infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Check PID

bug/bundler_fix
sinn3r 2013-01-24 10:46:23 -06:00
parent ad108900d5
commit 2cedcad810
1 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
modules/exploits/windows/local/payload_inject.rb
View File

@ -65,7 +65,7 @@ class Metasploit3 < Msf::Exploit::Local
# Figures out which PID to inject to # Figures out which PID to inject to
def get_pid def get_pid
pid = datastore['PID'] pid = datastore['PID']
if pid == 0 or datastore['NEWPROCESS'] if pid == 0 or datastore['NEWPROCESS'] or not has_pid?(pid)
print_status("Launching notepad.exe...") print_status("Launching notepad.exe...")
pid = create_temp_proc pid = create_temp_proc
end end
@ -73,6 +73,29 @@ class Metasploit3 < Msf::Exploit::Local
return pid return pid
end end
# Determines if a PID actually exists
def has_pid?(pid)
procs = []
begin
procs = client.sys.process.processes
rescue Rex::Post::Meterpreter::RequestError
print_error("Unable to enumerate processes")
return false
end
pids = []
procs.each do |p|
found_pid = p['pid']
return true if found_pid == pid
end
print_error("PID #{pid.to_s} does not actually exist.")
return false
end
# Checks the Architeture of a Payload and PID are compatible # Checks the Architeture of a Payload and PID are compatible
# Returns true if they are false if they are not # Returns true if they are false if they are not
def arch_check(pid) def arch_check(pid)