Metasploit mailing list archives
using hex strings as options
From: mmiller at hick.org (mmiller at hick.org)
Date: Mon, 16 Oct 2006 09:58:50 -0500
Hi Alok, I've actually run into a similar need for this lately as well, so I'll look into integrating support for it. I'll send another response when it's in SVN. On Mon, Oct 16, 2006 at 04:28:44PM +0200, Alok Menghrajani wrote:
Hi, Let's imagine our exploit hard codes the addresses of LoadLibrary and GetProcAddress... 'Offsets' => { 'LOADLIBRARY' => [ 16, 'HEX' ], 'GETPROCADDRESS' => [ 33, 'HEX' ], }, register_options([ OptString.new('LOADLIBRARY', [ true, "Address of LoadLibraryA", "0x7C801D77" ]), OptString.new('GETPROCADDRESS', [ true, "Address of GetProcAddress", "0x7C80AC28"]) ], Msf::Payloads::Singles::Windows::AlokSample) It would be convenient if I could use hex strings in my options (so I can easily edit them with the console).So far, the only clean way I have found is the following: def replace_var(raw, name, offset, pack) if pack == "HEX" val = datastore[name] val = val.to_s.hex val = [ val.to_i ].pack("V") raw[offset, val.length] = val return true else return false end end Is this the right way to do things ? If yes, shouldn't this little piece of code be included in the payload.rb file ? Thanks for your feedback, Alok.
Current thread:
- using hex strings as options Alok Menghrajani (Oct 16)
- using hex strings as options mmiller at hick.org (Oct 16)
- using hex strings as options mmiller at hick.org (Oct 16)
- using hex strings as options Alok Menghrajani (Oct 17)