Add Powershell extension #87

Merged
merged 9 commits into from Mar 25, 2016

Conversation

Projects
None yet
5 participants
@OJ
Contributor

OJ commented Mar 21, 2016

This PR contains the Meterpreter-side code for the new Windows Powershell extension. Full details of the features of this extension can be found in the accompanying PR located on the MSF repository here: rapid7/metasploit-framework#6691

Please may I request that general discussion of the feature set be had over on the MSF repo instead of this one. All technical and implementation detail can continue to be discussed here.

Thanks!

OJ added some commits Mar 14, 2016

@OJ OJ referenced this pull request in rapid7/metasploit-framework Mar 21, 2016

Merged

Add Powershell extension #6691

8 of 8 tasks complete
@OJ

This comment has been minimized.

Show comment
Hide comment
@OJ

OJ Mar 21, 2016

Contributor

Note, this code contains a bunch of stuff that isn't in a repo at the moment. @bcook-r7 can we please create a new repo for this? I've pinged you behind the scenes to kick off the discussion. Thanks!

Contributor

OJ commented Mar 21, 2016

Note, this code contains a bunch of stuff that isn't in a repo at the moment. @bcook-r7 can we please create a new repo for this? I've pinged you behind the scenes to kick off the discussion. Thanks!

@metasploit-public-bot

This comment has been minimized.

Show comment
Hide comment
@metasploit-public-bot

metasploit-public-bot Mar 21, 2016

Refer to this link for build results (access rights to CI server needed):
https://ci.metasploit.com//job/GPR-metasploit-payloads-win/64/

Refer to this link for build results (access rights to CI server needed):
https://ci.metasploit.com//job/GPR-metasploit-payloads-win/64/

@OJ

This comment has been minimized.

Show comment
Hide comment
@OJ

OJ Mar 21, 2016

Contributor

The extra component, which kind of belongs in this source base, but kind of doesn't, is currently hosted here: https://github.com/OJ/MSF.Powershell

@bcook-r7, thoughts on where this should belong and how it should be integrated?

Contributor

OJ commented Mar 21, 2016

The extra component, which kind of belongs in this source base, but kind of doesn't, is currently hosted here: https://github.com/OJ/MSF.Powershell

@bcook-r7, thoughts on where this should belong and how it should be integrated?

@metasploit-public-bot

This comment has been minimized.

Show comment
Hide comment
@metasploit-public-bot

metasploit-public-bot Mar 21, 2016

Refer to this link for build results (access rights to CI server needed):
https://ci.metasploit.com//job/GPR-metasploit-payloads-win/65/

Refer to this link for build results (access rights to CI server needed):
https://ci.metasploit.com//job/GPR-metasploit-payloads-win/65/

@sempervictus

This comment has been minimized.

Show comment
Hide comment
@sempervictus

sempervictus Mar 21, 2016

Blows up on me:

meterpreter > load mirv
Loading extension mirv...success.
meterpreter > load python
Loading extension python...success.
meterpreter > load sniffer
Loading extension sniffer...success.
meterpreter > load lanattacks
Loading extension lanattacks...lsuccess.
meterpreter > load kiwi
Loading extension kiwi...load i

  .#####.   mimikatz 2.0 alpha (x86/windows) release "Kiwi en C"
 .## ^ ##.
 ## / \ ##  /* * *
 ## \ / ##   Benjamin DELPY `gentilkiwi` ( benjamin@gentilkiwi.com )
n '## v ##'   http://blog.gentilkiwi.com/mimikatz             (oe.eo)
  '#####'    Ported to Metasploit by OJ Reeves `TheColonial` * * */


[!] Loaded x86 Kiwi on an x64 architecture.
success.
meterpreter > load incognito
Loading extension incognito...losuccess.
meterpreter > load espia
Loading extension espia...success.
meterpreter > load extapi
Loading extension extapi...success.
meterpreter > load priv
Loading extension priv...success.
meterpreter > load mimikatz
Loading extension mimikatz...
[!] Loaded x86 Mimikatz on an x64 architecture.
success.
meterpreter > load powershell
Loading extension powershell...
[*] 10.0.0.40 - Meterpreter session 2 closed.  Reason: Died

Just rebuilt all extensions clean, not sure whats up, digging into it. The target is 2k8r2 VM, x64 in WOW mode.

