Land 3796, specs for Rex::Encoder::Alpha2 encoders

spec/lib/rex/encoder/alpha2/alpha_mixed_spec.rb

@@ -0,0 +1,88 @@
+# -*- coding:binary -*-
+require 'spec_helper'
+
+require 'rex/encoder/alpha2/alpha_mixed'
+
+describe Rex::Encoder::Alpha2::AlphaMixed do
+
+  it_behaves_like 'Rex::Encoder::Alpha2::Generic'
+
+  let(:decoder_stub) do
+    "jAXP0A0AkAAQ2AB2BB0BBABXP8ABuJI"
+  end
+
+  let(:reg_signature) do
+    {
+      'EAX' => 'PY',
+      'ECX' => 'I',
+      'EDX' => '7RY',
+      'EBX' => 'SY',
+      'ESP' => 'TY',
+      'EBP' => 'UY',
+      'ESI' => 'VY',
+      'EDI' => 'WY'
+    }
+  end
+
+  describe ".gen_decoder_prefix" do
+    subject(:decoder_prefix) { described_class.gen_decoder_prefix(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 5 }
+
+    it "returns decoder prefix" do
+      is_expected.to include(reg_signature[reg])
+    end
+
+    context "when invalid reg name" do
+      let(:reg) { 'NON EXISTENT' }
+      let(:offset) { 0 }
+
+      it "raises an error" do
+        expect { decoder_prefix }.to raise_error(ArgumentError)
+      end
+    end
+
+    context "when offset is bigger than 32" do
+      let(:reg) { 'ECX' }
+      let(:offset) { 33 }
+
+      it "raises an error" do
+        expect { decoder_prefix }.to raise_error
+      end
+    end
+  end
+
+
+  describe ".gen_decoder" do
+    subject(:decoder) { described_class.gen_decoder(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 5 }
+
+    it "returns the alpha upper decoder" do
+      is_expected.to include(decoder_stub)
+    end
+
+    it "uses the correct decoder prefix" do
+      is_expected.to include(reg_signature[reg])
+    end
+
+    context "when invalid reg name" do
+      let(:reg) { 'NON EXISTENT' }
+      let(:offset) { 0 }
+
+      it "raises an error" do
+        expect { decoder }.to raise_error(ArgumentError)
+      end
+    end
+
+    context "when offset is bigger than 32" do
+      let(:reg) { 'ECX' }
+      let(:offset) { 33 }
+
+      it "raises an error" do
+        expect { decoder }.to raise_error
+      end
+    end
+  end
+
+end

spec/lib/rex/encoder/alpha2/alpha_upper_spec.rb

@@ -0,0 +1,94 @@
+# -*- coding:binary -*-
+require 'spec_helper'
+
+require 'rex/encoder/alpha2/alpha_upper'
+
+describe Rex::Encoder::Alpha2::AlphaUpper do
+
+  it_behaves_like 'Rex::Encoder::Alpha2::Generic'
+
+  let(:decoder_stub) do
+    "VTX30VX4AP0A3HH0A00ABAABTAAQ2AB2BB0BBXP8ACJJI"
+  end
+
+  let(:reg_signature) do
+    {
+      'EAX' => 'PY',
+      'ECX' => 'I',
+      'EDX' => 'RY',
+      'EBX' => 'SY',
+      'ESP' => 'TY',
+      'EBP' => 'UY',
+      'ESI' => 'VY',
+      'EDI' => 'WY'
+    }
+  end
+
+  describe ".default_accepted_chars" do
+    subject { described_class.default_accepted_chars }
+
+    it { is_expected.to eq(('B' .. 'Z').to_a + ('0' .. '9').to_a) }
+  end
+
+  describe ".gen_decoder_prefix" do
+    subject(:decoder_prefix) { described_class.gen_decoder_prefix(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 5 }
+
+    it "returns decoder prefix" do
+      is_expected.to include(reg_signature[reg])
+    end
+
+    context "when invalid reg name" do
+      let(:reg) { 'NON EXISTENT' }
+      let(:offset) { 0 }
+
+      it "raises an error" do
+        expect { decoder_prefix }.to raise_error(ArgumentError)
+      end
+    end
+
+    context "when offset is bigger than 20" do
+      let(:reg) { 'ECX' }
+      let(:offset) { 25 }
+
+      it "raises an error" do
+        expect { decoder_prefix }.to raise_error
+      end
+    end
+  end
+
+
+  describe ".gen_decoder" do
+    subject(:decoder) { described_class.gen_decoder(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 5 }
+
+    it "returns the alpha upper decoder" do
+      is_expected.to include(decoder_stub)
+    end
+
+    it "uses the correct decoder prefix" do
+      is_expected.to include(reg_signature[reg])
+    end
+
+    context "when invalid reg name" do
+      let(:reg) { 'NON EXISTENT' }
+      let(:offset) { 0 }
+
+      it "raises an error" do
+        expect { decoder }.to raise_error(ArgumentError)
+      end
+    end
+
+    context "when offset is bigger than 20" do
+      let(:reg) { 'ECX' }
+      let(:offset) { 25 }
+
+      it "raises an error" do
+        expect { decoder }.to raise_error
+      end
+    end
+  end
+
+end

