Contents

module Rex
module PeScan
module Search

	require "rex/assembly/nasm"
	
	class DumpRVA
		attr_accessor :pe
		
		def initialize(pe)
			self.pe = pe
		end
		
		def config(param)
			@address = pe.vma_to_rva(param['args'])
		end
		
		def scan(param)
			config(param)
			
			$stdout.puts "[#{param['file']}]"
			
			# Adjust based on -A and -B flags
			pre = param['before'] || 0
			suf = param['after']  || 16
			
			@address -= pre
			@address = 0 if (@address < 0 || ! @address)
			
			begin
				buf = pe.read_rva(@address, suf)
			rescue ::Rex::PeParsey::WtfError
				return
			end
			
			$stdout.puts pe.ptr_s(pe.rva_to_vma(@address)) + " " + buf.unpack("H*")[0]
			if(param['disasm'])
				::Rex::Assembly::Nasm.disassemble(buf).split("\n").each do |line|
					$stdout.puts "\t#{line.strip}"
				end
			end
			
		end	
	end

	class DumpOffset < DumpRVA
		def config(param)
			begin
				@address = pe.file_offset_to_rva(param['args'])
			rescue Rex::PeParsey::BoundsError
			end
		end
	end	
end
end
end

Version data entries

21 entries across 21 versions & 1 rubygems

Version	Path
librex-0.0.33	lib/rex/pescan/search.rb
librex-0.0.32	lib/rex/pescan/search.rb
librex-0.0.31	lib/rex/pescan/search.rb
librex-0.0.30	lib/rex/pescan/search.rb
librex-0.0.29	lib/rex/pescan/search.rb
librex-0.0.28	lib/rex/pescan/search.rb
librex-0.0.27	lib/rex/pescan/search.rb
librex-0.0.26	lib/rex/pescan/search.rb
librex-0.0.25	lib/rex/pescan/search.rb
librex-0.0.23	lib/rex/pescan/search.rb
librex-0.0.21	lib/rex/pescan/search.rb
librex-0.0.19	lib/rex/pescan/search.rb
librex-0.0.17	lib/rex/pescan/search.rb
librex-0.0.13	lib/rex/pescan/search.rb
librex-0.0.12	lib/rex/pescan/search.rb
librex-0.0.7	lib/rex/pescan/search.rb
librex-0.0.6	lib/rex/pescan/search.rb
librex-0.0.5	lib/rex/pescan/search.rb
librex-0.0.4	lib/rex/pescan/search.rb
librex-0.0.3	lib/rex/pescan/search.rb