Metasploit mailing list archives
Railgun with WMI
From: Brian Seel <brian.seel () gmail com>
Date: Tue, 19 Feb 2013 19:56:16 -0500
I tweeted this question to David Maloney, and then remembered about this list... I am trying to write something that will do WMI queries through Railgun (similar to what Carlos Perez wrote... but with the Windows API). However, I am running into issues when I have to use a custom structures Basically, I have created a definitions file for ole32.dll in Railgun and then call the following: CoInitializeEx(0, COINIT_MULTITHREADED); CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_DEFAULT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_NONE, NULL); CoCreateInstance(CLSID_WbemLocator, 0, CLSCTX_INPROC_SERVER, IID_IWbemLocator, (LPVOID *) &pLoc); The last line has two non standard datatypes, and I am not sure how to handle those. I wrote this all as an extension in C++, and CLSID_WbemLocator and IID_IWbemLocator were defined in a header file. TL;DR: How do I pass nonstandard data types from the windows API to a function with Railgun? MSDN reference: http://msdn.microsoft.com/en-us/library/windows/desktop/aa389762(v=vs.85).aspx Thanks Brian
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Railgun with WMI Brian Seel (Feb 19)