spec/lib/rex/encoder/alpha2/generic_spec.rb

@@ -0,0 +1,42 @@
+# -*- coding:binary -*-
+require 'spec_helper'
+
+require 'rex/encoder/alpha2/generic'
+
+describe Rex::Encoder::Alpha2::Generic do
+
+  it_behaves_like 'Rex::Encoder::Alpha2::Generic'
+
+  describe ".default_accepted_chars" do
+    subject(:accepted_chars) { described_class.default_accepted_chars }
+
+    it { is_expected.to eq(('a' .. 'z').to_a + ('B' .. 'Z').to_a + ('0' .. '9').to_a) }
+  end
+
+  describe ".gen_decoder_prefix" do
+    subject(:decoder_prefix) { described_class.gen_decoder_prefix(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 0 }
+
+    it { is_expected.to eq('') }
+  end
+
+  describe ".gen_decoder" do
+    subject(:decoder) { described_class.gen_decoder(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 0 }
+
+    it { is_expected.to eq('') }
+  end
+
+  describe ".gen_second" do
+    subject(:second) { described_class.gen_second(block, base) }
+    let(:block) { 0xaf }
+    let(:base) { 0xfa }
+
+    it "returns block ^ base" do
+      expect(second ^ base).to eq(block)
+    end
+  end
+
+end

spec/lib/rex/encoder/alpha2/unicode_mixed_spec.rb

@@ -0,0 +1,88 @@
+# -*- coding:binary -*-
+require 'spec_helper'
+
+require 'rex/encoder/alpha2/unicode_mixed'
+
+describe Rex::Encoder::Alpha2::UnicodeMixed do
+
+  it_behaves_like 'Rex::Encoder::Alpha2::Generic'
+
+  let(:decoder_stub) do
+    "jXAQADAZABARALAYAIAQAIAQAIAhAAAZ1AIAIAJ11AIAIABABABQI1AIQIAIQI111AIAJQYAZBABABABABkMAGB9u4JB"
+  end
+
+  let(:reg_signature) do
+    {
+      'EAX' => 'PPYA',
+      'ECX' => '4444',
+      'EDX' => 'RRYA',
+      'EBX' => 'SSYA',
+      'ESP' => 'TUYA',
+      'EBP' => 'UUYAs',
+      'ESI' => 'VVYA',
+      'EDI' => 'WWYA'
+    }
+  end
+
+  describe ".gen_decoder_prefix" do
+    subject(:decoder_prefix) { described_class.gen_decoder_prefix(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 5 }
+
+    it "returns decoder prefix" do
+      is_expected.to include(reg_signature[reg])
+    end
+
+    context "when invalid reg name" do
+      let(:reg) { 'NON EXISTENT' }
+      let(:offset) { 0 }
+
+      it "raises an error" do
+        expect { decoder_prefix }.to raise_error(RuntimeError)
+      end
+    end
+
+    context "when offset is bigger than 21" do
+      let(:reg) { 'ECX' }
+      let(:offset) { 22 }
+
+      it "raises an error" do
+        expect { decoder_prefix }.to raise_error
+      end
+    end
+  end
+
+
+  describe ".gen_decoder" do
+    subject(:decoder) { described_class.gen_decoder(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 5 }
+
+    it "returns the alpha upper decoder" do
+      is_expected.to include(decoder_stub)
+    end
+
+    it "uses the correct decoder prefix" do
+      is_expected.to include(reg_signature[reg])
+    end
+
+    context "when invalid reg name" do
+      let(:reg) { 'NON EXISTENT' }
+      let(:offset) { 0 }
+
+      it "raises an error" do
+        expect { decoder }.to raise_error(RuntimeError)
+      end
+    end
+
+    context "when offset is bigger than 21" do
+      let(:reg) { 'ECX' }
+      let(:offset) { 22 }
+
+      it "raises an error" do
+        expect { decoder }.to raise_error
+      end
+    end
+  end
+
+end

