rapid7 · igorski-r7 · Jan 14, 2025 · Jan 16, 2025
@@ -1,7 +1,7 @@
 {
-	"spec": "9145719b881a784092c317354561287b",
-	"manifest": "a95ee1b81a2944967e48aaca45022fa3",
-	"setup": "e7d0bf5db9c37f6d59ff44e5d735b165",
+	"spec": "83aaad93d431da06ba5cb00715586576",
+	"manifest": "61de88b740ca64a1828d828542d76aeb",
+	"setup": "6e825188d75fce9536419c1f67bacd39",
 	"schemas": [
 		{
 			"identifier": "execute_script/schema.py",

@@ -1,12 +1,9 @@
-FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.0
+FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.3
 
 LABEL organization=rapid7
 LABEL sdk=python
-LABEL type=plugin
 
-ENV SSL_CERT_FILE /etc/ssl/certs/ca-certificates.crt
-ENV SSL_CERT_DIR /etc/ssl/certs
-ENV REQUESTS_CA_BUNDLE  /etc/ssl/certs/ca-certificates.crt
+WORKDIR /python/src
 
 # Add any package dependencies here
 ENV DEBIAN_FRONTEND noninteractive
@@ -33,20 +30,20 @@ RUN echo "deb http://security.ubuntu.com/ubuntu bionic-security main" | sudo tee
     wget http://mirrors.kernel.org/ubuntu/pool/main/i/icu/libicu52_52.1-3ubuntu0.8_amd64.deb && \
     sudo apt install -y ./libicu52_52.1-3ubuntu0.8_amd64.deb && \
     rm ./libicu52_52.1-3ubuntu0.8_amd64.deb && \
-    wget https://github.com/PowerShell/PowerShell/releases/download/v7.1.5/powershell_7.1.5-1.debian.9_amd64.deb && \
-    sudo apt install -y ./powershell_7.1.5-1.debian.9_amd64.deb && \
-    rm ./powershell_7.1.5-1.debian.9_amd64.deb
+    wget https://github.com/PowerShell/PowerShell/releases/download/v7.4.6/powershell_7.4.6-1.deb_amd64.deb && \
+    sudo apt install -y ./powershell_7.4.6-1.deb_amd64.deb && \
+    rm ./powershell_7.4.6-1.deb_amd64.deb
 
 ADD ./plugin.spec.yaml /plugin.spec.yaml
-ADD . /python/src
-
-WORKDIR /python/src
+ADD ./requirements.txt /python/src/requirements.txt
 
-# End package dependencies
 RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+
+ADD . /python/src
+
 RUN python setup.py build && python setup.py install
 
 # User to run plugin code. The two supported users are: root, nobody
 USER root
 
-ENTRYPOINT ["/usr/local/bin/icon_powershell"]
+ENTRYPOINT ["/usr/local/bin/icon_powershell"]
@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "PowerShell"
 Vendor = "rapid7"
-Version = "3.0.6"
+Version = "3.0.7"
 Description = "[PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-6) is a task-based command-line shell and scripting language from Microsoft that helps system administrators, power-users, and InsightConnect customers rapidly automate tasks that manage operating systems and processes. This plugin runs a PowerShell script on a remote host or locally on an InsightConnect Orchestrator"
 
 

@@ -15,7 +15,7 @@
 
 # Supported Product Versions
 
-* PowerShell 6.1.2
+* PowerShell 7.4.6
 
 # Documentation
 
@@ -153,52 +153,41 @@ Example output:
 
 ## Troubleshooting
 
-The use of round-robin DNS lookups is not supported
-
-If Auth Type is set to "None" the PowerShell script will execute locally on the Komand host.
-This can also by accomplished by leaving the address field blank.
-
-The username supplied must have local admin privileges on the remote host Windows computer.
-When using a domain account with NTLM the username must be in the following format MYDOMAIN\username
-When using the Kerberos connection option the username must be a domain account that has permission to join computers to the domain.
+* The use of round-robin DNS lookups is not supported
+* If Auth Type is set to "None" the PowerShell script will execute locally on the Komand host. This can also be accomplished by leaving the address field blank.
+* The username supplied must have local admin privileges on the remote host Windows computer.
+* When using a domain account with NTLM the username must be in the following format MYDOMAIN\username
+* When using the Kerberos connection option the username must be a domain account that has permission to join computers to the domain.
+* This plugin can connect over HTTP, the default port for this is 5985.
+It should be noted that this type of connection is not secure as all information passed is in plain text. In addition, Windows will not allow HTTP connections by default.
 
-This plugin can connect over HTTP, the default port for this is 5985. It should be noted that this type of connection is
-not secure as all information passed is in plain text. In addition, Windows will not allow HTTP connections by default.
 The following commands must be run on the Windows computer that you want to connect to.
 
