Further messing about with unicode conversions
parent
d8b3b15da6
commit
16cf3c6207
|
@ -97,16 +97,16 @@ class Metasploit3 < Msf::Post
|
|||
# Note that the conversions to UTF-8 are necessary because of the way SQLite detects column type affinity
|
||||
# Turns out that the 'fix' is documented in https://github.com/rails/rails/issues/1965
|
||||
sql_param_group = { g_rid: group_rid,
|
||||
g_distinguishedName: individual_group[0][:value].encode('UTF-8').scrub,
|
||||
g_distinguishedName: individual_group[0][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
g_sAMAccountType: sat_int,
|
||||
g_sAMAccountName: individual_group[3][:value].encode('UTF-8').scrub,
|
||||
g_whenChanged: individual_group[4][:value].encode('UTF-8').scrub,
|
||||
g_whenCreated: individual_group[5][:value].encode('UTF-8').scrub,
|
||||
g_description: individual_group[6][:value].encode('UTF-8').scrub,
|
||||
g_sAMAccountName: individual_group[3][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
g_whenChanged: individual_group[4][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
g_whenCreated: individual_group[5][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
g_description: individual_group[6][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
g_groupType: grouptype_int,
|
||||
g_adminCount: individual_group[8][:value].to_i,
|
||||
g_comment: individual_group[9][:value].encode('UTF-8').scrub,
|
||||
g_managedBy: individual_group[10][:value].encode('UTF-8').scrub,
|
||||
g_comment: individual_group[9][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
g_managedBy: individual_group[10][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
# Specifies a group that is created by the system.
|
||||
g_GT_GROUP_CREATED_BY_SYSTEM: (grouptype_int & 0x00000001).zero? ? 0 : 1,
|
||||
# Specifies a group with global scope.
|
||||
|
@ -153,25 +153,25 @@ class Metasploit3 < Msf::Post
|
|||
# Add the group to the database
|
||||
# Also parse the ADF_ flags from userAccountControl: https://msdn.microsoft.com/en-us/library/windows/desktop/ms680832(v=vs.85).aspx
|
||||
sql_param_user = { u_rid: user_rid,
|
||||
u_distinguishedName: group_user[0][:value].encode('UTF-8').scrub,
|
||||
u_distinguishedName: group_user[0][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_sAMAccountType: group_user[2][:value].to_i,
|
||||
u_sAMAccountName: group_user[3][:value].encode('UTF-8').scrub,
|
||||
u_displayName: group_user[4][:value].encode('UTF-8').scrub,
|
||||
u_description: group_user[5][:value].encode('UTF-8').scrub,
|
||||
u_sAMAccountName: group_user[3][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_displayName: group_user[4][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_description: group_user[5][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_logonCount: group_user[6][:value].to_i,
|
||||
u_userAccountControl: uac_int,
|
||||
u_userPrincipalName: group_user[8][:value].encode('UTF-8').scrub,
|
||||
u_whenChanged: group_user[9][:value].encode('UTF-8').scrub,
|
||||
u_whenCreated: group_user[10][:value].encode('UTF-8').scrub,
|
||||
u_userPrincipalName: group_user[8][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_whenChanged: group_user[9][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_whenCreated: group_user[10][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_primaryGroupID: group_user[11][:value].to_i,
|
||||
u_badPwdCount: group_user[12][:value].to_i,
|
||||
u_comment: group_user[13][:value].encode('UTF-8').scrub,
|
||||
u_title: group_user[14][:value].encode('UTF-8').scrub,
|
||||
u_cn: group_user[15][:value].to_s.encode('UTF-8').scrub,
|
||||
u_comment: group_user[13][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_title: group_user[14][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
u_cn: group_user[15][:value].to_s.encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
# Indicates that a given object has had its ACLs changed to a more secure value by the
|
||||
# system because it was a member of one of the administrative groups (directly or transitively).
|
||||
u_adminCount: group_user[16][:value].to_i,
|
||||
u_manager: group_user[17][:value].to_s.encode('UTF-8').scrub,
|
||||
u_manager: group_user[17][:value].to_s.encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
# The login script is executed
|
||||
u_ADS_UF_SCRIPT: (uac_int & 0x00000001).zero? ? 0 : 1,
|
||||
# The user account is disabled.
|
||||
|
@ -272,23 +272,23 @@ class Metasploit3 < Msf::Post
|
|||
# its a user or a computer and so, for convenience and ease of use, I have put them in completely separate tables.
|
||||
# Also add the sAMAccount type flags from https://msdn.microsoft.com/en-us/library/windows/desktop/ms679637(v=vs.85).aspx
|
||||
sql_param_computer = { c_rid: computer_rid,
|
||||
c_distinguishedName: comp[0][:value].encode('UTF-8').scrub,
|
||||
c_cn: comp[2][:value].encode('UTF-8').scrub,
|
||||
c_dNSHostName: comp[3][:value].encode('UTF-8').scrub,
|
||||
c_distinguishedName: comp[0][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_cn: comp[2][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_dNSHostName: comp[3][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_sAMAccountType: sat_int,
|
||||
c_sAMAccountName: comp[5][:value].encode('UTF-8').scrub,
|
||||
c_displayName: comp[6][:value].encode('UTF-8').scrub,
|
||||
c_sAMAccountName: comp[5][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_displayName: comp[6][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_logonCount: comp[7][:value].to_i,
|
||||
c_userAccountControl: uac_int,
|
||||
c_whenChanged: comp[9][:value].encode('UTF-8').scrub,
|
||||
c_whenCreated: comp[10][:value].encode('UTF-8').scrub,
|
||||
c_whenChanged: comp[9][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_whenCreated: comp[10][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_primaryGroupID: comp[11][:value].to_i,
|
||||
c_badPwdCount: comp[12][:value].to_i,
|
||||
c_operatingSystem: comp[13][:value].encode('UTF-8').scrub,
|
||||
c_operatingSystemServicePack: comp[14][:value].encode('UTF-8').scrub,
|
||||
c_operatingSystemVersion: comp[15][:value].encode('UTF-8').scrub,
|
||||
c_description: comp[16][:value].encode('UTF-8').scrub,
|
||||
c_comment: comp[17][:value].encode('UTF-8').scrub,
|
||||
c_operatingSystem: comp[13][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_operatingSystemServicePack: comp[14][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_operatingSystemVersion: comp[15][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_description: comp[16][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
c_comment: comp[17][:value].encode('UTF-16be', :invalid=>:replace,:undef=>:replace,:replace=>'?').encode('UTF-8',:invalid=>:replace,:undef=>:replace,:replace=>'?'),
|
||||
# The login script is executed
|
||||
c_ADS_UF_SCRIPT: (uac_int & 0x00000001).zero? ? 0 : 1,
|
||||
# The user account is disabled.
|
||||
|
|
Loading…
Reference in New Issue