dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move meterpreter_service_list to be a private method to align with expectations of when function will be used and to prevent need for adding additional validation code

This commit is contained in:
Grant Willcox 2022-09-09 12:24:15 -05:00
parent e4c7cadc86
commit 3e8fbb665f
No known key found for this signature in database
GPG Key ID: D35E05C0F2B81E83
1 changed files with 62 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
lib/msf/core/post/windows/services.rb
View File

@ -238,68 +238,6 @@ module Msf
services services
end end
# Meterpreter specific function to list out all Windows Services present on the target.
# Uses threading to help speed up the information retrieval.
#
# @return [Array<Hash>] Array of Hashes containing Service details. May contain the following keys:
# * :name
# * :display
# * :pid
# * :status
# * :interactive
#
def meterpreter_service_list
return [] if session.type != 'meterpreter' # This function isn't compatible with non-Meterpreter sessions.
if session.commands.include?(Rex::Post::Meterpreter::Extensions::Stdapi::COMMAND_ID_STDAPI_REGISTRY_ENUM_KEY)
begin
return session.extapi.service.enumerate
rescue Rex::Post::Meterpreter::RequestError => e
vprint_error("Request Error #{e} falling back to registry technique")
end
end
serviceskey = 'HKLM\\SYSTEM\\CurrentControlSet\\Services'
keys = registry_enumkeys(serviceskey)
threads = 10
services = []
until keys.empty?
thread_list = []
threads = 1 if threads <= 0
if keys.length < threads
threads = keys.length
end
begin
1.upto(threads) do
thread_list << framework.threads.spawn(refname + '-ServiceRegistryList', false, keys.shift) do |service_name|
service_type = registry_getvaldata("#{serviceskey}\\#{service_name}", 'Type').to_i
next unless [
SERVICE_WIN32_OWN_PROCESS,
SERVICE_WIN32_OWN_PROCESS_INTERACTIVE,
SERVICE_WIN32_SHARE_PROCESS,
SERVICE_WIN32_SHARE_PROCESS_INTERACTIVE
].include?(service_type)
services << { name: service_name }
end
end
thread_list.map(&:join)
rescue ::Timeout::Error
ensure
thread_list.each do |thread|
thread.kill
rescue StandardError
nil
end
end
end
services
end
# #
# Get Windows Service information. # Get Windows Service information.
# #
@ -655,6 +593,68 @@ module Msf
return nil return nil
end end
end end
private
# Meterpreter specific function to list out all Windows Services present on the target.
# Uses threading to help speed up the information retrieval.
#
# @return [Array<Hash>] Array of Hashes containing Service details. May contain the following keys:
# * :name
# * :display
# * :pid
# * :status
# * :interactive
#
def meterpreter_service_list
if session.commands.include?(Rex::Post::Meterpreter::Extensions::Stdapi::COMMAND_ID_STDAPI_REGISTRY_ENUM_KEY)
begin
return session.extapi.service.enumerate
rescue Rex::Post::Meterpreter::RequestError => e
vprint_error("Request Error #{e} falling back to registry technique")
end
end
serviceskey = 'HKLM\\SYSTEM\\CurrentControlSet\\Services'
keys = registry_enumkeys(serviceskey)
threads = 10
services = []
until keys.empty?
thread_list = []
threads = 1 if threads <= 0
if keys.length < threads
threads = keys.length
end
begin
1.upto(threads) do
thread_list << framework.threads.spawn(refname + '-ServiceRegistryList', false, keys.shift) do |service_name|
service_type = registry_getvaldata("#{serviceskey}\\#{service_name}", 'Type').to_i
next unless [
SERVICE_WIN32_OWN_PROCESS,
SERVICE_WIN32_OWN_PROCESS_INTERACTIVE,
SERVICE_WIN32_SHARE_PROCESS,
SERVICE_WIN32_SHARE_PROCESS_INTERACTIVE
].include?(service_type)
services << { name: service_name }
end
end
thread_list.map(&:join)
rescue ::Timeout::Error
ensure
thread_list.each do |thread|
thread.kill
rescue StandardError
nil
end
end
end
services
end
end end
end end
end end