File tree Expand file tree Collapse file tree 1 file changed +24
-1
lines changed
modules/exploits/windows/local Expand file tree Collapse file tree 1 file changed +24
-1
lines changed Original file line number Diff line number Diff line change @@ -65,14 +65,37 @@ def exploit
6565 # Figures out which PID to inject to
6666 def get_pid
6767 pid = datastore [ 'PID' ]
68- if pid == 0 or datastore [ 'NEWPROCESS' ]
68+ if pid == 0 or datastore [ 'NEWPROCESS' ] or not has_pid? ( pid )
6969 print_status ( "Launching notepad.exe..." )
7070 pid = create_temp_proc
7171 end
7272
7373 return pid
7474 end
7575
76+
77+ # Determines if a PID actually exists
78+ def has_pid? ( pid )
79+ procs = [ ]
80+ begin
81+ procs = client . sys . process . processes
82+ rescue Rex ::Post ::Meterpreter ::RequestError
83+ print_error ( "Unable to enumerate processes" )
84+ return false
85+ end
86+
87+ pids = [ ]
88+
89+ procs . each do |p |
90+ found_pid = p [ 'pid' ]
91+ return true if found_pid == pid
92+ end
93+
94+ print_error ( "PID #{ pid . to_s } )
95+
96+ return false
97+ end
98+
7699 # Checks the Architeture of a Payload and PID are compatible
77100 # Returns true if they are false if they are not
78101 def arch_check ( pid )
You can’t perform that action at this time.
0 commit comments