module MetasploitPayloads::Crypto

Constants

CIPHERS
CIPHER_VERSION
CURRENT_CIPHER
ENCRYPTED_PAYLOAD_HEADER

Binary String, unsigned char, unsigned char, unsigned char

IV_VERSION
KEY_VERSION

Public Class Methods

decrypt(ciphertext: '') click to toggle source
# File lib/metasploit-payloads/crypto.rb, line 65
def self.decrypt(ciphertext: '')
  raise ::ArgumentError, 'Unable to decrypt ciphertext: ' << ciphertext, caller unless ciphertext.to_s

  return ciphertext unless ciphertext.start_with?('msf'.b)

  # Use the correct algorithm based on the version in the header
  msf_header, cipher_version, iv_version, key_version = ciphertext.unpack('A3CCC')

  current_cipher = CIPHERS[cipher_version]
  cipher = ::OpenSSL::Cipher.new(current_cipher[:name])
  iv = current_cipher[:ivs][iv_version][:value]
  key = current_cipher[:keys][key_version][:value]

  cipher.decrypt
  cipher.iv = iv
  cipher.key = key

  header = [msf_header, cipher_version, iv_version, key_version].pack('A*CCC').b
  # Remove encrypted header
  ciphertext = ciphertext.sub(header, '')

  output = cipher.update(ciphertext)
  output << cipher.final

  output
end
encrypt(plaintext: '') click to toggle source
# File lib/metasploit-payloads/crypto.rb, line 49
def self.encrypt(plaintext: '')
  raise ::ArgumentError, 'Unable to encrypt plaintext: ' << plaintext, caller unless plaintext.to_s

  cipher = ::OpenSSL::Cipher.new(CURRENT_CIPHER[:name])

  cipher.encrypt
  cipher.iv = CURRENT_CIPHER[:ivs][IV_VERSION][:value]
  cipher.key = CURRENT_CIPHER[:keys][KEY_VERSION][:value]

  output = ENCRYPTED_PAYLOAD_HEADER.dup
  output << cipher.update(plaintext)
  output << cipher.final

  output
end