infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Final pass of regex -> string checks

bug/bundler_fix
OJ 2016-10-29 14:59:05 +10:00
parent 0730613c67
commit 640827c24b
No known key found for this signature in database
GPG Key ID: D5DC61FB93260597
25 changed files with 91 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/post/multi/gather/apple_ios_backup.rb
View File

@ -38,10 +38,10 @@ class MetasploitModule < Msf::Post
#
def run
case session.platform
when /osx/
when 'osx'
@platform = :osx
paths = enum_users_unix
when /windows/
when 'windows'
@platform = :windows
drive = session.sys.config.getenv('SystemDrive')
os = session.sys.config.sysinfo['OS']

6
modules/post/multi/gather/dns_bruteforce.rb
View File

@ -46,9 +46,9 @@ class MetasploitModule < Msf::Post
end
case session.platform
when /windows/i
when 'windows'
cmd = "nslookup"
when /solaris/i
when 'solaris'
cmd = "/usr/sbin/host "
else
cmd = "/usr/bin/host "
@ -62,7 +62,7 @@ class MetasploitModule < Msf::Post
r = cmd_exec(cmd, "#{n.strip}.#{domain}")
case session.platform
when /windows/
when 'windows'
proccess_win(r, "#{n.strip}.#{domain}")
else
process_nix(r, "#{n.strip}.#{domain}")

6
modules/post/multi/gather/dns_reverse_lookup.rb
View File

@ -45,9 +45,9 @@ class MetasploitModule < Msf::Post
end
case session.platform
when /windows/i
when 'windows'
cmd = "nslookup"
when /solaris/i
when 'solaris'
cmd = "/usr/sbin/host"
else
cmd = "/usr/bin/host"
@ -59,7 +59,7 @@ class MetasploitModule < Msf::Post
next if ip_add.nil?
r = cmd_exec(cmd, " #{ip_add}")
case session.platform
when /windows/
when 'windows'
if r =~ /(Name)/
r.scan(/Name:\s*\S*\s/) do |n|
hostname = n.split(": ")

6
modules/post/multi/gather/dns_srv_lookup.rb
View File

@ -56,10 +56,10 @@ class MetasploitModule < Msf::Post
a = []
case session.platform
when /windows/i
when 'windows'
ns_opt = " -query=srv "
cmd = "nslookup"
when /solaris/i
when 'solaris'
ns_opt = " -t srv "
cmd = "/usr/sbin/host"
else
@ -74,7 +74,7 @@ class MetasploitModule < Msf::Post
r = cmd_exec(cmd, ns_opt + "#{srv}#{domain}")
case session.platform
when /windows/
when 'windows'
if r =~ /\s*internet\saddress\s\=\s/
nslookup_srv_consume("#{srv}#{domain}", r).each do |f|
print_good("\t#{f[:srv]} #{f[:target]} #{f[:port]} #{f[:ip]}")

5
modules/post/multi/gather/enum_vbox.rb
View File

@ -28,7 +28,8 @@ class MetasploitModule < Msf::Post
end
def run
if session.platform =~ /windows/
case session.platform
when 'windows'
if session.type == 'meterpreter'
begin
res = cmd_exec('c:\\Program Files\\Oracle\\VirtualBox\\vboxmanage', 'list -l vms')
@ -48,7 +49,7 @@ class MetasploitModule < Msf::Post
return nil
end
end
elsif session.platform =~ /unix|linux|bsd|osx/
when 'unix', 'linux', 'bsd', 'osx'
res = cmd_exec('vboxmanage list -l vms')
unless res.start_with?('Sun VirtualBox') || res.include?('Name:')

6
modules/post/multi/gather/env.rb
View File

@ -35,7 +35,7 @@ class MetasploitModule < Msf::Post
def get_env_shell
print_line @output if @output
if session.platform =~ /windows/
if session.platform == 'windows'
@ltype = "windows.environment"
cmd = "set"
else
@ -46,8 +46,8 @@ class MetasploitModule < Msf::Post
end
def get_env_meterpreter
case sysinfo["OS"]
when /windows/i
case session.platform
when 'windows'
var_names = []
var_names << registry_enumvals("HKEY_CURRENT_USER\\Volatile Environment")
var_names << registry_enumvals("HKEY_CURRENT_USER\\Environment")

6
modules/post/multi/gather/filezilla_client_cred.rb
View File

@ -30,13 +30,13 @@ class MetasploitModule < Msf::Post
def run
paths = []
case session.platform
when /unix|linux|bsd/
when 'unix', 'linux', 'bsd'
@platform = :unix
paths = enum_users_unix
when /osx/
when 'osx'
@platform = :osx
paths = enum_users_unix
when /windows/
when 'windows'
@platform = :windows
profiles = grab_user_profiles()
profiles.each do |user|

