add aarch64 nops and fix aarch64 cmdstager

Author: timwr

lib/msf/util/exe.rb

@@ -165,6 +165,14 @@ def self.to_executable(framework, arch, plat, code = '', opts = {})
       # XXX: Add remaining ARMLE systems here
     end
 
+    if arch.index(ARCH_AARCH64)
+      if plat.index(Msf::Module::Platform::Linux)
+        return to_linux_aarch64_elf(framework, code)
+      end
+
+      # XXX: Add remaining AARCH64 systems here
+    end
+
     if arch.index(ARCH_PPC)
       if plat.index(Msf::Module::Platform::OSX)
         return to_osx_ppc_macho(framework, code)

modules/nops/aarch64/simple.rb

@@ -0,0 +1,43 @@
+##
+# This module requires Metasploit: https://metasploit.com/download
+# Current source: https://github.com/rapid7/metasploit-framework
+##
+
+###
+#
+# SingleByte
+# ----------
+#
+# This class implements simple NOP generator for AARCH64
+#
+###
+class MetasploitModule < Msf::Nop
+
+  def initialize
+    super(
+      'Name'        => 'Simple',
+      'Alias'       => 'armle_simple',
+      'Description' => 'Simple NOP generator',
+      'License'     => MSF_LICENSE,
+      'Arch'        => ARCH_AARCH64)
+    register_advanced_options(
+      [
+        OptBool.new('RandomNops', [ false, "Generate a random NOP sled", true ])
+      ])
+  end
+
+  def generate_sled(length, opts)
+    random   = opts['Random']   || datastore['RandomNops']
+    nops = [
+      0xd503201f,          #  nop
+      0xaa0103e1,          #  mov	x1, x1
+      0xaa0203e2,          #  mov	x2, x2
+      0x2a0303e3,          #  mov	w3, w3
+      0x2a0403e4,          #  mov	w4, w4
+    ]
+    if random
+      return ([nops[rand(nops.length)]].pack("V*") * (length/4))
+    end
+    return ([nops[0]].pack("V*") * (length/4))
+  end
+end