diff options
| author | bitform <matt@exploit-monday.com> | 2013-01-20 08:56:37 -0500 |
|---|---|---|
| committer | bitform <matt@exploit-monday.com> | 2013-01-20 08:56:37 -0500 |
| commit | e9b22e9ae2391d1dc362501c282248945b3ca467 (patch) | |
| tree | d59b12570e9142eddde74636288696ed5206d482 | |
| parent | 59ff1a8b1eb3a8fba4dd9dee036a6c957f8f41ef (diff) | |
| download | PowerSploit-e9b22e9ae2391d1dc362501c282248945b3ca467.tar.gz PowerSploit-e9b22e9ae2391d1dc362501c282248945b3ca467.zip | |
Removed logic in scripts to load ps1xml files
* Now that PETools and ReverseEngineering are both full-fledged modules
with proper manifests, the manifests will take care of loading the
appropriate ps1xml files.
* Added Usage.txt to ReverseEngineering module.
| -rw-r--r-- | PETools/Get-PEHeader.ps1 | 7 | ||||
| -rw-r--r-- | ReverseEngineering/Get-KernelModuleInfo.ps1 | 8 | ||||
| -rw-r--r-- | ReverseEngineering/Get-PEB.ps1 | 11 | ||||
| -rw-r--r-- | ReverseEngineering/ReverseEngineering.psd1 | 2 | ||||
| -rw-r--r-- | ReverseEngineering/Usage.txt | 12 |
5 files changed, 13 insertions, 27 deletions
diff --git a/PETools/Get-PEHeader.ps1 b/PETools/Get-PEHeader.ps1 index 354b675..49bfbd6 100644 --- a/PETools/Get-PEHeader.ps1 +++ b/PETools/Get-PEHeader.ps1 @@ -99,13 +99,6 @@ http://www.exploit-monday.com/2012/07/get-peheader.html )
PROCESS {
-
- # Apply custom view to the PE header format only if file exists and has not yet been applied
- $FormatFilePath = Join-Path $PsScriptRoot 'PETools.Format.ps1xml'
-
- if ((Test-Path $FormatFilePath) -and !(Get-FormatData PEHeader)) {
- Update-FormatData -PrependPath $FormatFilePath
- }
switch ($PsCmdlet.ParameterSetName) {
'OnDisk' {
diff --git a/ReverseEngineering/Get-KernelModuleInfo.ps1 b/ReverseEngineering/Get-KernelModuleInfo.ps1 index 0704919..f6f8221 100644 --- a/ReverseEngineering/Get-KernelModuleInfo.ps1 +++ b/ReverseEngineering/Get-KernelModuleInfo.ps1 @@ -48,14 +48,6 @@ To display the output as seen in the example, ensure that Get-KernelModuleInfo.f http://www.exploit-monday.com
#>
- # Load custom object formatting views
- $FormatPath = try { Join-Path $PSScriptRoot Get-KernelModuleInfo.format.ps1xml } catch {}
- # Don't load format ps1xml if it doesn't live in the same folder as this script
- if ($FormatPath -and (Test-Path $FormatPath))
- {
- Update-FormatData -PrependPath (Join-Path $PSScriptRoot Get-KernelModuleInfo.format.ps1xml)
- }
-
$Domain = [AppDomain]::CurrentDomain
$DynAssembly = New-Object System.Reflection.AssemblyName('TestAssembly')
$AssemblyBuilder = $Domain.DefineDynamicAssembly($DynAssembly, [System.Reflection.Emit.AssemblyBuilderAccess]::Run)
diff --git a/ReverseEngineering/Get-PEB.ps1 b/ReverseEngineering/Get-PEB.ps1 index 6dbd55a..dbb95a0 100644 --- a/ReverseEngineering/Get-PEB.ps1 +++ b/ReverseEngineering/Get-PEB.ps1 @@ -57,17 +57,6 @@ http://msdn.microsoft.com/en-us/library/windows/desktop/aa813706(v=vs.85).aspx {
Set-StrictMode -Version 2
- # Load custom object formatting views
- if (Test-Path .\Get-PEB.format.ps1xml)
- {
- Update-FormatData -PrependPath .\Get-PEB.format.ps1xml -ErrorAction SilentlyContinue
- }
- else
- {
- try { Update-FormatData -PrependPath (Join-Path $PSScriptRoot Get-PEB.format.ps1xml) -ErrorAction SilentlyContinue }
- catch { Write-Warning 'To ensure proper output display, place Get-PEB.format.ps1xml in the same folder as this script.' }
- }
-
$mscorlib = [AppDomain]::CurrentDomain.GetAssemblies() | ? { $_.FullName.Split(',')[0].ToLower() -eq 'mscorlib' }
$Win32Native = $mscorlib.GetTypes() | ? { $_.FullName -eq 'Microsoft.Win32.Win32Native' }
diff --git a/ReverseEngineering/ReverseEngineering.psd1 b/ReverseEngineering/ReverseEngineering.psd1 index 3ad890d..5a1d567 100644 --- a/ReverseEngineering/ReverseEngineering.psd1 +++ b/ReverseEngineering/ReverseEngineering.psd1 @@ -75,7 +75,7 @@ ModuleList = @(@{ModuleName = 'ReverseEngineering'; ModuleVersion = '1.0.0.0'; G # List of all files packaged with this module
FileList = 'ReverseEngineering.psm1', 'ReverseEngineering.psd1', 'Get-ILDisassembly.ps1', 'Get-KernelModuleInfo.format.ps1xml',
'Get-KernelModuleInfo.ps1', 'Get-Member.ps1', 'Get-MethodAddress.ps1', 'Get-PEB.format.ps1xml',
- 'Get-PEB.ps1', 'Get-Strings.ps1', 'Get-StructFromMemory.ps1'
+ 'Get-PEB.ps1', 'Get-Strings.ps1', 'Get-StructFromMemory.ps1', 'Usage.txt'
# Private data to pass to the module specified in RootModule/ModuleToProcess
# PrivateData = ''
diff --git a/ReverseEngineering/Usage.txt b/ReverseEngineering/Usage.txt new file mode 100644 index 0000000..dcfae6d --- /dev/null +++ b/ReverseEngineering/Usage.txt @@ -0,0 +1,12 @@ +To install this module, drop the entire PETools folder into one of your module directories. The default PowerShell module paths are listed in the $Env:PSModulePath environment variable.
+
+The default per-user module path is: "$Env:HomeDrive$Env:HOMEPATH\Documents\WindowsPowerShell\Modules"
+The default computer-level module path is: "$Env:windir\System32\WindowsPowerShell\v1.0\Modules"
+
+To use the module, type `Import-Module ReverseEngineering`
+
+To see the commands imported, type `Get-Command -Module ReverseEngineering`
+
+For help on each individual command, Get-Help is your friend.
+
+Note: The tools contained within this module were all designed such that they can be run individually. Including them in a module simply lends itself to increased portability.
\ No newline at end of file |