adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

Update lib/msf/core/payload/windows/x64/block_api_x64.rb

Browse Source 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
This commit is contained in:
Diego Ledda
2026-04-20 15:19:47 +02:00
committed by GitHub
parent 5622bd254b
commit 46553b5984
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/msf/core/payload/windows/x64/block_api_x64.rb
+5 -5
View File
@@ -22,14 +22,14 @@ module Payload::Windows::BlockApi_x64
arch: ARCH_X64,
name: 'api_call'
)
iv = opts.fetch(:block_api_iv) { block_api_iv }
# Patch the assembly to set the correct IV
# db 0x41, 0xb9, 0x00, 0x00, 0x00, 0x00 => mov r9d, <iv>
iv_bytes = [block_api_iv(opts)].pack('V').bytes.map { |b| "0x%02x" % b }.join(', ')
asm.sub!("db 0x41, 0xb9, 0x00, 0x00, 0x00, 0x00", "db 0x41, 0xb9, #{iv_bytes}")
unless asm.include?("db 0x41, 0xb9, #{iv_bytes}")
raise "Failed to patch block_api assembly with IV #{block_api_iv(opts)} (#{iv_bytes})"
iv_bytes = [iv].pack('V').bytes.map { |b| "0x%02x" % b }.join(', ')
unless asm.include?("db 0x41, 0xb9, 0x00, 0x00, 0x00, 0x00")
raise "Failed to patch block_api assembly with IV 0x#{iv.to_s(16).rjust(8, '0')} (#{iv_bytes})"
end
asm
asm.sub!("db 0x41, 0xb9, 0x00, 0x00, 0x00, 0x00", "db 0x41, 0xb9, #{iv_bytes}")
end
def block_api_hash(mod, func, opts={})