mirror of
https://github.com/rapid7/metasploit-payloads
synced 2025-01-08 14:36:22 +01:00
Add sysinfo, code tidy
This commit is contained in:
OJ
parent
3f9681c34e
commit
1d85ea8513
File diff suppressed because it is too large
Load Diff
@ -6,7 +6,7 @@
|
||||
#ifndef _METERPRETER_SOURCE_EXTENSION_POWERSHELL_RUNNER_H
|
||||
#define _METERPRETER_SOURCE_EXTENSION_POWERSHELL_RUNNER_H
|
||||
|
||||
#define PSHRUNNER_DLL_LEN 27648
|
||||
#define PSHRUNNER_DLL_LEN 30720
|
||||
|
||||
extern unsigned char PowerShellRunnerDll[PSHRUNNER_DLL_LEN];
|
||||
|
||||
|
||||
@ -43,6 +43,7 @@
|
||||
<Compile Include="Meterpreter\Core.cs" />
|
||||
<Compile Include="Meterpreter\FileSystem.cs" />
|
||||
<Compile Include="Meterpreter\Kiwi.cs" />
|
||||
<Compile Include="Meterpreter\Sys.cs" />
|
||||
<Compile Include="Meterpreter\User.cs" />
|
||||
<Compile Include="Properties\AssemblyInfo.cs" />
|
||||
<Compile Include="Runner.cs" />
|
||||
|
||||
@ -56,12 +56,12 @@ namespace MSF.Powershell.Meterpreter
|
||||
{
|
||||
System.Diagnostics.Debug.Write("[PSH BINDING] ShowMount succeeded");
|
||||
var mountDict = (Dictionary<TlvType, List<object>>)mountObj;
|
||||
var name = mountDict.ContainsKey(TlvType.MountName) ? (string)mountDict[TlvType.MountName][0] : "";
|
||||
var type = mountDict.ContainsKey(TlvType.MountType) ? (MountType)mountDict[TlvType.MountType][0] : MountType.Unknown;
|
||||
var spaceUser = mountDict.ContainsKey(TlvType.MountSpaceUser) ? (Int64)mountDict[TlvType.MountSpaceUser][0] : 0L;
|
||||
var spaceTotal = mountDict.ContainsKey(TlvType.MountSpaceTotal) ? (Int64)mountDict[TlvType.MountSpaceTotal][0] : 0L;
|
||||
var spaceFree = mountDict.ContainsKey(TlvType.MountSpaceFree) ? (Int64)mountDict[TlvType.MountSpaceFree][0] : 0L;
|
||||
var uncPath = mountDict.ContainsKey(TlvType.MountUncPath) ? (string)mountDict[TlvType.MountUncPath][0] : "";
|
||||
var name = Tlv.GetValue<string>(mountDict, TlvType.MountName, string.Empty);
|
||||
var type = Tlv.GetValue<MountType>(mountDict, TlvType.MountType, MountType.Unknown);
|
||||
var spaceUser = Tlv.GetValue<Int64>(mountDict, TlvType.MountSpaceUser);
|
||||
var spaceTotal = Tlv.GetValue<Int64>(mountDict, TlvType.MountSpaceTotal);
|
||||
var spaceFree = Tlv.GetValue<Int64>(mountDict, TlvType.MountSpaceFree);
|
||||
var uncPath = Tlv.GetValue<string>(mountDict, TlvType.MountUncPath, string.Empty);
|
||||
mounts.Add(new Mount(name, type, spaceUser, spaceTotal, spaceFree, uncPath));
|
||||
}
|
||||
|
||||
|
||||
@ -49,9 +49,9 @@ namespace MSF.Powershell.Meterpreter
|
||||
foreach (var credObj in responseTlv[TlvType.KiwiPwdResult])
|
||||
{
|
||||
var credDict = (Dictionary<TlvType, List<object>>)credObj;
|
||||
var domain = credDict.ContainsKey(TlvType.KiwiPwdDomain) ? (string)credDict[TlvType.KiwiPwdDomain][0] : "";
|
||||
var username = credDict.ContainsKey(TlvType.KiwiPwdUserName) ? (string)credDict[TlvType.KiwiPwdUserName][0] : "";
|
||||
var password = credDict.ContainsKey(TlvType.KiwiPwdPassword) ? (string)credDict[TlvType.KiwiPwdPassword][0] : "";
|
||||
var domain = Tlv.GetValue<string>(credDict, TlvType.KiwiPwdDomain, string.Empty);
|
||||
var username = Tlv.GetValue<string>(credDict, TlvType.KiwiPwdUserName, string.Empty);
|
||||
var password = Tlv.GetValue<string>(credDict, TlvType.KiwiPwdPassword, string.Empty);
|
||||
var credential = new Credential(domain, username, password);
|
||||
|
||||
if (!ids.ContainsKey(credential.ToString()))
|
||||
|
||||
83
powershell/MSF.Powershell/Meterpreter/Sys.cs
Executable file
83
powershell/MSF.Powershell/Meterpreter/Sys.cs
Executable file
@ -0,0 +1,83 @@
|
||||
namespace MSF.Powershell.Meterpreter
|
||||
{
|
||||
public static class Sys
|
||||
{
|
||||
public class ProcessInfo
|
||||
{
|
||||
public string Architecture { get; private set; }
