make MSF_MODULES a constant

2014-05-25 19:36:40 -05:00 · 2014-05-25 19:36:40 -05:00 · e585d11499
parent 61603748bd
commit e585d11499
1 changed files with 25 additions and 31 deletions
--- a/modules/post/windows/gather/enum_patches.rb
+++ b/modules/post/windows/gather/enum_patches.rb
@ -12,6 +12,15 @@ class Metasploit3 < Msf::Post
  include Msf::Post::Common
  include Msf::Post::Windows::ExtAPI

+  MSF_MODULES = {
+    'KB977165'  => "KB977165 - Possibly vulnerable to MS10-015 kitrap0d if Windows 2K SP4 - Windows 7 (x86)",
+    'KB2305420' => "KB2305420 - Possibly vulnerable to MS10-092 schelevator if Vista, 7, and 2008",
+    'KB2592799' => "KB2592799 - Possibly vulnerable to MS11-080 afdjoinleaf if XP SP2/SP3 Win 2k3 SP2",
+    'KB2778930' => "KB2778930 - Possibly vulnerable to MS13-005 hwnd_broadcast, elevates from Low to Medium integrity",
+    'KB2850851' => "KB2850851 - Possibly vulnerable to MS13-053 schlamperei if x86 Win7 SP0/SP1",
+    'KB2870008' => "KB2870008 - Possibly vulnerable to MS13-081 track_popup_menu if x86 Windows 7 SP0/SP1"
+  }
+
  def initialize(info={})
    super(update_info(info,
      'Name'            => "Windows Enumerate Applied Patches",
@ -38,21 +47,13 @@ class Metasploit3 < Msf::Post
  # The sauce starts here
  def run
    patches = []
-    msfmodules = [
-      'KB977165',   # MS10-015 kitrap0d
-      'KB2305420',  # MS10-092 schelevator
-      'KB2592799',  # MS11-080 afdjoinleaf
-      'KB2778930',  # MS13-005 hwnd_broadcast
-      'KB2850851',  # MS13-053 schlamperei
-      'KB2870008'   # MS13-081 track_popup_menu
-    ]

    datastore['KB'].split(',').each do |kb|
      patches << kb.strip
    end

    if datastore['MSFLOCALS']
-      patches = patches + msfmodules
+      patches = patches + MSF_MODULES.keys
    end

    extapi_loaded = load_extapi
@ -64,30 +65,23 @@ class Metasploit3 < Msf::Post
        return
      end
      kb_ids = objects[:values].map { |kb| kb[0] }
-      patches.each do |kb|
-        if kb_ids.include?(kb)
-          print_status("#{kb} applied")
-        else
-          case kb
-          when "KB977165"
-            print_good("KB977165 - Possibly vulnerable to MS10-015 kitrap0d if Windows 2K SP4 - Windows 7 (x86)")
-          when "KB2305420"
-            print_good("KB2305420 - Possibly vulnerable to MS10-092 schelevator if Vista, 7, and 2008")
-          when "KB2592799"
-            print_good("KB2592799 - Possibly vulnerable to MS11-080 afdjoinleaf if XP SP2/SP3 Win 2k3 SP2")
-          when "KB2778930"
-            print_good("KB2778930 - Possibly vulnerable to MS13-005 hwnd_broadcast, elevates from Low to Medium integrity")
-          when "KB2850851"
-            print_good("KB2850851 - Possibly vulnerable to MS13-053 schlamperei if x86 Win7 SP0/SP1")
-          when "KB2870008"
-            print_good("KB2870008 - Possibly vulnerable to MS13-081 track_popup_menu if x86 Windows 7 SP0/SP1")
-          else
-            print_good("#{kb} is missing")
-          end
-        end
-      end
+      report_info(patches, kb_ids)
    else
      print_error "ExtAPI failed to load"
    end
  end
+
+  def report_info(patches, kb_ids)
+    patches.each do |kb|
+      if kb_ids.include?(kb)
+        print_status("#{kb} applied")
+      else
+        if MSF_MODULES.include?(kb)
+          print_good(MSF_MODULES[kb])
+        else
+          print_good("#{kb} is missing")
+        end
+      end
+    end
+  end
 end