This was left over code from me trying to do some fixes to getprivs
which didn't make sense in the middle of the packet pivot work. This was
left over by me as a result of my half-baked revert. This caused issues
with both the `getprivs` and `getsystem` command. I'm pretty sure that
as a result of breaking the latter, I will never live down the "make
getsystem great again" meme.
Lots of transported related things were in the core library which didn't make any sense given that the only thing that needed it was metsrv. This moves the functionality out into metsrv, reformats stuff and gets rid of some dead code.
TODO: Make this work with POSIX.
This adds registry access methods that do an atomic open/<action>/close on
registry keys. They improve efficiency and safety, since we're not passing
HKEY's back and forth to enumerate or read registry keys. This fits the common
use pattern in MSF better anyway.
Added support for a the getsid command so that it's easy to
determine the SID of the current user. This will be useful for
a number of different use cases.
The goal is to avoid pointer truncation where possible so this commit
changes parameter types to qword where it makes the most sense. This
includes all handles (event, process, thread, registry), addresses
and generic parameters.
The create thread functionality would work in all cases except where
the thread was being created in an x64 process from an x86 process.
This commit adds support for this by reusing the wow64 injection code
in this case.
Previous commits removed the stack size parameter from the remote thread
creation function call. This caused issues in systems prior to Vista/2k8.
This fix puts that value back in and now everything is honky dory.
Tested on 2k/XP/2k3/Vista/7/2k8
