diff options
| author | bitform <matt@exploit-monday.com> | 2012-08-20 20:14:01 -0400 |
|---|---|---|
| committer | bitform <matt@exploit-monday.com> | 2012-08-20 20:14:01 -0400 |
| commit | c7fa3390128cfc3e5a3ad74c62970c3ee0f9fd5c (patch) | |
| tree | eff3fc4f0068884375d24b8e56eb8c845ed1b0d5 /README | |
| parent | 2b5ac68b9c230fdcf03ef9cc6a3844f9a2726ac6 (diff) | |
| download | PowerSploit-c7fa3390128cfc3e5a3ad74c62970c3ee0f9fd5c.tar.gz PowerSploit-c7fa3390128cfc3e5a3ad74c62970c3ee0f9fd5c.zip | |
Updated Inject-Shellcode and style guide
New Features/Changes:
- Dramatically simplified parameters. Removed redundancies and named
parameter sets more appropriately
- Added 'Shellcode' parameter. Now, you can optionally specify shellcode
as a byte array rather than having to copy and paste shellcode into the
$Shellcode32 and/or $Shellcode64 variables
- Added 'Payload' parameter. Naming is now consistant with Metasploit
payloads. Currently, only 'windows/meterpreter/reverse_http' and
'windows/meterpreter/reverse_https' payloads are supported.
- Inject-Shellcode will now prompt the user to continue the 'dangerous'
action unless the -Force switch is provided. Hopefully, this will
prevent some people from carrying out stupid/regrettable actions.
- Added the 'ListMetasploitPayloads' switch to display the Metasploit
payloads supported by Inject-Shellcode
Bug fixes/Miscellaneous:
- Added UserAgent parameter to help documentation
- Code is much more readable now
- Changed internal helper functions to 'local' scope
- Now using proper error handling versus Write-Warning statements
- Added a subtle warning to the built-in shellcode...
Diffstat (limited to 'README')
| -rw-r--r-- | README | 10 |
1 files changed, 4 insertions, 6 deletions
@@ -113,15 +113,13 @@ For all contributors and future contributors to PowerSploit, I ask that you foll * If you find yourself repeating code, write a function.
-* Catch all anticipated errors and provide meaningful output. I prefer 'Write-Warning; return' to Write-Error. Use your discretion as to what you think works best for your script though.
+* Catch all anticipated errors and provide meaningful output. If you have an error that should stop execution of the script, use 'Throw'. If you have an error that doesn't need to stop execution, use Write-Error.
-* If you are writing a script that interfaces with the Win32 API, do not compile C# code. It is imperative that nothing aside from the script touches the disk.
+* If you are writing a script that interfaces with the Win32 API, do not compile C# code unless absolutely necessary. It is imperative that nothing aside from the script touches the disk.
* Do not use hardcoded paths. A script should be useable right out of the box. No one should have to modify the code unless they want to.
-* I don't want any v3 dependencies right now.
-
-* Make your overall script a function so that Get-Help can be used properly.
+* I don't want any v3 dependencies right now. In fact, it would be ideal to use `Set-StrictMode -Version 2.0` to ensure you are conforming to PowerShell v2 best practices.
* Use positional parameters and make parameters mandatory when it makes sense to do so. For example, I'm looking for something like the following:
* [Parameter(Position = 0, Mandatory = $True)]
@@ -136,6 +134,6 @@ For all contributors and future contributors to PowerSploit, I ask that you foll * Only use .NET code when absolutely necessary.
-* use the return keyword when returning an object from a function. I know it's not necessary but it makes the code more readable.
+* use the Write-Output keyword when returning an object from a function. I know it's not necessary but it makes the code more readable.
* Use default values for your parameters when it makes sense. Ideally, you want a script that will work without requiring any parameters.
\ No newline at end of file |