From 90a05de7a66c3f256dd206ec4c8ba4b70bb02016 Mon Sep 17 00:00:00 2001
From: clymb3r <bialek.joseph@gmail.com>
Date: Wed, 7 Jan 2015 21:08:58 -0800
Subject: Bugfix: Resolving ordinals in remote dll injection

Thanks to sixdub for finding and fixing a bug when resolving functions
by ordinal in remote processes.
---
 CodeExecution/Invoke-ReflectivePEInjection.ps1 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'CodeExecution')

diff --git a/CodeExecution/Invoke-ReflectivePEInjection.ps1 b/CodeExecution/Invoke-ReflectivePEInjection.ps1
index 9f13d80..f149ed2 100644
--- a/CodeExecution/Invoke-ReflectivePEInjection.ps1
+++ b/CodeExecution/Invoke-ReflectivePEInjection.ps1
@@ -33,7 +33,7 @@ Author: Joe Bialek, Twitter: @JosephBialek
 License: BSD 3-Clause
 Required Dependencies: None
 Optional Dependencies: None
-Version: 1.2
+Version: 1.3
 
 .DESCRIPTION
 
@@ -1547,7 +1547,7 @@ $RemoteScriptBlock = {
 		{
 			Throw "Unable to allocate memory in the remote process for shellcode"
 		}
-		
+		[UIntPtr]$NumBytesWritten = [UIntPtr]::Zero
 		$Success = $Win32Functions.WriteProcessMemory.Invoke($RemoteProcHandle, $RSCAddr, $SCPSMemOriginal, [UIntPtr][UInt64]$SCLength, [Ref]$NumBytesWritten)
 		if (($Success -eq $false) -or ([UInt64]$NumBytesWritten -ne [UInt64]$SCLength))
 		{
-- 
cgit v1.2.3