New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix issue in ps_wmi_exec and powershell staging #8330
Conversation
The staging function in the post/windows/powershell class was broken in a previous commit as the definition for env_variable was removed and env_prefix alone is now used. This caused an error to be thrown when attempting to stage the payload. This changes the reference from env_variable to env_prefix. Additionally, the ps_wmi_exec module created a powershell script to be run that was intended to be used with the EncodedCommand command line option; however the script itself was never actually encoded. This change passes the compressed script to the encode_script function to resolve that issue.
Remove explicitly loading msf/core and self.class from the register_ functions.
Helps to actually remove the bits that were failing. Now with even more removal of msf/core!
@kaospunk: good catch boss - looks like upstream was rather broken. I just looked over the commit history on this stuff in r7/master, looks like there was some strangeness with who committed what, probably as some sort of merge conflict resolution on one of my pathologically stale PRs. We definitely lost a few pieces along the way, and it looks to have been broken for some time now.
|
@bwatters-r7 this is something good to pull into your test suite |
Looks good to me too, thanks @kaospunk |
Got this tested and it looks good to me, so I'll land it here shortly. One thing to note is that the missing variable exception requires that the changes to the Thanks @kaospunk! |
Release NotesThese fixes resolve an issue that prevented staging the payload in the msf/core/post/windows/powershell class and an issue that prevented use of the EncodedCommand command line option with the exploits/windows/local/ps_wmi_exec exploit. |
The staging function in the post/windows/powershell class was broken
in a previous commit as the definition for env_variable was removed and
env_prefix alone is now used. This caused an error to be thrown when
attempting to stage the payload. This changes the reference from
env_variable to env_prefix.
Additionally, the ps_wmi_exec module created a powershell script to be
run that was intended to be used with the EncodedCommand command line
option; however the script itself was never actually encoded. This
change passes the compressed script to the encode_script function to
resolve that issue.
Verification
msfconsole
msfconsole