1
# -*- coding: binary -*-
2
module Msf::Util::EXE::Windows::Aarch64
3
  include Msf::Util::EXE::Common
4
  include Msf::Util::EXE::Windows::Common
5

6
  def self.included(base)
7
    base.extend(ClassMethods)
8
  end
9

10
  module ClassMethods
11
    # Construct a Windows AArch64 PE executable with the given shellcode.
12
    # to_winaarch64pe
13
    #
14
    # @param framework [Msf::Framework] The Metasploit framework instance.
15
    # @param code [String] The shellcode to embed in the executable.
16
    # @param opts [Hash] Additional options.
17
    # @return [String] The constructed PE executable as a binary string.
18

19
    def to_winaarch64pe(framework, code, opts = {})
20
      # Use the standard template if not specified by the user.
21
      # This helper finds the full path and stores it in opts[:template].
22
      set_template_default(opts, 'template_aarch64_windows.exe')
23

24
      # Read the template directly from the path now stored in the options.
25
      pe = File.read(opts[:template], mode: 'rb')
26

27
      # Find the tag and inject the payload
28
      bo = find_payload_tag(pe, 'Invalid Windows AArch64 template: missing "PAYLOAD:" tag')
29
      pe[bo, code.length] = code.dup
30
      pe
31
    end
32
  end
33

34
  class << self
35
    include ClassMethods
36
  end
37
end
38

39