Vincent Yiu
GitHub
parent
a2a97d0271
commit
1ba33ff7f8
|
|
@ -36,49 +36,47 @@ class MetasploitModule < Msf::Post
|
|||
if reg_keys.nil?
|
||||
print_status('Failed to enumerate Office.')
|
||||
else
|
||||
print_status('')
|
||||
print_status('')
|
||||
print_status('Found Office:')
|
||||
#find version to use
|
||||
reg_keys.each do |path|
|
||||
if not /[0-9][0-9].0/.match(path).nil?
|
||||
val1 = path
|
||||
print_status("Version found: #{val1}")
|
||||
reg_keys2 = registry_enumkeys("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}", reg_view)
|
||||
if reg_keys2.nil?
|
||||
print_status('Failed to enumerate applications.')
|
||||
else
|
||||
print_status('Found applications.')
|
||||
#find version to use
|
||||
reg_keys2.each do |path2|
|
||||
val2 = path2
|
||||
reg_keys3 = registry_enumkeys("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}\\#{val2}\\Security\\Trusted Locations", reg_view)
|
||||
if not reg_keys3.nil?
|
||||
print_status('Found trusted locations.')
|
||||
|
||||
#find version to use
|
||||
reg_keys3.each do |path3|
|
||||
val3 = path3
|
||||
#print_status(path3)
|
||||
print_status('')
|
||||
reg_vals = registry_getvaldata("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}\\#{val2}\\Security\\Trusted Locations\\#{val3}", "Description", reg_view)
|
||||
if not reg_vals.nil?
|
||||
print_status("Description: #{reg_vals}")
|
||||
end
|
||||
reg_vals2 = registry_getvaldata("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}\\#{val2}\\Security\\Trusted Locations\\#{val3}", "AllowSubFolders", reg_view)
|
||||
|
||||
reg_vals = registry_getvaldata("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}\\#{val2}\\Security\\Trusted Locations\\#{val3}", "Path", reg_view)
|
||||
if not reg_vals.nil?
|
||||
if not reg_vals2.nil?
|
||||
print_status("Path: #{reg_vals}, AllowSub: True")
|
||||
else
|
||||
print_status("Path: #{reg_vals}, AllowSub: False")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
if not /[0-9][0-9].0/.match(path).nil?
|
||||
val1 = path
|
||||
print_status("Version found: #{val1}")
|
||||
reg_keys2 = registry_enumkeys("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}", reg_view)
|
||||
if reg_keys2.nil?
|
||||
print_status('Failed to enumerate applications.')
|
||||
else
|
||||
print_status('Found applications.')
|
||||
#find version to use
|
||||
reg_keys2.each do |path2|
|
||||
val2 = path2
|
||||
reg_keys3 = registry_enumkeys("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}\\#{val2}\\Security\\Trusted Locations", reg_view)
|
||||
if not reg_keys3.nil?
|
||||
print_status('Found trusted locations.')
|
||||
#find version to use
|
||||
reg_keys3.each do |path3|
|
||||
val3 = path3
|
||||
#print_status(path3)
|
||||
print_status('')
|
||||
reg_vals = registry_getvaldata("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}\\#{val2}\\Security\\Trusted Locations\\#{val3}", "Description", reg_view)
|
||||
if not reg_vals.nil?
|
||||
print_status("Description: #{reg_vals}")
|
||||
end
|
||||
reg_vals2 = registry_getvaldata("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}\\#{val2}\\Security\\Trusted Locations\\#{val3}", "AllowSubFolders", reg_view)
|
||||
reg_vals = registry_getvaldata("HKCU\\SOFTWARE\\Microsoft\\Office\\#{val1}\\#{val2}\\Security\\Trusted Locations\\#{val3}", "Path", reg_view)
|
||||
if not reg_vals.nil?
|
||||
if not reg_vals2.nil?
|
||||
print_status("Path: #{reg_vals}, AllowSub: True")
|
||||
else
|
||||
print_status("Path: #{reg_vals}, AllowSub: False")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
path = store_loot('host.trusted_locations', 'text/plain', session, reg_keys.join("\r\n"), 'trusted_locations.txt', 'Trusted Locations')
|
||||
print_good("Results stored in: #{path}")
|
||||
|
|
|
|||
Loading…
Reference in New Issue