Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

How to get specialized Windows platforms?

From: Joshua TAYLOR <joshuaaaron () gmail com>
Date: Fri, 2 Sep 2011 12:34:57 -0400
Hi all,

I see in platform.rb that there are many specialized platform types,
at least for Windows. E.g.,

        class Windows < Msf::Module::Platform
                Rank  = 100
                # Windows 95
                class W95 < Windows
                        Rank = 100
                        Alias = "95"
                        RealName = "95"
                end
            ...
         end

As far as I can tell, though, these specialized windows platforms
aren't actually used anywhere.  I.e., the most specific platform entry
(for windows entries) are 'win' or 'windows'.  I was a bit surprised
at that, but not too concerned.  However, I'm not sure what sort of
entry to use to get to these platforms.  I'd thought that the class
name might work, but (focusing in on
Msf::Module::Platform.find_platform), but, e.g.,

Msf::Module::Platform.find_platform('W98')

produces

/opt/metasploit3/msf3/lib/msf/core/module/platform.rb:60:in
`find_platform': No classes in Msf::Module::Platform::Windows for 98!
(ArgumentError)
        from ./<filename>:<linenumber>:in `<main>'

find_platform's main work is done by find_portion.  Now, the
implementation of find_portion doesn't look like it traverses the
class hierarchy, and so wouldn't find subclasses of the subclasses of
Msf::Module::Platform.  Nonetheless, it does call into
build_child_platform_abbrev, which, it seems to me, is *supposed* to
traverse the class hierarchy, by virtue of the comment at the end of
the function:

                # Set the ranked list and abbreviated list on this module,
                # then walk the children
                mod.const_set('Abbrev', abbrev)
                mod.const_set('Ranks', ranked)
                mod.const_set('Names', names)
        end

I'm hoping I've just missed something, or that the platform class
hierarchy is a new addition that isn't really supported/used yet (but
it looks like it's been in for a while (the windows classes have been
in since 2733).  Anyone know the story?

Thanks!
//JT

-- 
Joshua Taylor, http://www.cs.rpi.edu/~tayloj/
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: