metasploit-framework

https://github.com/rapid7/metasploit-framework

Ruby

Metasploit Framework

Msf::Exploit::Local::WindowsKernel#token_stealing_shellcode

Generate token stealing shellcode suitable for use when overwriting the
HaliQuerySystemInformation pointer. The shellcode preserves the edx and ebx
registers.

Source | Google | Stack overflow

Edit

git clone [email protected]:rapid7/metasploit-framework.git

cd metasploit-framework

open lib/msf/core/exploit/local/windows_kernel.rb

Contribute

# Make a new branch

git checkout -b -your-name--update-docs-Msf--Exploit--Local--WindowsKernel-token_stealing_shellcode-for-pr


# Commit to git

git add lib/msf/core/exploit/local/windows_kernel.rbgit commit -m "better docs for Msf::Exploit::Local::WindowsKernel#token_stealing_shellcode"


# Open pull request

gem install hub # on a mac you can `brew install hub`

hub fork

git push <your name> -your-name--update-docs-Msf--Exploit--Local--WindowsKernel-token_stealing_shellcode-for-pr

hub pull-request


# Celebrate!