6
modules/post/multi/gather/firefox_creds.rb
View File

@ -73,11 +73,11 @@ class MetasploitModule < Msf::Post
# Certain shells for certain platform
vprint_status("Determining session platform and type")
case session.platform
when /unix|linux|bsd/
when 'unix', 'linux', 'bsd'
@platform = :unix
when /osx/
when 'osx'
@platform = :osx
when /windows/
when 'windows'
if session.type != "meterpreter"
print_error "Only meterpreter sessions are supported on Windows hosts"
return

15
modules/post/multi/gather/lastpass_creds.rb
View File

@ -38,7 +38,7 @@ class MetasploitModule < Msf::Post
end
def run
if session.platform =~ /windows/ && session.type == "shell" # No Windows shell support
if session.platform == 'windows' && session.type == "shell" # No Windows shell support
print_error "Shell sessions on Windows are not supported"
return
end
@ -68,7 +68,6 @@ class MetasploitModule < Msf::Post
# Returns a mapping of lastpass accounts
def build_account_map
platform = session.platform
profiles = user_profiles
account_map = {}
@ -78,8 +77,8 @@ class MetasploitModule < Msf::Post
localstorage_path_map = {}
cookies_path_map = {}
case platform
when /windows/
case session.platform
when 'windows'
browser_path_map = {
'Chrome' => "#{user_profile['LocalAppData']}\\Google\\Chrome\\User Data\\Default\\databases\\chrome-extension_hdokiejnpimakedhajhdlcegeplioahd_0",
'Firefox' => "#{user_profile['AppData']}\\Mozilla\\Firefox\\Profiles",
@ -98,7 +97,7 @@ class MetasploitModule < Msf::Post
'IE' => "#{user_profile['LocalAppData']}\\Microsoft\\Windows\\INetCookies\\Low",
'Opera' => "#{user_profile['AppData']}\\Opera Software\\Opera Stable\\Cookies"
}
when /unix|linux/
when 'unix', 'linux'
browser_path_map = {
'Chrome' => "#{user_profile['LocalAppData']}/.config/google-chrome/Default/databases/chrome-extension_hdokiejnpimakedhajhdlcegeplioahd_0",
'Firefox' => "#{user_profile['LocalAppData']}/.mozilla/firefox",
@ -114,7 +113,7 @@ class MetasploitModule < Msf::Post
'Firefox' => "", # It's set programmatically
'Opera' => "#{user_profile['LocalAppData']}/.config/opera/Cookies"
}
when /osx/
when 'osx'
browser_path_map = {
'Chrome' => "#{user_profile['LocalAppData']}/Google/Chrome/Default/databases/chrome-extension_hdokiejnpimakedhajhdlcegeplioahd_0",
'Firefox' => "#{user_profile['LocalAppData']}/Firefox/Profiles",
@ -134,7 +133,7 @@ class MetasploitModule < Msf::Post
'Safari' => "#{user_profile['AppData']}/Cookies/Cookies.binarycookies"
}
else
print_error "Platform not recognized: #{platform}"
print_error "Platform not recognized: #{session.platform}"
end
account_map[account] = {}
@ -807,6 +806,6 @@ class MetasploitModule < Msf::Post
# Returns OS separator in a session type agnostic way
def system_separator
return session.platform =~ /windows/ ? '\\' : '/'
return session.platform == 'windows' ? '\\' : '/'
end
end

4
modules/post/multi/gather/pgpass_creds.rb
View File

@ -30,9 +30,9 @@ class MetasploitModule < Msf::Post
files = []
case session.platform
when /unix|linux|bsd|osx/
when 'unix', 'linux', 'bsd', 'osx'
files = enum_user_directories.map {|d| d + "/.pgpass"}.select { |f| file?(f) }
when /windows/
when 'windows'
if session.type != "meterpreter"
print_error("Only meterpreter sessions are supported on windows hosts")
return

6
modules/post/multi/gather/pidgin_cred.rb
View File

@ -38,13 +38,13 @@ class MetasploitModule < Msf::Post
def run
paths = []
case session.platform
when /unix|linux|bsd/
when 'unix', 'linux', 'bsd'
@platform = :unix
paths = enum_users_unix
when /osx/
when 'osx'
@platform = :osx
paths = enum_users_unix
when /windows/
when 'windows'
@platform = :windows
profiles = grab_user_profiles()
profiles.each do |user|

