infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #10087, remove unused option from applocker bypass

4.x 4.16.58
Brent Cook 2018-05-23 14:14:40 -05:00 committed by Metasploit
parent 196b302897
commit d78f2e7bbd
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/exploits/windows/local/applocker_bypass.rb
View File

@ -37,26 +37,19 @@ class MetasploitModule < Msf::Exploit::Local
] ]
)) ))
register_options([
OptEnum.new('TECHNIQUE', [true, 'Technique to use to bypass AppLocker',
'INSTALLUTIL', %w(INSTALLUTIL)])])
end end
# Run Method for when run command is issued # Run Method for when run command is issued
def exploit def exploit
if datastore['TECHNIQUE'] == 'INSTALLUTIL'
if payload.arch.first == ARCH_X64 && sysinfo['Architecture'] !~ /64/ if payload.arch.first == ARCH_X64 && sysinfo['Architecture'] !~ /64/
fail_with(Failure::NoTarget, 'The target platform is x86. 64-bit payloads are not supported.') fail_with(Failure::NoTarget, 'The target platform is x86. 64-bit payloads are not supported.')
end end
end
# sysinfo is only on meterpreter sessions # sysinfo is only on meterpreter sessions
print_status("Running module against #{sysinfo['Computer']}") if not sysinfo.nil? print_status("Running module against #{sysinfo['Computer']}") if not sysinfo.nil?
if datastore['TECHNIQUE'] == 'INSTALLUTIL'
execute_installutil execute_installutil
end end
end
def execute_installutil def execute_installutil
envs = get_envs('TEMP', 'windir') envs = get_envs('TEMP', 'windir')