(js,
    {
      'Symbols' => {
        'Variables' => %w{ sym_div_container data junk obj }
      }
    }).obfuscate
end