diff options
| author | bitform <matt@exploit-monday.com> | 2013-01-13 12:20:42 -0500 |
|---|---|---|
| committer | bitform <matt@exploit-monday.com> | 2013-01-13 12:20:42 -0500 |
| commit | 7bd264c465911c1a482c1ad4d7045648f574f8ab (patch) | |
| tree | c7882a9d78c64058d42609b2b2e62fcd196c4d85 | |
| parent | 504ac21aed7f8a2d4d99074c60b48bfdf15b1b68 (diff) | |
| download | PowerSploit-7bd264c465911c1a482c1ad4d7045648f574f8ab.tar.gz PowerSploit-7bd264c465911c1a482c1ad4d7045648f574f8ab.zip | |
Fixed bug in Prepare-Payload
* Some payloads were not decoding properly after being uncompressed.
This was due to a bug in how `Get-Content -Encoding ASCII` was
interpreting input. When reading a script from a file, Prepare-payload
no longer makes any assumptions about the script's encoding.
* Prepare-Payload will display a warning if the cmd.exe or base64 string
length maximums are exceeded.
| -rw-r--r-- | Prepare-Payload.ps1 | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/Prepare-Payload.ps1 b/Prepare-Payload.ps1 index c0ef8da..517f26b 100644 --- a/Prepare-Payload.ps1 +++ b/Prepare-Payload.ps1 @@ -96,8 +96,8 @@ http://www.exploit-monday.com if ($PSBoundParameters['Path'])
{
- $Text = Get-Content -Path $Path -Encoding Ascii -ErrorAction Stop
- $ScriptBytes = ([Text.Encoding]::ASCII).GetBytes($Text)
+ Get-ChildItem $Path -ErrorAction Stop | Out-Null
+ $ScriptBytes = [IO.File]::ReadAllBytes((Resolve-Path $Path))
}
else
{
@@ -140,5 +140,15 @@ http://www.exploit-monday.com $CommandLineOutput = "powershell.exe $($CommandlineOptions -join ' ') -EncodedCommand $EncodedPayloadScript"
}
+ if ($EncodedPayloadScript.Length -gt 32688)
+ {
+ Write-Warning 'The encoded portion of this command exceeds the maximum allowed base64 string length!'
+ }
+
+ if ($CommandLineOutput.Length -gt 8190)
+ {
+ Write-Warning 'This command exceeds the cmd.exe maximum allowed length!'
+ }
+
Write-Output $CommandLineOutput
}
\ No newline at end of file |