Metasploit mailing list archives
How can I read Binary Windows Registry Data?
From: carlos_perez at darkoperator.com (Carlos Perez)
Date: Sun, 14 Dec 2008 19:34:29 -0400
Guys I'm writing a small module for a meterpreter script that will read the registry keys where WEP and WPA keys and the SSID for the corresponsing keys are stored, this data is in binary formay can anyone pointme in a direction or help in interpreting the binary data? Thanks here is the code: def wlanzeroconfig key = 'HKLM\\Software\\Microsoft\\WZCSVC\\Parameters\\Interfaces' root_key, base_key = client.sys.registry.splitkey(key) open_key = client.sys.registry.open_key(root_key,base_key,KEY_READ) keys = open_key.enum_key vals = open_key.enum_value if (keys.length > 0) keys.each { |subkey| format = 'z50z20z1020c' keyint = key+"\\#{subkey}" root_key, base_key = client.sys.registry.splitkey(keyint) open_keyint = client.sys.registry.open_key(root_key,base_key,KEY_READ) valsint = open_keyint.enum_value valsint.find_all {|val| print_line(val.name) v = open_keyint.query_value(val.name) puts = v.data.to_s } } else print_line("This target appears to not have a Wireless Interface") end end -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081214/b4155c22/attachment.htm>
Current thread:
- How can I read Binary Windows Registry Data? Carlos Perez (Dec 14)
- How can I read Binary Windows Registry Data? Lukas Kuzmiak (Dec 14)