Rex::Powershell::Command.compress_script generates payload that are not working on win 10 1803. after some debugging i discovered that:
the current generated payload is
( NeW-OBJeCT iO.streAmreaDER( ( NeW-OBJeCT Io.ComPreSsioN.dEfLATEStReAm( [SYsTEM.Io.MEMOrYstReam][coNvERT]::FROmBase64sTRinG('S03OyFdIzkzMV6hRyC8t0U3LzElVAJMFiSUZCslWMaXFqUXFMQWlSTmZyTEpmfnJiXmpeiUVJQA=') ,[sYStEM.Io.cOMpreSSiON.coMprEssIONMoDe]::decoMPrEss)) ,[systEM.TeXT.EncoDIng]::ASCii) ).reAdtoEnD( )| Write-Host
but the working version is
( NeW-OBJeCT system.iO.streAmreaDER( ( NeW-OBJeCT system.Io.ComPreSsioN.dEfLATEStReAm( [SYsTEM.Io.MEMOrYstReam][system.coNvERT]::FROmBase64sTRinG('S03OyFdIzkzMV6hRyC8t0U3LzElVAJMFiSUZCslWMaXFqUXFMQWlSTmZyTEpmfnJiXmpeiUVJQA=') ,[sYStEM.Io.cOMpreSSiON.coMprEssIONMoDe]::decoMPrEss)) ,[systEM.TeXT.EncoDIng]::ASCii) ).reAdtoEnD( )| Write-Host
duplicate of https://github.com/rapid7/rex/issues/9
Rex::Powershell::Command.compress_script generates payload that are not working on win 10 1803. after some debugging i discovered that:
the current generated payload is
( NeW-OBJeCT iO.streAmreaDER( ( NeW-OBJeCT Io.ComPreSsioN.dEfLATEStReAm( [SYsTEM.Io.MEMOrYstReam][coNvERT]::FROmBase64sTRinG('S03OyFdIzkzMV6hRyC8t0U3LzElVAJMFiSUZCslWMaXFqUXFMQWlSTmZyTEpmfnJiXmpeiUVJQA=') ,[sYStEM.Io.cOMpreSSiON.coMprEssIONMoDe]::decoMPrEss)) ,[systEM.TeXT.EncoDIng]::ASCii) ).reAdtoEnD( )| Write-Hostbut the working version is
( NeW-OBJeCT system.iO.streAmreaDER( ( NeW-OBJeCT system.Io.ComPreSsioN.dEfLATEStReAm( [SYsTEM.Io.MEMOrYstReam][system.coNvERT]::FROmBase64sTRinG('S03OyFdIzkzMV6hRyC8t0U3LzElVAJMFiSUZCslWMaXFqUXFMQWlSTmZyTEpmfnJiXmpeiUVJQA=') ,[sYStEM.Io.cOMpreSSiON.coMprEssIONMoDe]::decoMPrEss)) ,[systEM.TeXT.EncoDIng]::ASCii) ).reAdtoEnD( )| Write-Host