4
modules/post/multi/gather/ping_sweep.rb
View File

@ -42,10 +42,10 @@ class MetasploitModule < Msf::Post
end
case session.platform
when /windows/i
when 'windows'
count = " -n 1 "
cmd = "ping"
when /solaris/i
when 'solaris'
cmd = "/usr/sbin/ping"
else
count = " -n -c 1 -W 2 "

10
modules/post/multi/gather/skype_enum.rb
View File

@ -61,7 +61,7 @@ class MetasploitModule < Msf::Post
process_db(db_in_loot,p['name'])
end
end
elsif (session.platform =~ /windows/ and session.type =~ /meter/)
elsif (session.platform =- 'windows' and session.type == 'meterpreter')
# Iterate thru each user profile in a Windows System using Meterpreter Post API
grab_user_profiles().each do |p|
if check_skype(p['AppData'],p['UserName'])
@ -78,7 +78,7 @@ class MetasploitModule < Msf::Post
# Check if Skype is installed. Returns true or false.
def check_skype(path, user)
dirs = []
if session.type =~ /meterpreter/
if session.type == 'meterpreter'
session.fs.dir.foreach(path) do |d|
dirs << d
end
@ -97,8 +97,8 @@ class MetasploitModule < Msf::Post
# Download file using Meterpreter functionality and returns path in loot for the file
def download_db(profile)
if session.type =~ /meterpreter/
if session.platform =~ /osx/
if session.type == 'meterpreter'
if session.platform == 'osx'
file = session.fs.file.search("#{profile['dir']}/Library/Application Support/Skype/","main.db",true)
else
file = session.fs.file.search("#{profile['AppData']}\\Skype","main.db",true)
@ -115,7 +115,7 @@ class MetasploitModule < Msf::Post
)
file.each do |db|
if session.type =~ /meterpreter/
if session.type == 'meterpreter'
maindb = "#{db['path']}#{session.fs.file.separator}#{db['name']}"
print_status("Downloading #{maindb}")
session.fs.file.download_file(file_loc,maindb)

24
modules/post/multi/gather/thunderbird_creds.rb
View File

@ -42,14 +42,14 @@ class MetasploitModule < Msf::Post
def run
# Initialize Thunderbird's base path based on the platform
case session.platform
when /linux/
when 'linux'
user = session.shell_command("whoami").chomp
base = "/home/#{user}/.thunderbird/"
when /osx/
when 'osx'
user = session.shell_command("whoami").chomp
base = "/Users/#{user}/Library/Thunderbird/Profiles/"
when /windows/
if session.type =~ /meterpreter/
when 'windows'
if session.type == 'meterpreter'
user_profile = session.sys.config.getenv('APPDATA')
else
user_profile = cmd_exec("echo %APPDATA%").strip
@ -65,7 +65,7 @@ class MetasploitModule < Msf::Post
# Steal!
profiles.each do |profile|
next if profile =~ /^\./
slash = (session.platform =~ /windows/) ? "\\" : "/"
slash = (session.platform == 'windows') ? "\\" : "/"
p = base + profile + slash
# Download the database, and attempt to process the content
@ -86,7 +86,7 @@ class MetasploitModule < Msf::Post
loot = ''
# Downaload the file
if session.type =~ /meterpreter/
if session.type == 'meterpreter'
vprint_status("Downloading: #{p + item}")
begin
f = session.fs.file.new(p + item, 'rb')
@ -97,8 +97,8 @@ class MetasploitModule < Msf::Post
ensure
f.close
end
elsif session.type =~ /shell/
cmd_show = (session.platform =~ /windows/) ? 'type' : 'cat'
elsif session.type == 'shell'
cmd_show = (session.platform == 'windows') ? 'type' : 'cat'
# The type command will add a 0x0a character in the file? Pff.
# Gotta lstrip that.
loot = cmd_exec(cmd_show, "\"#{p+item}\"").lstrip
@ -205,17 +205,17 @@ class MetasploitModule < Msf::Post
def get_profile_names(path)
tb_profiles = []
if session.type =~ /meterpreter/
if session.type == 'meterpreter'
session.fs.dir.foreach(path) do |subdir|
tb_profiles << subdir
end
else
cmd = (session.platform =~ /windows/) ? "dir \"#{path}\"" : "ls -ld #{path}*/"
cmd = (session.platform == 'windows') ? "dir \"#{path}\"" : "ls -ld #{path}*/"
dir = cmd_exec(cmd)
dir.each_line do |line|
line = line.strip
next if session.platform =~ /windows/ and line !~ /<DIR>((.+)\.(\w+)$)/
next if session.platform =~ /linux|osx/ and line !~ /(\w+\.\w+)/
next if session.platform == 'windows' && line !~ /<DIR>((.+)\.(\w+)$)/
next if (session.platform == 'linux' || session.platform == 'osx') && line !~ /(\w+\.\w+)/
tb_profiles << $1 if not $1.nil?
end
end

