Module: Msf::Exploit::Egghunter

Defined in:
lib/msf/core/exploit/egghunter.rb

Overview

This mixin provides an interface to generating egghunters for various platforms using the Rex::Exploitation::Egghunter class.

Originally written by skape BadChar support added by David Rude Updated to take the payload and options by Joshua J. Drake

Instance Method Summary collapse

Instance Method Details

#generate_egghunter(payload, badchars = nil, opts = {}) ⇒ Object

Generates an egghunter stub based on the current target’s architecture and operating system.

[View source]

31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# File 'lib/msf/core/exploit/egghunter.rb', line 31

def generate_egghunter(payload, badchars = nil, opts = {})
  # Prefer the target's platform/architecture information, but use
  # the module's if no target specific information exists
  los   = target_platform
  larch = target_arch || ARCH_X86

  # If we found a platform list, then take the first platform
  los   = los.names[0] if (los.kind_of?(Msf::Module::PlatformList))

  # Use the first architecture if one was specified
  larch = larch[0] if (larch.kind_of?(Array))

  if los.nil?
    raise RuntimeError, "No platform restrictions were specified -- cannot select egghunter"
  end

  badchars ||= payload_badchars

  egg   = Rex::Exploitation::Egghunter.new(los, larch)
  bunny = egg.generate(payload, payload_badchars, opts)

  if (bunny.nil?)
    print_error("The egghunter could not be generated")
    raise ArgumentError
  end

  return bunny
end

#initialize(info = {}) ⇒ Object

Creates an instance of an exploit that uses an Egghunter overwrite.

[View source]

22
23
24
# File 'lib/msf/core/exploit/egghunter.rb', line 22

def initialize(info = {})
  super
end

#wfs_delayObject

Set the wfs_delay setting for all exploits using the Egghunter

[View source]

63
64
65
# File 'lib/msf/core/exploit/egghunter.rb', line 63

def wfs_delay
  30
end