* Check for `INVALID_HANDLE_VALUE` when attempting to open the
device, as this is what is returned when the device doesn't exist.
* Make sure that we only run the exploit against tartgets that we
support directly to make sure we don't BSOD machines (such as what
happens with SP1/SP2).
* Add a call to `check` in the exploit code.
Minor bugs: `\t` were used inside single quoted strings.
Tweak: `a, b = c` is the same as `a = c[0]; b = [1] if c.length > 1`.
Minor tweak: `qwe if rty` form instead of multiline when `qwe` is only one line long.
Minor tweak: thanks to `#{}` interpolation we can omit `.to_s`.
When 'cmd_psh_payload' is run via 'cmd_exec' on a windows shell that is running in the context of an interactive user an icon will flash very quickly on the user's task bar. This can be avoided (verified) by adding the /b switch to the start section of the command launcher text. I have verified that this switch exists from Windows 2000 through Windows 2012 R2.
This switches to the local sid if the domain sid is null, even if
the ACTION is set to DOMAIN. This solves the issue identified in
```
[*] 192.168.0.4 PIPE(LSARPC) LOCAL(NAS - 5-21-2272853860-1115691317-1341221697) DOMAIN(WORKGROUP - )
[-] 192.168.0.4 No domain SID identified, falling back to the local SID...
[*] 192.168.0.4 USER=guest RID=501
[*] 192.168.0.4 GROUP=None RID=513
```
MSP-10998
It's compacting of the version parts into a single float doesn't work
with APIMinor over 10, so replace with Gem::Version, which compares
parts correctly.
These are not needed, since you can just config the regular handler now
and pick either.
This resolves the conflict (rm'ed the old modules)
Conflicts:
modules/payloads/stagers/windows/reverse_ipv6_http.rb
modules/payloads/stagers/windows/reverse_ipv6_https.rb
jvazquez-r7
Joshua Smith
OJ
Victor
HD Moore
Samuel Huckins
Tom Sellers
us3r777
Luke Imhoff
Tod Beardsley
darkbushido
David Maloney