Fix AARCH64 MachO Generation

This updates the exe util to properly generate stageless aarch64 macho payloads. I've also added comments on how to assemble the aarch64 stages.
2023-03-04 10:32:05 +09:00 · 2023-03-04 10:32:05 +09:00 · 8a5442f7f0
parent 8c4c260911
commit 8a5442f7f0
3 changed files with 7 additions and 0 deletions
--- a/external/source/shellcode/osx/aarch64/stage_mettle.s
+++ b/external/source/shellcode/osx/aarch64/stage_mettle.s
@ -1,3 +1,5 @@
+// Compile: clang stage_mettle.s
+// Shellcode: objdump -d a.out | cut -d ' ' -f 2-5
 .equ SYS_RECVFROM, 0x200001d
 .equ SYS_MPROTECT, 0x200004a
 .equ SYS_MMAP, 0x20000c5
--- a/external/source/shellcode/osx/aarch64/stager_sock_reverse.s
+++ b/external/source/shellcode/osx/aarch64/stager_sock_reverse.s
@ -1,3 +1,5 @@
+// Compile: clang stager_sock_reverse.s
+// Shellcode: objdump -d a.out | cut -d ' ' -f 2-5
 .equ SYS_RECVFROM, 0x200001d
 .equ SYS_MPROTECT, 0x200004a
 .equ SYS_CONNECT, 0x2000062
--- a/lib/msf/util/exe.rb
+++ b/lib/msf/util/exe.rb
@ -166,6 +166,7 @@ require 'digest/sha1'
      if plat.index(Msf::Module::Platform::Linux)
        return to_linux_aarch64_elf(framework, code)
      end
+
      if plat.index(Msf::Module::Platform::OSX)
        return to_osx_aarch64_macho(framework, code)
      end
@ -2159,6 +2160,8 @@ require 'digest/sha1'
          to_osx_arm_macho(framework, code, exeopts)
        when ARCH_PPC
          to_osx_ppc_macho(framework, code, exeopts)
+        when ARCH_AARCH64
+          to_osx_aarch64_macho(framework, code, exeopts)
        end
      end
      fmt == 'osx-app' ? Msf::Util::EXE.to_osx_app(macho) : macho