adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tidy up a bit while we're in here

Browse Source
This commit is contained in:
Brent Cook
2017-05-14 21:27:38 -05:00
parent cf29a512d0
commit 8ac5d2d377
1 changed files with 20 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/msf/core/exploit/powershell.rb
+20 -24
View File
@@ -18,22 +18,23 @@ module Exploit::Powershell
OptBool.new('Powershell::encode_inner_payload', [true, 'Encode inner payload for -EncodedCommand', false]),
OptBool.new('Powershell::use_single_quotes', [true, 'Wraps the -Command argument in single quotes', false]),
OptBool.new('Powershell::no_equals', [true, 'Pad base64 until no "=" remains', false]),
OptEnum.new('Powershell::method', [true, 'Payload delivery method', 'reflection', %w(net reflection old msil)]),
], self.class)
OptEnum.new('Powershell::method', [true, 'Payload delivery method', 'reflection', %w[net reflection old msil]])
]
)
end
#
# Return a script from path or string
#
def read_script(script_path)
return Rex::Powershell::Script.new(script_path)
Rex::Powershell::Script.new(script_path)
end
#
# Return an array of substitutions for use in make_subs
#
def process_subs(subs)
return [] if subs.nil? or subs.empty?
return [] if subs.nil? || subs.empty?
new_subs = []
subs.split(';').each do |set|
new_subs << set.split(',', 2)
@@ -49,7 +50,7 @@ module Exploit::Powershell
#
def make_subs(script, subs)
subs.each do |set|
script.gsub!(set[0],set[1])
script.gsub!(set[0], set[1])
end
script
@@ -79,12 +80,11 @@ module Exploit::Powershell
#
# @return [String] Decoded script
def decode_script(script_in)
if script_in.to_s.match( /[A-Za-z0-9+\/]+={0,3}/)[0] == script_in.to_s and
script_in.to_s.length % 4 == 0
return Rex::Powershell::Command.decode_script(script_in)
else
return script_in
end
return script_in unless
script_in.to_s.match(%r{[A-Za-z0-9+/]+={0,3}})[0] == script_in.to_s &&
(script_in.to_s.length % 4).zero?
Rex::Powershell::Command.decode_script(script_in)
end
#
@@ -95,7 +95,7 @@ module Exploit::Powershell
# @param eof [String] Marker to indicate the end of file appended to script
#
# @return [String] Compressed script with decompression stub
def compress_script(script_in, eof=nil)
def compress_script(script_in, eof = nil)
opts = {}
datastore.select { |k, v| k =~ /^Powershell::(strip|sub)/ && v }.keys.map do |k|
mod_method = k.split('::').last.intern
@@ -112,7 +112,8 @@ module Exploit::Powershell
#
# @return [String] Decompressed script
def decompress_script(script_in)
return script_in if script_in.match(/FromBase64String/).nil?
return script_in unless script_in.match?(/FromBase64String/)
Rex::Powershell::Command.decompress_script(script_in)
end
@@ -182,8 +183,8 @@ module Exploit::Powershell
# @return [String] Wrapped powershell code
def run_hidden_psh(ps_code, payload_arch, encoded)
arg_opts = {
noprofile: true,
windowstyle: 'hidden',
noprofile: true,
windowstyle: 'hidden'
}
# Old technique fails if powershell exits..
@@ -221,26 +222,21 @@ module Exploit::Powershell
def cmd_psh_payload(pay, payload_arch, opts = {})
options.validate(datastore)
[ :persist, :prepend_sleep, :exec_in_place, :encode_final_payload,
:encode_inner_payload, :use_single_quotes, :no_equals, :method ].map { |opt|
%i[persist prepend_sleep exec_in_place encode_final_payload encode_inner_payload use_single_quotes no_equals method].map do |opt|
opts[opt] ||= datastore["Powershell::#{opt}"]
}
end
unless opts.key? :shorten
opts[:shorten] = (datastore['Powershell::method'] != 'old')
end
template_path = Rex::Powershell::Templates::TEMPLATE_DIR
command = Rex::Powershell::Command.cmd_psh_payload(pay,
payload_arch,
template_path,
opts)
template_path = Rex::Powershell::Templates::TEMPLATE_DIR
command = Rex::Powershell::Command.cmd_psh_payload(pay, payload_arch, template_path, opts)
vprint_status("Powershell command length: #{command.length}")
command
end
#
# Useful method cache
#