-
Notifications
You must be signed in to change notification settings - Fork 14.1k
How to decrypt RC4 with Metasploit Framework Compiler
Caitlin Condon edited this page Dec 11, 2018
·
3 revisions
The Metasploit C compiler has built-in support for RC4 encryption and decryption, which is implemented as the rc4.h
header.
#include <Windows.h>
#include <rc4.h>
#define PAYLOADSIZE 12
#define RC4KEY "4ASMkFslyhwXehNZw048cF1Vh1ACzyyA"
int main(void) {
unsigned char payload[] = "\xd8\xb0\xe9\x5a\x89\xc2\xee\x43\xb9\x30\xd0\x86";
int lpBufSize = sizeof(int) * PAYLOADSIZE;
LPVOID lpBuf = VirtualAlloc(NULL, lpBufSize, MEM_COMMIT, 0x04);
memset(lpBuf, '\0', lpBufSize);
RC4(RC4KEY, payload, (char*) lpBuf, PAYLOADSIZE);
MessageBox(NULL, (char*) lpBuf, "Test", MB_OK);
return 0;
}
To compile, use Metasploit::Framework::Compiler::Windows.compile_c.
- Home Welcome to Metasploit!
- Using Metasploit A collection of useful links for penetration testers.
-
Setting Up a Metasploit Development Environment From
apt-get install
togit push
. - CONTRIBUTING.md What should your contributions look like?
- Landing Pull Requests Working with other people's contributions.
- Using Git All about Git and GitHub.
- Contributing to Metasploit Be a part of our open source community.
- Meterpreter All about the Meterpreter payload.