Gh0st
/
PowerSploit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix for profile cleanup 

When removing the persistence, the profile is not cleaned up. This is a temporary fix for that which should leave any legitemate profile content in tact. This psm may need a rework though.

Related to:
https://github.com/PowerShellMafia/PowerSploit/issues/165
This commit is contained in:
b33f 2017-07-22 16:51:30 +01:00 committed by GitHub
parent 7a3e16ace5
commit d5c0abc9fa
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Persistence/Persistence.psm1
View File

@ -740,8 +740,10 @@ else
$PersistenceRemoval = @" $PersistenceRemoval = @"
# Execute the following to remove the elevated persistent payload # Execute the following to remove the elevated persistent payload
$ElevatedTriggerRemoval $ElevatedTriggerRemoval
(gc `$PROFILE.AllUsersAllHosts) -replace '[\s]{600}.+',''| Out-File `$PROFILE.AllUsersAllHosts -Fo
# Execute the following to remove the user-level persistent payload # Execute the following to remove the user-level persistent payload
$UserTriggerRemoval $UserTriggerRemoval
(gc `$PROFILE.CurrentUserAllHosts) -replace '[\s]{600}.+',''| Out-File `$PROFILE.CurrentUserAllHosts -Fo
"@ "@