add a few strings + tweak process injection options.

rsmudge · May 23, 2017 · 085153a · 085153a
1 parent dd6fb85
commit 085153a
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/APT/meterpreter.profile b/APT/meterpreter.profile
@@ -12,6 +12,9 @@ set sleeptime "100";
 set spawnto_x86 "%windir%\\syswow64\\notepad.exe";
 set spawnto_x64 "%windir%\\sysnative\\notepad.exe";
 
+# process injection tweak
+set hijack_remote_thread "false";
+
 # propagate user-agent to all transactions
 set useragent "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko";
 
@@ -24,10 +27,12 @@ stage {
 
 	transform-x86 {
 		strrep "beacon.dll" "metsrv.dll";
+		append "stdapi_sys_process_getpid";
 	}
 
 	transform-x64 {
 		strrep "beacon.x64.dll" "metsrv.dll";
+		append "stdapi_sys_process_getpid";
 	}
 }