RubyGems - rex-powershell - Versions diffs - 0.1.93 → 0.1.96 - Mend

rex-powershell 0.1.93 → 0.1.96

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +2 -1
data/.github/workflows/verify.yml +1 -1
data/lib/rex/powershell/command.rb +4 -4
data/lib/rex/powershell/exceptions.rb +16 -0
data/lib/rex/powershell/obfu.rb +3 -3
data/lib/rex/powershell/output.rb +2 -2
data/lib/rex/powershell/script.rb +1 -1
data/lib/rex/powershell/version.rb +1 -1
data/lib/rex/powershell.rb +1 -0
data.tar.gz.sig +0 -0
metadata +3 -2
metadata.gz.sig +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 264ef895e51a24ebc9faec44d558f16f4d7324e75dc7b9c7f9c5ce504b14eaea
-  data.tar.gz: 79a682962f60136c0189156715dd190e2d4573c64851a601ab05f4d1e2a15db8
+  metadata.gz: 533b355fdb313b3ea465af07001b7f0e660cbe9692a5fe61347fb0c259970c00
+  data.tar.gz: 7c21738e84b817fad4ca0b4498cd9e47d5a73933063d7b5b56766d3b95daafcc
 SHA512:
-  metadata.gz: 6f2ba77f0172164a76f00607cccf083c63b163dc321df4f0c40d49397bc269e18b13282a3f5f91807423e3eecfaf289c623d1a516a4c7831c2faaade17686c2f
-  data.tar.gz: 116b6339f8c82e719915c7359d34845f0ab140fa14f61934ad5359567b1c67fdbf9940f62e19828ff596904d2e308e40428c7be59c816f25218fd9a06f3281aa
+  metadata.gz: 2d9088c3d6160de7008882c2a335f8449c09628f42eeb3140e5a33aca0609c95bd2a628b142c878940059e2e01350ab817769069c02ba838c6ebe9483833de8d
+  data.tar.gz: 7498366f191e68ff7413413677521b28f8add5f8b5d65edb9049c776a8c568708b32abca9ed2efdd8a05e9b7a44430fb022f37daa608dcf4ef2a31ffb2d6dda5

checksums.yaml.gz.sig CHANGED Viewed

@@ -1 +1,2 @@
-CN
+g
+>�\�*<�#���-̥80iu�.�����&HK�30dn�ZrX\�ꑓ��M�L������V4���9h�q��A0�M�u��pP�����a�w�sXyw��s��x��UMyp̓���f��'>B]��m���_��i���X"*��S�����A��)&�σH.4��u7	a��l�P����$Q�rK�]`�Ŧ�

data/.github/workflows/verify.yml CHANGED Viewed

@@ -17,10 +17,10 @@ jobs:
       fail-fast: true
       matrix:
         ruby:
-          - 2.5
           - 2.6
           - 2.7
           - 3.0
+          - 3.1
         test_cmd:
           - bundle exec rspec

data/lib/rex/powershell/command.rb CHANGED Viewed

@@ -293,11 +293,11 @@ EOS
   # @return [String] Powershell command line with payload
   def self.cmd_psh_payload(pay, payload_arch, template_path, opts = {})
     if opts[:encode_inner_payload] && opts[:encode_final_payload]
-      fail RuntimeError, ':encode_inner_payload and :encode_final_payload are incompatible options'
+      fail Exceptions::PowershellError, ':encode_inner_payload and :encode_final_payload are incompatible options'
     end
     if opts[:no_equals] && !opts[:encode_final_payload]
-      fail RuntimeError, ':no_equals requires :encode_final_payload option to be used'
+      fail Exceptions::PowershellError, ':no_equals requires :encode_final_payload option to be used'
     end
     psh_payload = case opts[:method]
@@ -310,7 +310,7 @@ EOS
       when 'msil'
         Rex::Powershell::Payload.to_win32pe_psh_msil(template_path, pay)
       else
-        fail RuntimeError, 'No Powershell method specified'
+        fail Exceptions::PowershellError, 'No Powershell method specified'
     end
     if opts[:exec_rc4]
@@ -405,7 +405,7 @@ EOS
     end
     if command.length > 8191
-      fail RuntimeError, 'Powershell command length is greater than the command line maximum (8192 characters)'
+      fail Exceptions::PowershellCommandLengthError, 'Powershell command length is greater than the command line maximum (8192 characters)'
     end
     command

