From 85ff4e22b91261ad7f3a34344eb203f3cc9e8943 Mon Sep 17 00:00:00 2001 From: Carlos Perez Date: Sat, 10 Jul 2010 16:55:50 +0000 Subject: [PATCH] refactor several calls to use now Meterpreter mixin git-svn-id: file:///home/svn/framework3/trunk@9768 4d416f70-5f16-0410-b530-b9f4589650da --- scripts/meterpreter/winenum.rb | 33 ++++----------------------------- 1 file changed, 4 insertions(+), 29 deletions(-) diff --git a/scripts/meterpreter/winenum.rb b/scripts/meterpreter/winenum.rb index 4bc1ce7ade..7dc1827945 100644 --- a/scripts/meterpreter/winenum.rb +++ b/scripts/meterpreter/winenum.rb @@ -141,44 +141,19 @@ nowin2kexe = [ 'wbem\\wmic.exe', ] ################## Function Declarations ################## -#Returns the data of a given registry key and value -def reg_getvaldata(key,valname) - value = nil - begin - root_key, base_key = @client.sys.registry.splitkey(key) - open_key = @client.sys.registry.open_key(root_key, base_key, KEY_READ) - v = open_key.query_value(valname) - value = v.data - open_key.close - end - return value -end -#Enumerates the subkeys of a given registry key returns array of subkeys -def reg_enumkeys(key) - subkeys = [] - begin - root_key, base_key = @client.sys.registry.splitkey(key) - open_key = @client.sys.registry.open_key(root_key, base_key, KEY_READ) - keys = open_key.enum_key - keys.each { |subkey| - subkeys << subkey - } - open_key.close - end - return subkeys -end + def findprogs() print_status("Extracting software list from registry") proglist = "" threadnum = 0 a =[] keyx86 = 'HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall' - reg_enumkeys(keyx86).each do |k| + registry_enumkeys(keyx86).each do |k| if threadnum < 10 a.push(::Thread.new { begin - dispnm = reg_getvaldata("#{keyx86}\\#{k}","DisplayName") - dispversion = reg_getvaldata("#{keyx86}\\#{k}","DisplayVersion") + dispnm = registry_getvaldata("#{keyx86}\\#{k}","DisplayName") + dispversion = registry_getvaldata("#{keyx86}\\#{k}","DisplayVersion") rescue end proglist << "#{dispnm},#{dispversion}\n" if dispnm =~ /[a-z]/