Skip to content

Commit 7bf87f3

Browse files
sinn3rsinn3r
committed
Merge branch 'mipsbe_elf' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-mipsbe_elf
2 parents 951f95d + a644ceb commit 7bf87f3

File tree

2 files changed

+27
-5
lines changed

2 files changed

+27
-5
lines changed

data/templates/template_mipsbe_linux.bin

84 Bytes
Binary file not shown.

lib/msf/util/exe.rb

Lines changed: 27 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -127,6 +127,13 @@ def self.to_executable(framework, arch, plat, code='', opts={})
127127
end
128128
# XXX: Add remaining MIPSLE systems here
129129
end
130+
131+
if(arch.index(ARCH_MIPSBE))
132+
if(plat.index(Msf::Module::Platform::Linux))
133+
return to_linux_mipsbe_elf(framework, code)
134+
end
135+
# XXX: Add remaining MIPSLE systems here
136+
end
130137
nil
131138
end
132139

@@ -615,7 +622,7 @@ def self.to_osx_x64_macho(framework, code, opts={})
615622
# segments as writable and overwrites the entrypoint (usually _start) with
616623
# the payload.
617624
#
618-
def self.to_exe_elf(framework, opts, template, code)
625+
def self.to_exe_elf(framework, opts, template, code, big_endian=false)
619626

620627
# Allow the user to specify their own template
621628
set_template_default(opts, template)
@@ -640,11 +647,21 @@ def self.to_exe_elf(framework, opts, template, code)
640647
# Use the proper offsets and pack size
641648
case elf[4]
642649
when 1, "\x01" # ELFCLASS32 - 32 bit (ruby 1.8 and 1.9)
643-
elf[0x44,4] = [elf.length].pack('V') #p_filesz
644-
elf[0x48,4] = [elf.length + code.length].pack('V') #p_memsz
650+
if big_endian
651+
elf[0x44,4] = [elf.length].pack('N') #p_filesz
652+
elf[0x48,4] = [elf.length + code.length].pack('N') #p_memsz
653+
else # little endian
654+
elf[0x44,4] = [elf.length].pack('V') #p_filesz
655+
elf[0x48,4] = [elf.length + code.length].pack('V') #p_memsz
656+
end
645657
when 2, "\x02" # ELFCLASS64 - 64 bit (ruby 1.8 and 1.9)
646-
elf[0x60,8] = [elf.length].pack('Q') #p_filesz
647-
elf[0x68,8] = [elf.length + code.length].pack('Q') #p_memsz
658+
if big_endian
659+
elf[0x60,8] = [elf.length].pack('Q>') #p_filesz
660+
elf[0x68,8] = [elf.length + code.length].pack('Q>') #p_memsz
661+
else # little endian
662+
elf[0x60,8] = [elf.length].pack('Q') #p_filesz
663+
elf[0x68,8] = [elf.length + code.length].pack('Q') #p_memsz
664+
end
648665
else
649666
raise RuntimeError, "Invalid ELF template: EI_CLASS value not supported"
650667
end
@@ -722,6 +739,11 @@ def self.to_linux_mipsle_elf(framework, code, opts={})
722739
return elf
723740
end
724741

742+
def self.to_linux_mipsbe_elf(framework, code, opts={})
743+
elf = to_exe_elf(framework, opts, "template_mipsbe_linux.bin", code, true)
744+
return elf
745+
end
746+
725747
def self.to_exe_vba(exes='')
726748
exe = exes.unpack('C*')
727749
vba = ""

0 commit comments

Comments
 (0)