Fix issue in ps_wmi_exec and powershell staging

The staging function in the post/windows/powershell class was broken
in a previous commit as the definition for env_variable was removed and
env_prefix alone is now used. This caused an error to be thrown when
attempting to stage the payload. This changes the reference from
env_variable to env_prefix.

Additionally, the ps_wmi_exec module created a powershell script to be
run that was intended to be used with the EncodedCommand command line
option; however the script itself was never actually encoded. This
change passes the compressed script to the encode_script function to
resolve that issue.

Author: kaospunk

lib/msf/core/post/windows/powershell.rb

@@ -134,7 +134,7 @@ def stage_cmd_env(compressed_script, env_suffix = Rex::Text.rand_text_alpha(8))
 
             # Build the set commands
             set_env_variable =  "[Environment]::SetEnvironmentVariable(" \
-                                "'#{env_variable}'," \
+                                "'#{env_prefix}'," \
                                 "'#{chunk}', 'User')"
 
             # Compress and encode the set command

modules/exploits/windows/local/ps_wmi_exec.rb

@@ -81,7 +81,7 @@ def build_script
       sleep_time = rand(5)+5
       psh_payload  = "function #{fun_name}{#{psh_payload}};while(1){Start-Sleep -s #{sleep_time};#{fun_name};1}"
     end
-    psh_payload = compress_script(psh_payload_raw, eof)
+    psh_payload = encode_script(compress_script(psh_payload_raw, eof), eof)
     # WMI exec function - this is going into powershell.rb after pull 701 is commited
     script = ps_wmi_exec(run_opts)
     # Build WMI exec calls to every host into the script to reduce PS instances