This is an example implementation of using the
Msf::Exploit::Remote::SMBFileServer module to perform
arbitrary DLL injection over SMB.
Generic HTTP DLL Injection Exploit Module
Add timeout to connection handler
This requires the SMBFileServer support.
Fix minor issue in chromecast_youtube
Modify SMB generation code to use primer based on #3074 changes to
implement Msf::Exploit::Remote::SMB::Server::Share as a mixin.
Merge branch 'module-generic_http_dllinject' of github.com:0x41414141…
…/metasploit-framework into module-generic_http_dllinject
Modify primer to utilise file_contents macro.
Update #3076 branch
Land #3076, @0x41414141's generic dll injection through HTTP module
Landed after cleanup! @0x41414141 see final result here: bcdf261
I hadn't a vuln application to test, so tweaked with fake testing :) But checked with the HTTP request is sent with the UNC and loading the dll with rundll32.exe gets a session.
On the other hand, deleted StripExt option, because hadn't sense to me. If you don't want an extension just don't add it to the FILE_NAME option. I don't see which an extra option is required!