10
modules/post/multi/gather/wlan_geolocate.rb
View File

@ -109,7 +109,7 @@ class MetasploitModule < Msf::Post
# Run Method for when run command is issued
def run
case session.platform
when /windows/i
when 'windows'
listing = cmd_exec('netsh wlan show networks mode=bssid')
if listing.nil?
print_error("Unable to generate wireless listing.")
@ -125,7 +125,7 @@ class MetasploitModule < Msf::Post
end
end
when /osx/i
when 'osx'
listing = cmd_exec('/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s')
if listing.nil?
print_error("Unable to generate wireless listing.")
@ -140,7 +140,7 @@ class MetasploitModule < Msf::Post
end
end
when /linux/i
when 'linux'
listing = cmd_exec('iwlist scanning')
if listing.nil?
print_error("Unable to generate wireless listing.")
@ -156,7 +156,7 @@ class MetasploitModule < Msf::Post
end
end
when /solaris/i
when 'solaris'
listing = cmd_exec('dladm scan-wifi')
if listing.blank?
print_error("Unable to generate wireless listing.")
@ -168,7 +168,7 @@ class MetasploitModule < Msf::Post
return
end
when /bsd/i
when 'bsd'
interface = cmd_exec("dmesg | grep -i wlan | cut -d ':' -f1 | uniq")
# Printing interface as this platform requires the interface to be specified
# it might not be detected correctly.

12
modules/post/multi/manage/dbvis_add_db_admin.rb
View File

@ -58,7 +58,7 @@ class MetasploitModule < Msf::Post
# Check if the alias exist and if database is supported by this script
def exist_and_supported()
case session.platform
when /linux/
when 'linux'
user = session.shell_command("whoami")
print_status("Current user is #{user}")
if (user =~ /root/)
@ -67,7 +67,7 @@ class MetasploitModule < Msf::Post
user_base = "/home/#{user}/"
end
dbvis_file = "#{user_base}.dbvis/config70/dbvis.xml"
when /windows/
when 'windows'
user_profile = session.sys.config.getenv('USERPROFILE')
dbvis_file = "#{user_profile}\\.dbvis\\config70\\dbvis.xml"
end
@ -78,9 +78,9 @@ class MetasploitModule < Msf::Post
print_status("This could be an older version of dbvis, trying old path")
case session.platform
when /linux/
when 'linux'
dbvis_file = "#{user_base}.dbvis/config/dbvis.xml"
when /windows/
when 'windows'
dbvis_file = "#{user_profile }\\.dbvis\\config\\dbvis.xml"
end
unless file?(dbvis_file)
@ -156,7 +156,7 @@ class MetasploitModule < Msf::Post
# Find path to dbviscmd.sh|bat
def find_dbviscmd
case session.platform
when /linux/
when 'linux'
dbvis = session.shell_command("locate dbviscmd.sh").chomp
if dbvis.chomp == ""
print_error("dbviscmd.sh not found")
@ -164,7 +164,7 @@ class MetasploitModule < Msf::Post
else
print_good("Dbviscmd found : #{dbvis}")
end
when /windows/
when 'windows'
# Find program files
progfiles_env = session.sys.config.getenvs('ProgramFiles(X86)', 'ProgramFiles')
progfiles_x86 = progfiles_env['ProgramFiles(X86)']

12
modules/post/multi/manage/dbvis_query.rb
View File

@ -53,7 +53,7 @@ class MetasploitModule < Msf::Post
# Check if the alias exist and if database is supported by this script
def exist_and_supported()
case session.platform
when /linux/
when 'linux'
user = session.shell_command("whoami")
print_status("Current user is #{user}")
@ -64,7 +64,7 @@ class MetasploitModule < Msf::Post
end
dbvis_file = "#{user_base}.dbvis/config70/dbvis.xml"
when /windows/
when 'windows'
user_profile = session.sys.config.getenv('USERPROFILE')
dbvis_file = "#{user_profile}\\.dbvis\\config70\\dbvis.xml"
end
@ -75,9 +75,9 @@ class MetasploitModule < Msf::Post
print_status("This could be an older version of dbvis, trying old path")
case session.platform
when /linux/
when 'linux'
dbvis_file = "#{user_base}.dbvis/config/dbvis.xml"
when /windows/
when 'windows'
dbvis_file = "#{user_profile }\\.dbvis\\config\\dbvis.xml"
end
@ -147,7 +147,7 @@ class MetasploitModule < Msf::Post
# Find path to dbviscmd.sh|bat
def find_dbviscmd
case session.platform
when /linux/
when 'linux'
dbvis = session.shell_command("locate dbviscmd.sh").chomp
if dbvis.chomp == ""
print_error("dbviscmd.sh not found")
@ -155,7 +155,7 @@ class MetasploitModule < Msf::Post
else
print_good("Dbviscmd found : #{dbvis}")
end
when /windows/
when 'windows'
# Find program files
progfiles_env = session.sys.config.getenvs('ProgramFiles(X86)', 'ProgramFiles')
progfiles_x86 = progfiles_env['ProgramFiles(X86)']

