infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

registry fun stuff 

git-svn-id: file:///home/svn/incoming/trunk@2356 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Matt Miller 2005-04-10 10:31:38 +00:00
parent 56e6016db2
commit 59992d3cca
4 changed files with 106 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/rex/post/meterpreter/extensions/stdapi/Process.rb
View File

@ -11,6 +11,8 @@ module Meterpreter
module Extensions
module Stdapi
TLV_TYPE_PID = TLV_META_TYPE_UINT | 0
class Process < Rex::Post::Process
class <<self

41
lib/rex/post/meterpreter/extensions/stdapi/Registry.rb Normal file
View File

@ -0,0 +1,41 @@
#!/usr/bin/ruby
require 'Rex/Post/Process'
require 'Rex/Post/Meterpreter/Packet'
require 'Rex/Post/Meterpreter/Client'
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Constants'
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Stdapi'
module Rex
module Post
module Meterpreter
module Extensions
module Stdapi
TLV_TYPE_HKEY = TLV_META_TYPE_UINT | 1000
TLV_TYPE_ROOT_KEY = TLV_TYPE_HKEY
TLV_TYPE_BASE_KEY = TLV_META_TYPE_STRING | 1001
TLV_TYPE_PERMISSION = TLV_META_TYPE_UINT | 1002
class Registry
class <<self
attr_accessor :client
end
def Registry.open_key(root_key, base_key, perm = KEY_READ)
request = Packet.create_request('stdapi_registry_open_key')
request.add_tlv(TLV_TYPE_ROOT_KEY, root_key)
request.add_tlv(TLV_TYPE_BASE_KEY, base_key)
request.add_tlv(TLV_TYPE_PERMISSION, perm)
response = self.client.send_request(request)
return response.get_tlv(TLV_TYPE_HKEY).value
end
end
end; end; end; end; end

58
lib/rex/post/meterpreter/extensions/stdapi/constants.rb Normal file
View File

@ -0,0 +1,58 @@
#!/usr/bin/ruby
# These are put into the global namespace for now
# so that they can be referenced globally
# Permissions
DELETE = 0x00010000
READ_CONTROL = 0x00020000
WRITE_DAC = 0x00040000
WRITE_OWNER = 0x00080000
SYNCHRONIZE = 0x00100000
STANDARD_RIGHTS_REQUIRED = 0x000f0000
STANDARD_RIGHTS_READ = READ_CONTROL
STANDARD_RIGHTS_WRITE = READ_CONTROL
STANDARD_RIGHTS_EXECUTE = READ_CONTROL
STANDARD_RIGHTS_ALL = 0x001f0000
SPECIFIC_RIGHTS_ALL = 0x0000ffff
MAXIMUM_ALLOWED = 0x02000000
GENERIC_READ = 0x80000000
GENERIC_WRITE = 0x40000000
GENERIC_EXECUTE = 0x20000000
GENERIC_ALL = 0x10000000
# Registry Permissions
KEY_QUERY_VALUE = 0x00000001
KEY_SET_VALUE = 0x00000002
KEY_CREATE_SUB_KEY = 0x00000004
KEY_ENUMERATE_SUB_KEYS = 0x00000008
KEY_NOTIFY = 0x00000010
KEY_CREATE_LINK = 0x00000020
KEY_READ = (STANDARD_RIGHTS_READ | KEY_QUERY_VALUE |
KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY) & ~SYNCHRONIZE
KEY_WRITE = (STANDARD_RIGHTS_WRITE | KEY_SET_VALUE |
KEY_CREATE_SUB_KEY) & ~SYNCHRONIZE
KEY_EXECUTE = KEY_READ
KEY_ALL_ACCESS = (STANDARD_RIGHTS_ALL | KEY_QUERY_VALUE |
KEY_SET_VALUE | KEY_CREATE_SUB_KEY |
KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY |
KEY_CREATE_LINK) & ~SYNCHRONIZE
# Registry
HKEY_CLASSES_ROOT = 0x80000000
HKEY_CURRENT_USER = 0x80000001
HKEY_LOCAL_MACHINE = 0x80000002
HKEY_USERS = 0x80000003
HKEY_PERFORMANCE_DATA = 0x80000004
HKEY_CURRENT_CONFIG = 0x80000005
HKEY_DYN_DATA = 0x80000006
REG_NONE = 0
REG_SZ = 1
REG_EXPAND_SZ = 2
REG_BINARY = 3
REG_DWORD = 4
REG_DWORD_LITTLE_ENDIAN = 4
REG_DWORD_BIG_ENDIAN = 5
REG_LINK = 6
REG_MULTI_SZ = 7

8
lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
View File

@ -2,6 +2,7 @@
require 'Rex/Post/Meterpreter/Extension'
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Process'
require 'Rex/Post/Meterpreter/Extensions/Stdapi/Registry'
module Rex
module Post
@ -9,9 +10,6 @@ module Meterpreter
module Extensions
module Stdapi
# Constants
TLV_TYPE_PID = TLV_META_TYPE_UINT | 0
###
#
# Stdapi
@ -34,6 +32,10 @@ class Stdapi < Extension
def process
brand(Rex::Post::Meterpreter::Extensions::Stdapi::Process)
end
def registry
brand(Rex::Post::Meterpreter::Extensions::Stdapi::Registry)
end
end
end; end; end; end; end