Skip to content
This repository was archived by the owner on Jan 21, 2021. It is now read-only.

Commit 00af165

Browse files
author
Matt Graeber
committed
Bugfix #93
Removed the "EndAddress" parameter set since it was never used. This should resolve any parameter set confusion.
1 parent ce3b216 commit 00af165

File tree

3 files changed

+3
-39
lines changed

3 files changed

+3
-39
lines changed

CodeExecution/Invoke-ReflectivePEInjection.ps1

+1-13
Original file line numberDiff line numberDiff line change
@@ -912,24 +912,12 @@ $RemoteScriptBlock = {
912912
[IntPtr]
913913
$StartAddress,
914914

915-
[Parameter(ParameterSetName = "EndAddress", Position = 3, Mandatory = $true)]
916-
[IntPtr]
917-
$EndAddress,
918-
919915
[Parameter(ParameterSetName = "Size", Position = 3, Mandatory = $true)]
920916
[IntPtr]
921917
$Size
922918
)
923919

924-
[IntPtr]$FinalEndAddress = [IntPtr]::Zero
925-
if ($PsCmdlet.ParameterSetName -eq "Size")
926-
{
927-
[IntPtr]$FinalEndAddress = [IntPtr](Add-SignedIntAsUnsigned ($StartAddress) ($Size))
928-
}
929-
else
930-
{
931-
$FinalEndAddress = $EndAddress
932-
}
920+
[IntPtr]$FinalEndAddress = [IntPtr](Add-SignedIntAsUnsigned ($StartAddress) ($Size))
933921

934922
$PEEndAddress = $PEInfo.EndAddress
935923

Exfiltration/Invoke-Mimikatz.ps1

+1-13
Original file line numberDiff line numberDiff line change
@@ -802,24 +802,12 @@ $RemoteScriptBlock = {
802802
[IntPtr]
803803
$StartAddress,
804804

805-
[Parameter(ParameterSetName = "EndAddress", Position = 3, Mandatory = $true)]
806-
[IntPtr]
807-
$EndAddress,
808-
809805
[Parameter(ParameterSetName = "Size", Position = 3, Mandatory = $true)]
810806
[IntPtr]
811807
$Size
812808
)
813809

814-
[IntPtr]$FinalEndAddress = [IntPtr]::Zero
815-
if ($PsCmdlet.ParameterSetName -eq "Size")
816-
{
817-
[IntPtr]$FinalEndAddress = [IntPtr](Add-SignedIntAsUnsigned ($StartAddress) ($Size))
818-
}
819-
else
820-
{
821-
$FinalEndAddress = $EndAddress
822-
}
810+
[IntPtr]$FinalEndAddress = [IntPtr](Add-SignedIntAsUnsigned ($StartAddress) ($Size))
823811

824812
$PEEndAddress = $PEInfo.EndAddress
825813

Exfiltration/Invoke-NinjaCopy.ps1

+1-13
Original file line numberDiff line numberDiff line change
@@ -818,24 +818,12 @@ $RemoteScriptBlock = {
818818
[IntPtr]
819819
$StartAddress,
820820

821-
[Parameter(ParameterSetName = "EndAddress", Position = 3, Mandatory = $true)]
822-
[IntPtr]
823-
$EndAddress,
824-
825821
[Parameter(ParameterSetName = "Size", Position = 3, Mandatory = $true)]
826822
[IntPtr]
827823
$Size
828824
)
829825

830-
[IntPtr]$FinalEndAddress = [IntPtr]::Zero
831-
if ($PsCmdlet.ParameterSetName -eq "Size")
832-
{
833-
[IntPtr]$FinalEndAddress = [IntPtr](Add-SignedIntAsUnsigned ($StartAddress) ($Size))
834-
}
835-
else
836-
{
837-
$FinalEndAddress = $EndAddress
838-
}
826+
[IntPtr]$FinalEndAddress = [IntPtr](Add-SignedIntAsUnsigned ($StartAddress) ($Size))
839827

840828
$PEEndAddress = $PEInfo.EndAddress
841829

0 commit comments

Comments
 (0)