Badchars with NULL byte doesn't seem to work

[earthquake]

When a payload like messagebox is encoded with sgn and badchars are not specified it finishes in a second. If the badchars are specified like:

• -badchars \x00
• -badchars 00
• -badchars '\x00'

Then Ciphering payload uses the CPU on 100% and never finishes. NULL characters are quite frequently are the source of the issue of payload delivery, maybe this should be looked into.

I assume it uses a brute-force approach to generate the payload and its regenerates it if NULL byte is still part of it? Is the algorithm capable to generate NULL-byte free payload?

# sgn -badchars \\x00 -a 64 messagebox.bin
       __   _ __        __                               _ 
  ___ / /  (_) /_____ _/ /____ _  ___ ____ _  ___  ___ _(_)
 (_-</ _ \/ /  '_/ _ `/ __/ _ `/ / _ `/ _ `/ / _ \/ _ `/ / 
/___/_//_/_/_/\_\\_,_/\__/\_,_/  \_, /\_,_/ /_//_/\_,_/_/  
========[Author:-Ege-Balcı-]====/___/=======v2.0.0=========  
    ┻━┻ ︵ヽ(`Д´)ﾉ︵ ┻━┻           (ノ ゜Д゜)ノ ︵ 仕方がない

- Ciphering payload...

[CodeXTF2]

bump. having the same issue.

[earthquake]

Can't remember where, but found it somewhere, that it wont work with null bytes. The payload itself has some and also the generation is based on bruteforce so without changing the underlying code it won't work.

[CodeXTF2]

then how does MSF do it without nulls

[earthquake]

I assume that the technique is the same, implementation is different, but I am a fellow user not the owner of the code

[CodeXTF2]

ah ok