spec/lib/rex/encoder/alpha2/unicode_upper_spec.rb

@@ -0,0 +1,94 @@
+# -*- coding:binary -*-
+require 'spec_helper'
+
+require 'rex/encoder/alpha2/unicode_upper'
+
+describe Rex::Encoder::Alpha2::UnicodeUpper do
+
+  it_behaves_like 'Rex::Encoder::Alpha2::Generic'
+
+  let(:decoder_stub) do
+    "QATAXAZAPU3QADAZABARALAYAIAQAIAQAPA5AAAPAZ1AI1AIAIAJ11AIAIAXA58AAPAZABABQI1AIQIAIQI1111AIAJQI1AYAZBABABABAB30APB944JB"
+  end
+
+  let(:reg_signature) do
+    {
+      'EAX' => 'PPYA',
+      'ECX' => '4444',
+      'EDX' => 'RRYA',
+      'EBX' => 'SSYA',
+      'ESP' => 'TUYA',
+      'EBP' => 'UUYA',
+      'ESI' => 'VVYA',
+      'EDI' => 'WWYA'
+    }
+  end
+
+  describe ".default_accepted_chars" do
+    subject(:accepted_chars) { described_class.default_accepted_chars }
+
+    it { is_expected.to eq(('B' .. 'Z').to_a + ('0' .. '9').to_a) }
+  end
+
+  describe ".gen_decoder_prefix" do
+    subject(:decoder_prefix) { described_class.gen_decoder_prefix(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 5 }
+
+    it "returns decoder prefix" do
+      is_expected.to include(reg_signature[reg])
+    end
+
+    context "when invalid reg name" do
+      let(:reg) { 'NON EXISTENT' }
+      let(:offset) { 0 }
+
+      it "raises an error" do
+        expect(decoder_prefix).to be_nil
+      end
+    end
+
+    context "when offset is bigger than 6" do
+      let(:reg) { 'ECX' }
+      let(:offset) { 7 }
+
+      it "raises an error" do
+        expect { decoder_prefix }.to raise_error(RuntimeError)
+      end
+    end
+  end
+
+
+  describe ".gen_decoder" do
+    subject(:decoder) { described_class.gen_decoder(reg, offset) }
+    let(:reg) { 'ECX' }
+    let(:offset) { 5 }
+
+    it "returns the alpha upper decoder" do
+      is_expected.to include(decoder_stub)
+    end
+
+    it "uses the correct decoder prefix" do
+      is_expected.to include(reg_signature[reg])
+    end
+
+    context "when invalid reg name" do
+      let(:reg) { 'NON EXISTENT' }
+      let(:offset) { 0 }
+
+      it "raises an error" do
+        expect { decoder }.to raise_error(NoMethodError)
+      end
+    end
+
+    context "when offset is bigger than 6" do
+      let(:reg) { 'ECX' }
+      let(:offset) { 7 }
+
+      it "raises an error" do
+        expect { decoder }.to raise_error(RuntimeError)
+      end
+    end
+  end
+
+end

spec/support/shared/examples/rex/encoder/alpha2/generic.rb

@@ -0,0 +1,65 @@
+shared_examples_for 'Rex::Encoder::Alpha2::Generic' do
+
+  describe ".encode_byte" do
+    subject(:encoded_byte) { described_class.encode_byte(block, badchars) }
+
+    context "when too many badchars" do
+      let(:block) { 0x41 }
+      let(:badchars) { (0x00..0xff).to_a.pack("C*") }
+
+      it "raises an error" do
+        expect { encoded_byte }.to raise_error(RuntimeError)
+      end
+    end
+
+    context "when encoding is possible" do
+      let(:block) { 0x41 }
+      let(:badchars) { 'B' }
+
+      it "returns two-bytes encoding" do
+        expect(encoded_byte.length).to eq(2)
+      end
+
+      it "returns encoding without badchars" do
+        badchars.each_char do |b|
+          is_expected.to_not include(b)
+        end
+      end
+    end
+
+  end
+
+  describe ".encode" do
+    subject(:encoded_result) { described_class.encode(buf, reg, offset, badchars) }
+    let(:buf) { 'ABCD' }
+    let(:reg) { 'ECX' }
+    let(:offset) { 0 }
+
+    context "when too many badchars" do
+      let(:badchars) { (0x00..0xff).to_a.pack("C*") }
+
+      it "raises an error" do
+        expect { encoded_result }.to raise_error(RuntimeError)
+      end
+    end
+
+    context "when encoding is possible" do
+      let(:badchars) { '\n' }
+
+      it "returns encoding starting with the decoder stub" do
+        is_expected.to start_with(described_class.gen_decoder(reg, offset))
+      end
+
+      it "returns encoding ending with terminator" do
+        is_expected.to end_with(described_class.add_terminator)
+      end
+    end
+  end
+
+  describe ".add_terminator" do
+    subject(:terminator) { described_class.add_terminator }
+
+    it { is_expected.to eq('AA') }
+  end
+
+end