Method: Rex::PeScan::Scanner::JmpRegScanner#config
- Defined in:
- lib/rex/pescan/scanner.rb
#config(param) ⇒ Object
69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/rex/pescan/scanner.rb', line 69 def config(param) regnums = param['args'] # build a list of the call bytes calls = _build_byte_list(0xd0, regnums - [4]) # note call esp's don't work.. jmps = _build_byte_list(0xe0, regnums) pushs1 = _build_byte_list(0x50, regnums) pushs2 = _build_byte_list(0xf0, regnums) regexstr = '(' if !calls.empty? regexstr += "\xff[#{calls}]|" end regexstr += "\xff[#{jmps}]|([#{pushs1}]|\xff[#{pushs2}])(\xc3|\xc2..))" self.regex = Regexp.new(regexstr, nil, 'n') end |