Added javascript and win32 pe output formats

git-svn-id: file:///home/svn/framework3/trunk@3787 4d416f70-5f16-0410-b530-b9f4589650da

lib/msf/base/simple/buffer.rb

@@ -25,6 +25,10 @@ module Buffer
 				buf = Rex::Text.to_perl(buf)
 			when 'c'
 				buf = Rex::Text.to_c(buf)
+			when 'js_be'
+				buf = Rex::Text.to_unescape(buf, ENDIAN_BIG)
+			when 'js_le'
+				buf = Rex::Text.to_unescape(buf, ENDIAN_LITTLE)
 			else
 				raise ArgumentError, "Unsupported buffer format: #{fmt}", caller
 		end
@@ -34,7 +38,7 @@ module Buffer
 
 	#
 	# Creates a comment using the supplied format.  The formats supported are
-	# raw, ruby, perl, and c.
+	# raw, ruby, perl, js_be, js_le, and c.
 	#
 	def self.comment(buf, fmt = "ruby")
 		case fmt
@@ -45,6 +49,8 @@ module Buffer
 				buf = Rex::Text.to_perl_comment(buf)
 			when 'c'
 				buf = Rex::Text.to_c_comment(buf)
+			when 'js_be', 'js_le'
+				buf = Rex::Text.to_js_comment(buf)
 			else
 				raise ArgumentError, "Unsupported buffer format: #{fmt}", caller
 		end

lib/rex/text.rb

@@ -90,7 +90,14 @@ module Text
 	def self.to_c_comment(str, wrap = DefaultWrap)
 		return "/*\n" + wordwrap(str, 0, wrap, '', ' * ') + " */\n"
 	end
-
+	
+	#
+	# Creates a javascript-style comment
+	#
+	def self.to_js_comment(str, wrap = DefaultWrap)
+		return wordwrap(str, 0, wrap, '', '// ')
+	end
+	
 	#
 	# Converts a raw string into a perl buffer
 	#
@@ -431,6 +438,28 @@ module Text
 		MD5.hexdigest(str)
 	end
 
+	##
+	#
+	# Executable generators
+	#
+	##
+	
+	def self.to_win32pe(code = "\xcc", note="")
+		pe = ''
+
+		fd = File.open(File.join(File.dirname(__FILE__), "..", "..", "data", "templates", "template.exe"), "rb")
+		pe = fd.read(fd.stat.size)
+		fd.close
+
+		bo = pe.index('PAYLOAD:')
+		co = pe.index('COMMENT:')
+
+		pe[bo, 8192] = [code].pack('a8192') if bo
+		pe[co, 512]  = [note].pack('a512') if co
+
+		return pe
+	end
+	
 	##
 	#
 	# Generators

msfpayload

@@ -30,7 +30,7 @@ end
 $framework = Msf::Simple::Framework.create
 
 if (ARGV.length <= 1)
-	puts "\n" + "    Usage: #{$0} <payload> [var=val] <S[ummary]|C|P[erl]|R[aw]>\n"
+	puts "\n" + "    Usage: #{$0} <payload> [var=val] <S[ummary]|C|P[erl]|R[aw]|J[avascript]|e[X]ecutable>\n"
 	puts dump_payloads
 	exit
 end
@@ -50,20 +50,44 @@ cmd = ARGV.pop.downcase
 # Populate the framework datastore
 options = ARGV.join(',')
 
-if (cmd =~ /^(p|r|c)/)
-	cmd = 'perl' if (cmd =~ /^p/)
-	cmd = 'raw' if (cmd =~ /^r/)
-
+if (cmd =~ /^(p|r|c|j|x)/)
+	fmt = 'perl' if (cmd =~ /^p/)
+	fmt = 'raw' if (cmd =~ /^(r|x)/)
+	fmt = 'js_be' if (cmd =~ /^j/ and Rex::Arch.endian(payload.arch) == ENDIAN_BIG)
+	fmt = 'js_le' if (cmd =~ /^j/ and ! fmt)
+		
 	begin
 		buf = payload.generate_simple(
-				'Format'    => cmd,
+				'Format'    => fmt,
 				'OptionStr' => options)
 	rescue
 		puts "Error generating payload: #{$!}"
 		exit
 	end
-
-	print buf
+	
+	if (cmd =~ /^x/)
+		note = 
+			"Created by msfpayload (http://www.metasploit.com).\n" +
+			"Payload: " + payload.refname + "\n" +
+			" Length: " + buf.length.to_s + "\n" +
+			"Options: " + options + "\n"
+			
+		arch = payload.arch
+		plat = payload.platform.platforms
+		
+		if (plat.index(Msf::Module::Platform::Windows) and arch.index("x86"))
+			buf = Rex::Text.to_win32pe(buf, note)
+			$stderr.puts(note)
+			$stdout.write(buf)
+			exit(0)
+		end
+		
+		$stderr.puts "No executable format support for this arch/platform"
+		exit(-1)
+	end
+	
+	puts buf
+	
 elsif (cmd =~ /^s/)
 	puts Msf::Serializer::ReadableText.dump_module(payload)
 end