split buffer to array conversion out

git-svn-id: file:///home/svn/framework3/trunk@7685 4d416f70-5f16-0410-b530-b9f4589650da
2024-11-12 11:52:01 +01:00 · 2009-12-03 20:58:07 +00:00 · 2009-12-03 20:58:07 +00:00 · d31d7f869f
commit d31d7f869f
parent 7aeb7a08b3
1 changed files with 15 additions and 5 deletions
--- a/lib/msf/core/exploit/fmtstr.rb
+++ b/lib/msf/core/exploit/fmtstr.rb
@ -45,6 +45,19 @@ module Exploit::FormatString
 	#
 	def generate_fmtstr_from_buf(num_printed, write_to, buffer, targ = target)
 		
+		# break buffer into shorts
+		arr = fmtstr_gen_array_from_buf(write_to, buffer, targ)
+		
+		# now build the format string in its entirety
+		stuff = fmtstr_gen_from_array(num_printed, arr, targ)
+	end
+	
+	
+	#
+	# Generates and returns an array of what/where pairs from the supplied buffer
+	#
+	def fmtstr_gen_array_from_buf(write_to, buffer, targ = target)
+		
 		# break buffer into shorts
 		arr = Array.new
 		off = 0
@ -55,17 +68,14 @@ module Exploit::FormatString
 			# convert short to number
 			tb = buffer[off,2].unpack('v')[0].to_i
 			#print_status("%d %d %d" % [off,buffer.length,tb])
-			addr = targ['Writable'] + off
+			addr = write_to + off
 			
 			arr << [ tb, addr ]
 			off += 2
 		end
-		
-		# now build the format string in its entirety
-		stuff = fmtstr_gen_from_array(num_printed, arr, targ)
+		return arr
 	end
 	
-	
 	#
 	# Generates a format string from an array of value/address pairs
 	#