Land 5299, implement shell_command for PS sessions

Author: Meatballs1

lib/msf/base/sessions/powershell.rb

@@ -33,4 +33,37 @@ def self.type
   def desc
     "Powershell session"
   end
+
+  #
+  # Takes over the shell_command of the parent
+  #
+  def shell_command(cmd)
+    # insert random marker
+    strm = Rex::Text.rand_text_alpha(15)
+    endm = Rex::Text.rand_text_alpha(15)
+
+    # Send the shell channel's stdin.
+    shell_write(";'#{strm}'\n" + cmd + "\n'#{endm}';\n")
+
+    timeout = 1800 # 30 minute timeout
+    etime = ::Time.now.to_f + timeout
+
+    buff = ""
+    # Keep reading data until the marker has been received or the 30 minture timeout has occured
+    while (::Time.now.to_f < etime)
+      res = shell_read(-1, timeout)
+      break unless res
+      timeout = etime - ::Time.now.to_f
+
+      buff << res
+      if buff.match(/#{endm}/)
+        # if you see the end marker, read the buffer from the start marker to the end and then display back to screen
+        buff = buff.split(/#{strm}/)[-1]
+        buff.gsub!(/PS .*>/, '')
+        buff.gsub!(/#{endm}/, '')
+        return buff
+      end
+    end
+    buff
+  end
 end

lib/msf/ui/console/command_dispatcher/core.rb

@@ -1772,13 +1772,15 @@ def cmd_sessions(*args)
               rescue Rex::TimeoutError
                 print_error("Operation timed out")
               end
-            elsif session.type == 'shell'
+            elsif session.type == 'shell' || session.type == 'powershell'
               output = session.shell_command(cmd)
               print_line(output) if output
             end
           ensure
             # Restore timeout for each session
-            session.response_timeout = last_known_timeout if last_known_timeout
+            if session.respond_to?(:response_timeout)
+              session.response_timeout = last_known_timeout if last_known_timeout
+            end
           end
           # If the session isn't a meterpreter or shell type, it
           # could be a VNC session (which can't run commands) or