Bug #2427
winenum meterpreter scripts incorrectly detects windows 7
| Status: | Closed | Start date: | 08/18/2010 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | HD Moore | % Done: | 100% |
|
| Category: | meterpreter - win32 | |||
| Target version: | - | Estimated time: | 0.50 hour | |
| Resolution: | Release Note: |
Description
Hello,
on some systems, the winenum script fails.
if winversion['OS']=~ /(Vista|7)/
incorrectly detects some Win 2003 version as 7 because of a "7" in the build number.
It then stops with an exception because :
open_key = @client.sys.registry.open_key(root_key, base_key, KEY_READ)
fails and the exception is not catched.
Required to fix :
- fix 7 detection, or
- catch exception.
Associated revisions
correct regex again, see #2427
git-svn-id: file:///home/svn/framework3/trunk@10080 4d416f70-5f16-0410-b530-b9f4589650da
History
Updated by Joshua J. Drake over 1 year ago
- % Done changed from 0 to 70
I handled the regex, as well as removed a duplicate call to sysinfo, in r10046. I didn't encounter the exception that you referred to.
Updated by user1 user1 over 1 year ago
If this function call fails :
open_key = @client.sys.registry.open_key(root_key, base_key, KEY_READ)
the script execution will stop.
Other registry accesses in the winenum script are surrounded by begin/rescue/end to account for non existant registry keys.
I think it would be nice to add one to improve reliability.
Updated by Carlos Perez over 1 year ago
Made some changes in r10079 do test and let us know if the exception still happens. Also fixed another one of the regex.
Updated by Joshua J. Drake over 1 year ago
I'm afraid I don't see any place where there isn't a begin/rescue block around such a registry access.
Updated by Joshua J. Drake over 1 year ago
Also, we should not be catching ::Exception, we should only catch specific exceptions.
It might make more sense to make the registry access catch those specific exceptions internally instead. Just an idea.
Updated by Carlos Perez over 1 year ago
You will not see the entry because I removed that piece of code and changed it with the mixin call in Revision r10079, This script is part of my to do for migrating to the new mixin and I will look at catching the registry reads internally when I start re-writing it.
Updated by user1 user1 over 1 year ago
I unfortunately can't test the patch as I don't have access to the machine anymore, but the bug is most probably fixed. Thanks.
Updated by Carlos Perez over 1 year ago
- Status changed from New to Closed
- % Done changed from 70 to 100