infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update enum_emet.rb 

Cleaned up a bit more
bug/bundler_fix
Vincent Yiu 2016-04-22 00:41:10 +01:00
parent c81d0ade3f
commit ca4bcfe62a
1 changed files with 2 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/post/windows/gather/enum_emet.rb
View File

@ -9,7 +9,6 @@ require 'msf/core/post/common'
class MetasploitModule < Msf::Post class MetasploitModule < Msf::Post
include Msf::Post::Windows::Priv
include Msf::Post::Windows::Registry include Msf::Post::Windows::Registry
include Msf::Post::Common include Msf::Post::Common
@ -25,21 +24,13 @@ class MetasploitModule < Msf::Post
end end
# Run Method for when run command is issued
def run def run
print_status("Running module against #{sysinfo['Computer']}")
if sysinfo['Architecture'] =~ /x64/ if sysinfo['Architecture'] =~ /x64/
reg_vals = registry_enumvals('HKLM\\SOFTWARE\\Microsoft\\EMET\\AppSettings',REGISTRY_VIEW_64_BIT) reg_vals = registry_enumvals('HKLM\\SOFTWARE\\Microsoft\\EMET\\AppSettings',REGISTRY_VIEW_64_BIT)
else else
reg_vals = registry_enumvals('HKLM\\SOFTWARE\\Microsoft\\EMET\\AppSettings',REGISTRY_VIEW_32_BIT) reg_vals = registry_enumvals('HKLM\\SOFTWARE\\Microsoft\\EMET\\AppSettings',REGISTRY_VIEW_32_BIT)
end end
isadmin = is_admin?
#a = registry_getvaldata('HKLM\HARDWARE\DESCRIPTION\System','SystemBiosVersion')
t = "" t = ""
reg_vals.each do |x| reg_vals.each do |x|