Land 5299, implement shell_command for PS sessions

bug/bundler_fix
Meatballs 2015-05-09 11:23:43 +01:00
commit 706e304849
No known key found for this signature in database
GPG Key ID: 5380EAF01F2F8B38
2 changed files with 37 additions and 2 deletions

View File

@ -33,4 +33,37 @@ class Msf::Sessions::PowerShell < Msf::Sessions::CommandShell
def desc
"Powershell session"
end
#
# Takes over the shell_command of the parent
#
def shell_command(cmd)
# insert random marker
strm = Rex::Text.rand_text_alpha(15)
endm = Rex::Text.rand_text_alpha(15)
# Send the shell channel's stdin.
shell_write(";'#{strm}'\n" + cmd + "\n'#{endm}';\n")
timeout = 1800 # 30 minute timeout
etime = ::Time.now.to_f + timeout
buff = ""
# Keep reading data until the marker has been received or the 30 minture timeout has occured
while (::Time.now.to_f < etime)
res = shell_read(-1, timeout)
break unless res
timeout = etime - ::Time.now.to_f
buff << res
if buff.match(/#{endm}/)
# if you see the end marker, read the buffer from the start marker to the end and then display back to screen
buff = buff.split(/#{strm}/)[-1]
buff.gsub!(/PS .*>/, '')
buff.gsub!(/#{endm}/, '')
return buff
end
end
buff
end
end

View File

@ -1772,13 +1772,15 @@ class Core
rescue Rex::TimeoutError
print_error("Operation timed out")
end
elsif session.type == 'shell'
elsif session.type == 'shell' || session.type == 'powershell'
output = session.shell_command(cmd)
print_line(output) if output
end
ensure
# Restore timeout for each session
session.response_timeout = last_known_timeout if last_known_timeout
if session.respond_to?(:response_timeout)
session.response_timeout = last_known_timeout if last_known_timeout
end
end
# If the session isn't a meterpreter or shell type, it
# could be a VNC session (which can't run commands) or