search

hacksysteam / HackSysExtremeVulnerableDriver

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
https://hacksys.io
GNU General Public License v3.0
2.43k stars 527 forks source link

Actually set the command to be executed #4

Closed ykram closed 8 years ago

ykram commented 8 years ago

commandToExecute doesn't appear to be used anywhere and the actual 'Command' field in the struct doesn't appear to ever be set which causes CreateProcess() to always fail.

hacksysteam commented 8 years ago

You are right that commandToExecute is not used. But Command is being initialized properly.

exploitVulnerability.Command = EARGF(ShowUsage(argv[0]));

Are you running the exploit like this: HackSysEVDExploit.exe -p -c cmd.exe

ykram commented 8 years ago

Ah nope, you're correct. I was missing the -c flag. It's somewhat confusing because here: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver/blob/master/Exploit/Source/HackSysEVDExploit.c#L65

the -c flag is omitted entirely. In that case probably better to just fix line 65?

hacksysteam commented 8 years ago

Nice. This is what we call as silly mistake. Thanks for pointing out. I'll fix it ASAP.

hacksysteam commented 8 years ago

@ykram Commit https://github.com/hacksysteam/HackSysExtremeVulnerableDriver/commit/6e338af8d28a0b23f5edd3ef0c3e817370daca0e closes #4

Thanks for reporting.