Add a bunch of extra filter options
David Maloney
corelanc0d3r
parent
1adfc0e070
commit
1fd4c8867c
|
|
@ -47,7 +47,10 @@ class Console::CommandDispatcher::Stdapi::Sys
|
|||
|
||||
@@ps_opts = Rex::Parser::Arguments.new(
|
||||
"-h" => [false, "Help menu."],
|
||||
"-S" => [true, "RegEx term(s) to filter results with "])
|
||||
"-S" => [true, "RegEx term to filter on process name with "],
|
||||
"-A" => [true, "Arch to filter on (x86 or x86_64"],
|
||||
"-s" =>[false, "Show only SYSTEM processes"],
|
||||
"-U" => [true, "RegEx term to filter on user name with"])
|
||||
|
||||
#
|
||||
# List of supported commands.
|
||||
|
|
@ -284,7 +287,7 @@ class Console::CommandDispatcher::Stdapi::Sys
|
|||
cmd_ps_help
|
||||
return true
|
||||
when "-S"
|
||||
print_line "Performing Search..."
|
||||
print_line "Filtering on process name..."
|
||||
searched_procs = Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList.new
|
||||
processes.each do |proc|
|
||||
if val.nil? or val.empty?
|
||||
|
|
@ -294,6 +297,36 @@ class Console::CommandDispatcher::Stdapi::Sys
|
|||
searched_procs << proc if proc["name"].match(/#{val}/)
|
||||
end
|
||||
processes = searched_procs
|
||||
when "-A"
|
||||
print_line "Filtering on arch..."
|
||||
searched_procs = Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList.new
|
||||
processes.each do |proc|
|
||||
next if proc['arch'].nil? or proc['arch'].empty?
|
||||
if val.nil? or val.empty? or !(val == "x86" or val == "x86_64")
|
||||
print_line "You must select either x86 or x86_64"
|
||||
return false
|
||||
end
|
||||
searched_procs << proc if proc["arch"] == val
|
||||
end
|
||||
processes = searched_procs
|
||||
when "-s"
|
||||
print_line "Filtering on SYSTEM processes..."
|
||||
searched_procs = Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList.new
|
||||
processes.each do |proc|
|
||||
searched_procs << proc if proc["user"] == "NT AUTHORITY\\SYSTEM"
|
||||
end
|
||||
processes = searched_procs
|
||||
when "-U"
|
||||
print_line "Filtering on user name..."
|
||||
searched_procs = Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList.new
|
||||
processes.each do |proc|
|
||||
if val.nil? or val.empty?
|
||||
print_line "You must supply a search term!"
|
||||
return false
|
||||
end
|
||||
searched_procs << proc if proc["user"].match(/#{val}/)
|
||||
end
|
||||
processes = searched_procs
|
||||
end
|
||||
end
|
||||
if (processes.length == 0)
|
||||
|
|
@ -316,6 +349,8 @@ class Console::CommandDispatcher::Stdapi::Sys
|
|||
print_line "Would return any processes with 'svc' in the name"
|
||||
end
|
||||
|
||||
|
||||
|
||||
#
|
||||
# Reboots the remote computer.
|
||||
#
|
||||
|
|
@ -627,6 +662,7 @@ class Console::CommandDispatcher::Stdapi::Sys
|
|||
client.sys.power.shutdown
|
||||
end
|
||||
|
||||
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue