infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Check dec instead

bug/bundler_fix
sinn3r 2013-10-25 10:47:41 -05:00
parent 1d0a3aad70
commit a95425de08
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
modules/post/windows/gather/enum_ie.rb
View File

@ -319,13 +319,14 @@ class Metasploit3 < Msf::Post
if val_arr.include?(hash) if val_arr.include?(hash)
data = registry_getvaldata(regpath, hash) data = registry_getvaldata(regpath, hash)
dec = decrypt_reg(url, data) dec = decrypt_reg(url, data)
#decode data and add to creds array
header = dec.unpack("VVVVVV")
# If CryptUnprotectData fails, decrypt_reg() will return "", and unpack() will end up # If CryptUnprotectData fails, decrypt_reg() will return "", and unpack() will end up
# returning an array of nils. If this happens, we can cause an "undefined method # returning an array of nils. If this happens, we can cause an "undefined method
# `+' for NilClass." when we try to calculate the offset, and this causes the module to die. # `+' for NilClass." when we try to calculate the offset, and this causes the module to die.
next if header == [nil, nil, nil, nil, nil, nil] next if dec.empty?
#decode data and add to creds array
header = dec.unpack("VVVVVV")
offset = header[0] + header[1] #offset to start of data offset = header[0] + header[1] #offset to start of data
cnt = header[5]/2 # of username/password combinations cnt = header[5]/2 # of username/password combinations