Module: Rex::Payloads::Win32::Kernel

Defined in:
lib/rex/payloads/win32/kernel.rb,
lib/rex/payloads/win32/kernel/stager.rb,
lib/rex/payloads/win32/kernel/common.rb,
lib/rex/payloads/win32/kernel/recovery.rb,
lib/rex/payloads/win32/kernel/migration.rb

Defined Under Namespace

Modules: Common, Migration, Recovery, Stager

Class Method Summary collapse

Class Method Details

.construct(opts = {}) ⇒ Object

Constructs a kernel-mode payload using the supplied options. The options can be:

Recovery : The recovery method to use, such as 'spin'. Stager : The stager method to use, such as 'sud_syscall_hook'. RecoveryStub : The recovery stub that should be used, if any. UserModeStub : The user-mode payload to execute, if any. KernelModeStub: The kernel-mode payload to execute, if any.


23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# File 'lib/rex/payloads/win32/kernel.rb', line 23

def self.construct(opts = {})
  payload = nil

  # Generate the recovery stub
  if opts['Recovery'] and Kernel::Recovery.respond_to?(opts['Recovery'])
    opts['RecoveryStub'] = Kernel::Recovery.send(opts['Recovery'], opts)
  end

  # Append supplied recovery stub information in case there is some
  # context specific recovery that must be done.
  if opts['AppendRecoveryStub']
    opts['RecoveryStub'] = (opts['RecoveryStub'] || '') + opts['AppendRecoveryStub']
  end

  # Generate the stager
  if opts['Stager'] and Kernel::Stager.respond_to?(opts['Stager'])
    payload = Kernel::Stager.send(opts['Stager'], opts)
  # Or, generate the migrator
  elsif opts['Migrator'] and Kernel::Migration.respond_to?(opts['Migrator'])
    payload = Kernel::Migration.send(opts['Migrator'], opts)
  else
    raise ArgumentError, "A stager or a migrator must be specified."
  end

  payload
end