make MSF_MODULES a constant

bug/bundler_fix
jvazquez-r7 2014-05-25 19:36:40 -05:00
parent 61603748bd
commit e585d11499
1 changed files with 25 additions and 31 deletions

View File

@ -12,6 +12,15 @@ class Metasploit3 < Msf::Post
include Msf::Post::Common include Msf::Post::Common
include Msf::Post::Windows::ExtAPI include Msf::Post::Windows::ExtAPI
MSF_MODULES = {
'KB977165' => "KB977165 - Possibly vulnerable to MS10-015 kitrap0d if Windows 2K SP4 - Windows 7 (x86)",
'KB2305420' => "KB2305420 - Possibly vulnerable to MS10-092 schelevator if Vista, 7, and 2008",
'KB2592799' => "KB2592799 - Possibly vulnerable to MS11-080 afdjoinleaf if XP SP2/SP3 Win 2k3 SP2",
'KB2778930' => "KB2778930 - Possibly vulnerable to MS13-005 hwnd_broadcast, elevates from Low to Medium integrity",
'KB2850851' => "KB2850851 - Possibly vulnerable to MS13-053 schlamperei if x86 Win7 SP0/SP1",
'KB2870008' => "KB2870008 - Possibly vulnerable to MS13-081 track_popup_menu if x86 Windows 7 SP0/SP1"
}
def initialize(info={}) def initialize(info={})
super(update_info(info, super(update_info(info,
'Name' => "Windows Enumerate Applied Patches", 'Name' => "Windows Enumerate Applied Patches",
@ -38,21 +47,13 @@ class Metasploit3 < Msf::Post
# The sauce starts here # The sauce starts here
def run def run
patches = [] patches = []
msfmodules = [
'KB977165', # MS10-015 kitrap0d
'KB2305420', # MS10-092 schelevator
'KB2592799', # MS11-080 afdjoinleaf
'KB2778930', # MS13-005 hwnd_broadcast
'KB2850851', # MS13-053 schlamperei
'KB2870008' # MS13-081 track_popup_menu
]
datastore['KB'].split(',').each do |kb| datastore['KB'].split(',').each do |kb|
patches << kb.strip patches << kb.strip
end end
if datastore['MSFLOCALS'] if datastore['MSFLOCALS']
patches = patches + msfmodules patches = patches + MSF_MODULES.keys
end end
extapi_loaded = load_extapi extapi_loaded = load_extapi
@ -64,30 +65,23 @@ class Metasploit3 < Msf::Post
return return
end end
kb_ids = objects[:values].map { |kb| kb[0] } kb_ids = objects[:values].map { |kb| kb[0] }
patches.each do |kb| report_info(patches, kb_ids)
if kb_ids.include?(kb)
print_status("#{kb} applied")
else
case kb
when "KB977165"
print_good("KB977165 - Possibly vulnerable to MS10-015 kitrap0d if Windows 2K SP4 - Windows 7 (x86)")
when "KB2305420"
print_good("KB2305420 - Possibly vulnerable to MS10-092 schelevator if Vista, 7, and 2008")
when "KB2592799"
print_good("KB2592799 - Possibly vulnerable to MS11-080 afdjoinleaf if XP SP2/SP3 Win 2k3 SP2")
when "KB2778930"
print_good("KB2778930 - Possibly vulnerable to MS13-005 hwnd_broadcast, elevates from Low to Medium integrity")
when "KB2850851"
print_good("KB2850851 - Possibly vulnerable to MS13-053 schlamperei if x86 Win7 SP0/SP1")
when "KB2870008"
print_good("KB2870008 - Possibly vulnerable to MS13-081 track_popup_menu if x86 Windows 7 SP0/SP1")
else
print_good("#{kb} is missing")
end
end
end
else else
print_error "ExtAPI failed to load" print_error "ExtAPI failed to load"
end end
end end
def report_info(patches, kb_ids)
patches.each do |kb|
if kb_ids.include?(kb)
print_status("#{kb} applied")
else
if MSF_MODULES.include?(kb)
print_good(MSF_MODULES[kb])
else
print_good("#{kb} is missing")
end
end
end
end
end end