metasploit-gs/api/Msf/Exploit/Egghunter.html

<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
  Module: Msf::Exploit::Egghunter
  
    &mdash; Documentation by YARD 0.9.37
  
</title>

  <link rel="stylesheet" href="../../css/style.css" type="text/css" />

  <link rel="stylesheet" href="../../css/common.css" type="text/css" />

<script type="text/javascript">
  pathId = "Msf::Exploit::Egghunter";
  relpath = '../../';
</script>


  <script type="text/javascript" charset="utf-8" src="../../js/jquery.js"></script>

  <script type="text/javascript" charset="utf-8" src="../../js/app.js"></script>


  </head>
  <body>
    <div class="nav_wrap">
      <iframe id="nav" src="../../class_list.html?1"></iframe>
      <div id="resizer"></div>
    </div>

    <div id="main" tabindex="-1">
      <div id="header">
        <div id="menu">
  
    <a href="../../_index.html">Index (E)</a> &raquo;
    <span class='title'><span class='object_link'><a href="../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span>
     &raquo; 
    <span class="title">Egghunter</span>
  
</div>

        <div id="search">
  
    <a class="full_list_link" id="class_list_link"
        href="../../class_list.html">

        <svg width="24" height="24">
          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
        </svg>
    </a>
  
</div>
        <div class="clear"></div>
      </div>

      <div id="content"><h1>Module: Msf::Exploit::Egghunter
  
  
  
</h1>
<div class="box_info">
  

  
  
  
  
  

  

  
  <dl>
    <dt>Defined in:</dt>
    <dd>lib/msf/core/exploit/egghunter.rb</dd>
  </dl>
  
</div>

<h2>Overview</h2><div class="docstring">
  <div class="discussion">
    
<p>This mixin provides an interface to generating egghunters for various platforms using the Rex::Exploitation::Egghunter class.</p>

<p>Originally written by skape BadChar support added by David Rude Updated to take the payload and options by Joshua J. Drake</p>


  </div>
</div>
<div class="tags">
  

</div>






  
    <h2>
      Instance Method Summary
      <small><a href="#" class="summary_toggle">collapse</a></small>
    </h2>

    <ul class="summary">
      
        <li class="public ">
  <span class="summary_signature">
    
      <a href="#generate_egghunter-instance_method" title="#generate_egghunter (instance method)">#<strong>generate_egghunter</strong>(payload, badchars = nil, opts = {})  &#x21d2; Object </a>
    

    
  </span>
  
  
  
  
  
  
  

  
    <span class="summary_desc"><div class='inline'>
<p>Generates an egghunter stub based on the current target’s architecture and operating system.</p>
</div></span>
  
</li>

      
        <li class="public ">
  <span class="summary_signature">
    
      <a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {})  &#x21d2; Object </a>
    

    
  </span>
  
  
  
  
  
  
  

  
    <span class="summary_desc"><div class='inline'>
<p>Creates an instance of an exploit that uses an Egghunter overwrite.</p>
</div></span>
  
</li>

      
        <li class="public ">
  <span class="summary_signature">
    
      <a href="#wfs_delay-instance_method" title="#wfs_delay (instance method)">#<strong>wfs_delay</strong>  &#x21d2; Object </a>
    

    
  </span>
  
  
  
  
  
  
  

  
    <span class="summary_desc"><div class='inline'>
<p>Set the wfs_delay setting for all exploits using the Egghunter.</p>
</div></span>
  
</li>

      
    </ul>
  



  <div id="instance_method_details" class="method_details_list">
    <h2>Instance Method Details</h2>

    
      <div class="method_details first">
  <h3 class="signature first" id="generate_egghunter-instance_method">
  
    #<strong>generate_egghunter</strong>(payload, badchars = nil, opts = {})  &#x21d2; <tt>Object</tt> 
  

  

  
</h3><div class="docstring">
  <div class="discussion">
    
<p>Generates an egghunter stub based on the current target’s architecture and operating system.</p>


  </div>
</div>
<div class="tags">
  

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/egghunter.rb', line 31</span>

<span class='kw'>def</span> <span class='id identifier rubyid_generate_egghunter'>generate_egghunter</span><span class='lparen'>(</span><span class='id identifier rubyid_payload'>payload</span><span class='comma'>,</span> <span class='id identifier rubyid_badchars'>badchars</span> <span class='op'>=</span> <span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='comment'># Prefer the target&#39;s platform/architecture information, but use
</span>  <span class='comment'># the module&#39;s if no target specific information exists
</span>  <span class='id identifier rubyid_los'>los</span>   <span class='op'>=</span> <span class='id identifier rubyid_target_platform'>target_platform</span>
  <span class='id identifier rubyid_larch'>larch</span> <span class='op'>=</span> <span class='id identifier rubyid_target_arch'>target_arch</span> <span class='op'>||</span> <span class='const'>ARCH_X86</span>

