adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3da170a43c7f288fe9bc88fe325da488733acac3
metasploit-gs/lib/msf/core/post/windows.rb
T

41 lines
2.0 KiB
Ruby
Raw Blame History

# -*- coding: binary -*-
module Msf::Post::Windows
# Escape a string literal value to be included as an argument to cmd.exe. The escaped value *should not* be placed
# within double quotes as this will alter now it is evaluated (e.g. `echo "^"((^&test) Foo^""` is different than
# `echo ^"((^&test) Foo^"`.
#
# @param [String] string The string to escape for use with cmd.exe.
# @param [Boolean] spaces Whether or not to escape spaces. If the string is being passed to echo, set this to false
# otherwise if it's an argument, set it to true.
# @return [String] The escaped string.
def self.escape_cmd_literal(string, spaces:)
string = string.dup
%w[ ^ & < > | " ].each { |char| string.gsub!(char, "^#{char}") }
string.gsub!(' ', '" "') if spaces
string
end
# Escape a string literal value to be included as an argument to powershell.exe.
# This will help in cases where one might need to use & as in PowerShell this is
# a reserved character whereas in cmd.exe this is used to indicate the start
# of an additional command to execute.
#
# Example (without this escaping):
# powershell -Command "cmd /c echo hello & echo world" <- This will result in errors as & is a reserved character.
# powershell -Command "cmd.exe /c 'echo hello & echo world'" <- This will succeed as & is interpreted as part of a string by PowerShell.
#
# In our case we use PowerShell quoting as described at https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_quoting_rules?view=powershell-7.3
# which states that to use a single quote inside of a single quoted string, use a second consecutive single quote.
# Therefore this is valid in PowerShell: 'don''t'
# Which in turn becomes the string "don't" (sans double quotes) inside PowerShell.
#
# @param string [String] The string to escape for use with powershell.exe.
# @return [String] The escaped string.
def self.escape_powershell_literal(string)
string = string.dup
string.gsub!("'", "''")
string
end
end
Reference in New Issue View Git Blame Copy Permalink