Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Add shellcode_inject post module #12391
This module injects an arbitrary shellcode into a target process.
List the steps needed to make sure this thing works
I'm looking at this module, https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/manage/payload_inject.rb, and https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/payload_inject.rb and trying to work out why we need all of them, and how we might be able to consolidate them and reduce code duplication.
From our own definitions, a module that generates a shell should not be a post module; it should be a local exploit, so I'm struggling to see why we have https://github.com/rapid7/metasploit-framework/blame/master/modules/post/windows/manage/payload_inject.rb. I feel like that one should be gone, though it has nothing to do with this module per se. It looks like maybe @wchen-r7 moved it long ago to be in the right place, but the original never got deleted?
After some thought yesterday, I feel like having two modules makes sense, though we should limit code reuse. I think injecting a payload is enough of a different case that it should have its own module in