infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use native_arch for railfun multi and test it

bug/bundler_fix
Spencer McIntyre 2017-03-01 13:07:04 -05:00
parent 4882927570
commit 2d51801b01
2 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb
View File

@ -49,7 +49,7 @@ class MultiCaller
# needed by DLL helper # needed by DLL helper
@win_consts = win_consts @win_consts = win_consts
if @client.arch == ARCH_X64 if @client.native_arch == ARCH_X64
@native = 'Q<' @native = 'Q<'
else else
@native = 'V' @native = 'V'

21
test/modules/post/test/railgun.rb
View File

@ -21,7 +21,7 @@ class MetasploitModule < Msf::Post
def test_api_function_calls def test_api_function_calls
it "Results should include error information" do it "Should include error information in the results" do
ret = true ret = true
result = session.railgun.kernel32.GetCurrentProcess() result = session.railgun.kernel32.GetCurrentProcess()
ret &&= result['GetLastError'] == 0 ret &&= result['GetLastError'] == 0
@ -51,6 +51,25 @@ class MetasploitModule < Msf::Post
ret &&= result['nSize'].to_i == result['ComputerName'].length ret &&= result['nSize'].to_i == result['ComputerName'].length
end end
it "Should support calling multiple functions at once" do
ret = true
multi_rail = [
['kernel32', 'LoadLibraryA', ['kernel32.dll']],
['kernel32', 'GetModuleHandleA', ['kernel32.dll']],
['kernel32', 'GetCurrentProcessId', []]
]
results = session.railgun.multi(multi_rail)
ret &&= results.length == multi_rail.length
results.each do |result|
ret &&= result['GetLastError'] == 0
ret &&= result['return'] != 0
end
# LoadLibraryA('kernel32.dll') == GetModuleHandleA('kernel32.dll')
ret &&= results[0]['return'] == results[1]['return']
ret &&= results[2]['return'] == session.sys.process.getpid
end
it "Should support reading memory" do it "Should support reading memory" do
ret = true ret = true
result = client.railgun.kernel32.GetModuleHandleA('kernel32') result = client.railgun.kernel32.GetModuleHandleA('kernel32')