From d6954e9ce78401e12a4b5ac01feec9c764d915c6 Mon Sep 17 00:00:00 2001 From: James Lee Date: Mon, 16 Sep 2013 16:04:50 -0500 Subject: [PATCH] Fix migrate from 32- to 64-bit processes In some cases, it was possible to end up in a situation where the x64 reflective library hadn't been loaded by the time a user typed migrate. If the target process was 64-bit, msfconsole would error out with a NoMethodError and much sadness would ensue. [See #2356] --- lib/msf/core/payload/windows.rb | 12 ++++++++++++ lib/rex/post/meterpreter/client_core.rb | 3 +++ 2 files changed, 15 insertions(+) diff --git a/lib/msf/core/payload/windows.rb b/lib/msf/core/payload/windows.rb index 6ca8cb10e4..9d7e5cd574 100644 --- a/lib/msf/core/payload/windows.rb +++ b/lib/msf/core/payload/windows.rb @@ -12,9 +12,21 @@ require 'msf/core' module Msf::Payload::Windows require 'msf/core/payload/windows/prepend_migrate' + # Provides the #prepends method + # XXX: For some unfathomable reason, the order of requires here is + # important. If this include happens after require'ing the files + # below, it causes the windows/exec payload (and probably others) to + # somehow not have PrependMigrate despite having Payload::Windows, + # which leads to a NoMethodError on #prepends include Msf::Payload::Windows::PrependMigrate + require 'msf/core/payload/windows/dllinject' + require 'msf/core/payload/windows/exec' + require 'msf/core/payload/windows/loadlibrary' + require 'msf/core/payload/windows/reflectivedllinject' + require 'msf/core/payload/windows/x64/reflectivedllinject' + # # ROR hash associations for some of the exit technique routines. # diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb index 67fc0fdf81..4777223ea4 100644 --- a/lib/rex/post/meterpreter/client_core.rb +++ b/lib/rex/post/meterpreter/client_core.rb @@ -4,6 +4,9 @@ require 'rex/post/meterpreter/packet' require 'rex/post/meterpreter/extension' require 'rex/post/meterpreter/client' + +# Used to generate a reflective DLL when migrating. This is yet another +# argument for moving the meterpreter client into the Msf namespace. require 'msf/core/payload/windows' module Rex