-
Notifications
You must be signed in to change notification settings - Fork 0
/
inverse.rb
33 lines (28 loc) · 1 KB
/
inverse.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Encoder
## TODO: Limit file format to Framework Transform Formats
def initialize
super(
'Name' => 'Reverse Encoder',
'Description' => %q{
This encoder reverses the payload. Do not provide a decoder_block_size as reversing needs to be done on complete payload. Does only work with non executable formats as payload needs to be reverted before execution.
},
'Author' => 'Klaus Mueller',
'License' => MSF_LICENSE,
'Arch' => ARCH_ALL,
'EncoderType' => Msf::Encoder::Type::Raw)
end
#
# Simply return the inverted buf. Funnily Microsoft Defender does nor recognize the encoded payload
#
def encode_block(state, buf)
encoded =''
buf.unpack('C*').each do |ch|
encoded << (255-ch).chr
end
return encoded
end
end