Skip to content

Commit c0bf51e

Browse files
author
HD Moore
committed
Add a timestamp to the UUID structure
1 parent ce0796a commit c0bf51e

File tree

1 file changed

+21
-13
lines changed

1 file changed

+21
-13
lines changed

lib/msf/core/payload/uuid.rb

Lines changed: 21 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -63,41 +63,49 @@ module Msf::Payload::UUID
6363
}
6464

6565
#
66-
# Generate a raw 12-byte payload UUID given a seed, platform, and architecture
66+
# Generate a raw 16-byte payload UUID given a seed, platform, architecture, and timestamp
6767
#
6868
# @options opts [String] :seed A optional string to use for generated the unique payload ID, deterministic
6969
# @options opts [String] :arch The hardware architecture for this payload
7070
# @options opts [String] :platform The operating system platform for this payload
71+
# @options opts [String] :timestamp The timestamp in UTC Unix epoch format
7172
#
7273
def self.payload_uuid_generate_raw(opts={})
73-
plat_id = opts[:platform] ? find_platform_id(opts[:platform]) : 0
74-
arch_id = opts[:arch] ? find_architecture_id(opts[:arch]) : 0
74+
plat_id = find_platform_id(opts[:platform]) || 0
75+
arch_id = find_architecture_id(opts[:arch]) || 0
7576
seed = opts[:seed] || Rex::Text.rand_text(16)
77+
tstamp = opts[:timestamp] || Time.now.utc.to_i
7678

7779
plat_xor = rand(255)
7880
arch_xor = rand(255)
7981

82+
# Recycle the previous two XOR bytes to keep our output small
83+
time_xor = [plat_xor, arch_xor, plat_xor, arch_xor].pack('C4').unpack('N').first
84+
8085
# Combine the last 64-bits of the SHA1 of seed with the arch/platform
81-
# Use XOR to obscure the platform and architecture IDs
86+
# Use XOR to obscure the platform, architecture, and timestamp
8287
Rex::Text.sha1_raw(seed)[12,8] +
8388
[
8489
plat_xor, arch_xor,
8590
plat_xor ^ plat_id,
86-
arch_xor ^ arch_id
87-
].pack('C*')
91+
arch_xor ^ arch_id,
92+
time_xor ^ tstamp
93+
].pack('C4N')
8894
end
8995

9096
#
91-
# Parse a raw 12-byte payload UUID and return the payload ID, platform, and architecture
97+
# Parse a raw 16-byte payload UUID and return the payload ID, platform, architecture, and timestamp
9298
#
93-
# @param raw [String] The raw 12-byte payload UUID to parse
94-
# @return [Array] The Payload ID, platform, and architecture
99+
# @param raw [String] The raw 16-byte payload UUID to parse
100+
# @return [Array] The Payload ID, platform, architecture, and timestamp
95101
#
96102
def self.payload_uuid_parse_raw(raw)
97-
puid, plat_xor, arch_xor, plat_id, arch_id = raw.unpack('A8C4')
98-
plat = find_platform_name(plat_xor ^ plat_id)
99-
arch = find_architecture_name(arch_xor ^ arch_id)
100-
[puid, plat, arch]
103+
puid, plat_xor, arch_xor, plat_id, arch_id, tstamp = raw.unpack('A8C4N')
104+
plat = find_platform_name(plat_xor ^ plat_id)
105+
arch = find_architecture_name(arch_xor ^ arch_id)
106+
time_xor = [plat_xor, arch_xor, plat_xor, arch_xor].pack('C4').unpack('N').first
107+
time = time_xor ^ tstamp
108+
[puid, plat, arch, time]
101109
end
102110

103111
# Alias for the class method

0 commit comments

Comments
 (0)