using hex strings as options

[alok.menghrajani at ilionsecurity.ch (Alok Menghrajani)]

Thanks for the quick fix !

Alok.


mmiller at hick.org wrote:
> Committed support to do this for all payloads.  Basically, the way you
> should handle this is by passing 'V' as the pack type instead of 'HEX'.
> It will automatically detect that the values you passed in are hex
> strings and convert them as necessary.
>
> Data can be specified in the following formats:
>
> 0x12345678
> \x78\x56\x34\x12
>
> Let us know if you run into problems.
>
> On Mon, Oct 16, 2006 at 04:28:44PM +0200, Alok Menghrajani wrote:
> > Hi,
> >
> > Let's imagine our exploit hard codes the addresses of LoadLibrary and
> > GetProcAddress...
> >
> >      'Offsets' => {
> >              'LOADLIBRARY' => [ 16, 'HEX' ],
> >              'GETPROCADDRESS' => [ 33, 'HEX' ],
> >      },
> >
> >      register_options([
> >              OptString.new('LOADLIBRARY', [ true,
> >                      "Address of LoadLibraryA", "0x7C801D77" ]),
> >              OptString.new('GETPROCADDRESS', [ true,
> >                      "Address of GetProcAddress", "0x7C80AC28"])
> >      ], Msf::Payloads::Singles::Windows::AlokSample)
> >
> >
> > It would be convenient if I could use hex strings in my options (so I
> > can easily edit them with the console).So far, the only clean way I have
> > found is the following:
> >
> >      def replace_var(raw, name, offset, pack)
> >              if pack == "HEX"
> >                      val = datastore[name]
> >                      val = val.to_s.hex
> >                      val = [ val.to_i ].pack("V")
> >                      raw[offset, val.length] = val
> >                      return true
> >              else
> >                      return false
> >              end
> >      end
> >
> >
> > Is this the right way to do things ? If yes, shouldn't this little piece
> > of code be included in the payload.rb file ?
> >
> > Thanks for your feedback,
> > Alok.