adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve RC4 shellcode

Browse Source 
ESI is not clobbered; no need to clear EDX as only DL is filled before and
it is overwritten before use.

Shellcodes in ruby modules not regenerated, but I guess you want to
regenerate them again anyway :-)
This commit is contained in:
Michael Schierl
2013-01-01 11:24:05 +01:00
parent 269e507f68
commit 46a5c4f4bf
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
external/source/shellcode/windows/x86/src/block/block_rc4.asm
Vendored
+2 -3
View File
@@ -10,7 +10,7 @@
; EDI - pointer to 0x100 bytes scratch space for S-box
; Direction flag has to be cleared
; Output: None. Data is decoded in place.
; Clobbers: EAX, EBX, ECX, EDX, ESI, EBP (stack is not used)
; Clobbers: EAX, EBX, ECX, EDX, EBP (stack is not used)
; Initialize S-box
xor eax, eax ; Start with 0
@@ -35,8 +35,7 @@ permute:
; decryption loop
xor ebx, ebx ; Clear EBX and EDX (EAX is already cleared)
xor edx, edx
xor ebx, ebx ; Clear EBX (EAX is already cleared)
decrypt:
inc al ; AL += 1
add bl, [edi+eax] ; BL += S[AL]