Merge pull request #67 from kernelsmith/railgun-add_const_reverse_lookup
Add const_reverse_lookup and error_lookup to railgun (redmine 6128)
This commit is contained in:
commit
35e868f705
|
@ -277,6 +277,22 @@ class Railgun
|
||||||
def const(str)
|
def const(str)
|
||||||
return constant_manager.parse(str)
|
return constant_manager.parse(str)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Return an array of windows constants names matching +winconst+
|
||||||
|
#
|
||||||
|
|
||||||
|
def const_reverse_lookup(winconst,filter_regex=nil)
|
||||||
|
return constant_manager.rev_lookup(winconst,filter_regex)
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Returns an array of windows error code names for a given windows error code matching +err_code+
|
||||||
|
#
|
||||||
|
|
||||||
|
def error_lookup (err_code,filter_regex=/^ERROR_/)
|
||||||
|
return constant_manager.rev_lookup(err_code,filter_regex)
|
||||||
|
end
|
||||||
|
|
||||||
#
|
#
|
||||||
# The multi-call shorthand (["kernel32", "ExitProcess", [0]])
|
# The multi-call shorthand (["kernel32", "ExitProcess", [0]])
|
||||||
|
|
|
@ -70,6 +70,30 @@ class WinConstManager
|
||||||
def is_parseable(s)
|
def is_parseable(s)
|
||||||
return parse(s) != nil
|
return parse(s) != nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# looks up a windows constant (integer or hex) and returns an array of matching winconstant names
|
||||||
|
#
|
||||||
|
# this function will NOT throw an exception but return "nil" if it can't find an error code
|
||||||
|
def rev_lookup(winconst, filter_regex=nil)
|
||||||
|
c = winconst.to_i # this is what we're gonna reverse lookup
|
||||||
|
arr = [] # results array
|
||||||
|
@consts.each_pair do |k,v|
|
||||||
|
arr << k if v == c
|
||||||
|
end
|
||||||
|
if filter_regex # this is how we're going to filter the results
|
||||||
|
# in case we get passed a string instead of a Regexp
|
||||||
|
filter_regex = Regexp.new(filter_regex) unless filter_regex.class == Regexp
|
||||||
|
# do the actual filtering
|
||||||
|
arr.select! do |item|
|
||||||
|
item if item =~ filter_regex
|
||||||
|
end
|
||||||
|
end
|
||||||
|
return arr
|
||||||
|
end
|
||||||
|
|
||||||
|
def is_parseable(s)
|
||||||
|
return parse(s) != nil
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
end; end; end; end; end; end
|
end; end; end; end; end; end
|
||||||
|
|
|
@ -0,0 +1,58 @@
|
||||||
|
|
||||||
|
##
|
||||||
|
# $Id$
|
||||||
|
##
|
||||||
|
|
||||||
|
##
|
||||||
|
# This file is part of the Metasploit Framework and may be subject to
|
||||||
|
# redistribution and commercial restrictions. Please see the Metasploit
|
||||||
|
# Framework web site for more information on licensing and terms of use.
|
||||||
|
# http://metasploit.com/framework/
|
||||||
|
##
|
||||||
|
|
||||||
|
require 'msf/core'
|
||||||
|
require 'rex'
|
||||||
|
|
||||||
|
class Metasploit3 < Msf::Post
|
||||||
|
|
||||||
|
def initialize(info={})
|
||||||
|
super( update_info( info,
|
||||||
|
'Name' => 'railgun_testing',
|
||||||
|
'Description' => %q{ This module will test railgun code used in post modules},
|
||||||
|
'License' => MSF_LICENSE,
|
||||||
|
'Author' => [ 'kernelsmith'],
|
||||||
|
'Version' => '$Revision$',
|
||||||
|
'Platform' => [ 'windows' ]
|
||||||
|
))
|
||||||
|
register_options(
|
||||||
|
[
|
||||||
|
OptInt.new("ERR_CODE" , [true, "Error code to reverse lookup", 0x420]),
|
||||||
|
OptInt.new("WIN_CONST", [true, "Windows constant to reverse lookup", 4]),
|
||||||
|
OptString.new("WCREGEX", [false,"Regexp to apply to constant rev lookup", "^SERVICE"]),
|
||||||
|
OptString.new("ECREGEX", [false,"Regexp to apply to error code lookup", "^ERROR_SERVICE_"]),
|
||||||
|
], self.class)
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
def run
|
||||||
|
print_status("Running against session #{datastore["SESSION"]}")
|
||||||
|
print_status("Session type is #{session.type}")
|
||||||
|
|
||||||
|
@rg = session.railgun
|
||||||
|
|
||||||
|
print_status()
|
||||||
|
print_status("TESTING: const_reverse_lookup on #{datastore['WIN_CONST']} filtering by #{datastore['WCREGEX'].to_s}")
|
||||||
|
results = @rg.const_reverse_lookup(datastore['WIN_CONST'],datastore['WCREGEX'])
|
||||||
|
print_status("RESULTS: #{results.class} #{results.pretty_inspect}")
|
||||||
|
|
||||||
|
print_status()
|
||||||
|
print_status("TESTING: error_lookup on #{datastore['ERR_CODE']} filtering by #{datastore['ECREGEX'].to_s}")
|
||||||
|
results = @rg.error_lookup(datastore['ERR_CODE'],datastore['ECREGEX'])
|
||||||
|
print_status("RESULTS: #{results.class} #{results.inspect}")
|
||||||
|
|
||||||
|
print_status()
|
||||||
|
print_status("Testing Complete!")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue