infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #6954, Fix the available size of payload for exploit/.../payload_inject

bug/bundler_fix 4.12.10
Brendan 2016-07-05 07:38:27 -07:00
parent 5dc7d4b16e 1bf03ab4ec
commit e29d5b9efe
No known key found for this signature in database
GPG Key ID: ECC0F0A52E65F268
15 changed files with 29 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/msf/core/payload/linux/bind_tcp.rb
View File

@ -30,7 +30,7 @@ module Payload::Linux::BindTcp
} }
# Generate the more advanced stager if we have the space # Generate the more advanced stager if we have the space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'], conf[:exitfunk] = datastore['EXITFUNC'],
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/linux/reverse_tcp.rb
View File

@ -33,7 +33,7 @@ module Payload::Linux::ReverseTcp
} }
# Generate the advanced stager if we have space # Generate the advanced stager if we have space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/bind_tcp.rb
View File

@ -34,7 +34,7 @@ module Payload::Windows::BindTcp
} }
# Generate the more advanced stager if we have the space # Generate the more advanced stager if we have the space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'], conf[:exitfunk] = datastore['EXITFUNC'],
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/bind_tcp_rc4.rb
View File

@ -32,7 +32,7 @@ module Payload::Windows::BindTcpRc4
} }
# Generate the more advanced stager if we have the space # Generate the more advanced stager if we have the space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'], conf[:exitfunk] = datastore['EXITFUNC'],
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/reverse_http.rb
View File

@ -50,7 +50,7 @@ module Payload::Windows::ReverseHttp
} }
# Add extra options if we have enough space # Add extra options if we have enough space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:url] = luri + generate_uri conf[:url] = luri + generate_uri
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:ua] = datastore['MeterpreterUserAgent'] conf[:ua] = datastore['MeterpreterUserAgent']

2
lib/msf/core/payload/windows/reverse_tcp.rb
View File

@ -34,7 +34,7 @@ module Payload::Windows::ReverseTcp
} }
# Generate the advanced stager if we have space # Generate the advanced stager if we have space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/reverse_tcp_dns.rb
View File

@ -38,7 +38,7 @@ module Payload::Windows::ReverseTcpDns
} }
# Generate the advanced stager if we have space # Generate the advanced stager if we have space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/reverse_tcp_rc4.rb
View File

@ -34,7 +34,7 @@ module Payload::Windows::ReverseTcpRc4
} }
# Generate the advanced stager if we have space # Generate the advanced stager if we have space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/reverse_tcp_rc4_dns.rb
View File

@ -34,7 +34,7 @@ module Payload::Windows::ReverseTcpRc4Dns
} }
# Generate the advanced stager if we have space # Generate the advanced stager if we have space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/reverse_winhttp.rb
View File

@ -36,7 +36,7 @@ module Payload::Windows::ReverseWinHttp
} }
# Add extra options if we have enough space # Add extra options if we have enough space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:uri] = generate_uri conf[:uri] = generate_uri
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:verify_cert_hash] = opts[:verify_cert_hash] conf[:verify_cert_hash] = opts[:verify_cert_hash]

2
lib/msf/core/payload/windows/x64/bind_tcp.rb
View File

@ -32,7 +32,7 @@ module Payload::Windows::BindTcp_x64
} }
# Generate the more advanced stager if we have the space # Generate the more advanced stager if we have the space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'], conf[:exitfunk] = datastore['EXITFUNC'],
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/x64/reverse_http.rb
View File

@ -54,7 +54,7 @@ module Payload::Windows::ReverseHttp_x64
} }
# add extended options if we do have enough space # add extended options if we do have enough space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:url] = luri + generate_uri conf[:url] = luri + generate_uri
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:ua] = datastore['MeterpreterUserAgent'] conf[:ua] = datastore['MeterpreterUserAgent']

2
lib/msf/core/payload/windows/x64/reverse_tcp.rb
View File

@ -41,7 +41,7 @@ module Payload::Windows::ReverseTcp_x64
} }
# Generate the advanced stager if we have space # Generate the advanced stager if we have space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:reliable] = true conf[:reliable] = true
end end

2
lib/msf/core/payload/windows/x64/reverse_winhttp.rb
View File

@ -37,7 +37,7 @@ module Payload::Windows::ReverseWinHttp_x64
} }
# Add extra options if we have enough space # Add extra options if we have enough space
unless self.available_space.nil? || required_space > self.available_space if self.available_space && required_space < self.available_space
conf[:uri] = generate_uri conf[:uri] = generate_uri
conf[:exitfunk] = datastore['EXITFUNC'] conf[:exitfunk] = datastore['EXITFUNC']
conf[:verify_cert_hash] = opts[:verify_cert_hash] conf[:verify_cert_hash] = opts[:verify_cert_hash]

25
modules/exploits/windows/local/payload_inject.rb
View File

@ -14,24 +14,29 @@ class MetasploitModule < Msf::Exploit::Local
def initialize(info={}) def initialize(info={})
super( update_info( info, super( update_info( info,
'Name' => 'Windows Manage Memory Payload Injection', 'Name' => 'Windows Manage Memory Payload Injection',
'Description' => %q{ 'Description' => %q{
This module will inject a payload into memory of a process. If a payload This module will inject a payload into memory of a process. If a payload
isn't selected, then it'll default to a reverse x86 TCP meterpreter. If the PID isn't selected, then it'll default to a reverse x86 TCP meterpreter. If the PID
datastore option isn't specified, then it'll inject into notepad.exe instead. datastore option isn't specified, then it'll inject into notepad.exe instead.
}, },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => 'Author' =>
[ [
'Carlos Perez <carlos_perez[at]darkoperator.com>', 'Carlos Perez <carlos_perez[at]darkoperator.com>',
'sinn3r' 'sinn3r'
], ],
'Platform' => [ 'win' ], 'Platform' => [ 'win' ],
'Arch' => [ ARCH_X86, ARCH_X86_64 ], 'Arch' => [ ARCH_X86, ARCH_X86_64 ],
'SessionTypes' => [ 'meterpreter' ], 'SessionTypes' => [ 'meterpreter' ],
'Targets' => [ [ 'Windows', {} ] ], 'Targets' => [ [ 'Windows', {} ] ],
'DefaultTarget' => 0, 'Payload' =>
'DisclosureDate'=> "Oct 12 2011" {
'Space' => 4096,
'DisableNops' => true
},
'DefaultTarget' => 0,
'DisclosureDate' => "Oct 12 2011"
)) ))
register_options( register_options(