Sha256: d3e8d47595b16b5bed653a4dfa17a2e964a64045079df40f02320286a1425416

Contents?: true

Size: 2 KB

Versions: 40

Compression:

Stored size: 2 KB

Contents

# -*- coding: binary -*-


module Rex
module Exploitation
module Js

#
# Provides meomry manipulative functions in JavaScript
#
class Memory

  def self.mstime_malloc
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "mstime_malloc.js"))
    js = js.gsub(/W00TA/, Rex::Text.rand_text_hex(6))
    js = js.gsub(/W00TB/, Rex::Text.rand_text_hex(5))

    ::Rex::Exploitation::ObfuscateJS.new(js,
      {
        'Symbols' => {
          'Variables' => %w{ buf eleId acTag }
        }
      }).obfuscate
  end

  def self.heaplib2(custom_js='', opts={})
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "heaplib2.js"))

    unless custom_js.to_s.strip.empty?
      js << custom_js
    end

    js = ::Rex::Exploitation::JSObfu.new js
    js.obfuscate
    return js
  end

  def self.property_spray
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "property_spray.js"))

    ::Rex::Exploitation::ObfuscateJS.new(js,
      {
        'Symbols' => {
          'Variables' => %w{ sym_div_container data junk obj }
        }
      }).obfuscate
  end

  def self.heap_spray
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "heap_spray.js"))

    ::Rex::Exploitation::ObfuscateJS.new(js,
      {
        'Symbols' => {
          'Variables' => %w{ index heapSprayAddr_hi heapSprayAddr_lo retSlide heapBlockCnt }
        }
      })
  end

  def self.explib2
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "lib", "explib2.js"))

    ::Rex::Exploitation::ObfuscateJS.obfuscate(js)
  end

  def self.explib2_payload(payload="exec")
    case payload
    when "drop_exec"
      js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "payload", "drop_exec.js"))
    else # "exec"
      js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "payload", "exec.js"))
    end

    ::Rex::Exploitation::ObfuscateJS.obfuscate(js)
  end

end
end
end
end

Version data entries

40 entries across 40 versions & 1 rubygems

Version Path
rex-exploitation-0.1.21 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.20 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.19 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.18 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.17 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.16 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.15 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.14 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.13 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.12 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.11 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.10 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.9 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.8 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.7 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.6 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.5 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.4 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.3 lib/rex/exploitation/js/memory.rb
rex-exploitation-0.1.2 lib/rex/exploitation/js/memory.rb