Merge pull request #2 from agix/multipleStageEncoders

HD Moore · HD Moore · commit 4d3e35302862 · 2014-09-15T20:54:41.000-05:00
Unblock when invalid encoder is selected and allow multiple encoder
diff --git a/lib/msf/core/encoded_payload.rb b/lib/msf/core/encoded_payload.rb
@@ -23,7 +23,7 @@ def self.create(pinst, reqs = {})
     p = EncodedPayload.new(pinst.framework, pinst, reqs)
 
     p.generate(reqs['Raw'])
-
+    
     return p
   end
 
@@ -59,7 +59,7 @@ def generate(raw = nil)
     if (priority == 0)
       Thread.current.priority = 1
     end
-
+    
     begin
       # First, validate
       pinst.validate()
@@ -75,6 +75,8 @@ def generate(raw = nil)
 
       # Finally, set the complete payload definition
       self.encoded = (self.nop_sled || '') + self.encoded
+    rescue NoEncodersSucceededError
+      self.encoded = nil
     ensure
       # Restore the thread priority
       Thread.current.priority = priority
@@ -236,12 +238,10 @@ def encode
         self.encoded = eout
         break
       }
-
       # If the encoded payload is nil, raise an exception saying that we
       # suck at life.
       if (self.encoded == nil)
-        self.encoder = nil
-
+        self.encoder = nil        
         raise NoEncodersSucceededError,
           "#{pinst.refname}: All encoders failed to encode.",
           caller
diff --git a/lib/msf/core/payload/stager.rb b/lib/msf/core/payload/stager.rb
@@ -16,7 +16,8 @@ def initialize(info={})
       [
         Msf::OptBool.new("EnableStageEncoding", [ false, "Encode the second stage payload", false ]),
         Msf::OptString.new("StageEncoder", [ false, "Encoder to use if EnableStageEncoding is set", nil ]),
-        Msf::OptString.new("StageEncoderSaveRegisters", [ false, "Additional registers to preserve in the staged payload if EnableStageEncoding is set", "" ])
+        Msf::OptString.new("StageEncoderSaveRegisters", [ false, "Additional registers to preserve in the staged payload if EnableStageEncoding is set", "" ]),
+        Msf::OptBool.new("StageEncodingNoFallBack", [ false, "If encoders choosen in StageEncoder are not compatible to stage encoding fallback to no encoding otherwise fallback to automatic selected one", true ])
       ], Msf::Payload::Stager)
 
   end
@@ -100,7 +101,7 @@ def stage_over_connection?
   # @return [Boolean]
   def encode_stage?
     # Convert to string in case it hasn't been normalized
-    !!(datastore['EnableStageEncoding'].to_s == "true")
+    !!(datastore['EnableStageEncoding'].to_s == "true" || datastore["StageEncoder"].to_s.length > 0)
   end
 
   #
@@ -216,7 +217,7 @@ def encode_stage(stg)
     if datastore["StageEncoder"].nil? or datastore["StageEncoder"].empty?
       stage_enc_mod = nil
     else
-      stage_enc_mod = datastore["StageEncoder"]
+      stage_enc_mod = datastore["StageEncoder"].split(',').map(&:strip)
     end
 
     # Allow the user to specify additional registers to preserve
@@ -225,20 +226,33 @@ def encode_stage(stg)
       encode_stage_preserved_registers
     ).strip
 
-    # Generate an encoded version of the stage.  We tell the encoding system
-    # to save certain registers to ensure that it does not get clobbered.
-    encp = Msf::EncodedPayload.create(
-      self,
-      'Raw'                => stg,
-      'Encoder'            => stage_enc_mod,
-      'EncoderOptions'     => { 'SaveRegisters' => saved_registers },
-      'ForceSaveRegisters' => true,
-      'ForceEncode'        => true)
-    print_status("Encoded stage with #{encp.encoder.refname}")
-
-    # If the encoding succeeded, use the encoded buffer.  Otherwise, fall
-    # back to using the non-encoded stage
-    encp.encoded || stg
+    (stage_enc_mod || [nil]).each do |encoder_refname_from_user|
+      # Generate an encoded version of the stage.  We tell the encoding system
+      # to save certain registers to ensure that it does not get clobbered.
+      encp = Msf::EncodedPayload.create(
+        self,
+        'Raw'                => stg,
+        'Encoder'            => encoder_refname_from_user,
+        'EncoderOptions'     => { 'SaveRegisters' => saved_registers },
+        'ForceSaveRegisters' => true,
+        'ForceEncode'        => true)
+      if (encp.encoder == nil)
+        print_warning("Encoder #{encoder_refname_from_user} did not succeed")
+        if !datastore['StageEncodingNoFallBack']
+          print_warning("Fallback to automatic StageEncoder selection")
+          encoder_refname_from_user = nil
+          redo
+        else
+          print_warning("Fallback to no encoder")
+        end
+      else
+        print_status("Encoded stage with #{encp.encoder.refname}")
+      end
+      # If the encoding succeeded, use the encoded buffer.  Otherwise, fall
+      # back to using the non-encoded stage
+      stg = encp.encoded || stg
+    end
+    stg
   end
 
   # Aliases
