Meatballs
parent
70caacd631
commit
ba335d6c91
|
|
@ -304,7 +304,7 @@ module Services
|
|||
close_service_handle(newservice["return"])
|
||||
end
|
||||
|
||||
return (newservice["GetLastError"] == Error::SUCCESS)
|
||||
return newservice["GetLastError"]
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -345,13 +345,12 @@ module Services
|
|||
open_service_handle(manager, name, "SERVICE_STOP") do |service_handle|
|
||||
|
||||
retval = advapi32.ControlService(service_handle,1,28)
|
||||
|
||||
case retval["GetLastError"]
|
||||
when Error::SUCCESS,
|
||||
Error::INVALID_SERVICE_CONTROL,
|
||||
Error::SERVICE_CANNOT_ACCEPT_CTRL,
|
||||
Error::SERVICE_NOT_ACTIVE
|
||||
status = parse_service_status_struct(status['lpServiceStatus'])
|
||||
status = parse_service_status_struct(retval['lpServiceStatus'])
|
||||
else
|
||||
status = nil
|
||||
end
|
||||
|
|
@ -368,7 +367,7 @@ module Services
|
|||
#
|
||||
def service_delete(name, server=nil)
|
||||
open_sc_manager(:host=>server) do |manager|
|
||||
open_service_handle(manager, name "DELETE") do |service_handle|
|
||||
open_service_handle(manager, name, "DELETE") do |service_handle|
|
||||
ret = advapi32.DeleteService(service_handle)
|
||||
return ret["GetLastError"]
|
||||
end
|
||||
|
|
@ -422,14 +421,14 @@ module Services
|
|||
status = service_start(name, server)
|
||||
|
||||
if status == Error::SUCCESS
|
||||
print_good("[#{name}] Service started")
|
||||
vprint_good("[#{name}] Service started")
|
||||
return true
|
||||
else
|
||||
raise RuntimeError, status
|
||||
end
|
||||
rescue RuntimeError => s
|
||||
if tried
|
||||
print_error("[#{name}] Unhandled error: #{s}")
|
||||
vprint_error("[#{name}] Unhandled error: #{s}")
|
||||
return false
|
||||
else
|
||||
tried = true
|
||||
|
|
@ -437,28 +436,28 @@ module Services
|
|||
|
||||
case s.message.to_i
|
||||
when Error::ACCESS_DENIED
|
||||
print_error("[#{name}] Access denied")
|
||||
vprint_error("[#{name}] Access denied")
|
||||
when Error::INVALID_HANDLE
|
||||
print_error("[#{name}] Invalid handle")
|
||||
vprint_error("[#{name}] Invalid handle")
|
||||
when Error::PATH_NOT_FOUND
|
||||
print_error("[#{name}] Service binary could not be found")
|
||||
vprint_error("[#{name}] Service binary could not be found")
|
||||
when Error::SERVICE_ALREADY_RUNNING
|
||||
print_status("[#{name}] Service already running attempting to stop and restart")
|
||||
vprint_status("[#{name}] Service already running attempting to stop and restart")
|
||||
stopped = service_stop(name, server)
|
||||
if ((stopped == Error::SUCCESS) || (stopped == Error::SERVICE_NOT_ACTIVE))
|
||||
retry
|
||||
else
|
||||
print_error("[#{name}] Service disabled, unable to change start type Error: #{stopped}")
|
||||
vprint_error("[#{name}] Service disabled, unable to change start type Error: #{stopped}")
|
||||
end
|
||||
when Error::SERVICE_DISABLED
|
||||
print_status("[#{name}] Service disabled attempting to set to manual")
|
||||
vprint_status("[#{name}] Service disabled attempting to set to manual")
|
||||
if service_change_config(name, {:starttype => "START_TYPE_MANUAL"}, server)
|
||||
retry
