Support information to include logon scripts

jvazquez-r7 · jvazquez-r7 · commit b95be1b25ff0 · 2015-05-04T15:49:19.000-05:00
diff --git a/modules/exploits/windows/smb/group_policy_startup.rb b/modules/exploits/windows/smb/group_policy_startup.rb
@@ -12,13 +12,13 @@ class Metasploit3 < Msf::Exploit::Remote
 
   def initialize(info={})
     super(update_info(info,
-      'Name'          => 'Group Policy Startup Script From Shared Resource',
+      'Name'          => 'Group Policy Script Execution From Shared Resource',
       'Description'   => %q{
         This is a general-purpose module for exploiting systems with Windows Group Policy
-        configured to load VBS startup scripts from remote locations. This module runs a
-        SMB shared resource that will provide a payload through an VBS file. The payload
-        will be executed with SYSTEM privileges on the target loading it through Windows
-        Group Policy. Have into account which the attacker still needs to the redirect the
+        configured to load VBS startup/logon scripts from remote locations. This module runs
+        a SMB shared resource that will provide a payload through a VBS file. Startup scripts
+        will be executed with SYSTEM privileges, while logon scripts will be executed with the
+        user privileges. Have into account which the attacker still needs to redirect the
         target traffic to the fake SMB share to exploit it successfully.
       },
       'Author'      =>
@@ -35,7 +35,7 @@ def initialize(info={})
         {
           'EXITFUNC' => 'thread',
         },
-      'Privileged'     => true,
+      'Privileged'     => false,
       'Platform'       => 'win',
       'Arch'           => [ARCH_X86, ARCH_X86_64],
       'Payload'        =>
