URL package proposal: invokethehash.vm #1241 #1273
Conversation
There was a problem hiding this comment.
Thanks for the contribution @PrajeetGuha and sorry for the late reply (I was not able to do much testing while working on mandiant/flare-vm#660 as it keeps my VirtualBox busy)
| # install invoke-thehash and import module | ||
| $zipUrl = 'https://github.com/Kevin-Robertson/Invoke-TheHash/archive/refs/heads/master.zip' | ||
| $zipSha256 = '3eb5db79e4c05fefcd85518b0b155ae75f6475dfe758e88901e9bff2fed2db6f' | ||
| $powershellCommand = 'Import-Module .\Invoke-TheHash.psd1;' |
There was a problem hiding this comment.
I am not sure if this is the best way to install this tool. With the current code you create a shortcut in the Tools directory and when you click it, it imports the module to make some function available. I think it would make more sense to run Import-Module .\Invoke-TheHash.psd1 during the installation and add shortcuts for (some of) the imported functions. Or am I misunderstanding how the tool works?
There was a problem hiding this comment.
The tool is a bunch of ready-made powershell modules that can be used for doing lateral movement.
This should follow the same installation technique as other similar Powershell modules installations like - powersploit, powermad, powerzure, etc.
There was a problem hiding this comment.
The packages you mention are a bit different because the shortcut in addition to importing the module, is also running a command like Get-Command -Module Powermad and Invoke-PowerZure -h, while in this shortcut you are just importing the module without running any useful commands. The module in this case seems to provide several useful functions. That's why I think that having a shortcut per function would be more useful in this case. @mandiant/commando-vm opinions?
There was a problem hiding this comment.
I have added
Get-Command -Module Invoke-TheHash
to list out the available modules in it in the new commit.
for consistency with other packages Co-authored-by: Ana María Martínez Gómez <anamaria@martinezgomez.name>
usage of concrete commit in the url Co-authored-by: Ana María Martínez Gómez <anamaria@martinezgomez.name>
|
the suggested change in the URL caused a checksum mismatch. I will do a commit to resolve it soon after testing it. 🫡 |
|
@PrajeetGuha note we are in the process of moving the categories to the nuspec as you can for example see in #1279 (we are splitting the change in several PRs to avoid issues when publishing packages). Once #1287 is merged, the category will need to be here also moved for the linter to work (what is needed to merge the PR). |
There was a problem hiding this comment.
The code looks good to me! 🎉 I appreciate all the work to address the feedback, thanks @PrajeetGuha! 💐 For future contributions I would appreciate if you could squash your commits and follow good commit practices to help us keeping a clean commit history ✨ But to avoid you have to make changes again, I can merge this PR with the squash and merge option.
|
@sara-rn you also need to move the category to the nuspec in this package too. |
2 participants
Added the powershell scripts package