From f5d9b2527584912c87699f52fa639cf9d0fab42f Mon Sep 17 00:00:00 2001
From: Matt Graeber <mattgraeber@gmail.com>
Date: Wed, 16 Dec 2015 14:31:03 -0800
Subject: Invoke-DllInjection detects OS arch on all OSes

This fix addresses issue #99. While I'm not the biggest fan of
performing tests based on environment variables, I felt that making
additional Win32 API calls would have been overkill.
---
 CodeExecution/Invoke-DllInjection.ps1 | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

(limited to 'CodeExecution')

diff --git a/CodeExecution/Invoke-DllInjection.ps1 b/CodeExecution/Invoke-DllInjection.ps1
index 2d2019d..f862f92 100644
--- a/CodeExecution/Invoke-DllInjection.ps1
+++ b/CodeExecution/Invoke-DllInjection.ps1
@@ -224,12 +224,10 @@ http://www.exploit-monday.com
         $PowerShell32bit = $False
     }
 
-    $OSArchitecture = (Get-WmiObject Win32_OperatingSystem).OSArchitecture
-
-    switch ($OSArchitecture)
-    {
-        '32-bit' { $64bitOS = $False }
-        '64-bit' { $64bitOS = $True }
+    if (${Env:ProgramFiles(x86)}) {
+        $64bitOS = $True
+    } else {
+        $64bitOS = $False
     }
 
     # The address for IsWow64Process will be returned if and only if running on a 64-bit CPU. Otherwise, Get-ProcAddress will return $null.
-- 
cgit v1.2.3