[framework] Hexadecimal in OptInt

Wed Apr 4 16:19:07 PDT 2007

Hello,

I developed a shellcode that uses a key to decode another shellcode,
thus I would like to have a "KEY" parameter in the payload options.
I use the following code :

'Offsets' => {
    'KEY'    => [ 344, 'V' ],
},

# Register command execution options
register_options(
[
    OptInt.new('KEY', [ true, "The key ..."]),
], Msf::Payloads::Singles::Windows::MyShellcode)

I would like to allow the user to provide the key in hexadecimal format.
But it does not seem to work.
I tried to play with the pack/unpack option (replace 'V' with 'H', ...)
but I got the same error.
I had a look on the code, it seems to come from the class OptInt:

<code>
class OptInt < OptBase
def type
  return 'integer'
end

def normalize(value)
  value.to_i
end

def valid?(value)
  return false if empty_required_value?(value)

  if value and value.to_s.match(/^\d+$/) == nil
   return false
  end

  return super
end
end
</code>

The functions "normalize" and "valid" handle only decimal values.

I replaced it by the following code :

<code>
class OptInt < OptBase
  def type
    return 'integer'
  end

  def normalize(value)
    if value.to_s.match(/^0x[a-fA-F\d]+$/) != nil
      value.to_i(16)
    else
      value.to_i
    end
  end

  def valid?(value)
    return false if empty_required_value?(value)

    if value and value.to_s.match(/^0x[a-fA-F\d]+$/) == nil and
value.to_s.match(/^[\d]+$/) == nil
      return false
    end

    return super
  end
end

</code>

It seems working...
What do you think about this solution ? I do not know if it could
introduce side effects on other exploits, preventing them to work ?
Perhaps is there an easier/better solution ? Note that I never
developped yet in Ruby, so this code can certainly be improved.

Regards,

Benjamin.