infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs table

bug/bundler_fix
h00die 2016-10-20 20:54:35 -04:00
parent 12e4fe1c5c
commit 40054a6c01
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
documentation/modules/exploit/windows/local/panda_psevents.md
View File

@ -29,15 +29,15 @@
Which DLL to name our payload. The original vulnerability writeup utilized bcryptPrimitives.dll, and mentioned several others that could be used. However the dll seems to be VERY picky. Default is cryptnet.dll. See the chart for more details.
| | WINHTTP.dll | VERSION.dll | bcryptPrimitives.dll | CRYPTBASE.dll | cryptnet.dll | WININET.dll |
|---------------------------------------------------------------|-------------|-------------|----------------------|---------------|--------------|-------------|
| 64bit target (1), win10 x64 | CRASH | CRASH | NO | NO | valid | no |
| 64bit target (1), win8.1 x86 | CRASH | CRASH | NO | valid | valid | no |
| 32bit target (0), win10 x64 | CRASH | CRASH | NO | NO | valid | no |
| 32bit target (0), win8.1 x86 | CRASH | CRASH | NO | valid | valid (caught by av) | no |
| 32bit target (0), win7sp1 x86 | | | valid | | valid (caught by av) | |
| | WINHTTP.dll | VERSION.dll | bcryptPrimitives.dll | CRYPTBASE.dll | cryptnet.dll | WININET.dll |
|---------------------------------------------------------------|-------------|-------------|----------------------|---------------|--------------|-------------|
| 64bit target (1), win10 x64 | CRASH | CRASH | NO | NO | valid | no |
| 64bit target (1), win8.1 x86 | CRASH | CRASH | NO | valid | valid | no |
| 32bit target (0), win10 x64 | CRASH | CRASH | NO | NO | valid | no |
| 32bit target (0), win8.1 x86 | CRASH | CRASH | NO | valid | valid (caught by av) | no |
| 32bit target (0), win7sp1 x86 | | | valid | | valid (caught by av) | |
In this chart, `CRASH` means PSEvents.exe crashed on the system. `NO` means PSEvents didn't crash, but no session was obtained. `valid` means we got a shell.
In this chart, `CRASH` means PSEvents.exe crashed on the system. `NO` means PSEvents didn't crash, but no session was obtained. `valid` means we got a shell.
**ListenerTimeout**