Sha256: c187d58a5e1b65728c04d8c0c5d3452f404ece593afbd5dbbc9b4f82bcc9e2d9

Contents?: true

Size: 1.23 KB

Versions: 43

Compression:

Stored size: 1.23 KB

Contents

#!/usr/bin/env ruby

require 'rex/encoder/xor/dword_additive'

##
#
# Jmp/Call Dword Additive Feedback Encoder
# Author: skape
# Arch:   x86
#
##
module Rex
module Encoders

class XorDwordAdditive < Rex::Encoder::Xor::DwordAdditive
	module Backend

		def _unencoded_transform(data)
			# check for any dword aligned zeros that would falsely terminate the decoder
			idx = 0
			while true
				idx = data.index("\x00\x00\x00\x00", idx)
				break if !idx
				if idx & 3 == 0
					raise RuntimeError, "Unencoded data cannot have a dword aligned 0 dword!", caller()
				end
				idx += 1
			end

			# pad to a dword boundary and append null dword for termination
			data = data + ("\x00" * ((4 - data.length & 3) & 3)) + "\x00\x00\x00\x00"
		end

		def _prepend
			"\xfc"                + # cld
			"\xbb" + key          + # mov ebx, key
			"\xeb\x0c"            + # jmp short 0x14
			"\x5e"                + # pop esi
			"\x56"                + # push esi
			"\x31\x1e"            + # xor [esi], ebx
			"\xad"                + # lodsd
			"\x01\xc3"            + # add ebx, eax
			"\x85\xc0"            + # test eax, eax
			"\x75\xf7"            + # jnz 0xa
			"\xc3"                + # ret
			"\xe8\xef\xff\xff\xff"  # call 0x8
		end
	end

	include Backend
end

end end

Version data entries

43 entries across 43 versions & 1 rubygems

Version Path
librex-0.0.65 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.63 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.54 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.53 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.52 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.51 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.50 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.49 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.48 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.47 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.46 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.44 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.43 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.42 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.41 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.40 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.39 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.38 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.37 lib/rex/encoders/xor_dword_additive.rb
librex-0.0.36 lib/rex/encoders/xor_dword_additive.rb