Class: Rex::Exploitation::Js::Memory

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/exploitation/js/memory.rb

Overview

Provides meomry manipulative functions in JavaScript

Class Method Summary collapse

Class Method Details

.explib2Object



60
61
62
63
64
# File 'lib/rex/exploitation/js/memory.rb', line 60

def self.explib2
  js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "lib", "explib2.js"))

  ::Rex::Exploitation::ObfuscateJS.obfuscate(js)
end

.explib2_payload(payload = "exec") ⇒ Object



66
67
68
69
70
71
72
73
74
75
# File 'lib/rex/exploitation/js/memory.rb', line 66

def self.explib2_payload(payload="exec")
  case payload
  when "drop_exec"
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "payload", "drop_exec.js"))
  else # "exec"
    js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "explib2", "payload", "exec.js"))
  end

  ::Rex::Exploitation::ObfuscateJS.obfuscate(js)
end

.heap_sprayObject



49
50
51
52
53
54
55
56
57
58
# File 'lib/rex/exploitation/js/memory.rb', line 49

def self.heap_spray
  js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "heap_spray.js"))

  ::Rex::Exploitation::ObfuscateJS.new(js,
    {
      'Symbols' => {
        'Variables' => %w{ index heapSprayAddr_hi heapSprayAddr_lo retSlide heapBlockCnt }
      }
    })
end

.heaplib2(custom_js = '', opts = {}) ⇒ Object



26
27
28
29
30
31
32
33
34
35
36
# File 'lib/rex/exploitation/js/memory.rb', line 26

def self.heaplib2(custom_js='', opts={})
  js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "heaplib2.js"))

  unless custom_js.to_s.strip.empty?
    js << custom_js
  end

  js = ::Rex::Exploitation::JSObfu.new js
  js.obfuscate
  return js
end

.mstime_mallocObject



13
14
15
16
17
18
19
20
21
22
23
24
# File 'lib/rex/exploitation/js/memory.rb', line 13

def self.mstime_malloc
  js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "mstime_malloc.js"))
  js = js.gsub(/W00TA/, Rex::Text.rand_text_hex(6))
  js = js.gsub(/W00TB/, Rex::Text.rand_text_hex(5))

  ::Rex::Exploitation::ObfuscateJS.new(js,
    {
      'Symbols' => {
        'Variables' => %w{ buf eleId acTag }
      }
    }).obfuscate
end

.property_sprayObject



38
39
40
41
42
43
44
45
46
47
# File 'lib/rex/exploitation/js/memory.rb', line 38

def self.property_spray
  js = ::File.read(::File.join(Rex::Exploitation::DATA_DIR, "js", "memory", "property_spray.js"))

  ::Rex::Exploitation::ObfuscateJS.new(js,
    {
      'Symbols' => {
        'Variables' => %w{ sym_div_container data junk obj }
      }
    }).obfuscate
end