data/lib/rex/powershell/exceptions.rb ADDED Viewed

@@ -0,0 +1,16 @@
+# -*- coding: binary -*-
+module Rex
+module Powershell
+module Exceptions
+  class PowershellError < RuntimeError
+  end
+  class PowershellCommandLengthError < PowershellError
+  end
+end
+end
+end

data/lib/rex/powershell/obfu.rb CHANGED Viewed

@@ -67,7 +67,7 @@ module Powershell
     # Deobfuscate a Powershell literal string value that was previously obfuscated by #scate_string_literal.
     #
     # @param [String] string The obfuscated Powershell expression to deobfuscate.
-    # @raises [RuntimeError] If the string can not be deobfuscated, for example because it was randomized using a
+    # @raises [Exceptions::PowershellError] If the string can not be deobfuscated, for example because it was randomized using a
     #   different routine, then an exception is raised.
     # @return [String] The string literal value.
     def self.descate_string_literal(string)
@@ -79,14 +79,14 @@ module Powershell
         format = Regexp.last_match(0)
         format_args = string[format.length..-1].strip
         unless format_args =~ /-f\s*('.',\s*)*('.')/
-          raise RuntimeError.new('The obfuscated string structure is unsupported')
+          raise Exceptions::PowershellError, 'The obfuscated string structure is unsupported'
         end
         format_args = format_args[2..-1].strip.scan(/'(.)'/).map { |match| match[0] }
         string = format[1...-1].strip
       end
       unless string =~ /^'.*'$/
-        raise RuntimeError.new('The obfuscated string structure is unsupported')
+        raise Exceptions::PowershellError, 'The obfuscated string structure is unsupported'
       end
       string = string.gsub(/'\s*\+\s*'/, '') # process all concatenation operations
       unless format_args.nil? # process all format string operations

data/lib/rex/powershell/output.rb CHANGED Viewed

@@ -146,7 +146,7 @@ module Powershell
       elsif @code =~ /FromBase64String(\((?>[^)(]+|\g<1>)*\))/
         encoded_stream = Obfu.descate_string_literal(Regexp.last_match(1))
       else
-        raise RuntimeError, 'Failed to identify the base64 data'
+        raise Exceptions::PowershellError, 'Failed to identify the base64 data'
       end
       # Decode and decompress the string
@@ -157,7 +157,7 @@ module Powershell
         begin
           @code = Rex::Text.zlib_inflate(unencoded)
         rescue Zlib::DataError => e
-          raise RuntimeError, 'Invalid compression'
+          raise Exceptions::PowershellError, 'Invalid compression'
         end
       end

data/lib/rex/powershell/script.rb CHANGED Viewed

@@ -48,7 +48,7 @@ module Powershell
         # Close open file
         fd.close
-      rescue Errno::ENAMETOOLONG, Errno::ENOENT
+      rescue Errno::ENAMETOOLONG, Errno::ENOENT, Errno::EINVAL
         # Treat code as a... code
         @code = code.to_s.dup # in case we're eating another script
       end

data/lib/rex/powershell/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Rex
   module Powershell
-    VERSION = "0.1.93"
+    VERSION = "0.1.96"
   end
 end

data/lib/rex/powershell.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 # -*- coding: binary -*-
 require 'rex/powershell/version'
+require 'rex/powershell/exceptions'
 require 'rex/powershell/output'
 require 'rex/powershell/parser'
 require 'rex/powershell/obfu'

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rex-powershell
 version: !ruby/object:Gem::Version
-  version: 0.1.93
+  version: 0.1.96
 platform: ruby
 authors:
 - Metasploit Hackers
@@ -93,7 +93,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2021-09-03 00:00:00.000000000 Z
+date: 2022-04-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -189,6 +189,7 @@ files:
 - data/templates/to_mem_rc4.ps1.template
 - lib/rex/powershell.rb
 - lib/rex/powershell/command.rb
+- lib/rex/powershell/exceptions.rb
 - lib/rex/powershell/function.rb
 - lib/rex/powershell/obfu.rb
 - lib/rex/powershell/output.rb

metadata.gz.sig CHANGED Viewed

Binary file