- Use separate names for files and directories to avoid cascading
failures if one test fails and leaves a file or directory behind.
- Use %TEMP% rather than %TMP - the former is defined on all Windows
versions, whereas the later is not defined on Windows 2012, causing
the test to fail.
- Don't assume 'HACKING' is in the current working directory, which
breaks remote test harnesses. Instead, send the source code to the
current __FILE__ as the test file to upload, since that works from
any directory or remotely.
This adds an extra parameter to most of the post/windows/registry
methods called 'view' that specifies if a registry key should be
accessed as a native process, 32-bit or 64-bit.
Support is added to both the Meterpreter and command-line backends. For
the command backend, a lot of boilerplate is removed from each method in
favor of a few shared commands. There is an error hash that never gets
used, so I removed it as well.
This passes the post/test/registry module with meterpreter, but fails
the command line backend. However, it fails in the same way without
these changes (tested on Windows 8), so I suspect that the command line
session was already not working well, at least with newer versions of
Windows. I might look into figuring out how to fix that, but it looks
pretty fragile to me, parsing for english phrases in the output.
Fix a funny default service name, adjust test to be case-agnostic.
winmgmt on Windows XP and Windows 8 have different capitalization for this
service. I'm not sure why it's a module parameter though - the test will still
fail if its anything other than winmgmt.
The following RC script has 7 successful outputs when run against a reverse_tcp shell.
Run a reverse_tcp stager and the following RC script to run the test
```
loadpath test/modules
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.43.1
run -j
sleep 5
use post/test/services
set SESSION 1
run
```
Note: this test still doesn't run very reliably on windows 8 unless you're
using the code from rapid7/meterpreter#107 and #4411, though it runs ok on
Windows XP.
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
Some module submissions don't have a pcap, screenshot/video or anything
to prove the module is actually functional or not, because often due to
the author not having the test box anymore, or unable to share info
because of their NDA. We nee a way to prove the module runs by basically
simulating the vulnerable environment live, and this is the answer to that.
This test module is specifically for the cisco_asa_asdm.rb, but future
PRs with the same scenario can also borrow the same idea.