github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-03-12 12:14:29 +01:00
Code Releases Activity

free utf8 conversion strings and avoid non-null terminated values

Browse Source
This commit is contained in:
Brent Cook 2015-06-04 09:00:24 -05:00
parent c47c973b83
commit 25731fee03
2 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
c/meterpreter/source/extensions/priv/server/ntds_jet.c
View File

@ -236,7 +236,15 @@ JET_ERR read_user(struct jetState *ntdsState, struct ntdsColumns *accountColumns
if (readStatus != JET_errSuccess) {
return readStatus;
}
strncpy(userAccount->accountName, wchar_to_utf8(accountName), sizeof(userAccount->accountName));
char *accountNameStr = wchar_to_utf8(accountName);
if (accountNameStr) {
strncpy(userAccount->accountName, accountNameStr,
ACCOUNT_NAME_SIZE - 1);
userAccount->accountName[ACCOUNT_NAME_SIZE - 1] = '\0';
free(accountNameStr);
}
// Grab the Account Description here
wchar_t accountDescription[1024] = { 0x00 };
readStatus = JetRetrieveColumn(ntdsState->jetSession, ntdsState->jetTable, accountColumns->accountDescription.columnid, &accountDescription, sizeof(accountDescription), &columnSize, 0, NULL);
@ -246,7 +254,15 @@ JET_ERR read_user(struct jetState *ntdsState, struct ntdsColumns *accountColumns
else if (readStatus != JET_errSuccess) {
return readStatus;
}
strncpy(userAccount->accountDescription, wchar_to_utf8(accountDescription), sizeof(userAccount->accountDescription));
char *accountDescriptionStr = wchar_to_utf8(accountDescription);
if (accountDescriptionStr) {
strncpy(userAccount->accountDescription, AccountDescriptionStr,
ACCOUNT_DESC_SIZE - 1);
userAccount->accountDescription[ACCOUNT_DESC_SIZE - 1] = '\0';
free(accountDescriptionStr);
}
// Grab the UserAccountControl flags here
readStatus = JetRetrieveColumn(ntdsState->jetSession, ntdsState->jetTable, accountColumns->accountControl.columnid, &accountControl, sizeof(accountControl), &columnSize, 0, NULL);
if (readStatus != JET_errSuccess) {

7
c/meterpreter/source/extensions/priv/server/ntds_jet.h
View File

@ -30,10 +30,13 @@ struct ntdsColumns{
JET_COLUMNDEF accountSID;
};
#define ACCOUNT_NAME_SIZE 128
#define ACCOUNT_DESC_SIZE 1024
/*! @brief Typedef for the ntdsAccount struct. */
struct ntdsAccount{
char accountName[128];
char accountDescription[1024];
char accountName[ACCOUNT_NAME_SIZE];
char accountDescription[ACCOUNT_DESC_SIZE];
DWORD accountRID;
BOOL accountDisabled;
BOOL accountLocked;