Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/post/windows/manage/exec_powershell.rb
19512 views
1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5
6
class MetasploitModule < Msf::Post
7
include Msf::Post::Windows::Powershell
8
9
def initialize(info = {})
10
super(
11
update_info(
12
info,
13
'Name' => 'Windows PowerShell Execution Post Module',
14
'Description' => %q{
15
This module will execute a PowerShell script in a meterpreter session.
16
The user may also enter text substitutions to be made in memory before execution.
17
Setting VERBOSE to true will output both the script prior to execution and the results.
18
},
19
'License' => MSF_LICENSE,
20
'Platform' => ['windows'],
21
'SessionTypes' => ['meterpreter'],
22
'Author' => [
23
'Nicholas Nam (nick[at]executionflow.org)', # original meterpreter script
24
'RageLtMan <rageltman[at]sempervictus>' # post module and libs
25
],
26
'Notes' => {
27
'Stability' => [CRASH_SAFE],
28
'SideEffects' => [],
29
'Reliability' => []
30
}
31
)
32
)
33
34
register_options(
35
[
36
OptString.new('SCRIPT', [true, 'Path to the local PS script or command string to execute']),
37
]
38
)
39
40
register_advanced_options(
41
[
42
OptString.new('SUBSTITUTIONS', [false, 'Script subs in gsub format - original,sub;original,sub']),
43
]
44
)
45
end
46
47
def run
48
fail_with(Failure::BadConfig, 'PowerShell is not available') unless have_powershell?
49
50
# Preprocess the Powershell::Script object with substitions from Exploit::Powershell
51
script = make_subs(read_script(datastore['SCRIPT']), process_subs(datastore['SUBSTITUTIONS']))
52
53
# Execute in session
54
print_status psh_exec(script)
55
print_good 'Finished!'
56
end
57
end
58
59