Module: Rex::Powershell::PshMethods
- Defined in:
- lib/rex/powershell/psh_methods.rb
Overview
Convenience methods for generating powershell code in Ruby
Class Method Summary collapse
-
.download(src, target) ⇒ String
Download file via .NET WebClient.
-
.get_last_login(user) ⇒ String
Return last time of login.
-
.ignore_ssl_certificate ⇒ String
Disable SSL Certificate verification.
-
.proxy_aware_download_and_exec_string(url) ⇒ String
Use the default system web proxy and credentials to download a URL as a string and execute the contents as PowerShell.
-
.secure_string(str) ⇒ String
Create secure string from plaintext.
-
.uninstall(app, fuzzy = true) ⇒ String
Uninstall app, or anything named like app.
-
.who_locked_file(filename) ⇒ String
Find PID of file lock owner.
Class Method Details
.download(src, target) ⇒ String
Download file via .NET WebClient
17 18 19 20 |
# File 'lib/rex/powershell/psh_methods.rb', line 17 def self.download(src, target) target ||= '$pwd\\' << src.split('/').last %Q^(new-object System.Net.WebClient).DownloadFile("#{src}", "#{target}")^ end |
.get_last_login(user) ⇒ String
Return last time of login
63 64 65 |
# File 'lib/rex/powershell/psh_methods.rb', line 63 def self.get_last_login(user) %Q^ Get-QADComputer -ComputerRole DomainController | foreach { (Get-QADUser -Service $_.Name -SamAccountName "#{user}").LastLogon} | Measure-Latest^ end |
.ignore_ssl_certificate ⇒ String
Disable SSL Certificate verification
72 73 74 |
# File 'lib/rex/powershell/psh_methods.rb', line 72 def self.ignore_ssl_certificate '[System.Net.ServicePointManager]::ServerCertificateValidationCallback={$true};' end |
.proxy_aware_download_and_exec_string(url) ⇒ String
Use the default system web proxy and credentials to download a URL as a string and execute the contents as PowerShell
83 84 85 86 87 88 89 90 |
# File 'lib/rex/powershell/psh_methods.rb', line 83 def self.proxy_aware_download_and_exec_string(url) var = Rex::Text.rand_text_alpha(1) cmd = "$#{var}=new-object net.webclient;" cmd << "$#{var}.proxy=[Net.WebRequest]::GetSystemWebProxy();" cmd << "$#{var}.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;" cmd << "IEX $#{var}.downloadstring('#{url}');" cmd end |
.secure_string(str) ⇒ String
Create secure string from plaintext
41 42 43 |
# File 'lib/rex/powershell/psh_methods.rb', line 41 def self.secure_string(str) %Q(ConvertTo-SecureString -string '#{str}' -AsPlainText -Force$) end |
.uninstall(app, fuzzy = true) ⇒ String
Uninstall app, or anything named like app
30 31 32 33 |
# File 'lib/rex/powershell/psh_methods.rb', line 30 def self.uninstall(app, fuzzy = true) match = fuzzy ? '-like' : '-eq' %Q^$app = Get-WmiObject -Class Win32_Product | Where-Object { $_.Name #{match} "#{app}" }; $app.Uninstall()^ end |
.who_locked_file(filename) ⇒ String
Find PID of file lock owner
52 53 54 |
# File 'lib/rex/powershell/psh_methods.rb', line 52 def self.who_locked_file(filename) %Q^ Get-Process | foreach{$processVar = $_;$_.Modules | foreach{if($_.FileName -eq "#{filename}"){$processVar.Name + " PID:" + $processVar.id}}}^ end |