  <span class='comment'># If we found a platform list, then take the first platform
</span>  <span class='id identifier rubyid_los'>los</span>   <span class='op'>=</span> <span class='id identifier rubyid_los'>los</span><span class='period'>.</span><span class='id identifier rubyid_names'>names</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_los'>los</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Module.html" title="Msf::Module (class)">Module</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Module/PlatformList.html" title="Msf::Module::PlatformList (class)">PlatformList</a></span></span><span class='rparen'>)</span><span class='rparen'>)</span>

  <span class='comment'># Use the first architecture if one was specified
</span>  <span class='id identifier rubyid_larch'>larch</span> <span class='op'>=</span> <span class='id identifier rubyid_larch'>larch</span><span class='lbracket'>[</span><span class='int'>0</span><span class='rbracket'>]</span> <span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_larch'>larch</span><span class='period'>.</span><span class='id identifier rubyid_kind_of?'>kind_of?</span><span class='lparen'>(</span><span class='const'>Array</span><span class='rparen'>)</span><span class='rparen'>)</span>

  <span class='kw'>if</span> <span class='id identifier rubyid_los'>los</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span>
    <span class='id identifier rubyid_raise'>raise</span> <span class='const'>RuntimeError</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>No platform restrictions were specified -- cannot select egghunter</span><span class='tstring_end'>&quot;</span></span>
  <span class='kw'>end</span>

  <span class='id identifier rubyid_badchars'>badchars</span> <span class='op'>||=</span> <span class='id identifier rubyid_payload_badchars'>payload_badchars</span>

  <span class='id identifier rubyid_egg'>egg</span>   <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Exploitation</span><span class='op'>::</span><span class='const'>Egghunter</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_los'>los</span><span class='comma'>,</span> <span class='id identifier rubyid_larch'>larch</span><span class='rparen'>)</span>
  <span class='id identifier rubyid_bunny'>bunny</span> <span class='op'>=</span> <span class='id identifier rubyid_egg'>egg</span><span class='period'>.</span><span class='id identifier rubyid_generate'>generate</span><span class='lparen'>(</span><span class='id identifier rubyid_payload'>payload</span><span class='comma'>,</span> <span class='id identifier rubyid_payload_badchars'>payload_badchars</span><span class='comma'>,</span> <span class='id identifier rubyid_opts'>opts</span><span class='rparen'>)</span>

  <span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_bunny'>bunny</span><span class='period'>.</span><span class='id identifier rubyid_nil?'>nil?</span><span class='rparen'>)</span>
    <span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The egghunter could not be generated</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
    <span class='id identifier rubyid_raise'>raise</span> <span class='const'>ArgumentError</span>
  <span class='kw'>end</span>

  <span class='kw'>return</span> <span class='id identifier rubyid_bunny'>bunny</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>
    
      <div class="method_details ">
  <h3 class="signature " id="initialize-instance_method">
  
    #<strong>initialize</strong>(info = {})  &#x21d2; <tt>Object</tt> 
  

  

  
</h3><div class="docstring">
  <div class="discussion">
    
<p>Creates an instance of an exploit that uses an Egghunter overwrite.</p>


  </div>
</div>
<div class="tags">
  

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


22
23
24</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/egghunter.rb', line 22</span>

<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
  <span class='kw'>super</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>
    
      <div class="method_details ">
  <h3 class="signature " id="wfs_delay-instance_method">
  
    #<strong>wfs_delay</strong>  &#x21d2; <tt>Object</tt> 
  

  

  
</h3><div class="docstring">
  <div class="discussion">
    
<p>Set the wfs_delay setting for all exploits using the Egghunter</p>


  </div>
</div>
<div class="tags">
  

</div><table class="source_code">
  <tr>
    <td>
      <pre class="lines">


63
64
65</pre>
    </td>
    <td>
      <pre class="code"><span class="info file"># File 'lib/msf/core/exploit/egghunter.rb', line 63</span>

<span class='kw'>def</span> <span class='id identifier rubyid_wfs_delay'>wfs_delay</span>
  <span class='int'>30</span>
<span class='kw'>end</span></pre>
    </td>
  </tr>
</table>
</div>
    
  </div>

</div>

      <div id="footer">
  Generated on Fri May  8 17:01:16 2026 by
  <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
  0.9.37 (ruby-3.1.5).
</div>

    </div>
  </body>
</html>