|
||||
else
|
||||
print_error("[#{name}] Service disabled, unable to change start type")
|
||||
vprint_error("[#{name}] Service disabled, unable to change start type")
|
||||
end
|
||||
else
|
||||
print_error("[#{name}] Unhandled error: #{s}")
|
||||
vprint_error("[#{name}] Unhandled error: #{s}")
|
||||
return false
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@
|
|||
require 'msf/core'
|
||||
require 'rex'
|
||||
require 'msf/core/post/windows/services'
|
||||
load '/root/git/metasploit-framework/lib/msf/core/post/windows/services.rb'
|
||||
|
||||
$:.push "test/lib" unless $:.include? "test/lib"
|
||||
require 'module_test'
|
||||
|
|
@ -12,7 +13,6 @@ require 'module_test'
|
|||
class Metasploit3 < Msf::Post
|
||||
|
||||
include Msf::Post::Windows::Services
|
||||
|
||||
include Msf::ModuleTest::PostTest
|
||||
|
||||
def initialize(info={})
|
||||
|
|
@ -21,7 +21,6 @@ class Metasploit3 < Msf::Post
|
|||
'Description' => %q{ This module will test windows services methods within a shell},
|
||||
'License' => MSF_LICENSE,
|
||||
'Author' => [ 'kernelsmith', 'egypt' ],
|
||||
'Version' => '$Revision: 11663 $',
|
||||
'Platform' => [ 'windows' ],
|
||||
'SessionTypes' => [ 'meterpreter', 'shell' ]
|
||||
))
|
||||
|
|
@ -43,19 +42,19 @@ class Metasploit3 < Msf::Post
|
|||
it "should start #{datastore["SSERVICE"]}" do
|
||||
ret = true
|
||||
results = service_start(datastore['SSERVICE'])
|
||||
if results != 0
|
||||
if results != Windows::Error::SUCCESS
|
||||
# Failed the first time, try to stop it first, then try again
|
||||
service_stop(datastore['SSERVICE'])
|
||||
results = service_start(datastore['SSERVICE'])
|
||||
end
|
||||
ret &&= (results == 0)
|
||||
ret &&= (results == Windows::Error::SUCCESS)
|
||||
|
||||
ret
|
||||
end
|
||||
it "should stop #{datastore["SSERVICE"]}" do
|
||||
ret = true
|
||||
results = service_stop(datastore['SSERVICE'])
|
||||
ret &&= (results == 0)
|
||||
ret &&= (results == Windows::Error::SUCCESS)
|
||||
|
||||
ret
|
||||
end
|
||||
|
|
@ -68,24 +67,24 @@ class Metasploit3 < Msf::Post
|
|||
|
||||
ret &&= results.kind_of? Array
|
||||
ret &&= results.length > 0
|
||||
ret &&= results.include? datastore["QSERVICE"]
|
||||
ret &&= results.select{|service| service[:name] == datastore["QSERVICE"]}
|
||||
|
||||
ret
|
||||
end
|
||||
end
|
||||
|
||||
def test_info
|
||||
it "should return info on a given service" do
|
||||
it "should return info on a given service #{datastore["QSERVICE"]}" do
|
||||
ret = true
|
||||
results = service_info(datastore['QSERVICE'])
|
||||
|
||||
ret &&= results.kind_of? Hash
|
||||
if ret
|
||||
ret &&= results.has_key? "Name"
|
||||
ret &&= (results["Name"] == "Windows Management Instrumentation")
|
||||
ret &&= results.has_key? "Startup"
|
||||
ret &&= results.has_key? "Command"
|
||||
ret &&= results.has_key? "Credentials"
|
||||
ret &&= results.has_key? :display
|
||||
ret &&= (results[:display] == "Windows Management Instrumentation")
|
||||
ret &&= results.has_key? :starttype
|
||||
ret &&= results.has_key? :path
|
||||
ret &&= results.has_key? :startname
|
||||
end
|
||||
|
||||
ret
|