Blows up on me:

meterpreter > load mirv
Loading extension mirv...success.
meterpreter > load python
Loading extension python...success.
meterpreter > load sniffer
Loading extension sniffer...success.
meterpreter > load lanattacks
Loading extension lanattacks...lsuccess.
meterpreter > load kiwi
Loading extension kiwi...load i

  .#####.   mimikatz 2.0 alpha (x86/windows) release "Kiwi en C"
 .## ^ ##.
 ## / \ ##  /* * *
 ## \ / ##   Benjamin DELPY `gentilkiwi` ( benjamin@gentilkiwi.com )
n '## v ##'   http://blog.gentilkiwi.com/mimikatz             (oe.eo)
  '#####'    Ported to Metasploit by OJ Reeves `TheColonial` * * */


[!] Loaded x86 Kiwi on an x64 architecture.
success.
meterpreter > load incognito
Loading extension incognito...losuccess.
meterpreter > load espia
Loading extension espia...success.
meterpreter > load extapi
Loading extension extapi...success.
meterpreter > load priv
Loading extension priv...success.
meterpreter > load mimikatz
Loading extension mimikatz...
[!] Loaded x86 Mimikatz on an x64 architecture.
success.
meterpreter > load powershell
Loading extension powershell...
[*] 10.0.0.40 - Meterpreter session 2 closed.  Reason: Died

Just rebuilt all extensions clean, not sure whats up, digging into it. The target is 2k8r2 VM, x64 in WOW mode.

@OJ

This comment has been minimized.

Show comment
Hide comment
@OJ

OJ Mar 21, 2016

Contributor

That makes me sad. Lemme fire up a similar config.

Contributor

OJ commented Mar 21, 2016

That makes me sad. Lemme fire up a similar config.

@sempervictus

This comment has been minimized.

Show comment
Hide comment
@sempervictus

sempervictus Mar 22, 2016

@OJ: see IRC, i can give you access to this one.

@OJ: see IRC, i can give you access to this one.

@metasploit-public-bot

This comment has been minimized.

Show comment
Hide comment
@metasploit-public-bot

metasploit-public-bot Mar 22, 2016

Refer to this link for build results (access rights to CI server needed):
https://ci.metasploit.com//job/GPR-metasploit-payloads-win/66/

Refer to this link for build results (access rights to CI server needed):
https://ci.metasploit.com//job/GPR-metasploit-payloads-win/66/

@OJ

This comment has been minimized.

Show comment
Hide comment
@OJ

OJ Mar 22, 2016

Contributor

@sempervictus This should be fixed now. Thanks for the help.

Contributor

OJ commented Mar 22, 2016

@sempervictus This should be fixed now. Thanks for the help.

@metasploit-public-bot

This comment has been minimized.

Show comment
Hide comment
@metasploit-public-bot

metasploit-public-bot Mar 22, 2016

Refer to this link for build results (access rights to CI server needed):
https://ci.metasploit.com//job/GPR-metasploit-payloads-win/67/

Refer to this link for build results (access rights to CI server needed):
https://ci.metasploit.com//job/GPR-metasploit-payloads-win/67/

@bcook-r7 bcook-r7 self-assigned this Mar 25, 2016

@bcook-r7

This comment has been minimized.

Show comment
Hide comment
@bcook-r7

bcook-r7 Mar 25, 2016

Contributor

building so more can play with it and we can land 0.1

Contributor

bcook-r7 commented Mar 25, 2016

building so more can play with it and we can land 0.1

@bcook-r7 bcook-r7 merged commit 6e5afca into rapid7:master Mar 25, 2016

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

bcook-r7 added a commit that referenced this pull request Mar 25, 2016

@bcook-r7 bcook-r7 removed the in progress label Mar 25, 2016

@OJ

This comment has been minimized.

Show comment
Hide comment
@OJ

OJ Mar 25, 2016

Contributor

Awesome, thanks Brent!

Contributor

OJ commented Mar 25, 2016

Awesome, thanks Brent!

@OJ OJ deleted the OJ:powershell-extension branch Mar 25, 2016

@OJ OJ referenced this pull request Mar 25, 2016

Merged

Add Powershell meterpreter bindings #89

7 of 9 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment