client-side changes for sysinfo and getuid, fixes for route

git-svn-id: file:///home/svn/incoming/trunk@2804 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-22 02:56:17 +00:00 · 2005-07-22 02:56:17 +00:00 · d451dc0b47
parent 7fa9e887db
commit d451dc0b47
6 changed files with 91 additions and 5 deletions
--- a/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/stdapi.rb
@ -9,6 +9,7 @@ require 'rex/post/meterpreter/extensions/stdapi/fs/file'
 require 'rex/post/meterpreter/extensions/stdapi/fs/file_stat'
 require 'rex/post/meterpreter/extensions/stdapi/net/config'
 require 'rex/post/meterpreter/extensions/stdapi/net/socket'
+require 'rex/post/meterpreter/extensions/stdapi/sys/config'
 require 'rex/post/meterpreter/extensions/stdapi/sys/process'
 require 'rex/post/meterpreter/extensions/stdapi/sys/registry'
 require 'rex/post/meterpreter/extensions/stdapi/sys/event_log'
@ -50,6 +51,7 @@ class Stdapi < Extension
 					'name' => 'sys',
 					'ext'  => ObjectAliases.new(
 						{
+							'config'   => Sys::Config.new(client),
 							'process'  => self.process,
 							'registry' => self.registry,
 							'eventlog' => self.eventlog,
--- a/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb
@ -0,0 +1,58 @@
+#!/usr/bin/ruby
+
+require 'rex/post/process'
+require 'rex/post/meterpreter/packet'
+require 'rex/post/meterpreter/client'
+require 'rex/post/meterpreter/extensions/stdapi/constants'
+require 'rex/post/meterpreter/extensions/stdapi/stdapi'
+
+module Rex
+module Post
+module Meterpreter
+module Extensions
+module Stdapi
+module Sys
+
+###
+#
+# Config
+# ------
+#
+# This class provides access to remote system configuration and information
+#
+###
+class Config
+
+	def initialize(client)
+		self.client = client
+	end
+
+	#
+	# Returns the username that the remote side is running as.
+	#
+	def getuid
+		request  = Packet.create_request('stdapi_sys_config_getuid')
+		response = client.send_request(request)
+		return response.get_tlv_value(TLV_TYPE_USER_NAME)
+	end
+
+	#
+	# Returns a hash of information about the remote computer
+	#
+	def sysinfo
+		request  = Packet.create_request('stdapi_sys_config_sysinfo')
+		response = client.send_request(request)
+
+		{
+			'Computer' => response.get_tlv_value(TLV_TYPE_COMPUTER_NAME),
+			'OS'       => response.get_tlv_value(TLV_TYPE_OS_NAME),
+		}
+	end
+
+protected
+
+	attr_accessor :client
+
+end
+
+end; end; end; end; end; end
--- a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
+++ b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
@ -80,6 +80,11 @@ TLV_TYPE_VALUE_NAME         = TLV_META_TYPE_STRING  | 1010
 TLV_TYPE_VALUE_TYPE         = TLV_META_TYPE_UINT    | 1011
 TLV_TYPE_VALUE_DATA         = TLV_META_TYPE_RAW     | 1012

+# Config
+TLV_TYPE_COMPUTER_NAME      = TLV_META_TYPE_STRING  | 1040
+TLV_TYPE_OS_NAME            = TLV_META_TYPE_STRING  | 1041
+TLV_TYPE_USER_NAME          = TLV_META_TYPE_STRING  | 1042
+
 DELETE_KEY_FLAG_RECURSIVE   = (1 << 0)

 # Process
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb
@ -112,7 +112,7 @@ class Console::CommandDispatcher::Stdapi::Net
 			when "delete"
 				print_line("Deleting route #{args[0]}/#{args[1]} -> #{args[2]}")

-				client.net.config.add_route(*args)
+				client.net.config.remove_route(*args)
 			else
 				print_error("Unsupported command: #{args[0]}")
 		end
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
@ -32,10 +32,12 @@ class Console::CommandDispatcher::Stdapi::Sys
 	#
 	def commands
 		{
-			"ps"      => "List running processes",
 			"execute" => "Execute a command",
-			"kill"    => "Terminate a process",
 			"getpid"  => "Get the current process identifier",
+			"getuid"  => "Get the user that the server is running as",
+			"kill"    => "Terminate a process",
+			"ps"      => "List running processes",
+			"sysinfo" => "Gets information about the remote system, such as OS",
 		}
 	end

@ -111,6 +113,13 @@ class Console::CommandDispatcher::Stdapi::Sys
 		return true
 	end

+	#
+	# Displays the user that the server is running as.
+	#
+	def cmd_getuid(*args)
+		print_line("Server username: #{client.sys.config.getuid}")
+	end
+
 	#
 	# Kills one or more processes.
 	#
@ -130,7 +139,7 @@ class Console::CommandDispatcher::Stdapi::Sys
 	end

 	#
-	# Lists running processes
+	# Lists running processes.
 	#
 	def cmd_ps(*args)
 		processes = client.sys.process.get_processes
@ -157,6 +166,18 @@ class Console::CommandDispatcher::Stdapi::Sys
 		return true
 	end

+	#
+	# Displays information about the remote system.
+	#
+	def cmd_sysinfo(*args)
+		info = client.sys.config.sysinfo
+
+		print_line("Computer: " + info['Computer'])
+		print_line("OS      : " + info['OS'])
+
+		return true
+	end
+
 end

 end
--- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb
+++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/ui.rb
@ -63,7 +63,7 @@ class Console::CommandDispatcher::Stdapi::Ui
 	#
 	def cmd_uictl(*args)
 		if (args.length < 2)
-			print(
+			print_line(
 				"Usage: uictl [enable/disable] [keyboard/mouse]")
 			return true
 		end