Sha256: c760060dfbcc40b4063222b3e2c156595c11b869589cfa3fcea542c6ce989042

Contents?: true

Size: 811 Bytes

Versions: 43

Compression:

Stored size: 811 Bytes

Contents

#!/usr/bin/env ruby

require 'rex/arch/x86'
require 'rex/encoder/xor/dword'

module Rex
module Encoders

###
#
# Spoon's smaller variable-length encoder (updated to use call $+4 by vlad902)
#
###
class XorDword < Rex::Encoder::Xor::Dword
	module Backend
		def _prepend
			# set the counter to the rounded up number of dwords to decode
			Rex::Arch::X86.set(
				Rex::Arch::X86::ECX,
				(encoded.length - 1 >> 2) + 1,
				badchars
			) +
			"\xe8\xff\xff\xff" +                # call $+4
			"\xff\xc0" +                        # inc eax
			"\x5e" +                            # pop esi
			"\x81\x76\x0e" + key +              # xor_xor: xor [esi + 0x0e], $xorkey
			"\x83\xee\xfc" +                    # sub esi, -4
			"\xe2\xf4"                          # loop xor_xor
		end
	end

	include Backend
end

end end

Version data entries

43 entries across 43 versions & 1 rubygems

Version Path
librex-0.0.35 lib/rex/encoders/xor_dword.rb
librex-0.0.34 lib/rex/encoders/xor_dword.rb
librex-0.0.33 lib/rex/encoders/xor_dword.rb
librex-0.0.32 lib/rex/encoders/xor_dword.rb
librex-0.0.31 lib/rex/encoders/xor_dword.rb
librex-0.0.30 lib/rex/encoders/xor_dword.rb
librex-0.0.29 lib/rex/encoders/xor_dword.rb
librex-0.0.28 lib/rex/encoders/xor_dword.rb
librex-0.0.27 lib/rex/encoders/xor_dword.rb
librex-0.0.26 lib/rex/encoders/xor_dword.rb
librex-0.0.25 lib/rex/encoders/xor_dword.rb
librex-0.0.23 lib/rex/encoders/xor_dword.rb
librex-0.0.21 lib/rex/encoders/xor_dword.rb
librex-0.0.19 lib/rex/encoders/xor_dword.rb
librex-0.0.17 lib/rex/encoders/xor_dword.rb
librex-0.0.13 lib/rex/encoders/xor_dword.rb
librex-0.0.12 lib/rex/encoders/xor_dword.rb
librex-0.0.7 lib/rex/encoders/xor_dword.rb
librex-0.0.6 lib/rex/encoders/xor_dword.rb
librex-0.0.5 lib/rex/encoders/xor_dword.rb