Commit Graph

26 Commits (ad308efc05ad077fdd7320e9560acd1782ac0551)

Author SHA1 Message Date
Meatballs ad308efc05
Really minimize commandline size 2014-02-08 22:53:47 +00:00
Meatballs c76862b391
Reduce payload size 2014-02-08 22:11:17 +00:00
Meatballs b10df54dbb
Dont need to encode the compress payload 2014-02-08 21:34:51 +00:00
Meatballs 435cc9b93f
Add single quote encapsulation
For WMI and psh_web_delivery
2013-12-16 15:13:13 +00:00
Meatballs 6c83109422
Really fix wmi 2013-11-23 16:44:44 +00:00
Meatballs 259d5a2dba
Backout Set-Variable as it is 3.0 only 2013-11-23 01:15:13 +00:00
Meatballs 1c60373f68
Reinstate %COMSPEC% 2013-11-23 00:45:04 +00:00
Meatballs c194fdc67e
Fixup WMI
-c doesn't like $var assignments
2013-11-23 00:31:11 +00:00
Meatballs 3cbf768d16
Small size reductions 2013-11-22 22:58:42 +00:00
Meatballs 4fc8bb2b4b
Auto arch detection 2013-10-22 00:42:59 +01:00
Meatballs 971d0b7536 Generate args 2013-09-27 12:48:10 +01:00
Meatballs 5add142789 Choose smallest smallest 2013-09-20 13:47:51 +01:00
Meatballs 9aca98a9d4 Dont need to bypass 2013-09-17 19:12:49 +01:00
Meatballs 60328d5b2a Bypass no profile and hidden by default 2013-09-13 21:22:15 +01:00
Meatballs 9ade4cb671 Refactor 2013-09-13 20:43:09 +01:00
Meatballs aa4ad2b005 Change to ' and remove " 2013-09-13 20:23:18 +01:00
Meatballs 243d3d6ebd Apply comments 2013-09-13 19:19:54 +01:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
Meatballs e1cfe7cfe2 Update datastore changes 2013-07-29 15:31:59 +01:00
RageLtMan 4df3b0215c replace lib/msf/core/exploit/powershell.rb, thanks @Meatballs1 2013-07-20 19:55:01 -04:00
RageLtMan dc15c5b505 Merge branch 'master' into powershell_import
Resolve conflicts from old code being pulled into master.

Conflicts:
	lib/msf/core/exploit/powershell.rb
	modules/exploits/windows/smb/psexec_psh.rb
2013-07-20 19:29:55 -04:00
RageLtMan 4554cc6e51 Import Powershell libs and modules (again)
Add Rex powershell parser:
 reads PSH, determines functions, variables, blocks
 compresses and cleans up the code it's read, obfuscates
 handles string literals and reserved variable names
 extracts code blocks and functions for reuse
  turns powersploit into a useful sub-component for MSF
Rewire Msf powershell modules
 Make use of Rex parser
 Handles payload generation, substituions
 Brings convenience methods - byte array generation and download
 Re-add .NET compiler
  Compiles .NET code (C#/VB.NET) in memory
  Can generate binary output file (dynamic persistence)
  Handles code-signing (steal cert with mimikatz, sign your bin)
  Not detected by AV (still...)
 Update payload generation
  GZip compression and decompression (see Rex module as well)
  msftidy violations for space efficiency - each char counts
Re-submit psexec-psh
 Makes use of updated Msf and Rex modules
 Runs shellcode in-memory (in a hidden PSH window)
 Completely bypasses all AVs tested for the last year...
2013-07-04 14:04:19 -04:00
Meatballs 1a0bdf335e Retab lib 2013-07-04 12:09:46 +01:00
Meatballs a76ee6c2ec Add flexibility to lib 2013-07-04 11:03:48 +01:00
Meatballs 1368c1c27f Move options to lib 2013-07-04 10:25:08 +01:00
Meatballs 03de8c1c3d Pull in exploit/powershell 2013-07-04 09:54:40 +01:00