Last active
August 9, 2017 20:05
-
-
Save KINGSABRI/dd303c12e51aa24613502aca2b47ac16 to your computer and use it in GitHub Desktop.
Script to inverse a given printable string to zeroing out registers (Buffer Overflow).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
# KING SABRI | @KINGSABRI | |
# script to inverse a given printable string to zeroing out registers (Useful in Buffer Overflow). | |
# | |
class String | |
# inverse inverse a given printable string to zeroing out registers | |
# (Useful in Buffer Overflow). | |
# | |
# @return [Array] of ascii, hex, binary of the new inverted value | |
def inverse | |
self_binary = self.reverse.unpack('B*').join # To binary | |
complement = ~self_binary.to_i(2) | |
binary_inv = 31.downto(0).map { |n| complement[n] }.join | |
parse_binary = self_binary.split('').each_slice(8).to_a | |
parse_binary_inv = binary_inv.split('').each_slice(8).to_a | |
0.upto(3).map do |bit| | |
if parse_binary[bit][0] == '1' | |
parse_binary_inv[bit][0] = '0' | |
else | |
parse_binary_inv[bit][0] = '0' | |
end | |
end | |
binary = parse_binary_inv.join | |
hex = binary.to_i(2).to_s(16) | |
ascii = [hex].pack('H*') | |
puts '[!] The result is not printable(ASCII), choose another string!' unless ascii.ascii_only? | |
[ascii, hex, binary] | |
end | |
end | |
# Usage | |
# ruby zero-out.rb KING | |
value = ARGV[0] | |
original = [value.reverse, value.reverse.unpack('H*')[0], value.unpack('B*')[0]] | |
inverted = value.inverse | |
puts '[+] Original Value:' | |
puts "[•] ASCII : #{original[0]}" | |
puts "[•] Hex : #{original[1]}" | |
puts "[•] Binary: #{original[2]}" | |
puts | |
puts '[+] Inverted Value:' | |
puts "[•] ASCII : #{inverted[0]}" | |
puts "[•] Hex : #{inverted[1]}" | |
puts "[•] Binary: #{inverted[2]}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment