metasploit-framework/lib/rex/post/meterpreter/extensions/stdapi/constants.rb

167 lines
4.6 KiB
Ruby

#!/usr/bin/ruby
###
#
# Windows Specific Constants
# --------------------------
#
# These are put into the global namespace for now
# so that they can be referenced globally.
#
###
##
#
# Permissions
#
##
DELETE = 0x00010000
READ_CONTROL = 0x00020000
WRITE_DAC = 0x00040000
WRITE_OWNER = 0x00080000
SYNCHRONIZE = 0x00100000
STANDARD_RIGHTS_REQUIRED = 0x000f0000
STANDARD_RIGHTS_READ = READ_CONTROL
STANDARD_RIGHTS_WRITE = READ_CONTROL
STANDARD_RIGHTS_EXECUTE = READ_CONTROL
STANDARD_RIGHTS_ALL = 0x001f0000
SPECIFIC_RIGHTS_ALL = 0x0000ffff
MAXIMUM_ALLOWED = 0x02000000
GENERIC_READ = 0x80000000
GENERIC_WRITE = 0x40000000
GENERIC_EXECUTE = 0x20000000
GENERIC_ALL = 0x10000000
##
#
# Page Protections
#
##
PAGE_NOACCESS = 0x00000001
PAGE_READONLY = 0x00000002
PAGE_READWRITE = 0x00000004
PAGE_WRITECOPY = 0x00000008
PAGE_EXECUTE = 0x00000010
PAGE_EXECUTE_READ = 0x00000020
PAGE_EXECUTE_READWRITE = 0x00000040
PAGE_EXECUTE_WRITECOPY = 0x00000080
PAGE_GUARD = 0x00000100
PAGE_NOCACHE = 0x00000200
PAGE_WRITECOMBINE = 0x00000400
MEM_COMMIT = 0x00001000
MEM_RESERVE = 0x00002000
MEM_DECOMMIT = 0x00004000
MEM_RELEASE = 0x00008000
MEM_FREE = 0x00010000
MEM_PRIVATE = 0x00020000
MEM_MAPPED = 0x00040000
MEM_RESET = 0x00080000
MEM_TOP_DOWN = 0x00100000
MEM_WRITE_WATCH = 0x00200000
MEM_PHYSICAL = 0x00400000
MEM_LARGE_PAGES = 0x20000000
MEM_4MB_PAGES = 0x80000000
SEC_FILE = 0x00800000
SEC_IMAGE = 0x01000000
SEC_RESERVE = 0x04000000
SEC_COMMIT = 0x08000000
SEC_NOCACHE = 0x10000000
MEM_IMAGE = SEC_IMAGE
##
#
# Registry Permissions
#
##
KEY_QUERY_VALUE = 0x00000001
KEY_SET_VALUE = 0x00000002
KEY_CREATE_SUB_KEY = 0x00000004
KEY_ENUMERATE_SUB_KEYS = 0x00000008
KEY_NOTIFY = 0x00000010
KEY_CREATE_LINK = 0x00000020
KEY_READ = (STANDARD_RIGHTS_READ | KEY_QUERY_VALUE |
KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY) & ~SYNCHRONIZE
KEY_WRITE = (STANDARD_RIGHTS_WRITE | KEY_SET_VALUE |
KEY_CREATE_SUB_KEY) & ~SYNCHRONIZE
KEY_EXECUTE = KEY_READ
KEY_ALL_ACCESS = (STANDARD_RIGHTS_ALL | KEY_QUERY_VALUE |
KEY_SET_VALUE | KEY_CREATE_SUB_KEY |
KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY |
KEY_CREATE_LINK) & ~SYNCHRONIZE
##
#
# Registry
#
##
HKEY_CLASSES_ROOT = 0x80000000
HKEY_CURRENT_USER = 0x80000001
HKEY_LOCAL_MACHINE = 0x80000002
HKEY_USERS = 0x80000003
HKEY_PERFORMANCE_DATA = 0x80000004
HKEY_CURRENT_CONFIG = 0x80000005
HKEY_DYN_DATA = 0x80000006
REG_NONE = 0
REG_SZ = 1
REG_EXPAND_SZ = 2
REG_BINARY = 3
REG_DWORD = 4
REG_DWORD_LITTLE_ENDIAN = 4
REG_DWORD_BIG_ENDIAN = 5
REG_LINK = 6
REG_MULTI_SZ = 7
##
#
# Process Permissions
#
##
PROCESS_TERMINATE = 0x00000001
PROCESS_CREATE_THREAD = 0x00000002
PROCESS_SET_SESSIONID = 0x00000004
PROCESS_VM_OPERATION = 0x00000008
PROCESS_VM_READ = 0x00000010
PROCESS_VM_WRITE = 0x00000020
PROCESS_DUP_HANDLE = 0x00000040
PROCESS_CREATE_PROCESS = 0x00000080
PROCESS_SET_QUOTA = 0x00000100
PROCESS_SET_INFORMATION = 0x00000200
PROCESS_QUERY_INFORMATION= 0x00000400
PROCESS_SUSPEND_RESUME = 0x00000800
PROCESS_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0xFFF
##
#
# Thread Permissions
#
##
THREAD_TERMINATE = 0x00000001
THREAD_SUSPEND_RESUME = 0x00000002
THREAD_GET_CONTEXT = 0x00000008
THREAD_SET_CONTEXT = 0x00000010
THREAD_SET_INFORMATION = 0x00000020
THREAD_QUERY_INFORMATION = 0x00000040
THREAD_SET_THREAD_TOKEN = 0x00000080
THREAD_IMPERSONATE = 0x00000100
THREAD_DIRECT_IMPERSONATION = 0x00000200
THREAD_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3FF
##
#
# Creation flags
#
##
CREATE_SUSPENDED = 0x00000004
##
#
# Event Log
#
##
EVENTLOG_SEQUENTIAL_READ = 0x00000001
EVENTLOG_SEEK_READ = 0x00000002
EVENTLOG_FORWARDS_READ = 0x00000004
EVENTLOG_BACKWARDS_READ = 0x00000008