In the previous recipe, we focused on calling Windows API DLLs through Railgun. In this recipe, we will focus on adding our own DLL and function definitions to Railgun. In order to do this, we should have an understanding of Windows DLLs. The Railgun documentation found at http://www.rubydoc.info/search/github/rapid7/metasploit-framework?q=Railgun can be helpful in giving you a quick idea about different Windows constants that can be used while adding function definitions.
Adding a new DLL definition to Railgun is an easy task. Suppose you want to add a DLL that ships with Windows, but is not present in your Railgun; you can create a DLL definition under /usr/share/metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/railgun/def
, select the Linux, macOS, or Windows operating system folder, and name it def_dllname.rb
.
The following template should demonstrate how a DLL is defined:
# -*- coding: binary -*- module Rex module...