rex-powershell 0.1.93 → 0.1.96

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 264ef895e51a24ebc9faec44d558f16f4d7324e75dc7b9c7f9c5ce504b14eaea
-  data.tar.gz: 79a682962f60136c0189156715dd190e2d4573c64851a601ab05f4d1e2a15db8
+  metadata.gz: 533b355fdb313b3ea465af07001b7f0e660cbe9692a5fe61347fb0c259970c00
+  data.tar.gz: 7c21738e84b817fad4ca0b4498cd9e47d5a73933063d7b5b56766d3b95daafcc
 SHA512:
-  metadata.gz: 6f2ba77f0172164a76f00607cccf083c63b163dc321df4f0c40d49397bc269e18b13282a3f5f91807423e3eecfaf289c623d1a516a4c7831c2faaade17686c2f
-  data.tar.gz: 116b6339f8c82e719915c7359d34845f0ab140fa14f61934ad5359567b1c67fdbf9940f62e19828ff596904d2e308e40428c7be59c816f25218fd9a06f3281aa
+  metadata.gz: 2d9088c3d6160de7008882c2a335f8449c09628f42eeb3140e5a33aca0609c95bd2a628b142c878940059e2e01350ab817769069c02ba838c6ebe9483833de8d
+  data.tar.gz: 7498366f191e68ff7413413677521b28f8add5f8b5d65edb9049c776a8c568708b32abca9ed2efdd8a05e9b7a44430fb022f37daa608dcf4ef2a31ffb2d6dda5

checksums.yaml.gz.sig

@@ -1 +1,2 @@
-CN
+g
+>�\�*<�#���-̥80iu�.�����&HK�30dn�ZrX\�ꑓ��M�L������V4���9h�q��A0�M�u��pP�����a�w�sXyw��s��x��UMyp̓���f��'>B]��m���_��i���X"*��S�����A��)&�σH.4��u7	a��l�P����$Q�rK�]`�Ŧ�

data/.github/workflows/verify.yml

@@ -17,10 +17,10 @@ jobs:
       fail-fast: true
       matrix:
         ruby:
-          - 2.5
           - 2.6
           - 2.7
           - 3.0
+          - 3.1
         test_cmd:
           - bundle exec rspec
 

data/lib/rex/powershell/command.rb

@@ -293,11 +293,11 @@ EOS
   # @return [String] Powershell command line with payload
   def self.cmd_psh_payload(pay, payload_arch, template_path, opts = {})
     if opts[:encode_inner_payload] && opts[:encode_final_payload]
-      fail RuntimeError, ':encode_inner_payload and :encode_final_payload are incompatible options'
+      fail Exceptions::PowershellError, ':encode_inner_payload and :encode_final_payload are incompatible options'
     end
 
     if opts[:no_equals] && !opts[:encode_final_payload]
-      fail RuntimeError, ':no_equals requires :encode_final_payload option to be used'
+      fail Exceptions::PowershellError, ':no_equals requires :encode_final_payload option to be used'
     end
 
     psh_payload = case opts[:method]
@@ -310,7 +310,7 @@ EOS
       when 'msil'
         Rex::Powershell::Payload.to_win32pe_psh_msil(template_path, pay)
       else
-        fail RuntimeError, 'No Powershell method specified'
+        fail Exceptions::PowershellError, 'No Powershell method specified'
     end
 
     if opts[:exec_rc4]
@@ -405,7 +405,7 @@ EOS
     end
 
     if command.length > 8191
-      fail RuntimeError, 'Powershell command length is greater than the command line maximum (8192 characters)'
+      fail Exceptions::PowershellCommandLengthError, 'Powershell command length is greater than the command line maximum (8192 characters)'
     end
 
     command

data/lib/rex/powershell/exceptions.rb

@@ -0,0 +1,16 @@
+# -*- coding: binary -*-
+
+module Rex
+module Powershell
+module Exceptions
+
+  class PowershellError < RuntimeError
+  end
+
+  class PowershellCommandLengthError < PowershellError
+  end
+
+end
+end
+end
+

