Metasploit mailing list archives
Hexadecimal in OptInt
From: bcaillat at security-labs.org (Benjamin CAILLAT)
Date: Thu, 05 Apr 2007 01:19:07 +0200
Hello, I developed a shellcode that uses a key to decode another shellcode, thus I would like to have a "KEY" parameter in the payload options. I use the following code : 'Offsets' => { 'KEY' => [ 344, 'V' ], }, # Register command execution options register_options( [ OptInt.new('KEY', [ true, "The key ..."]), ], Msf::Payloads::Singles::Windows::MyShellcode) I would like to allow the user to provide the key in hexadecimal format. But it does not seem to work. I tried to play with the pack/unpack option (replace 'V' with 'H', ...) but I got the same error. I had a look on the code, it seems to come from the class OptInt: <code> class OptInt < OptBase def type return 'integer' end def normalize(value) value.to_i end def valid?(value) return false if empty_required_value?(value) if value and value.to_s.match(/^\d+$/) == nil return false end return super end end </code> The functions "normalize" and "valid" handle only decimal values. I replaced it by the following code : <code> class OptInt < OptBase def type return 'integer' end def normalize(value) if value.to_s.match(/^0x[a-fA-F\d]+$/) != nil value.to_i(16) else value.to_i end end def valid?(value) return false if empty_required_value?(value) if value and value.to_s.match(/^0x[a-fA-F\d]+$/) == nil and value.to_s.match(/^[\d]+$/) == nil return false end return super end end </code> It seems working... What do you think about this solution ? I do not know if it could introduce side effects on other exploits, preventing them to work ? Perhaps is there an easier/better solution ? Note that I never developped yet in Ruby, so this code can certainly be improved. Regards, Benjamin.
Current thread:
- Hexadecimal in OptInt Benjamin CAILLAT (Apr 04)
- Hexadecimal in OptInt H D Moore (Apr 04)