From bd6fe64316afe293d6b4cdf095ed3cfb64b6ab25 Mon Sep 17 00:00:00 2001 From: b33f Date: Mon, 13 Feb 2017 22:41:26 +0000 Subject: Cast DllCharacteristics to [Int] Fix for System.InvalidCastException: https://github.com/PowerShellMafia/PowerSploit/issues/152 --- Exfiltration/Invoke-NinjaCopy.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Exfiltration/Invoke-NinjaCopy.ps1 b/Exfiltration/Invoke-NinjaCopy.ps1 index f22d5f5..e3eb8f0 100644 --- a/Exfiltration/Invoke-NinjaCopy.ps1 +++ b/Exfiltration/Invoke-NinjaCopy.ps1 @@ -2205,7 +2205,7 @@ $RemoteScriptBlock = { $PEInfo = Get-PEBasicInfo -PEBytes $PEBytes -Win32Types $Win32Types $OriginalImageBase = $PEInfo.OriginalImageBase $NXCompatible = $true - if (($PEInfo.DllCharacteristics -band $Win32Constants.IMAGE_DLLCHARACTERISTICS_NX_COMPAT) -ne $Win32Constants.IMAGE_DLLCHARACTERISTICS_NX_COMPAT) + if (([Int] $PEInfo.DllCharacteristics -band $Win32Constants.IMAGE_DLLCHARACTERISTICS_NX_COMPAT) -ne $Win32Constants.IMAGE_DLLCHARACTERISTICS_NX_COMPAT) { Write-Warning "PE is not compatible with DEP, might cause issues" -WarningAction Continue $NXCompatible = $false @@ -2263,7 +2263,7 @@ $RemoteScriptBlock = { Write-Verbose "Allocating memory for the PE and write its headers to memory" [IntPtr]$LoadAddr = [IntPtr]::Zero - if (($PEInfo.DllCharacteristics -band $Win32Constants.IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE) -ne $Win32Constants.IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE) + if (([Int] $PEInfo.DllCharacteristics -band $Win32Constants.IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE) -ne $Win32Constants.IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE) { Write-Warning "PE file being reflectively loaded is not ASLR compatible. If the loading fails, try restarting PowerShell and trying again" -WarningAction Continue [IntPtr]$LoadAddr = $OriginalImageBase -- cgit v1.2.3