File tree Expand file tree Collapse file tree 1 file changed +2
-4
lines changed
modules/post/windows/gather/powershell Expand file tree Collapse file tree 1 file changed +2
-4
lines changed Original file line number Diff line number Diff line change @@ -27,11 +27,9 @@ def run
2727 print_good ( "Running the post module: #{ name } + session . shell_command ( '$env:COMPUTERNAME' ) . gsub! ( /(\r \n )/ , '' ) )
2828 # Get all the services that are not in "C:\Windows\System32\"
2929 pscommand = '$services = Get-WmiObject win32_service | ?{$_} | where {($_.pathname -ne $null) -and ($_.pathname -notmatch ".*system32.*")} ; $servicepaths = New-Object System.Collections.ArrayList'
30- print ( session . shell_command ( pscommand ) )
31-
30+ session . shell_command ( pscommand )
3231 pscommand = 'foreach ($service in $services) { if ($service.PathName -Match "^(.+?)\.exe") {$servicepaths.Add($Matches[0].Replace(\'"\',\'\')) > $null} }'
33- print ( session . shell_command ( pscommand ) )
34-
32+ session . shell_command ( pscommand )
3533 pscommand = 'foreach ($service in $servicepaths) { "`n"+$service; get-acl $service | select-object -expandproperty AccessToString }'
3634 print ( session . shell_command ( pscommand ) )
3735 end
You can’t perform that action at this time.
0 commit comments