Module: Msf::Post::Windows::Dotnet
Constant Summary
Constants included from Registry
Registry::HKEY_CLASSES_ROOT, Registry::HKEY_CURRENT_CONFIG, Registry::HKEY_CURRENT_USER, Registry::HKEY_DYN_DATA, Registry::HKEY_LOCAL_MACHINE, Registry::HKEY_PERFORMANCE_DATA, Registry::HKEY_USERS, Registry::REGISTRY_VIEW_32_BIT, Registry::REGISTRY_VIEW_64_BIT, Registry::REGISTRY_VIEW_NATIVE, Registry::REG_BIG_ENDIAN, Registry::REG_BINARY, Registry::REG_DWORD, Registry::REG_EXPAND_SZ, Registry::REG_LINK, Registry::REG_LITTLE_ENDIAN, Registry::REG_MULTI_SZ, Registry::REG_NONE, Registry::REG_QWORD, Registry::REG_SZ
Instance Method Summary collapse
-
#get_dotnet_versions ⇒ Object
‘Public’ function that returns a list of all .NET versions on a windows host.
-
#get_versionception(dotnet_vkey) ⇒ Object
Bruteforce search all subkeys in an over-arching release to locate the actual release version.
- #initialize(info = {}) ⇒ Object
-
#search_for_version(dotnet_subkey) ⇒ Object
Searches the subkey for the value ‘Version’ which contains the actual version, rather than the over-arching release An alternative would be to query for it, and catch the exception.
Methods included from Registry
#meterpreter_registry_createkey, #meterpreter_registry_deletekey, #meterpreter_registry_deleteval, #meterpreter_registry_enumkeys, #meterpreter_registry_enumvals, #meterpreter_registry_getvaldata, #meterpreter_registry_getvalinfo, #meterpreter_registry_key_exist?, #meterpreter_registry_loadkey, #meterpreter_registry_perms, #meterpreter_registry_setvaldata, #meterpreter_registry_unloadkey, #normalize_key, #registry_createkey, #registry_deletekey, #registry_deleteval, #registry_enumkeys, #registry_enumvals, #registry_getvaldata, #registry_getvalinfo, #registry_hive_lookup, #registry_key_exist?, #registry_loadkey, #registry_setvaldata, #registry_unloadkey, #session_has_registry_ext, #shell_registry_cmd, #shell_registry_cmd_result, #shell_registry_createkey, #shell_registry_deletekey, #shell_registry_deleteval, #shell_registry_enumkeys, #shell_registry_enumvals, #shell_registry_getvaldata, #shell_registry_getvalinfo, #shell_registry_key_exist?, #shell_registry_loadkey, #shell_registry_setvaldata, #shell_registry_unloadkey, #split_key
Methods included from CliParse
#win_parse_error, #win_parse_results
Methods included from Common
#clear_screen, #cmd_exec, #cmd_exec_get_pid, #cmd_exec_with_result, #command_exists?, #get_env, #get_envs, #peer, #report_virtualization, #rhost, #rport
Instance Method Details
#get_dotnet_versions ⇒ Object
‘Public’ function that returns a list of all .NET versions on a windows host
62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 |
# File 'lib/msf/core/post/windows/dotnet.rb', line 62 def get_dotnet_versions ret_val = [] key = 'HKLM\\SOFTWARE\\Microsoft\NET Framework Setup\\NDP' begin dotnet_keys = registry_enumkeys(key) rescue Rex::Post::Meterpreter::RequestError => e print_status("Encountered exception in get_dotnet_version: #{e.class} #{e}") elog(e) end unless dotnet_keys.nil? dotnet_keys.each do |temp_key| if temp_key[0] == 'v' key = 'HKLM\\SOFTWARE\\Microsoft\NET Framework Setup\\NDP\\' + temp_key dotnet_version = get_versionception(key) unless dotnet_version.nil? ret_val << dotnet_version end end end end return ret_val end |
#get_versionception(dotnet_vkey) ⇒ Object
Bruteforce search all subkeys in an over-arching release to locate the actual release version.
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/msf/core/post/windows/dotnet.rb', line 38 def get_versionception(dotnet_vkey) exact_version = nil begin subkeys = registry_enumkeys(dotnet_vkey) rescue Rex::Post::Meterpreter::RequestError => e print_status("Encountered exception in get_versionception: #{e.class} #{e}") elog(e) end unless subkeys.nil? subkeys.each do |subkey| exact_version = search_for_version(dotnet_vkey + '\\' + subkey) unless exact_version.nil? # if we find a version, stop looking break end end end return exact_version end |
#initialize(info = {}) ⇒ Object
6 7 8 |
# File 'lib/msf/core/post/windows/dotnet.rb', line 6 def initialize(info = {}) super end |
#search_for_version(dotnet_subkey) ⇒ Object
Searches the subkey for the value ‘Version’ which contains the actual version, rather than the over-arching release An alternative would be to query for it, and catch the exception.
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/msf/core/post/windows/dotnet.rb', line 15 def search_for_version(dotnet_subkey) dotnet_version = nil begin subkeys = registry_enumvals(dotnet_subkey) rescue Rex::Post::Meterpreter::RequestError => e print_status("Encountered exception in search_for_version: #{e.class} #{e}") elog(e) end unless subkeys.nil? subkeys.each do |subkey| if subkey == 'Version' dotnet_version = registry_getvaldata(dotnet_subkey, subkey) break end end end return dotnet_version end |