Make getsystem more verbose

Resolves #4401
bug/bundler_fix
wchen-r7 2015-07-01 20:49:14 -05:00
parent 32d5e7f3de
commit caddf545c4
1 changed files with 49 additions and 14 deletions

View File

@ -17,17 +17,20 @@ class Console::CommandDispatcher::Priv::Elevate
include Console::CommandDispatcher
ELEVATE_TECHNIQUE_NONE = -1
ELEVATE_TECHNIQUE_ANY = 0
ELEVATE_TECHNIQUE_SERVICE_NAMEDPIPE = 1
ELEVATE_TECHNIQUE_SERVICE_NAMEDPIPE2 = 2
ELEVATE_TECHNIQUE_SERVICE_TOKENDUP = 3
ELEVATE_TECHNIQUE_NONE = -1
ELEVATE_TECHNIQUE_ANY = 0
ELEVATE_TECHNIQUE_SERVICE_NAMEDPIPE = 1
ELEVATE_TECHNIQUE_SERVICE_NAMEDPIPE2 = 2
ELEVATE_TECHNIQUE_SERVICE_TOKENDUP = 3
ELEVATE_TECHNIQUE_DESCRIPTION =
[
"All techniques available",
"Service - Named Pipe Impersonation (In Memory/Admin)",
"Service - Named Pipe Impersonation (Dropper/Admin)",
"Service - Token Duplication (In Memory/Admin)"
]
ELEVATE_TECHNIQUE_DESCRIPTION = [ "All techniques available",
"Service - Named Pipe Impersonation (In Memory/Admin)",
"Service - Named Pipe Impersonation (Dropper/Admin)",
"Service - Token Duplication (In Memory/Admin)"
]
#
# List of supported commands.
#
@ -45,6 +48,26 @@ class Console::CommandDispatcher::Priv::Elevate
end
#
# Returns the description of the technique(s)
#
def translate_technique_index(index)
translation = ''
desc = ELEVATE_TECHNIQUE_DESCRIPTION.dup
desc.each {|e| e.gsub!(/^Service - /, '')}
case index
when 0
desc.shift
translation = desc
else
translation = [ ELEVATE_TECHNIQUE_DESCRIPTION[index] ]
end
translation
end
#
# Attempt to elevate the meterpreter to that of local system.
#
@ -73,17 +96,29 @@ class Console::CommandDispatcher::Priv::Elevate
}
if( technique < 0 or technique >= ELEVATE_TECHNIQUE_DESCRIPTION.length )
print_error( "Technique '#{technique}' is out of range." );
print_error( "Technique '#{technique}' is out of range." )
return false;
end
result = client.priv.getsystem( technique )
begin
result = client.priv.getsystem( technique )
rescue Rex::Post::Meterpreter::RequestError => e
print_error("#{e.message} The following was attempted:")
translate_technique_index(technique).each do |desc|
print_error(desc)
end
elog("#{e.class} #{e.message} (Technique: #{technique})\n#{e.backtrace * "\n"}")
return
end
# got system?
if result[0]
print_line( "...got system (via technique #{result[1]})." );
print_line( "...got system via technique #{result[1]} (#{translate_technique_index(result[1]).first})." )
else
print_line( "...failed to get system." );
print_line( "...failed to get system while attempting the following:" )
translate_technique_index(technique).each do |desc|
print_error(desc)
end
end
return result