diff options
| author | clymb3r <bialek.joseph@gmail.com> | 2015-01-07 21:08:58 -0800 |
|---|---|---|
| committer | clymb3r <bialek.joseph@gmail.com> | 2015-01-07 21:08:58 -0800 |
| commit | 90a05de7a66c3f256dd206ec4c8ba4b70bb02016 (patch) | |
| tree | 0bef407fe5aaf4dde964f263f6637bf77ef2a33f /CodeExecution | |
| parent | dc1a5e519fef327f694bc61d522c750fabf831aa (diff) | |
| download | PowerSploit-90a05de7a66c3f256dd206ec4c8ba4b70bb02016.tar.gz PowerSploit-90a05de7a66c3f256dd206ec4c8ba4b70bb02016.zip | |
Bugfix: Resolving ordinals in remote dll injection
Thanks to sixdub for finding and fixing a bug when resolving functions
by ordinal in remote processes.
Diffstat (limited to 'CodeExecution')
| -rw-r--r-- | CodeExecution/Invoke-ReflectivePEInjection.ps1 | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/CodeExecution/Invoke-ReflectivePEInjection.ps1 b/CodeExecution/Invoke-ReflectivePEInjection.ps1 index 9f13d80..f149ed2 100644 --- a/CodeExecution/Invoke-ReflectivePEInjection.ps1 +++ b/CodeExecution/Invoke-ReflectivePEInjection.ps1 @@ -33,7 +33,7 @@ Author: Joe Bialek, Twitter: @JosephBialek License: BSD 3-Clause Required Dependencies: None Optional Dependencies: None -Version: 1.2 +Version: 1.3 .DESCRIPTION @@ -1547,7 +1547,7 @@ $RemoteScriptBlock = { { Throw "Unable to allocate memory in the remote process for shellcode" } - + [UIntPtr]$NumBytesWritten = [UIntPtr]::Zero $Success = $Win32Functions.WriteProcessMemory.Invoke($RemoteProcHandle, $RSCAddr, $SCPSMemOriginal, [UIntPtr][UInt64]$SCLength, [Ref]$NumBytesWritten) if (($Success -eq $false) -or ([UInt64]$NumBytesWritten -ne [UInt64]$SCLength)) { |