Sha256: f61c9ff238a915112a8dc8263a61761309d69a67a5fbe2fe36ee72fe8d46bbe7

Contents?: true

Size: 862 Bytes

Versions: 15

Compression:

Stored size: 862 Bytes

Contents

# -*- coding: binary -*-

require 'rex/arch/x86'
require 'rex/encoder/xor/dword'

module Rex
module Encoders

###
#
# Spoon's smaller variable-length encoder (updated to use call $+4 by vlad902)
#
###
class XorDword < Rex::Encoder::Xor::Dword
  module Backend
    def _prepend
      # set the counter to the rounded up number of dwords to decode
      Rex::Arch::X86.set(
        Rex::Arch::X86::ECX,
        (encoded.length - 1 >> 2) + 1,
        badchars
      ) +
      "\xe8\xff\xff\xff" +                # call $+4
      "\xff\xc0" +                        # inc eax
      "\x5e" +                            # pop esi
      "\x81\x76\x0e" + key +              # xor_xor: xor [esi + 0x0e], $xorkey
      "\x83\xee\xfc" +                    # sub esi, -4
      "\xe2\xf4"                          # loop xor_xor
    end
  end

  include Backend
end

end end

Version data entries

15 entries across 15 versions & 3 rubygems

Version Path
rex-2.0.13 lib/rex/encoders/xor_dword.rb
rex-2.0.12 lib/rex/encoders/xor_dword.rb
rex-2.0.11 lib/rex/encoders/xor_dword.rb
rex-2.0.10 lib/rex/encoders/xor_dword.rb
rex-2.0.9 lib/rex/encoders/xor_dword.rb
rex-2.0.8 lib/rex/encoders/xor_dword.rb
rex-2.0.7 lib/rex/encoders/xor_dword.rb
rex-2.0.5 lib/rex/encoders/xor_dword.rb
rex-2.0.4 lib/rex/encoders/xor_dword.rb
dstruct-0.0.1 lib/rex/encoders/xor_dword.rb
rex-2.0.3 lib/rex/encoders/xor_dword.rb
librex-0.0.999 lib/rex/encoders/xor_dword.rb
rex-2.0.2 lib/rex/encoders/xor_dword.rb
librex-0.0.71 lib/rex/encoders/xor_dword.rb
librex-0.0.70 lib/rex/encoders/xor_dword.rb