Method: Rex::Exploitation::Powershell::Script.to_byte_array

Defined in:
lib/rex/exploitation/powershell/script.rb

.to_byte_array(input_data, var_name = Rex::Text.rand_text_alpha(rand(3) + 3)) ⇒ String

Convert binary to byte array, read from file if able

Parameters:

  • input_data (String)

    Path to powershell file or powershell code string

  • var_name (String) (defaults to: Rex::Text.rand_text_alpha(rand(3) + 3))

    Byte array variable name

Returns:

  • (String)

    input_data as a powershell byte array



67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
# File 'lib/rex/exploitation/powershell/script.rb', line 67

def self.to_byte_array(input_data, var_name = Rex::Text.rand_text_alpha(rand(3) + 3))
  # File will raise an exception if the path contains null byte
  if input_data.include? "\x00"
    code = input_data
  else
    code = ::File.file?(input_data) ? ::File.read(input_data) : input_data
  end

  code = code.unpack('C*')
  psh = "[Byte[]] $#{var_name} = 0x#{code[0].to_s(16)}"
  lines = []
  1.upto(code.length - 1) do |byte|
    if (byte % 10 == 0)
      lines.push "\r\n$#{var_name} += 0x#{code[byte].to_s(16)}"
    else
      lines.push ",0x#{code[byte].to_s(16)}"
    end
  end

  psh << lines.join('') + "\r\n"
end