Because `remove_resource` modifies @my_resources, we can't call it while
iterating over the actual @my_resources. The following snippet
illustrates why:
```
>> a = [1,2,3,4]; a.each {|elem| a.delete(elem); puts elem }
1
3
=> [2, 4]
```
[See #2002]
Add Rex powershell parser:
reads PSH, determines functions, variables, blocks
compresses and cleans up the code it's read, obfuscates
handles string literals and reserved variable names
extracts code blocks and functions for reuse
turns powersploit into a useful sub-component for MSF
Rewire Msf powershell modules
Make use of Rex parser
Handles payload generation, substituions
Brings convenience methods - byte array generation and download
Re-add .NET compiler
Compiles .NET code (C#/VB.NET) in memory
Can generate binary output file (dynamic persistence)
Handles code-signing (steal cert with mimikatz, sign your bin)
Not detected by AV (still...)
Update payload generation
GZip compression and decompression (see Rex module as well)
msftidy violations for space efficiency - each char counts
Re-submit psexec-psh
Makes use of updated Msf and Rex modules
Runs shellcode in-memory (in a hidden PSH window)
Completely bypasses all AVs tested for the last year...
file_create shouldn't have the 'filename' argument, because that
defeats the purpose of function 'file_format_filename'. The code
change was committed by accident. Related to #1934.
After many tests, it turns out address 0x0c0d2020 is the most
consistent location acorss various IE versions. For dev purposes,
it's rather important to have this documented somewhere.
Thanks to corelanc0d3r for the data.
Also replaces dead code in lib/msf/core/exploit/local.rb with what was
actually being used for the Exploit::Local class that lived in
lib/msf/core/exploit.rb.
Tab Assassin