 For more information see [Compromising Yourself with WinRM's AllowUnencrypted = True](https://blogs.msdn.microsoft.com/PowerShell/2015/10/27/compromising-yourself-with-winrms-allowunencrypted-true/)
 
 ```
-
 winrm set winrm/config/client/auth '@{Basic="true"}'
 winrm set winrm/config/service/auth '@{Basic="true"}'
 winrm set winrm/config/service '@{AllowUnencrypted="true"}'
-
 ```
 
-When using the Kerberos connection option, the username should not include an @example.com or other domain identifier. These will be added by the plugin as needed.
-
+* When using the Kerberos connection option, the username should not include an @example.com or other domain identifier. These will be added by the plugin as needed.
 This plugin will join the Komand docker instance to the Windows domain as a computer if the Kerberos option is used.
-
-For the Execute Script action PowerShell code should be submitted as base64. This can be done by
-copying a `.txt` file with the PowerShell code into the plugin.
+For the Execute Script action PowerShell code should be submitted as base64. This can be done by copying a `.txt` file with the PowerShell code into the plugin.
 
 _This plugin does not validate the PowerShell code._
-
-Any errors generated on the remote computer by the PowerShell code
-are forwarded to the log file.
+Any errors generated on the remote computer by the PowerShell code are forwarded to the log file.
 
 Run this PowerShell command on a Windows host first to set up a unsigned certificate for authentication:
 This will not be needed if the host already has a SSL certificate set up for Winrm
 
 ```
-
 Invoke-Expression ((New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1'))
-
 ```
 
 # Version History
 
+* 3.0.7 - Updated dependencies | Updated SDK to the latest version
 * 3.0.6 - Bump SDK to 6.2.0
 * 3.0.5 - Bump requirements.txt | Bump SDK to 6.1.4 | Update help.md to enforce that the use of round-robin DNS lookups is not supported
 * 3.0.4 - Upgrade user from `nobody` to `root` | bump SDK to 6.0.1 and switch back to `Bullseye` based SDK image