|
||||
public int Pid { get; private set; }
|
||||
public int ParentPid { get; private set; }
|
||||
public string Name { get; private set; }
|
||||
public string Path { get; private set; }
|
||||
public int Session { get; private set; }
|
||||
public string User { get; private set; }
|
||||
|
||||
public ProcessInfo(string architcutre, int pid, int parentPid, string name,
|
||||
string path, int session, string user)
|
||||
{
|
||||
Architecture = architcutre;
|
||||
Pid = pid;
|
||||
ParentPid = parentPid;
|
||||
Name = name;
|
||||
Path = path;
|
||||
Session = session;
|
||||
User = user;
|
||||
}
|
||||
}
|
||||
|
||||
public class SysInfo
|
||||
{
|
||||
public string Host { get; private set; }
|
||||
public string OperatingSystem { get; private set; }
|
||||
public string Architecture { get; private set; }
|
||||
public string Language { get; private set; }
|
||||
public string Domain { get; private set; }
|
||||
public int LoggedOnUsers { get; private set; }
|
||||
|
||||
public SysInfo(string host, string operatingSystem, string architecture, string language,
|
||||
string domain, int loggedOnUsers)
|
||||
{
|
||||
Host = host;
|
||||
OperatingSystem = operatingSystem;
|
||||
Architecture = architecture;
|
||||
Language = language;
|
||||
Domain = domain;
|
||||
LoggedOnUsers = loggedOnUsers;
|
||||
}
|
||||
}
|
||||
|
||||
public static SysInfo Info()
|
||||
{
|
||||
Tlv tlv = new Tlv();
|
||||
|
||||
var result = Core.InvokeMeterpreterBinding(true, tlv.ToRequest("stdapi_sys_config_sysinfo"));
|
||||
|
||||
if (result != null)
|
||||
{
|
||||
System.Diagnostics.Debug.Write("[PSH BINDING] Info result returned");
|
||||
var responseTlv = Tlv.FromResponse(result);
|
||||
if (responseTlv[TlvType.Result].Count > 0 &&
|
||||
(int)responseTlv[TlvType.Result][0] == 0)
|
||||
{
|
||||
System.Diagnostics.Debug.Write("[PSH BINDING] Info succeeded");
|
||||
|
||||
var host = Tlv.GetValue<string>(responseTlv, TlvType.ComputerName, string.Empty);
|
||||
var os = Tlv.GetValue<string>(responseTlv, TlvType.OsName, string.Empty);
|
||||
var arch = Tlv.GetValue<string>(responseTlv, TlvType.Architecture, string.Empty);
|
||||
var lang = Tlv.GetValue<string>(responseTlv, TlvType.LangSystem, string.Empty);
|
||||
var domain = Tlv.GetValue<string>(responseTlv, TlvType.Domain, string.Empty);
|
||||
var loggedOn = Tlv.GetValue<int>(responseTlv, TlvType.LoggedOnUserCount);
|
||||
|
||||
return new SysInfo(host, os, arch, lang, domain, loggedOn);
|
||||
}
|
||||
System.Diagnostics.Debug.Write("[PSH BINDING] ShowMount failed");
|
||||
}
|
||||
else
|
||||
{
|
||||
System.Diagnostics.Debug.Write("[PSH BINDING] ShowMount result was null");
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -122,6 +122,16 @@ namespace MSF.Powershell.Meterpreter
|
||||
return dict;
|
||||
}
|
||||
|
||||
public static T GetValue<T>(Dictionary<TlvType, List<object>> tlvDict, TlvType tlvType, T defaultVal = default(T))
|
||||
{
|
||||
if (tlvDict.ContainsKey(tlvType) && tlvDict[tlvType].Count > 0)
|
||||
{
|
||||
return (T)tlvDict[tlvType][0];
|
||||
}
|
||||
|
||||
return defaultVal;
|
||||
}
|
||||
|
||||
public byte[] Bytes
|
||||
{
|
||||
get
|
||||
|
||||
@ -18,7 +18,7 @@
|
||||
if (responseTlv[TlvType.Result].Count > 0 &&
|
||||
(int)responseTlv[TlvType.Result][0] == 0)
|
||||
{
|
||||
return (string)responseTlv[TlvType.UserName][0];
|
||||
return Tlv.GetValue<string>(responseTlv, TlvType.UserName);
|
||||
}
|
||||
}
|
||||
|
||||
@ -39,7 +39,7 @@
|
||||
if (responseTlv[TlvType.Result].Count > 0 &&
|
||||
(int)responseTlv[TlvType.Result][0] == 0)
|
||||
{
|
||||
return (string)responseTlv[TlvType.Sid][0];
|
||||
return Tlv.GetValue<string>(responseTlv, TlvType.Sid);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user