e8ce6cf2f3
Fix up some comments in the x64 block_api source code
2020-07-09 14:02:12 -04:00
1537d3f193
Update the block_api assembly source files
...
This changes the x86 version to the (10 bytes) larger variant that can
handle full 32-bit jumps which is necesary for maximum compatibility
within the framwork.
Additionally, numeric literals are expressed in hex for compatibility
with the keystone assembler allowing these files to be compatitble with
external tools.
2020-07-08 15:28:41 -04:00
3cc6b8f8fd
update to standard python formatting
2019-12-19 08:58:40 -06:00
d64f53e462
don't hide exception data
2019-12-19 08:56:23 -06:00
3a1a576747
remove nasm ignored keyword
2019-12-19 08:44:13 -06:00
25ce890d36
fix remaining python3 compat issues, add #!
2019-12-19 08:44:02 -06:00
8563a29003
Convert all python code to python3. Fixes #12506 .
2019-10-31 14:16:14 -07:00
4eaf1ace81
Bugfix loading address of library path into rcx
...
The old code breaks if the payload is executed from a memory area where the 4 most significant bytes are non-zero.
2015-11-02 16:56:07 +01:00
9444c8c410
Fix #5988 , windows x64 stagers
...
* Also, use mov esi, esi to save an extra byte
* Also, modify the block_recv.asm code, just to have it up to date
2015-09-28 15:52:50 -05:00
dab4333867
updated asm in block
2015-03-18 16:07:46 -04:00
38691445af
Fixed memory alignment for x64 reverse_http stager
2013-09-16 16:51:37 -04:00
9c771435f2
Touchup on author credit
2013-05-30 16:13:40 -05:00
b92ae7779e
change author name
2013-05-19 16:16:25 +02:00
6db1fea6b9
create x64_reverse_https stagers
2013-05-13 01:41:56 +02:00
9fe18cdc86
Add x64 LoadLibraryA payload. Because it should exist.
2012-01-17 21:16:26 -06:00
16f45fc894
Add empty directories from svn repo.
2011-11-09 18:41:40 -06:00
c55e9af9ae
Commit the updated APC injection stubs. fixes a nasty issue in some edge cases whereby when using APC injection for a process in another session then the current host process the injected APC can cause an access violation in kernel32 during a call the kernel32!CreateThread caused by the APC's host thread not having an initialized Activation Context inside its TEB. We now test for this and create a dummy ActivationContext entry to appease the kernel. This will both improve DLL injection reliability as well as meterpreter migration reliability.
...
git-svn-id: file:///home/svn/framework3/trunk@8786 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-11 17:00:19 +00:00
cfcbfd5d3c
bug fix x64 migrate shellcodes for wow64->x64 migration.
...
git-svn-id: file:///home/svn/framework3/trunk@8197 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 19:37:10 +00:00
538a647671
The stub for wow64->x64 migration.
...
git-svn-id: file:///home/svn/framework3/trunk@8195 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 17:12:41 +00:00
1e63f357cb
For now just adding in the new APC migrate stubs and the wow64->x64 exec stub. (fix up the build scripts and use a dedicated migrate directory for this stuff).
...
git-svn-id: file:///home/svn/framework3/trunk@8193 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-22 14:03:53 +00:00
f3fd2eae80
Commit the new x64 migrate stub. Compatible with x64->x64 migration (and x86->x64 migration once the remote thread issue is resolved)
...
git-svn-id: file:///home/svn/framework3/trunk@8163 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-19 18:39:56 +00:00
97725a489c
Round 3 of x64 support from Stephen Fewer - new payloads!
...
git-svn-id: file:///home/svn/framework3/trunk@6980 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-27 19:29:54 +00:00
cf10a62dcc
Merge in the beginnings of x64 support from Stephen Fewer
...
git-svn-id: file:///home/svn/framework3/trunk@6972 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-23 23:47:33 +00:00
Spencer McIntyre