GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
Already on GitHub? Sign in to your account
Modules stands up web server and serves payload much like psh_web_delivery. This PR adds support for both PHP and python.
Added powershell psexec module
Merge remote-tracking branch 'upstream/master'
Not sure what to do about disclosure date in this case. First PR to msf so go easy on me :)
@Meatballs1 Do you think it would be beneficial to combine these with your psh_web_delivery module into one like multi/misc/script_web_delivery? It looks like it could be accomplished by adding additional targets.
Yea I thought about that as well. Didnt know if it would be better to keep them separate or try combining them.
@nullbind has done something similar. But i was thinking that maybe payloads should contain the logic for downoad+eval similar to your arch_cmd changes @zeroSteiner. Potentially they could do some kind of arch_cmd_web?? Or maybe this should be implemented as a stager for each respective arch?
Powershell is currently a special case as it is more like an encoder than a payload (we choose a native payload). But it hasnt been formalised as either of these yet.
Its definitely useful to have a handy delivery mechanism like this just need some thought about how best we can implement it to make it flexible. I was suprised how much and how differently the psh_web_delivery could be used but also want to be able to slot that style into psh cmd exploits where space is limited or badchars mean ithas to be b64 enc etc.
@Meatballs1 I like the idea of integrating it into payloads. At the same time, the current architecture just makes it so flexible. Excellent for scenarios where MSF was not used to gain initial command exec.
IMO they look like payloads+handlers. I'm not sure if they should be considered as exploits.
I am good with however you guys want to implement them. Just let me know what I need to do.
@wchen-r7 @Meatballs1 Any more thoughts on this?? I am kinda leaning towards @zeroSteiner 's idea of a mult/misc/script_web_delivery
Here is @nullbind's example: https://github.com/pwnwiki/q/blob/master/modules/exploits/netspi/ps_webshells.rb
Which is along the lines of a script_web_delivery.
I think people would find it useful, I'm surprised at the number of ways people have used psh_web_delivery
@Meatballs1 Awesome. I am close to having a new PR ready. Should I incorporate the powershell option or leave that as a stand alone module?
I don't see a reason to keep it standalone if it reduces the amount of duplicate code
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
Closing for updated PR #3419
Generally, you don’t need .exe when calling a proper executable in Windows shell. So the first would suffice for both systems.
Same as above.