8
modules/post/multi/manage/play_youtube.rb
View File

@ -109,13 +109,13 @@ class MetasploitModule < Msf::Post
def start_video(id)
case session.platform
when /osx/
when 'osx'
osx_start_video(id)
when /windows/
when 'windows'
win_start_video(id)
when /linux/
when 'linux'
linux_start_video(id)
when /android/
when 'android'
android_start_video(id)
end
end

6
modules/post/multi/manage/set_wallpaper.rb
View File

@ -72,11 +72,11 @@ class MetasploitModule < Msf::Post
def os_set_wallpaper(file)
case session.platform
when /osx/
when 'osx'
osx_set_wallpaper(file)
when /windows/
when 'windows'
win_set_wallpaper(file)
when /android/
when 'android'
android_set_wallpaper(file)
end
end

6
modules/post/multi/recon/multiport_egress_traffic.rb
View File

@ -92,14 +92,14 @@ class MetasploitModule < Msf::Post
# If we want WINAPI egress, make sure winsock is loaded
if type == 'WINAPI'
unless client.railgun.ws2_32 && client.platform =~ /windows/
unless client.railgun.ws2_32 && client.platform == 'windows'
print_error("The WINAPI method requires Windows, railgun and support for winsock APIs. Try using the NATIVE method instead.")
return
end
end
if client.platform =~ /python/
print_error("This module cannot be used with python meterpreter at present")
if client.arch != ARCH_X64 && client.argc != ARCH_X86
print_error("This module cannot be used without native meterpreter at present")
return
end

2
modules/post/windows/capture/lockout_keylogger.rb
View File

@ -153,7 +153,7 @@ class MetasploitModule < Msf::Post
#Make sure we are on a Windows host
if client.platform !~ /windows/
if client.platform != 'windows'
print_error('This module does not support this platform.')
return
end

2
modules/post/windows/escalate/getsystem.rb
View File

@ -41,7 +41,7 @@ class MetasploitModule < Msf::Post
technique = datastore['TECHNIQUE'].to_i
unsupported if client.platform !~ /windows/i
unsupported if client.platform != 'windows' || (client.arch != ARCH_X64 && client.arch != ARCH_X86)
if is_system?
print_good("This session already has SYSTEM privileges")

2
modules/post/windows/escalate/screen_unlock.rb
View File

@ -55,7 +55,7 @@ class MetasploitModule < Msf::Post
{ :sig => "8bff558bec83ec50a1", :sigoffset => 0x97d3, :orig_code => "32c0", :patch => "b001", :patchoffset => 0x9878, :os => /Windows XP.*Service Pack 3 - spanish/ }
]
unsupported if client.platform !~ /windows/i
unsupported if client.platform != 'windows' || (client.arch != ARCH_X64 && client.arch != ARCH_X86)
os = client.sys.config.sysinfo['OS']
targets.each do |t|

2
modules/post/windows/manage/multi_meterpreter_inject.rb
View File

@ -44,7 +44,7 @@ class MetasploitModule < Msf::Post
# Run Method for when run command is issued
def run
unless session.platform == 'windows' && session.arch =~ /x(86|64)/
unless session.platform == 'windows' && (session.arch == ARCH_X64 || session.arch == ARCH_X86)
print_error("This module requires native Windows meterpreter functions not compatible with the selected session")
return
end

7
scripts/meterpreter/schelevator.rb
View File

@ -27,7 +27,12 @@ require 'zlib'
#
# Filter out sessions that this definitely won't work on.
#
if session.arch !~ /x86|x64|java/
unless [ARCH_X64, ARCH_X86, ARCH_JAVA].include(session.arch)
print_error("#{session.arch} is not supported.")
raise Rex::Script::Completed
end
unless session.platform == 'windows'
print_error("#{session.platform} is not supported.")
raise Rex::Script::Completed
end