[framework] Localization?

[H D Moore]

On Wednesday 04 October 2006 18:24, takuan4 at gmail.com wrote:
> I just have one issue in that i'm doing penetration testing in Japan
> and when i get a shell or meterpreter, etc.. all of the Japanese
> characters come out garbled. 

> 1. Do you know of any way to get different encodings across sessions to
> work?

Nope, this seems like a "hard" problem because there is no way to 
determine what encoding the target uses without just scanning the bytes 
and taking a guess. My only suggestion would be to use non-command-shell 
payloads (Meterpreter) and try to avoid the encoding issues completely. 
While we could add a filter to the command shell session handler to 
detect and decode non-ASCII characters, translating user input into valid 
encodings on the remote end may be more difficult.

> 2. Is there a way to not use the default MSF nc listener for say
> reverse shells and use my own instead (hopefully i can find one that
> supports EUC).

Not in 3.0. Under 2.x, we supported an external payload handler (set 
NinjaDontKill maybe? check for the SocketNinja documentation), but 3.0 
has no similar feature. The reason is that although the "standard" 
command shell payloads don't require anything fancy, all of the 
stager/staging systems depend on the framework having control of the 
socket. For some exploits, the framework will stop trying to exploit the 
target only after it has recognized a created session.

Something that may work under 3.0 is to create a plugin that hooks the 
on_session_created() event and write code to proxy input and output to an 
external application. 

-HD