MSF started to the extended API with window enum

Decided to kick off a new extended API extension with mubix and
kernelsmith to include some more advanced enumeration stuff. The goal of
this extension is to take stuff that wouldn't be part of the std api but
is rather useful for enumeration of a target once meterpreter has been
established.

This commit kicks things off with enumeration of top level windows on the
current desktop.

lib/rex/post/meterpreter/extensions/extapi/extapi.rb

@@ -0,0 +1,56 @@
+#!/usr/bin/env ruby
+# -*- coding: binary -*-
+
+require 'rex/post/meterpreter/extensions/extapi/tlv'
+
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Extapi
+
+###
+#
+# This meterpreter extension contains an extended API which will allow for more
+#  advanced enumeration of the victim. This includes detail of:
+#   * Active/open windows
+#   * Services
+#   * Clipboard
+#   ... and more.
+#
+###
+class Extapi < Extension
+
+  def initialize(client)
+    super(client, 'extapi')
+
+    client.register_extension_aliases(
+      [
+        {
+          'name' => 'extapi',
+          'ext'  => self
+        },
+      ])
+  end
+
+  # Enumerate all the top-level windows on the target
+  def window_enum()
+    request = Packet.create_request('extapi_window_enum')
+    response = client.send_request(request)
+
+    windows = []
+
+    response.each(TLV_TYPE_EXT_WINDOW_ENUM_GROUP) { |w|
+      windows << {
+        :pid    => w.get_tlv_value(TLV_TYPE_EXT_WINDOW_ENUM_PID),
+        :handle => w.get_tlv_value(TLV_TYPE_EXT_WINDOW_ENUM_HANDLE),
+        :title  => w.get_tlv_value(TLV_TYPE_EXT_WINDOW_ENUM_TITLE)
+      }
+    }
+
+    return windows.sort_by { |w| w[:pid] }
+  end
+
+end
+
+end; end; end; end; end

lib/rex/post/meterpreter/extensions/extapi/tlv.rb

@@ -0,0 +1,19 @@
+# -*- coding: binary -*-
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Extapi
+
+TLV_TYPE_EXTENSION_EXTAPI = 0
+
+TLV_TYPE_EXT_WINDOW_ENUM_GROUP  = TLV_META_TYPE_GROUP  | (TLV_TYPE_EXTENSION_EXTAPI + TLV_EXTENSIONS + 1)
+TLV_TYPE_EXT_WINDOW_ENUM_PID    = TLV_META_TYPE_UINT   | (TLV_TYPE_EXTENSION_EXTAPI + TLV_EXTENSIONS + 2)
+TLV_TYPE_EXT_WINDOW_ENUM_HANDLE = TLV_META_TYPE_QWORD  | (TLV_TYPE_EXTENSION_EXTAPI + TLV_EXTENSIONS + 3)
+TLV_TYPE_EXT_WINDOW_ENUM_TITLE  = TLV_META_TYPE_STRING | (TLV_TYPE_EXTENSION_EXTAPI + TLV_EXTENSIONS + 4)
+
+end
+end
+end
+end
+end

lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi.rb

@@ -0,0 +1,68 @@
+# -*- coding: binary -*-
+require 'rex/post/meterpreter'
+
+module Rex
+module Post
+module Meterpreter
+module Ui
+
+###
+#
+# Extended API user interface.
+#
+###
+class Console::CommandDispatcher::Extapi
+
+  Klass = Console::CommandDispatcher::Extapi
+
+  include Console::CommandDispatcher
+
+  #
+  # Initializes an instance of the extended API command interaction.
+  #
+  def initialize(shell)
+    super
+  end
+
+  #
+  # List of supported commands.
+  #
+  def commands
+    {
+      "window_enum" => "Enumerate all current open windows"
+    }
+  end
+
+
+  def cmd_window_enum(*args)
+
+    windows = client.extapi.window_enum()
+
+    print_line()
+    print_line("     PID |     Handle | Window title")
+    print_line("-------------------------------------------------------------")
+
+    windows.each do |w|
+      print_line(sprintf("%8d | %10d | %s", w[:pid], w[:handle], w[:title]))
+    end
+
+    print_line()
+    print_line("Total top-level Windows: #{windows.length}")
+    print_line()
+
+    return true
+  end
+
+  #
+  # Name for this dispatcher
+  #
+  def name
+    "Extapi"
+  end
+
+end
+
+end
+end
+end
+end