rex-powershell 0.1.72 → 0.1.73
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/rex/powershell/command.rb +20 -14
- data/lib/rex/powershell/output.rb +12 -9
- data/lib/rex/powershell/version.rb +1 -1
- metadata +2 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1dabfcb498065064e37785310bca6d72de12557c
|
4
|
+
data.tar.gz: a5be528fbbc94aae94674a877f2559ad9d500406
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 199779368f7e1a874ee587bc916246388c2ad03f1dfffa72877df2e108d34a2becc077f93b6389225016311905eac50d616bf6f34abf8491a0ef4f7866254582
|
7
|
+
data.tar.gz: 5feb09f1183726d10b1caf649fc7d8f43236e96ddb27dcf1aac0defc7d351bc6d44d2d21756b7c095c4adb6378b0c62cfd06867227f870aec27334d021df4298
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
@@ -158,13 +158,17 @@ module Command
|
|
158
158
|
when :noprofile
|
159
159
|
arg_string << '-NoProfile ' if value
|
160
160
|
when :windowstyle
|
161
|
-
arg_string << "-WindowStyle #{value} " if
|
161
|
+
arg_string << "-WindowStyle #{value} " if value
|
162
162
|
end
|
163
163
|
end
|
164
164
|
|
165
165
|
# Command must be last (unless from stdin - etc)
|
166
166
|
if opts[:command]
|
167
|
-
|
167
|
+
if opts[:use_single_quotes]
|
168
|
+
arg_string << "-Command #{opts[:command]}"
|
169
|
+
else
|
170
|
+
arg_string << "-Command \"#{opts[:command]}\""
|
171
|
+
end
|
168
172
|
end
|
169
173
|
|
170
174
|
# Shorten arg if PSH 2.0+
|
@@ -214,8 +218,10 @@ module Command
|
|
214
218
|
|
215
219
|
if encoded
|
216
220
|
opts[:encodedcommand] = ps_code
|
217
|
-
|
221
|
+
elsif opts[:use_single_quotes]
|
218
222
|
opts[:command] = ps_code.gsub("'", "''")
|
223
|
+
else
|
224
|
+
opts[:command] = ps_code
|
219
225
|
end
|
220
226
|
|
221
227
|
ps_args = generate_psh_args(opts)
|
@@ -283,17 +289,17 @@ EOS
|
|
283
289
|
end
|
284
290
|
|
285
291
|
psh_payload = case opts[:method]
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
292
|
+
when 'net'
|
293
|
+
Rex::Powershell::Payload.to_win32pe_psh_net(template_path, pay)
|
294
|
+
when 'reflection'
|
295
|
+
Rex::Powershell::Payload.to_win32pe_psh_reflection(template_path, pay)
|
296
|
+
when 'old'
|
297
|
+
Rex::Powershell::Payload.to_win32pe_psh(template_path, pay)
|
298
|
+
when 'msil'
|
299
|
+
fail RuntimeError, 'MSIL Powershell method no longer exists'
|
300
|
+
else
|
301
|
+
fail RuntimeError, 'No Powershell method specified'
|
302
|
+
end
|
297
303
|
|
298
304
|
# Run our payload in a while loop
|
299
305
|
if opts[:persist]
|
@@ -95,22 +95,25 @@ module Powershell
|
|
95
95
|
# @return [String] Gzip compressed powershell code wrapped in
|
96
96
|
# decompression stub
|
97
97
|
def gzip_code(eof = nil)
|
98
|
-
# Compress using the
|
98
|
+
# Compress using the Gzip algorithm
|
99
99
|
compressed_stream = Rex::Text.gzip(code)
|
100
100
|
|
101
101
|
# Base64 encode the compressed file contents
|
102
102
|
encoded_stream = Rex::Text.encode_base64(compressed_stream)
|
103
103
|
|
104
104
|
# Build the powershell expression
|
105
|
-
#
|
106
|
-
psh_expression =
|
107
|
-
|
108
|
-
# Uncompress and invoke the expression (execute)
|
109
|
-
psh_expression << 'IEX (New-Object IO.StreamReader('
|
105
|
+
# Create and execute script lock fed by the IO.StreamReader
|
106
|
+
psh_expression = '&([scriptblock]::create((New-Object IO.StreamReader('
|
107
|
+
# Feed StreamREader from a GzipStream
|
110
108
|
psh_expression << 'New-Object IO.Compression.GzipStream('
|
111
|
-
|
112
|
-
psh_expression << '
|
113
|
-
|
109
|
+
# GzipStream operates on the Memory Stream
|
110
|
+
psh_expression << '(New-Object IO.MemoryStream(,'
|
111
|
+
# MemoryStream consists of base64 encoded compressed data
|
112
|
+
psh_expression << "[Convert]::FromBase64String('#{encoded_stream}')))"
|
113
|
+
# Set the GzipStream to decompress its MemoryStream contents
|
114
|
+
psh_expression << ',[IO.Compression.CompressionMode]::Decompress)'
|
115
|
+
# Read the decoded, decompressed result into scriptblock contents
|
116
|
+
psh_expression << ')).ReadToEnd()))'
|
114
117
|
|
115
118
|
# If eof is set, add a marker to signify end of code output
|
116
119
|
# if (eof && eof.length == 8) then psh_expression += "'#{eof}'" end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rex-powershell
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.73
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David 'thelightcosine' Maloney
|
@@ -88,7 +88,7 @@ cert_chain:
|
|
88
88
|
G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
|
89
89
|
8mVuTXnyJOKRJA==
|
90
90
|
-----END CERTIFICATE-----
|
91
|
-
date: 2017-
|
91
|
+
date: 2017-07-17 00:00:00.000000000 Z
|
92
92
|
dependencies:
|
93
93
|
- !ruby/object:Gem::Dependency
|
94
94
|
name: bundler
|
metadata.gz.sig
CHANGED
Binary file
|