Class: Rex::Encoder::Alpha2::Generic

Inherits:

Object

• Object
• Rex::Encoder::Alpha2::Generic

Defined in:

lib/rex/encoder/alpha2/generic.rb

Direct Known Subclasses

AlphaMixed, AlphaUpper, UnicodeMixed, UnicodeUpper

Class Method Summary

• .add_terminator ⇒ Object

  ‘A’ signifies the end of the encoded shellcode.

• .default_accepted_chars ⇒ Object

  Note: ‘A’ is presumed to be accepted, but excluded from the accepted characters, because it serves as the terminator.

• .encode(buf, reg, offset, badchars = '') ⇒ Object
• .encode_byte(block, badchars) ⇒ Object
• .gen_decoder(reg, offset) ⇒ Object
• .gen_decoder_prefix(reg, offset) ⇒ Object
• .gen_second(block, base) ⇒ Object

Class Method Details

.add_terminator ⇒ Object

‘A’ signifies the end of the encoded shellcode

# File 'lib/rex/encoder/alpha2/generic.rb', line 85

def Generic.add_terminator()
  'AA'
end

.default_accepted_chars ⇒ Object

Note: ‘A’ is presumed to be accepted, but excluded from the accepted characters, because it serves as the terminator

# File 'lib/rex/encoder/alpha2/generic.rb', line 12

def Generic.default_accepted_chars ; ('a' .. 'z').to_a + ('B' .. 'Z').to_a + ('0' .. '9').to_a ; end

.encode(buf, reg, offset, badchars = '') ⇒ Object

# File 'lib/rex/encoder/alpha2/generic.rb', line 70

def Generic.encode(buf, reg, offset, badchars = '')
  encoded = gen_decoder(reg, offset)

  buf.each_byte {
    |block|

    encoded << encode_byte(block, badchars)
  }

  encoded << add_terminator()

  return encoded
end

.encode_byte(block, badchars) ⇒ Object

# File 'lib/rex/encoder/alpha2/generic.rb', line 31

def Generic.encode_byte(block, badchars)
  accepted_chars = default_accepted_chars.dup

  badchars.each_char {|c| accepted_chars.delete(c) } if badchars

  # No, not nipple.
  nibble_chars = Array.new(0x10) {[]}
  accepted_chars.each {|c| nibble_chars[c.unpack('C')[0] & 0x0F].push(c) }

  poss_encodings = []

  block_low_nibble = block & 0x0F
  block_high_nibble = block >> 4

  # Get list of chars suitable for expressing lower part of byte
  first_chars = nibble_chars[block_low_nibble]

  # Build a list of possible encodings
  first_chars.each do |first_char|
    first_high_nibble = first_char.unpack('C')[0] >> 4

    # In the decoding process, the low nibble of the second char gets combined
    # (either ADDed or XORed depending on the encoder) with the high nibble of the first char,
    # and we want the high nibble of our input byte to result
    second_low_nibble = gen_second(block_high_nibble, first_high_nibble) & 0x0F

    # Find valid second chars for this first char and add each combination to our possible encodings
    second_chars = nibble_chars[second_low_nibble]
    second_chars.each {|second_char| poss_encodings.push(second_char + first_char) }
  end

  if poss_encodings.empty?
    raise RuntimeError, "No encoding of #{"0x%.2X" % block} possible with limited character set"
  end

  # Return a random encoding
  poss_encodings[rand(poss_encodings.length)]
end

.gen_decoder(reg, offset) ⇒ Object

# File 'lib/rex/encoder/alpha2/generic.rb', line 21

def Generic.gen_decoder(reg, offset)
  # same as above
  return ''
end

.gen_decoder_prefix(reg, offset) ⇒ Object

# File 'lib/rex/encoder/alpha2/generic.rb', line 14

def Generic.gen_decoder_prefix(reg, offset)
  # Should never happen - have to pick a specifc
  # encoding:
  # alphamixed, alphaupper, unicodemixed, unicodeupper
  ''
end

.gen_second(block, base) ⇒ Object

# File 'lib/rex/encoder/alpha2/generic.rb', line 26

def Generic.gen_second(block, base)
  # XOR encoder for ascii - unicode uses additive
  (block^base)
end