Windows LoadLibrary Path - Metasploit


This page contains detailed information about how to use the payload/windows/loadlibrary metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.

Table Of Contents
hide

Module Overview

Name: Windows LoadLibrary Path
Module: payload/windows/loadlibrary
Source code: modules/payloads/singles/windows/loadlibrary.rb
Disclosure date: -
Last modification time: 2020-09-22 02:56:51 +0000
Supported architecture(s): x86
Supported platform(s): Windows
Target service / protocol: -
Target network port(s): -
List of CVEs: -

Load an arbitrary library path

Module Ranking and Traits

Module Ranking:

  • normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.

Basic Usage

msf > use payload/windows/loadlibrary
msf payload(loadlibrary) > show options
    ... show and set options ...
msf payload(loadlibrary) > generate

To learn how to generate payload/windows/loadlibrary with msfvenom, please read this.

Required Options

  • DLL: The library path to load (UNC is OK)

Go back to menu.

Msfconsole Usage

Here is how the windows/loadlibrary payload looks in the msfconsole:

msf6 > use payload/windows/loadlibrary

msf6 payload(windows/loadlibrary) > show info

       Name: Windows LoadLibrary Path
     Module: payload/windows/loadlibrary
   Platform: Windows
       Arch: x86
Needs Admin: No
 Total size: 183
       Rank: Normal

Provided by:
  sf <[email protected]>
  hdm <[email protected]>

Basic options:
Name      Current Setting  Required  Description
----      ---------------  --------  -----------
DLL                        yes       The library path to load (UNC is OK)
EXITFUNC  process          yes       Exit technique (Accepted: '', seh, thread, process, none)

Description:
  Load an arbitrary library path

Module Options

This is a complete list of options available in the windows/loadlibrary payload:

msf6 payload(windows/loadlibrary) > show options

Module options (payload/windows/loadlibrary):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   DLL                        yes       The library path to load (UNC is OK)
   EXITFUNC  process          yes       Exit technique (Accepted: '', seh, thread, process, none)

Advanced Options

Here is a complete list of advanced options supported by the windows/loadlibrary payload:

msf6 payload(windows/loadlibrary) > show advanced

Module advanced options (payload/windows/loadlibrary):

   Name                Current Setting  Required  Description
   ----                ---------------  --------  -----------
   PrependMigrate      false            yes       Spawns and runs shellcode in new process
   PrependMigrateProc                   no        Process to spawn and run shellcode in
   VERBOSE             false            no        Enable detailed status messages
   WORKSPACE                            no        Specify the workspace for this module

Go back to menu.

Go back to menu.

See Also

Check also the following modules related to this module:

Authors

  • sf
  • hdm

Version

This page has been produced using Metasploit Framework version 6.1.24-dev. For more modules, visit the Metasploit Module Library.

Go back to menu.