Manipulating Windows APIs with the Railgun Add-On

You can interface with the Windows native API directly through a Metasploit add-on called Railgun, which was written by Patrick HVE. By adding Railgun to the Metasploit Framework, you can natively call Windows APIs through Meterpreter, all through the Windows API. For example, in the following listing, we’ll drop into an interactive Ruby shell (irb), available through Meterpreter. The irb shell allows us to interact directly with Meterpreter through Ruby-based syntax. We call Railgun in this example and create a simple pop-up box saying “hello world”.

meterpreter > irb [*] Starting IRB shell [*] The 'client' variable holds the meterpreter client >> client.railgun.user32.MessageBoxA(0,"hello","world","MB_OK") ...

Get Metasploit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Metasploit by David Kennedy, Jim O'Gorman, Devon Kearns, Mati Aharoni

Manipulating Windows APIs with the Railgun Add-On

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly