Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apply Powershell Import comments #18

Open
wants to merge 5,367 commits into
base: powershell_import
Choose a base branch
from
Open

Apply Powershell Import comments #18

wants to merge 5,367 commits into from

Conversation

Meatballs1
Copy link

I have removed the traces of ". " is not required on the command line after -c or -Command.

I have removed the usage of " around the executable. The main reasons for this is if " is filtered or ' is filtered it should be easier to gsub them in an exploit.

I have moved the byte buffer text creation to the Rex module and directed Rex::Text to this.

I have added -nop -ep bypass and -w hidden to all the commands

I have reverted Util::Exe to upstream

@Meatballs1 Meatballs1 closed this Sep 13, 2013
@Meatballs1 Meatballs1 reopened this Sep 13, 2013
@Meatballs1 Meatballs1 mentioned this pull request Sep 16, 2013
Closed
Meatballs1
Meatballs1 reviewed Sep 17, 2013
View reviewed changes
lib/msf/core/exploit/powershell.rb
# Wrap in hidden runtime
psh_payload = run_hidden_psh(psh_payload,ps_bin)
# Convert to base64 for -encodedcommand execution
command = "%COMSPEC% /B /C start powershell.exe -Command \"#{psh_payload.gsub("\n",';').gsub('"','\"')}\"\r\n"
command = "%COMSPEC% /B /C start /min powershell.exe -w hidden -nop -ep bypass -c #{psh_payload}\r\n"
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note to self I probably dont need Execution Policy bypass on commands!

sempervictus pushed a commit that referenced this pull request Oct 29, 2013
@Meatballs1
Merge pull request #18 from tabassassin/retab/pr/1778
2341946 
Retab/pr/1778
Your Name and others added 21 commits July 2, 2014 17:48
Add loot storage into the enum_service post module
83abf4b
Add loot storage into the enum_service post module
9981a60
@mubix
Add verbosity to Jenkins Enum
c6675a2
check included
ac2e84b
UPnP check included
8f55af5
removed wrong edit ...
e5b4413
@wchen-r7
Land rapid7#3473 - skype post module to extract password hash
ecba956
@wchen-r7
Land rapid7#3489 - Add verbosity to Jenkins Enum
90df0f1
@firefart
Changed check method
a58ff81
@firefart
Changed check method
071f236
@jvazquez-r7
Merge to solve conflicts
5e02110
@firefart
Land rapid7#3490, @Meatballs1 tns listener verbose output
b15297e
@zeroSteiner
Add a module_flavors method for all available flavors
d93bf55
@jvazquez-r7
Merge @zeroSteiner's updates
17da899
@jvazquez-r7
Add specs for module_flavors
405de05
@zeroSteiner
Land additional cmdstager specs from @jvazquez-r7
c041682
@jvazquez-r7
Land rapid7#2484, @zeroSteiner's refactoring for CmdStager
51695c4
@firefart
Added FileDropper
aeb4fff
@brandonprry
Update gitlist_exec.rb
86a31b1
@wchen-r7
Avoid unnecessary "if not"
b781b87
@wchen-r7
string interpolation is preferred over concatenation
1d828a9 
Please refer to https://github.com/bbatsov/ruby-style-guide
philophobia78 and others added 28 commits July 17, 2014 02:01
@philophobia78
Update dbvis_add_db_admin.rb
4a25bb4
@philophobia78
Added video link
1c8cac3
@philophobia78
Delete dbvis_query.rb
8f9a1e4
@philophobia78
Update dbvis_add_db_admin.rb
60c71b2
@philophobia78
Update dbvis_add_db_admin.rb
0f92b73
@jvazquez-r7
Fix null pointer dereference
7e6e154
Updating Gemfile lock so Travis doesn't fail.
feee142
@kernelsmith
Land rapid7#3541, adds hpricot to gemfile
9fb18f1
Unignore .ruby-version
6bdb320
Merge PR#3541 to this branch to undo it.
5d3b472
Unincluding hpricot
2a66bd6 
The Gemfile was badly formatted anyway, since it lacked a justifying
comment, as all other included gems have.
Merging my fix to rapid7#3537, nokogiri for msfcrawler
cd08acd
Land rapid7#3537 from @pagedegeek, msfcrawler fix
19477db
@wchen-r7
Fix spaces
d6ab418
@wchen-r7
Retabbed
aed8af3
@wchen-r7
Fix indent again
8e7361d
@wchen-r7
Update module description
6d35867
@wchen-r7
Land rapid7#3530 - dbvis database administrator
c59d72b
@jvazquez-r7
print header only if there are results...
ad2e7c3
Land rapid7#3538, SAP fix from @jvazquez-r7
942112d 
This looks good to me, the whole print statement is enclosed in a check
for results.
@scriptjunkie
Merge Meatballs' gpp_again pull into new branch
8fe5082
@scriptjunkie
Land rapid7#3377, GPP gathering module fixes
066a5e2
Fix peer(rhost)->peer() usage in mediawiki_svg_fileaccess
5ba96d6
@wvu
Land rapid7#3548, peer rhost fix
d9f4a84
@Meatballs1
Address @jhart-r7's comments
b283438
@Meatballs1
Merge remote-tracking branch 'upstream/master' into pr2075
474ee81
@Meatballs1
Cheat/Rubycop all the things
5f05336
@Meatballs1
Update newer modules
b0a596b
sempervictus pushed a commit that referenced this pull request Sep 23, 2015
Merge pull request #18 from rapid7/master
2ce00d2 
a
sempervictus pushed a commit that referenced this pull request Jul 4, 2018
@clee-r7
Merge pull request #18 from clee-r7/goliath_cleanup
a872c13 
Goliath Cleanup in preparation for merge to master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.