[framework] using hex strings as options
Alok Menghrajani
alok.menghrajani at ilionsecurity.ch
Mon Oct 16 09:28:44 CDT 2006
Hi,
Let's imagine our exploit hard codes the addresses of LoadLibrary and
GetProcAddress...
'Offsets' => {
'LOADLIBRARY' => [ 16, 'HEX' ],
'GETPROCADDRESS' => [ 33, 'HEX' ],
},
register_options([
OptString.new('LOADLIBRARY', [ true,
"Address of LoadLibraryA", "0x7C801D77" ]),
OptString.new('GETPROCADDRESS', [ true,
"Address of GetProcAddress", "0x7C80AC28"])
], Msf::Payloads::Singles::Windows::AlokSample)
It would be convenient if I could use hex strings in my options (so I
can easily edit them with the console).So far, the only clean way I have
found is the following:
def replace_var(raw, name, offset, pack)
if pack == "HEX"
val = datastore[name]
val = val.to_s.hex
val = [ val.to_i ].pack("V")
raw[offset, val.length] = val
return true
else
return false
end
end
Is this the right way to do things ? If yes, shouldn't this little piece
of code be included in the payload.rb file ?
Thanks for your feedback,
Alok.
More information about the framework
mailing list