infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Forgot the updated build.py, also add in a link to a blog post I wrote for this shellcode. 

git-svn-id: file:///home/svn/framework3/trunk@8657 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Stephen Fewer 2010-02-26 14:27:13 +00:00
parent b4339930e7
commit 5f35f33cd1
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
external/source/shellcode/windows/x86/build.py vendored
View File

@ -104,6 +104,9 @@ def main( argv=None ):
for root, dirs, files in os.walk( "./src/stager/" ): for root, dirs, files in os.walk( "./src/stager/" ):
for name in files: for name in files:
build( name[:-4] ) build( name[:-4] )
for root, dirs, files in os.walk( "./src/kernel/" ):
for name in files:
build( name[:-4] )
else: else:
build( argv[1] ) build( argv[1] )
except Exception, e: except Exception, e:

5
external/source/shellcode/windows/x86/src/kernel/stager_sysenter_hook.asm vendored
View File

@ -3,8 +3,13 @@
; Compatible: Windows 7, 2008, Vista (Possibly 2003, XP) ; Compatible: Windows 7, 2008, Vista (Possibly 2003, XP)
; Size: 202 bytes ; Size: 202 bytes
; Build: >build.py stager_sysenter_hook ; Build: >build.py stager_sysenter_hook
;
; Recommended Reading: Kernel-mode Payloads on Windows, 2005, bugcheck & skape. ; Recommended Reading: Kernel-mode Payloads on Windows, 2005, bugcheck & skape.
; http://www.uninformed.org/?v=3&a=4&t=sumry ; http://www.uninformed.org/?v=3&a=4&t=sumry
;
; Description of the implementation of this stager_sysenter_hook shellcode:
; http://www.harmonysecurity.com/blog/2009/11/implementing-win32-kernel-shellcode.html
;
;-----------------------------------------------------------------------------; ;-----------------------------------------------------------------------------;
[bits 32] [bits 32]
[org 0] [org 0]