github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-01-08 14:36:22 +01:00
Code Releases Activity

pass CRYPT_VERIFYCONTEXT flag

Browse Source 
not passing this flag was causing an error attempting
to open the keyset. by setting this we are telling the
CAPI that we only care about ephemeral keys, and so we don't
run into the container issues.

MSP-12356
This commit is contained in:
David Maloney 2015-04-23 15:27:00 -05:00
parent ac0978abcd
commit 9d5c3c1610
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
c/meterpreter/source/extensions/priv/server/ntds.c
View File

@ -73,7 +73,7 @@ DWORD ntds_parse(Remote *remote, Packet *packet){
goto out; goto out;
} }
if (!decrypt_PEK(sysKey, pekEncrypted, pekDecrypted)){ if (!decrypt_PEK(sysKey, pekEncrypted, pekDecrypted)){
res = ERROR_DECRYPTION_FAILED; res = GetLastError();
goto out; goto out;
} }

2
c/meterpreter/source/extensions/priv/server/ntds_decrypt.c
View File

@ -90,7 +90,7 @@ BOOL decrypt_rc4(unsigned char *key1, unsigned char *key2, LPBYTE encrypted, int
unsigned char rc4Key[16]; unsigned char rc4Key[16];
HCRYPTKEY rc4KeyFinal; HCRYPTKEY rc4KeyFinal;
cryptOK = CryptAcquireContext(&hProv, 0, MS_ENHANCED_PROV, PROV_RSA_FULL, 0); cryptOK = CryptAcquireContext(&hProv, 0, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
if (!cryptOK){ if (!cryptOK){
return FALSE; return FALSE;
} }