Metasploit mailing list archives

Fwd: Script for automating Information Gathering in windows Hosts

From: carlos_perez at darkoperator.com (Carlos Perez)
Date: Sun, 14 Dec 2008 22:56:38 -0400

forgot to include the mailing list address on this one to.  As you guys can
see my problem with AutoRunScript is when I have the code inside a module vs
not in a module. Any ideas on how to fix this in the code or is it a bug in
Metasploit?

---------- Forwarded message ----------
From: Carlos Perez <carlos_perez at darkoperator.com>
Date: Sun, Dec 14, 2008 at 7:07 PM
Subject: Re: [framework] Script for automating Information Gathering in
windows Hosts
To: Jerome Athias <jerome.athias at free.fr>


Thanks Jerome, the problem with the AutoRunScript appears to be when I have
the instructions in a Module. Example:
--------------------------------------------- works
----------------------------------------------------------
vmout = ''
info = client.sys.config.sysinfo
print_status "Checking if #{info['Computer']} is a Virtual Machine ........"
# Check for Windows 2003 Machines if running in VMware Workstation/Fusion
begin
   key = 'HKLM\\HARDWARE\\DESCRIPTION\\System\\BIOS'
   root_key, base_key = client.sys.registry.splitkey(key)
   open_key = client.sys.registry.open_key(root_key,base_key,KEY_READ)
   v = open_key.query_value('SystemManufacturer')
   if v.data == 'VMware, Inc.'
            print_status "\tThis is a VMware Workstation/Fusion Virtual
Machine"
            vmout << "This is a VMware Workstation/Fusion Virtual
Machine\n\n"
        end
        rescue
    end
    #Registry path using the HD and CD rom entries in the registry in case
propirtary tools are
    #not installed.
    key = "HKLM\\HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 0\\Scsi Bus 0\\Target
Id 0\\Logical Unit Id 0"
    root_key, base_key = client.sys.registry.splitkey(key)
    open_key = client.sys.registry.open_key(root_key,base_key,KEY_READ)
    v = open_key.query_value('Identifier')

    if v.data.downcase.grep("vmware")
        print_status "\tThis is a VMWare virtual Machine"
        vmout << "This is a VMWare virtual Machine\n\n"
    elsif v.data.downcase.grep("vbox")
        print_status "\tThis is a Sun VirtualBox virtual Machine"
        vmout << "This is a Sun VirtualBox virtual Machine\n\n"
    end
    puts vmout
----------------------------------------------------------------------------------------------------------

if I place this inside a

def vmcheck()
   ..............
end

it fails with:

[12/14/2008 19:11:12] [e(0)] core: Exception raised from handle_connection:
undefined local variable or method `client' for
#<#<Class:0xb6545ba8>:0xb6b3188c>

/pentest/exploits/framework3/lib/rex/script.rb:35:in `eval'
(eval):141:in `on_session'

(eval):88:in `on_session'
/pentest/exploits/framework3/lib/msf/core/handler.rb:202:in `create_session'
/pentest/exploits/framework3/lib/msf/core/payload/stager.rb:128:in
`handle_connection_stage'
/pentest/exploits/framework3/lib/msf/core/payload/windows/dllinject.rb:231:in
`handle_connection_stage'
/pentest/exploits/framework3/lib/msf/core/payload/stager.rb:119:in
`handle_connection'
/pentest/exploits/framework3/lib/msf/core/handler/reverse_tcp.rb:129:in
`start_handler'
/pentest/exploits/framework3/lib/msf/core/handler/reverse_tcp.rb:127:in
`initialize'
/pentest/exploits/framework3/lib/msf/core/handler/reverse_tcp.rb:127:in
`new'
/pentest/exploits/framework3/lib/msf/core/handler/reverse_tcp.rb:127:in
`start_handler'
/pentest/exploits/framework3/lib/msf/core/handler/reverse_tcp.rb:107:in
`initialize'
/pentest/exploits/framework3/lib/msf/core/handler/reverse_tcp.rb:107:in
`new'
/pentest/exploits/framework3/lib/msf/core/handler/reverse_tcp.rb:107:in
`start_handler'
/pentest/exploits/framework3/lib/msf/core/exploit.rb:401:in `setup'
/pentest/exploits/framework3/lib/msf/core/exploit_driver.rb:173:in
`job_run_proc'
/pentest/exploits/framework3/lib/msf/core/exploit_driver.rb:144:in `run'
/pentest/exploits/framework3/lib/msf/base/simple/exploit.rb:121:in
`exploit_simple'
/pentest/exploits/framework3/lib/msf/base/simple/exploit.rb:142:in
`exploit_simple'
/pentest/exploits/framework3/lib/msf/ui/console/command_dispatcher/exploit.rb:118:in
`cmd_exploit'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:234:in
`send'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:234:in
`run_command'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:196:in
`run_single'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in
`each'
/pentest/exploits/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in
`run_single'
/pentest/exploits/framework3/lib/rex/ui/text/shell.rb:127:in `run'
./msfconsole:78


On Sun, Dec 14, 2008 at 9:26 PM, Jerome Athias <jerome.athias at free.fr>wrote:

Nice work

Keep it up!

/JA

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081214/dcafe659/attachment.htm>

Current thread:

Script for automating Information Gathering in windows Hosts Carlos Perez (Dec 14)
- Message not available
  - Message not available
    - Message not available
    - Message not available
    - Message not available
    - Fwd: Script for automating Information Gathering in windows Hosts Carlos Perez (Dec 14)
- Message not available
  - Message not available
    - Fwd: Script for automating Information Gathering in windows Hosts Carlos Perez (Dec 14)
    - Script for automating Information Gathering in windows Hosts Carlos Perez (Dec 22)