||||
|
|
@ -93,7 +92,7 @@ class Metasploit3 < Msf::Post
|
|||
end
|
||||
|
||||
def test_create
|
||||
it "should create a service" do
|
||||
it "should create a service #{datastore["NSERVICE"]}" do
|
||||
mode = case datastore["MODE"]
|
||||
when "disable"; 4
|
||||
when "manual"; 3
|
||||
|
|
@ -102,31 +101,84 @@ class Metasploit3 < Msf::Post
|
|||
end
|
||||
ret = service_create(datastore['NSERVICE'],datastore['DNAME'],datastore['BINPATH'],mode)
|
||||
|
||||
ret
|
||||
ret == Windows::Error::SUCCESS
|
||||
end
|
||||
|
||||
it "should return info on the newly-created service" do
|
||||
it "should return info on the newly-created service #{datastore["NSERVICE"]}" do
|
||||
ret = true
|
||||
results = service_info(datastore['NSERVICE'])
|
||||
|
||||
ret &&= results.kind_of? Hash
|
||||
ret &&= results.has_key? "Name"
|
||||
ret &&= (results["Name"] == datastore["DNAME"])
|
||||
ret &&= results.has_key? "Startup"
|
||||
ret &&= (results["Startup"].downcase == datastore["MODE"])
|
||||
ret &&= results.has_key? "Command"
|
||||
ret &&= results.has_key? "Credentials"
|
||||
ret &&= results.has_key? :display
|
||||
ret &&= (results[:display] == datastore["DNAME"])
|
||||
ret &&= results.has_key? :starttype
|
||||
ret &&= (START_TYPE[results[:starttype]].downcase == datastore["MODE"])
|
||||
ret &&= results.has_key? :path
|
||||
ret &&= results.has_key? :startname
|
||||
|
||||
ret
|
||||
end
|
||||
|
||||
it "should delete the new service" do
|
||||
it "should delete the new service #{datastore["NSERVICE"]}" do
|
||||
ret = service_delete(datastore['NSERVICE'])
|
||||
|
||||
ret == Windows::Error::SUCCESS
|
||||
end
|
||||
end
|
||||
|
||||
def test_status
|
||||
it "should return status on a given service #{datastore["QSERVICE"]}" do
|
||||
ret = true
|
||||
results = service_status(datastore['QSERVICE'])
|
||||
|
||||
ret &&= results.kind_of? Hash
|
||||
if ret
|
||||
ret &&= results.has_key? :state
|
||||
ret &&= (results[:state] > 0 && results[:state] < 8)
|
||||
end
|
||||
|
||||
ret
|
||||
end
|
||||
end
|
||||
|
||||
def test_restart_disabled
|
||||
service_name = "a" << Rex::Text.rand_text_alpha(5)
|
||||
display_name = service_name
|
||||
|
||||
it "should start a disabled service #{service_name}" do
|
||||
ret = true
|
||||
results = service_create(service_name,display_name,datastore['BINPATH'],START_TYPE_DISABLED)
|
||||
|
||||
ret &&= (results == Windows::Error::SUCCESS)
|
||||
if ret
|
||||
begin
|
||||
results = service_restart(service_name)
|
||||
ensure
|
||||
service_delete(service_name)
|
||||
end
|
||||
ret &&= results
|
||||
end
|
||||
|
||||
ret
|
||||
end
|
||||
end
|
||||
|
||||
def test_restart_start
|
||||
service_name = datastore['SSERVICE']
|
||||
|
||||
it "should restart a started service #{service_name}" do
|
||||
ret = true
|
||||
|
||||
results = service_start(service_name)
|
||||
ret &&= (results == Windows::Error::SUCCESS)
|
||||
if ret
|
||||
results = service_restart(service_name)
|
||||
ret &&= results
|
||||
end
|
||||
|
||||
ret
|
||||
end
|
||||
end
|
||||
|
||||
=begin
|
||||
def run
|
||||
|
|
|
|||
Loading…
Reference in New Issue