rex-powershell 0.1.72 → 0.1.73
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/rex/powershell/command.rb +20 -14
- data/lib/rex/powershell/output.rb +12 -9
- data/lib/rex/powershell/version.rb +1 -1
- metadata +2 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1dabfcb498065064e37785310bca6d72de12557c
|
|
4
|
+
data.tar.gz: a5be528fbbc94aae94674a877f2559ad9d500406
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 199779368f7e1a874ee587bc916246388c2ad03f1dfffa72877df2e108d34a2becc077f93b6389225016311905eac50d616bf6f34abf8491a0ef4f7866254582
|
|
7
|
+
data.tar.gz: 5feb09f1183726d10b1caf649fc7d8f43236e96ddb27dcf1aac0defc7d351bc6d44d2d21756b7c095c4adb6378b0c62cfd06867227f870aec27334d021df4298
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data.tar.gz.sig
CHANGED
|
Binary file
|
|
@@ -158,13 +158,17 @@ module Command
|
|
|
158
158
|
when :noprofile
|
|
159
159
|
arg_string << '-NoProfile ' if value
|
|
160
160
|
when :windowstyle
|
|
161
|
-
arg_string << "-WindowStyle #{value} " if
|
|
161
|
+
arg_string << "-WindowStyle #{value} " if value
|
|
162
162
|
end
|
|
163
163
|
end
|
|
164
164
|
|
|
165
165
|
# Command must be last (unless from stdin - etc)
|
|
166
166
|
if opts[:command]
|
|
167
|
-
|
|
167
|
+
if opts[:use_single_quotes]
|
|
168
|
+
arg_string << "-Command #{opts[:command]}"
|
|
169
|
+
else
|
|
170
|
+
arg_string << "-Command \"#{opts[:command]}\""
|
|
171
|
+
end
|
|
168
172
|
end
|
|
169
173
|
|
|
170
174
|
# Shorten arg if PSH 2.0+
|
|
@@ -214,8 +218,10 @@ module Command
|
|
|
214
218
|
|
|
215
219
|
if encoded
|
|
216
220
|
opts[:encodedcommand] = ps_code
|
|
217
|
-
|
|
221
|
+
elsif opts[:use_single_quotes]
|
|
218
222
|
opts[:command] = ps_code.gsub("'", "''")
|
|
223
|
+
else
|
|
224
|
+
opts[:command] = ps_code
|
|
219
225
|
end
|
|
220
226
|
|
|
221
227
|
ps_args = generate_psh_args(opts)
|
|
@@ -283,17 +289,17 @@ EOS
|
|
|
283
289
|
end
|
|
284
290
|
|
|
285
291
|
psh_payload = case opts[:method]
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
292
|
+
when 'net'
|
|
293
|
+
Rex::Powershell::Payload.to_win32pe_psh_net(template_path, pay)
|
|
294
|
+
when 'reflection'
|
|
295
|
+
Rex::Powershell::Payload.to_win32pe_psh_reflection(template_path, pay)
|
|
296
|
+
when 'old'
|
|
297
|
+
Rex::Powershell::Payload.to_win32pe_psh(template_path, pay)
|
|
298
|
+
when 'msil'
|
|
299
|
+
fail RuntimeError, 'MSIL Powershell method no longer exists'
|
|
300
|
+
else
|
|
301
|
+
fail RuntimeError, 'No Powershell method specified'
|
|
302
|
+
end
|
|
297
303
|
|
|
298
304
|
# Run our payload in a while loop
|
|
299
305
|
if opts[:persist]
|
|
@@ -95,22 +95,25 @@ module Powershell
|
|
|
95
95
|
# @return [String] Gzip compressed powershell code wrapped in
|
|
96
96
|
# decompression stub
|
|
97
97
|
def gzip_code(eof = nil)
|
|
98
|
-
# Compress using the
|
|
98
|
+
# Compress using the Gzip algorithm
|
|
99
99
|
compressed_stream = Rex::Text.gzip(code)
|
|
100
100
|
|
|
101
101
|
# Base64 encode the compressed file contents
|
|
102
102
|
encoded_stream = Rex::Text.encode_base64(compressed_stream)
|
|
103
103
|
|
|
104
104
|
# Build the powershell expression
|
|
105
|
-
#
|
|
106
|
-
psh_expression =
|
|
107
|
-
|
|
108
|
-
# Uncompress and invoke the expression (execute)
|
|
109
|
-
psh_expression << 'IEX (New-Object IO.StreamReader('
|
|
105
|
+
# Create and execute script lock fed by the IO.StreamReader
|
|
106
|
+
psh_expression = '&([scriptblock]::create((New-Object IO.StreamReader('
|
|
107
|
+
# Feed StreamREader from a GzipStream
|
|
110
108
|
psh_expression << 'New-Object IO.Compression.GzipStream('
|
|
111
|
-
|
|
112
|
-
psh_expression << '
|
|
113
|
-
|
|
109
|
+
# GzipStream operates on the Memory Stream
|
|
110
|
+
psh_expression << '(New-Object IO.MemoryStream(,'
|
|
111
|
+
# MemoryStream consists of base64 encoded compressed data
|
|
112
|
+
psh_expression << "[Convert]::FromBase64String('#{encoded_stream}')))"
|
|
113
|
+
# Set the GzipStream to decompress its MemoryStream contents
|
|
114
|
+
psh_expression << ',[IO.Compression.CompressionMode]::Decompress)'
|
|
115
|
+
# Read the decoded, decompressed result into scriptblock contents
|
|
116
|
+
psh_expression << ')).ReadToEnd()))'
|
|
114
117
|
|
|
115
118
|
# If eof is set, add a marker to signify end of code output
|
|
116
119
|
# if (eof && eof.length == 8) then psh_expression += "'#{eof}'" end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rex-powershell
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.73
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David 'thelightcosine' Maloney
|
|
@@ -88,7 +88,7 @@ cert_chain:
|
|
|
88
88
|
G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
|
|
89
89
|
8mVuTXnyJOKRJA==
|
|
90
90
|
-----END CERTIFICATE-----
|
|
91
|
-
date: 2017-
|
|
91
|
+
date: 2017-07-17 00:00:00.000000000 Z
|
|
92
92
|
dependencies:
|
|
93
93
|
- !ruby/object:Gem::Dependency
|
|
94
94
|
name: bundler
|
metadata.gz.sig
CHANGED
|
Binary file
|