Quantcast
Channel: Exploit Monday
Viewing all articles
Browse latest Browse all 78

PowerSploit - Inject-Shellcode Update

$
0
0


I just released an updated version of Inject-Shellcode. Significant portions of the code have been cleaned up and its parameters were simplified. While I hate to change the original interface, there were several redundancies in the original parameters that didn't make any sense. Here is the changelog for this release:

New Features/Changes:
  • Dramatically simplified parameters. Removed redundancies and named parameter sets more appropriately
  • Added 'Shellcode' parameter. Now, you can optionally specify shellcode as a byte array rather than having to copy and paste shellcode into the $Shellcode32 and/or $Shellcode64 variables
  • Added 'Payload' parameter. Naming is now consistant with Metasploit payloads. Currently, only 'windows/meterpreter/reverse_http' and 'windows/meterpreter/reverse_https' payloads are supported.
  • Inject-Shellcode will now prompt the user to continue the 'dangerous' action unless the -Force switch is provided. Hopefully, this will prevent some people from carrying out stupid/regrettable actions.
  • Added the 'ListMetasploitPayloads' switch to display the Metasploit payloads supported by Inject-Shellcode

Bug fixes/Miscellaneous:

  • Added UserAgent parameter to help documentation
  • Code is much more readable now
  • Changed internal helper functions to 'local' scope
  • Now using proper error handling versus Write-Warning statements
  • Added a subtle warning to the built-in shellcode...

Here is the updated help documentation:
Enjoy and let me know if you have any suggestions for improvements!

Viewing all articles
Browse latest Browse all 78

Trending Articles