diff options
| author | bitform <matt@exploit-monday.com> | 2013-02-17 18:12:00 -0500 |
|---|---|---|
| committer | bitform <matt@exploit-monday.com> | 2013-02-17 18:12:00 -0500 |
| commit | feca7f25133083230fed12f52ea4d7f6ab2abb74 (patch) | |
| tree | f200bee96522ef83fd735ad9e2dc5c4e2bdee21e | |
| parent | 97a1a151206eb0c456985b4d41d50eb0c8ec2365 (diff) | |
| download | PowerSploit-feca7f25133083230fed12f52ea4d7f6ab2abb74.tar.gz PowerSploit-feca7f25133083230fed12f52ea4d7f6ab2abb74.zip | |
Get-MethodAddress now returns an IntPtr.
It previously returned a UInt64. Returning an IntPtr makes more sense.
| -rw-r--r-- | ReverseEngineering/Get-MethodAddress.ps1 | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/ReverseEngineering/Get-MethodAddress.ps1 b/ReverseEngineering/Get-MethodAddress.ps1 index 656d1bd..8945ef6 100644 --- a/ReverseEngineering/Get-MethodAddress.ps1 +++ b/ReverseEngineering/Get-MethodAddress.ps1 @@ -91,8 +91,6 @@ http://www.exploit-monday.com/2012/11/Get-MethodAddress.html # Push unmanaged pointer to MethodInfo onto the evaluation stack
$Generator.Emit([System.Reflection.Emit.OpCodes]::Ldftn, $MethodInfo)
- # Convert the pointer to type - unsigned int64
- $Generator.Emit([System.Reflection.Emit.OpCodes]::Conv_Ovf_U8)
$Generator.Emit([System.Reflection.Emit.OpCodes]::Ret)
# Assemble everything
@@ -104,7 +102,7 @@ http://www.exploit-monday.com/2012/11/Get-MethodAddress.html # Call the method and return its JITed address
$Address = $Method.Invoke($null, @())
- Write-Output "0x$($Address.ToString("X$([IntPtr]::Size * 2)"))"
+ Write-Output (New-Object IntPtr -ArgumentList $Address)
}
catch [System.Management.Automation.MethodInvocationException]
{
|