Sha256: d3e8d47595b16b5bed653a4dfa17a2e964a64045079df40f02320286a1425416

Contents?: true

Size: 2 KB

Versions: 39

Compression:

Stored size: 2 KB

Contents

# -*- coding: binary -*-


module Rex
module Exploitation
module Js

#
# Provides meomry manipulative functions in JavaScript
#
class Memory

  def self.mstime_malloc
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "mstime_malloc.js"))
    js = js.gsub(/W00TA/, Rex::Text.rand_text_hex(6))
    js = js.gsub(/W00TB/, Rex::Text.rand_text_hex(5))

    ::Rex::Exploitation::ObfuscateJS.new(js,
      {
        'Symbols' => {
          'Variables' => %w{ buf eleId acTag }
        }
      }).obfuscate
  end

  def self.heaplib2(custom_js='', opts={})
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "heaplib2.js"))

    unless custom_js.to_s.strip.empty?
      js << custom_js
    end

    js = ::Rex::Exploitation::JSObfu.new js
    js.obfuscate
    return js
  end

  def self.property_spray
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "property_spray.js"))

    ::Rex::Exploitation::ObfuscateJS.new(js,
      {
        'Symbols' => {
          'Variables' => %w{ sym_div_container data junk obj }
        }
      }).obfuscate
  end

  def self.heap_spray
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "heap_spray.js"))

    ::Rex::Exploitation::ObfuscateJS.new(js,
      {
        'Symbols' => {
          'Variables' => %w{ index heapSprayAddr_hi heapSprayAddr_lo retSlide heapBlockCnt }
        }
      })
  end

  def self.explib2
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "lib", "explib2.js"))

    ::Rex::Exploitation::ObfuscateJS.obfuscate(js)
  end

  def self.explib2_payload(payload="exec")
    case payload
    when "drop_exec"
      js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "payload", "drop_exec.js"))
    else # "exec"
      js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "payload", "exec.js"))
    end

    ::Rex::Exploitation::ObfuscateJS.obfuscate(js)
  end

end
end
end
end

Version data entries

39 entries across 39 versions & 1 rubygems

Version Path
rex-exploitation-0.1.40 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.39 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.38 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.37 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.36 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.35 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.34 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.33 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.32 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.31 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.30 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.29 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.28 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.27 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.26 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.25 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.24 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.23 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.22 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.21 lib/rex/exploitation/js/memory.rb