adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

Escape the command in linux/x64/exec

Browse Source
This commit is contained in:
Spencer McIntyre
2026-05-05 13:16:30 -04:00
parent bbb2452063
commit 9019e4c837
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/payloads/singles/linux/x64/exec.rb
+3 -2
View File
@@ -39,6 +39,7 @@ module MetasploitModule
def generate(_opts = {})
cmd = datastore['CMD'] || ''
cmd = cmd.bytes.map { |byte| "0x%02x" % byte }.join(', ')
nullfreeversion = datastore['NullFreeVersion']
if cmd.empty?
@@ -144,7 +145,7 @@ module MetasploitModule
syscall ; execve("//bin/sh", ["//bin/sh", "-c", "*CMD*"], NULL)
tocall:
call afterjmp
db "#{cmd}" ; arbitrary command
db #{cmd} ; arbitrary command
EOS
else
# 37 bytes without cmd (not null-free)
@@ -163,7 +164,7 @@ module MetasploitModule
push rdx ; NULL
call continue
db "#{cmd}", 0x00 ; arbitrary command
db #{cmd}, 0x00 ; arbitrary command
continue:
push rsi ; "-c"
push rdi ; "/bin/sh"