@@ -25,5 +25,4 @@ def connect(self, params={}):
             "password": params.get(Input.SCRIPT_USERNAME_AND_PASSWORD, {}).get("password"),
             "secret_key": params.get(Input.SCRIPT_SECRET_KEY, {}).get("secretKey"),
         }
-
         self.logger.info("Connect: Connecting..")
@@ -4,7 +4,7 @@ products: [insightconnect]
 name: powershell
 title: PowerShell
 description: "[PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-6) is a task-based command-line shell and scripting language from Microsoft that helps system administrators, power-users, and InsightConnect customers rapidly automate tasks that manage operating systems and processes. This plugin runs a PowerShell script on a remote host or locally on an InsightConnect Orchestrator"
-version: 3.0.6
+version: 3.0.7
 connection_version: 3
 key_features:
   - "Run a PowerShell script to manage (remote) computers from the command line"
@@ -15,20 +15,48 @@ requirements:
   - "The use of round-robin DNS lookups is not supported"
 sdk:
   type: slim
-  version: 6.2.0
-  user: nobody
+  version: 6.2.3
+  user: root
+  custom_cmd:
+    - "# Add any package dependencies here"
+    - ENV DEBIAN_FRONTEND noninteractive
+    - "# Kerberos dependencies"
+    - "RUN apt-get update && apt-get install -y \\"
+    - "    apt-transport-https \\"
+    - "    curl \\"
+    - "    gcc python-dev libkrb5-dev \\"
+    - "    git \\"
+    - "    gnupg \\"
+    - "    krb5-user \\"
+    - "    libssl1.1 \\"
+    - "    ntp adcli sssd \\"
+    - "    samba-common \\"
+    - "    software-properties-common \\"
+    - "    sudo \\"
+    - "    realmd \\"
+    - "    wget"
+    - ""
+    - "# Local PowerShell dependencies"
+    - 'RUN echo "deb http://security.ubuntu.com/ubuntu bionic-security main" | sudo tee -a /etc/apt/sources.list.d/bionic.list && \'
+    - "    sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3B4FE6ACC0B21F32 && sudo apt-get update && apt-cache policy libssl1.0-dev && \\"
+    - "    sudo apt-get install -y libssl1.0-dev && \\"
+    - "    wget http://mirrors.kernel.org/ubuntu/pool/main/i/icu/libicu52_52.1-3ubuntu0.8_amd64.deb && \\"
+    - "    sudo apt install -y ./libicu52_52.1-3ubuntu0.8_amd64.deb && \\"
+    - "    rm ./libicu52_52.1-3ubuntu0.8_amd64.deb && \\"
+    - "    wget https://github.com/PowerShell/PowerShell/releases/download/v7.4.6/powershell_7.4.6-1.deb_amd64.deb && \\"
+    - "    sudo apt install -y ./powershell_7.4.6-1.deb_amd64.deb && \\"
+    - "    rm ./powershell_7.4.6-1.deb_amd64.deb"
 links:
   - "[InsightConnect Powershell Plugin Guide](https://docs.rapid7.com/insightconnect/mass-delete-with-PowerShell/)"
 references:
   - "[pywinrm library](https://pypi.python.org/pypi/pywinrm)"
   - "[samba-common](https://packages.debian.org/sid/samba-common)"
   - "[krb5-user](https://packages.debian.org/search?keywords=krb5-user)"
   - "[realmd](https://packages.debian.org/jessie/admin/realmd)"
-supported_versions: ["PowerShell 6.1.2"]
+supported_versions: ["PowerShell 7.4.6"]
 vendor: rapid7
 support: community
 status: []
-troubleshooting: "The use of round-robin DNS lookups is not supported"
 resources:
   source_url: https://github.com/rapid7/insightconnect-plugins/tree/master/plugins/powershell
   license_url: https://github.com/rapid7/insightconnect-plugins/blob/master/LICENSE
@@ -41,8 +69,17 @@ hub_tags:
   use_cases: [data_utility]
   keywords: [powershell, microsoft]
   features: []
+troubleshooting:
+  - "The use of round-robin DNS lookups is not supported"
+  - "If Auth Type is set to \"None\" the PowerShell script will execute locally on the Komand host. This can also be accomplished by leaving the address field blank."
+  - "The username supplied must have local admin privileges on the remote host Windows computer."
+  - "When using a domain account with NTLM the username must be in the following format MYDOMAIN\\username"
+  - "When using the Kerberos connection option the username must be a domain account that has permission to join computers to the domain."
+  - "This plugin can connect over HTTP, the default port for this is 5985.\nIt should be noted that this type of connection is not secure as all information passed is in plain text. In addition, Windows will not allow HTTP connections by default.\n\nThe following commands must be run on the Windows computer that you want to connect to.\n\nFor more information see [Compromising Yourself with WinRM's AllowUnencrypted = True](https://blogs.msdn.microsoft.com/PowerShell/2015/10/27/compromising-yourself-with-winrms-allowunencrypted-true/)\n\n```\nwinrm set winrm/config/client/auth '@{Basic=\"true\"}'\nwinrm set winrm/config/service/auth '@{Basic=\"true\"}'\nwinrm set winrm/config/service '@{AllowUnencrypted=\"true\"}'\n```\n"
+  - "When using the Kerberos connection option, the username should not include an @example.com or other domain identifier. These will be added by the plugin as needed.\nThis plugin will join the Komand docker instance to the Windows domain as a computer if the Kerberos option is used.\nFor the Execute Script action PowerShell code should be submitted as base64. This can be done by copying a `.txt` file with the PowerShell code into the plugin.\n\n_This plugin does not validate the PowerShell code._\nAny errors generated on the remote computer by the PowerShell code are forwarded to the log file.\n\nRun this PowerShell command on a Windows host first to set up a unsigned certificate for authentication:\nThis will not be needed if the host already has a SSL certificate set up for Winrm\n\n```\nInvoke-Expression ((New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1'))\n```"
 version_history:
-  - "3.0.5 - Bump SDK to 6.2.0"
+  - "3.0.7 - Updated dependencies | Updated SDK to the latest version"
+  - "3.0.6 - Bump SDK to 6.2.0"
   - "3.0.5 - Bump requirements.txt | Bump SDK to 6.1.4 | Update help.md to enforce that the use of round-robin DNS lookups is not supported"
   - "3.0.4 - Upgrade user from `nobody` to `root` | bump SDK to 6.0.1 and switch back to `Bullseye` based SDK image"
   - "3.0.3 - Fix decoding error in `Execute Script` action | Update SDK | Update packages for alpine image"
@@ -99,10 +136,10 @@ connection:
     description: Authentication type
     type: string
     enum:
-    - NTLM
-    - Kerberos
-    - CredSSP
-    - None
+      - NTLM
+      - Kerberos
+      - CredSSP
+      - None
     default: None
     required: true
     example: Kerberos

@@ -1,10 +1,10 @@
 # List third-party dependencies here, separated by newlines. 
 # All dependencies must be version-pinned, eg. requests==1.2.0
 # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files
-git+https://github.com/komand/pywinrm[email protected]
-requests-kerberos==0.14.0
+pywinrm==0.5.0
+requests-kerberos==0.15.0
 requests-credssp==2.0.0
 parameterized==0.8.1
-requests==2.32.2
-cryptography==43.0.1
-idna==3.7
+requests==2.32.3
+cryptography==44.0.0
+idna==3.10
@@ -3,7 +3,7 @@
 
 
 setup(name="powershell-rapid7-plugin",
-      version="3.0.6",
+      version="3.0.7",
       description="[PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-6) is a task-based command-line shell and scripting language from Microsoft that helps system administrators, power-users, and InsightConnect customers rapidly automate tasks that manage operating systems and processes. This plugin runs a PowerShell script on a remote host or locally on an InsightConnect Orchestrator",
       author="rapid7",
       author_email="",