Land #5775, restore PPID to the meterpreter process list table

2015-07-27 12:43:40 -05:00 · 2015-07-27 12:43:40 -05:00 · 54a45ac80c
parent 2d0a26ea8b 226516ef20
commit 54a45ac80c
2 changed files with 21 additions and 36 deletions
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb
@ -391,13 +391,26 @@ class ProcessList < Array
    cols.delete_if { |c| !( first.has_key?(c.downcase) ) or first[c.downcase].nil? }

    opts = {
-      "Header"  => "Process List",
-      "Columns" => cols
+      'Header' => 'Process List',
+      'Indent' => 1,
+      'Columns' => cols
    }.merge(opts)

    tbl = Rex::Ui::Text::Table.new(opts)
    each { |process|
-      tbl << cols.map {|c| process[c.downcase] }.compact
+      tbl << cols.map { |c|
+        col = c.downcase
+        val = process[col]
+        if col == 'session'
+          val == 0xFFFFFFFF ? '' : val.to_s
+        elsif col == 'arch'
+          # for display and consistency with payload naming we switch the internal
+          # 'x86_64' value to display 'x64'
+          val == ARCH_X86_64 ? 'x64' : val
+        else
+          val
+        end
+      }.compact
    }

    tbl
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
@ -447,14 +447,14 @@ class Console::CommandDispatcher::Stdapi::Sys
            print_line "You must select either x86 or x86_64"
            return false
          end
-          searched_procs << proc	if proc["arch"] == val
+          searched_procs << proc if proc["arch"] == val
        end
        processes = searched_procs
      when "-s"
        print_line "Filtering on SYSTEM processes..."
        searched_procs = Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList.new
        processes.each do |proc|
-          searched_procs << proc	if proc["user"] == "NT AUTHORITY\\SYSTEM"
+          searched_procs << proc if proc["user"] == "NT AUTHORITY\\SYSTEM"
        end
        processes = searched_procs
      when "-U"
@ -465,46 +465,18 @@ class Console::CommandDispatcher::Stdapi::Sys
            print_line "You must supply a search term!"
            return false
          end
-          searched_procs << proc	if proc["user"].match(/#{val}/)
+          searched_procs << proc if proc["user"].match(/#{val}/)
        end
        processes = searched_procs
      end
    }

-    tbl = Rex::Ui::Text::Table.new(
-      'Header'  => "Process list",
-      'Indent'  => 1,
-      'Columns' =>
-        [
-          "PID",
-          "Name",
-          "Arch",
-          "Session",
-          "User",
-          "Path"
-        ],
-      'SearchTerm' => search_term)
-
-    processes.each { |ent|
-      session = ent['session'] == 0xFFFFFFFF ? '' : ent['session'].to_s
-      arch    = ent['arch']
-
-      # for display and consistency with payload naming we switch the internal 'x86_64' value to display 'x64'
-      if( arch == ARCH_X86_64 )
-        arch = "x64"
-      end
-
-      row = [ ent['pid'].to_s, ent['name'], arch, session, ent['user'], ent['path'] ]
-
-      tbl << row #if (search_term.nil? or row.join(' ').to_s.match(search_term))
-    }
-
    if (processes.length == 0)
      print_line("No running processes were found.")
    else
+      tbl = processes.to_table('SearchTerm' => search_term)
      print_line
-      print("\n" + tbl.to_s + "\n")
-      print_line
+      print_line(tbl.to_s)
    end
    return true
  end