Metasploit mailing list archives
using hex strings as options
From: alok.menghrajani at ilionsecurity.ch (Alok Menghrajani)
Date: Tue, 17 Oct 2006 10:18:37 +0200
Thanks for the quick fix ! Alok. mmiller at hick.org wrote:
Committed support to do this for all payloads. Basically, the way you should handle this is by passing 'V' as the pack type instead of 'HEX'. It will automatically detect that the values you passed in are hex strings and convert them as necessary. Data can be specified in the following formats: 0x12345678 \x78\x56\x34\x12 Let us know if you run into problems. On Mon, Oct 16, 2006 at 04:28:44PM +0200, Alok Menghrajani wrote:Hi, Let's imagine our exploit hard codes the addresses of LoadLibrary and GetProcAddress... 'Offsets' => { 'LOADLIBRARY' => [ 16, 'HEX' ], 'GETPROCADDRESS' => [ 33, 'HEX' ], }, register_options([ OptString.new('LOADLIBRARY', [ true, "Address of LoadLibraryA", "0x7C801D77" ]), OptString.new('GETPROCADDRESS', [ true, "Address of GetProcAddress", "0x7C80AC28"]) ], Msf::Payloads::Singles::Windows::AlokSample) It would be convenient if I could use hex strings in my options (so I can easily edit them with the console).So far, the only clean way I have found is the following: def replace_var(raw, name, offset, pack) if pack == "HEX" val = datastore[name] val = val.to_s.hex val = [ val.to_i ].pack("V") raw[offset, val.length] = val return true else return false end end Is this the right way to do things ? If yes, shouldn't this little piece of code be included in the payload.rb file ? Thanks for your feedback, Alok.
Current thread:
- using hex strings as options Alok Menghrajani (Oct 16)
- using hex strings as options mmiller at hick.org (Oct 16)
- using hex strings as options mmiller at hick.org (Oct 16)
- using hex strings as options Alok Menghrajani (Oct 17)