diff options
| author | Matt Graeber <mattgraeber@gmail.com> | 2015-12-16 14:31:03 -0800 |
|---|---|---|
| committer | Matt Graeber <mattgraeber@gmail.com> | 2015-12-16 14:31:03 -0800 |
| commit | f5d9b2527584912c87699f52fa639cf9d0fab42f (patch) | |
| tree | c268910429459920e3d860b4ff7b5f7f2b01cf68 /CodeExecution | |
| parent | ef37a138b8e0f76ff3ce1d6c2ccef65afae57d75 (diff) | |
| download | PowerSploit-f5d9b2527584912c87699f52fa639cf9d0fab42f.tar.gz PowerSploit-f5d9b2527584912c87699f52fa639cf9d0fab42f.zip | |
Invoke-DllInjection detects OS arch on all OSes
This fix addresses issue #99. While I'm not the biggest fan of
performing tests based on environment variables, I felt that making
additional Win32 API calls would have been overkill.
Diffstat (limited to 'CodeExecution')
| -rw-r--r-- | CodeExecution/Invoke-DllInjection.ps1 | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/CodeExecution/Invoke-DllInjection.ps1 b/CodeExecution/Invoke-DllInjection.ps1 index 2d2019d..f862f92 100644 --- a/CodeExecution/Invoke-DllInjection.ps1 +++ b/CodeExecution/Invoke-DllInjection.ps1 @@ -224,12 +224,10 @@ http://www.exploit-monday.com $PowerShell32bit = $False
}
- $OSArchitecture = (Get-WmiObject Win32_OperatingSystem).OSArchitecture
-
- switch ($OSArchitecture)
- {
- '32-bit' { $64bitOS = $False }
- '64-bit' { $64bitOS = $True }
+ if (${Env:ProgramFiles(x86)}) {
+ $64bitOS = $True
+ } else {
+ $64bitOS = $False
}
# The address for IsWow64Process will be returned if and only if running on a 64-bit CPU. Otherwise, Get-ProcAddress will return $null.
|