Land #15403, Powershell file mixin methods

This changes the platform of the Powershell session to be consistent with the others by changing the value from "win" to "windows". This also updates about half of the methods in the file mixin with Powershell support.
rapid7 · Jul 16, 2021 · d0b2ea6 · d0b2ea6
2 parents 5aad658 + 44e5d48
commit d0b2ea6
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 11 deletions.
diff --git a/lib/msf/base/sessions/powershell.rb b/lib/msf/base/sessions/powershell.rb
@@ -30,7 +30,7 @@ def self.type
   # Returns the session platform.
   #
   def platform
-    "win"
+    "windows"
   end
 
   #

diff --git a/lib/msf/core/post/file.rb b/lib/msf/core/post/file.rb
@@ -49,6 +49,8 @@ def cd(path)
   def pwd
     if session.type == "meterpreter"
       return session.fs.dir.getwd
+    elsif session.type == 'powershell'
+      return cmd_exec('(Get-Location).Path').strip
     else
       if session.platform == 'windows'
         # XXX: %CD% only exists on XP and newer, figure something out for NT4
@@ -159,6 +161,8 @@ def file?(path)
       stat = session.fs.file.stat(path) rescue nil
       return false unless stat
       return stat.file?
+    elsif session.type == 'powershell'
+      return cmd_exec("Test-Path \"#{path}\" -PathType leaf")&.include?("True")
     else
       if session.platform == 'windows'
         f = cmd_exec("cmd.exe /C IF exist \"#{path}\" ( echo true )")
@@ -245,6 +249,8 @@ def exist?(path)
     if session.type == 'meterpreter'
       stat = session.fs.file.stat(path) rescue nil
       return !!(stat)
+    elsif session.type == 'powershell'
+      return cmd_exec("Test-Path \"#{path}\"")&.include?("True")
     else
       if session.platform == 'windows'
         f = cmd_exec("cmd.exe /C IF exist \"#{path}\" ( echo true )")
@@ -469,7 +475,9 @@ def exploit_data(data_directory, file)
   def rm_f(*remote_files)
     remote_files.each do |remote|
       if session.type == "meterpreter"
-        session.fs.file.delete(remote) if exist?(remote)
+        session.fs.file.delete(remote) if file?(remote)
+      elsif session.type == 'powershell'
+        cmd_exec("Remove-Item \"#{remote}\" -Force") if file?(remote)
       else
         if session.platform == 'windows'
           cmd_exec("del /q /f \"#{remote}\"")
@@ -490,6 +498,8 @@ def rm_rf(*remote_dirs)
     remote_dirs.each do |remote|
       if session.type == "meterpreter"
         session.fs.dir.rmdir(remote) if exist?(remote)
+      elsif session.type == 'powershell'
+        cmd_exec("Remove-Item -Path \"#{remote}\" -Force -Recurse")
       else
         if session.platform == 'windows'
           cmd_exec("rd /s /q \"#{remote}\"")

diff --git a/lib/msf/core/post/process.rb b/lib/msf/core/post/process.rb
@@ -36,21 +36,15 @@ def has_pid?(pid)
   # Gets the `pid` and `name` of the processes on the remote system
   #
   def get_processes
-    if session_has_process_ext
+    if session.type == 'meterpreter'
       meterpreter_get_processes
+    elsif session.type == 'powershell'
+      shell_get_processes
     else
       shell_get_processes
     end
   end
 
-  def session_has_process_ext
-    begin
-      return !!(session.sys and session.sys.process)
-    rescue NoMethodError
-      return false
-    end
-  end
-
   def meterpreter_get_processes
     begin
       return session.sys.process.get_processes.map { |p| p.slice('name', 'pid') }