data/lib/rex/powershell/obfu.rb

@@ -67,7 +67,7 @@ module Powershell
     # Deobfuscate a Powershell literal string value that was previously obfuscated by #scate_string_literal.
     #
     # @param [String] string The obfuscated Powershell expression to deobfuscate.
-    # @raises [RuntimeError] If the string can not be deobfuscated, for example because it was randomized using a
+    # @raises [Exceptions::PowershellError] If the string can not be deobfuscated, for example because it was randomized using a
     #   different routine, then an exception is raised.
     # @return [String] The string literal value.
     def self.descate_string_literal(string)
@@ -79,14 +79,14 @@ module Powershell
         format = Regexp.last_match(0)
         format_args = string[format.length..-1].strip
         unless format_args =~ /-f\s*('.',\s*)*('.')/
-          raise RuntimeError.new('The obfuscated string structure is unsupported')
+          raise Exceptions::PowershellError, 'The obfuscated string structure is unsupported'
         end
         format_args = format_args[2..-1].strip.scan(/'(.)'/).map { |match| match[0] }
         string = format[1...-1].strip
       end
 
       unless string =~ /^'.*'$/
-        raise RuntimeError.new('The obfuscated string structure is unsupported')
+        raise Exceptions::PowershellError, 'The obfuscated string structure is unsupported'
       end
       string = string.gsub(/'\s*\+\s*'/, '') # process all concatenation operations
       unless format_args.nil? # process all format string operations

data/lib/rex/powershell/output.rb

@@ -146,7 +146,7 @@ module Powershell
       elsif @code =~ /FromBase64String(\((?>[^)(]+|\g<1>)*\))/
         encoded_stream = Obfu.descate_string_literal(Regexp.last_match(1))
       else
-        raise RuntimeError, 'Failed to identify the base64 data'
+        raise Exceptions::PowershellError, 'Failed to identify the base64 data'
       end
 
       # Decode and decompress the string
@@ -157,7 +157,7 @@ module Powershell
         begin
           @code = Rex::Text.zlib_inflate(unencoded)
         rescue Zlib::DataError => e
-          raise RuntimeError, 'Invalid compression'
+          raise Exceptions::PowershellError, 'Invalid compression'
         end
       end
 

data/lib/rex/powershell/script.rb

@@ -48,7 +48,7 @@ module Powershell
 
         # Close open file
         fd.close
-      rescue Errno::ENAMETOOLONG, Errno::ENOENT
+      rescue Errno::ENAMETOOLONG, Errno::ENOENT, Errno::EINVAL
         # Treat code as a... code
         @code = code.to_s.dup # in case we're eating another script
       end

data/lib/rex/powershell/version.rb

@@ -1,5 +1,5 @@
 module Rex
   module Powershell
-    VERSION = "0.1.93"
+    VERSION = "0.1.96"
   end
 end

data/lib/rex/powershell.rb

@@ -1,5 +1,6 @@
 # -*- coding: binary -*-
 require 'rex/powershell/version'
+require 'rex/powershell/exceptions'
 require 'rex/powershell/output'
 require 'rex/powershell/parser'
 require 'rex/powershell/obfu'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rex-powershell
 version: !ruby/object:Gem::Version
-  version: 0.1.93
+  version: 0.1.96
 platform: ruby
 authors:
 - Metasploit Hackers
@@ -93,7 +93,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2021-09-03 00:00:00.000000000 Z
+date: 2022-04-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -189,6 +189,7 @@ files:
 - data/templates/to_mem_rc4.ps1.template
 - lib/rex/powershell.rb
 - lib/rex/powershell/command.rb
+- lib/rex/powershell/exceptions.rb
 - lib/rex/powershell/function.rb
 - lib/rex/powershell/obfu.rb
 - lib/rex/powershell/output.rb