commit
54a45ac80c
|
@ -391,13 +391,26 @@ class ProcessList < Array
|
|||
cols.delete_if { |c| !( first.has_key?(c.downcase) ) or first[c.downcase].nil? }
|
||||
|
||||
opts = {
|
||||
"Header" => "Process List",
|
||||
"Columns" => cols
|
||||
'Header' => 'Process List',
|
||||
'Indent' => 1,
|
||||
'Columns' => cols
|
||||
}.merge(opts)
|
||||
|
||||
tbl = Rex::Ui::Text::Table.new(opts)
|
||||
each { |process|
|
||||
tbl << cols.map {|c| process[c.downcase] }.compact
|
||||
tbl << cols.map { |c|
|
||||
col = c.downcase
|
||||
val = process[col]
|
||||
if col == 'session'
|
||||
val == 0xFFFFFFFF ? '' : val.to_s
|
||||
elsif col == 'arch'
|
||||
# for display and consistency with payload naming we switch the internal
|
||||
# 'x86_64' value to display 'x64'
|
||||
val == ARCH_X86_64 ? 'x64' : val
|
||||
else
|
||||
val
|
||||
end
|
||||
}.compact
|
||||
}
|
||||
|
||||
tbl
|
||||
|
|
|
@ -447,14 +447,14 @@ class Console::CommandDispatcher::Stdapi::Sys
|
|||
print_line "You must select either x86 or x86_64"
|
||||
return false
|
||||
end
|
||||
searched_procs << proc if proc["arch"] == val
|
||||
searched_procs << proc if proc["arch"] == val
|
||||
end
|
||||
processes = searched_procs
|
||||
when "-s"
|
||||
print_line "Filtering on SYSTEM processes..."
|
||||
searched_procs = Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList.new
|
||||
processes.each do |proc|
|
||||
searched_procs << proc if proc["user"] == "NT AUTHORITY\\SYSTEM"
|
||||
searched_procs << proc if proc["user"] == "NT AUTHORITY\\SYSTEM"
|
||||
end
|
||||
processes = searched_procs
|
||||
when "-U"
|
||||
|
@ -465,46 +465,18 @@ class Console::CommandDispatcher::Stdapi::Sys
|
|||
print_line "You must supply a search term!"
|
||||
return false
|
||||
end
|
||||
searched_procs << proc if proc["user"].match(/#{val}/)
|
||||
searched_procs << proc if proc["user"].match(/#{val}/)
|
||||
end
|
||||
processes = searched_procs
|
||||
end
|
||||
}
|
||||
|
||||
tbl = Rex::Ui::Text::Table.new(
|
||||
'Header' => "Process list",
|
||||
'Indent' => 1,
|
||||
'Columns' =>
|
||||
[
|
||||
"PID",
|
||||
"Name",
|
||||
"Arch",
|
||||
"Session",
|
||||
"User",
|
||||
"Path"
|
||||
],
|
||||
'SearchTerm' => search_term)
|
||||
|
||||
processes.each { |ent|
|
||||
session = ent['session'] == 0xFFFFFFFF ? '' : ent['session'].to_s
|
||||
arch = ent['arch']
|
||||
|
||||
# for display and consistency with payload naming we switch the internal 'x86_64' value to display 'x64'
|
||||
if( arch == ARCH_X86_64 )
|
||||
arch = "x64"
|
||||
end
|
||||
|
||||
row = [ ent['pid'].to_s, ent['name'], arch, session, ent['user'], ent['path'] ]
|
||||
|
||||
tbl << row #if (search_term.nil? or row.join(' ').to_s.match(search_term))
|
||||
}
|
||||
|
||||
if (processes.length == 0)
|
||||
print_line("No running processes were found.")
|
||||
else
|
||||
tbl = processes.to_table('SearchTerm' => search_term)
|
||||
print_line
|
||||
print("\n" + tbl.to_s + "\n")
|
||||
print_line
|
||||
print_line(tbl.to_s)
|
||||
end
|
||||
return true
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue