add service_wait_for_status function to services.c

2025-01-20 20:37:27 +01:00 · 2023-03-22 14:14:39 -04:00 · 2023-03-22 14:14:39 -04:00 · 5db46c6833
commit 5db46c6833
parent eb5b35ab24
3 changed files with 37 additions and 18 deletions
--- a/c/meterpreter/source/extensions/priv/namedpipe_efs.c
+++ b/c/meterpreter/source/extensions/priv/namedpipe_efs.c
@ -85,22 +85,9 @@ DWORD elevate_via_namedpipe_efs(Remote* remote, Packet* packet)
 			}
 			else
 			{
-				DWORD            max_timeout = 10000;
-				DWORD        current_timeout = 0;
-				BOOL  has_query_status_error = FALSE;
-
-				while ((state == SERVICE_START_PENDING || state == SERVICE_CONTINUE_PENDING) && current_timeout < max_timeout) {
-					if (service_query_status(EFS_SERVICE_NAME, &state) != ERROR_SUCCESS) {
-						has_query_status_error = TRUE;
-						BREAK_ON_ERROR("[ELEVATE] service_query_status: query service efs status failed.");
-					}
-					Sleep(500);
-					current_timeout += 500;
-				}
-				if (has_query_status_error) break;
-
-				if (state != SERVICE_RUNNING) {
-					BREAK_ON_ERROR("[ELEVATE] service_query_status: efs service is not running.");
+				DWORD dwTimeout = 30000;
+				if (service_wait_for_status(EFS_SERVICE_NAME, SERVICE_RUNNING, dwTimeout) != ERROR_SUCCESS) {
+					BREAK_ON_ERROR("[ELEVATE] service_wait_for_status: service start timed out.");
 				}
 			}

--- a/c/meterpreter/source/extensions/priv/service.c
+++ b/c/meterpreter/source/extensions/priv/service.c
@ -212,12 +212,42 @@ DWORD service_query_status( char* cpName, DWORD* dwState )
 	} while( 0 );

 	if( hService )
-		CloseServiceHandle( hService ); 
+		CloseServiceHandle( hService );

 	if( hManager )
-		CloseServiceHandle( hManager ); 
+		CloseServiceHandle( hManager );

 	SetLastError( dwResult );

 	return dwResult;
 }
+
+/*
+ * Wait for a service to get into specific status.
+ */
+DWORD service_wait_for_status( char* cpName, DWORD dwStatus, DWORD dwMaxTimeout )
+{
+	DWORD dwCurrentStatus;
+	DWORD dwElapsed = 0;
+	DWORD dwResult;
+	do {
+		dwResult = service_query_status(cpName, &dwCurrentStatus);
+		if (dwResult != ERROR_SUCCESS) {
+			break;
+		}
+		if (dwCurrentStatus == dwStatus) {
+			break;
+		}
+		else {
+			Sleep(250);
+			dwElapsed += 250;
+		}
+	} while (dwElapsed < dwMaxTimeout);
+
+	if ((dwResult == ERROR_SUCCESS) && (dwCurrentStatus != dwStatus)) {
+		dwResult = WAIT_TIMEOUT;
+		SetLastError(dwResult);
+	}
+
+	return dwResult;
+}
--- a/c/meterpreter/source/extensions/priv/service.h
+++ b/c/meterpreter/source/extensions/priv/service.h
@ -11,4 +11,6 @@ DWORD service_destroy( char * cpName );

 DWORD service_query_status( char * cpName, DWORD* dwState );

+DWORD service_wait_for_status( char * cpName, DWORD dwStatus, DWORD dwMaxTimeout );
+
 #endif