Class: Msf::WindowsVersion

Inherits:
Object
  • Object
show all
Includes:
ServerSpecificVersions, WorkstationSpecificVersions
Defined in:
lib/msf/core/windows_version.rb

Overview

Represents the version of a Windows operating system

Defined Under Namespace

Modules: MajorRelease, ServerSpecificVersions, WorkstationSpecificVersions

Constant Summary collapse

VER_NT_WORKSTATION = 
1
VER_NT_DOMAIN_CONTROLLER = 
2
VER_NT_SERVER = 
3
ServerNameMapping = 
{
  :Server2003_SP0 => "Windows Server 2003",
  :Server2003_SP1 => "Windows Server 2003 Service Pack 1",
  :Server2003_SP2 => "Windows Server 2003 Service Pack 2",
  :Server2008_SP0 => "Windows Server 2008",
  :Server2008_SP1 => "Windows Server 2008 Service Pack 1",
  :Server2008_SP2 => "Windows Server 2008 Service Pack 2",
  :Server2008_SP2_Update => "Windows Server 2008 Service Pack 2 Update",
  :Server2008_R2_SP0 => "Windows Server 2008 R2",
  :Server2008_R2_SP1 => "Windows Server 2008 R2 Service Pack 1",
  :Server2012 => "Windows Server 2012 R2",
  :Server2012_R2 => "Windows Server 2012 R2",
  :Server2016 => "Windows Server 2016",
  :Server2019 => "Windows Server 2019",
  :Server2022 => "Windows Server 2022",
  :Server2022_23H2 => "Windows Server 2022 version 23H2"
}
WorkstationNameMapping = 
{
  :Win2000 => "Windows 2000",
  :XP_SP0 => "Windows XP",
  :XP_SP1 => "Windows XP Service Pack 1",
  :XP_SP2 => "Windows XP Service Pack 2",
  :XP_SP3 => "Windows XP Service Pack 3",
  :Vista_SP0 => "Windows Vista",
  :Vista_SP1 => "Windows Vista Service Pack 1",
  :Vista_SP2 => "Windows Vista Service Pack 2",
  :Win7_SP0 => "Windows 7",
  :Win7_SP1 => "Windows 7 Service Pack 1",
  :Win8 => "Windows 8",
  :Win81 => "Windows 8.1",
  :Win10_1507 => "Windows 10 version 1507",
  :Win10_1511 => "Windows 10 version 1511",
  :Win10_1607 => "Windows 10 version 1607",
  :Win10_1703 => "Windows 10 version 1703",
  :Win10_1709 => "Windows 10 version 1709",
  :Win10_1803 => "Windows 10 version 1803",
  :Win10_1809 => "Windows 10 version 1809",
  :Win10_1903 => "Windows 10 version 1903",
  :Win10_1909 => "Windows 10 version 1909",
  :Win10_2004 => "Windows 10 version 2004",
  :Win10_20H2 => "Windows 10 version 20H2",
  :Win10_21H1 => "Windows 10 version 21H1",
  :Win10_21H2 => "Windows 10 version 21H2",
  :Win10_22H2 => "Windows 10 version 22H2",
  :Win11_21H2 => "Windows 11 version 21H2",
  :Win11_22H2 => "Windows 11 version 22H2",
  :Win11_23H2 => "Windows 11 version 23H2",
  :Win11_24H2 => "Windows 11 version 24H2"
}
Win10_InitialRelease = 
Win10_1507

Constants included from ServerSpecificVersions

ServerSpecificVersions::Server2003_SP0, ServerSpecificVersions::Server2003_SP1, ServerSpecificVersions::Server2003_SP2, ServerSpecificVersions::Server2008_R2_SP0, ServerSpecificVersions::Server2008_R2_SP1, ServerSpecificVersions::Server2008_SP0, ServerSpecificVersions::Server2008_SP1, ServerSpecificVersions::Server2008_SP2, ServerSpecificVersions::Server2008_SP2_Update, ServerSpecificVersions::Server2012, ServerSpecificVersions::Server2012_R2, ServerSpecificVersions::Server2016, ServerSpecificVersions::Server2019, ServerSpecificVersions::Server2022, ServerSpecificVersions::Server2022_23H2

Constants included from WorkstationSpecificVersions

WorkstationSpecificVersions::Vista_SP0, WorkstationSpecificVersions::Vista_SP1, WorkstationSpecificVersions::Vista_SP2, WorkstationSpecificVersions::Win10_1507, WorkstationSpecificVersions::Win10_1511, WorkstationSpecificVersions::Win10_1607, WorkstationSpecificVersions::Win10_1703, WorkstationSpecificVersions::Win10_1709, WorkstationSpecificVersions::Win10_1803, WorkstationSpecificVersions::Win10_1809, WorkstationSpecificVersions::Win10_1903, WorkstationSpecificVersions::Win10_1909, WorkstationSpecificVersions::Win10_2004, WorkstationSpecificVersions::Win10_20H2, WorkstationSpecificVersions::Win10_21H1, WorkstationSpecificVersions::Win10_21H2, WorkstationSpecificVersions::Win10_22H2, WorkstationSpecificVersions::Win11_21H2, WorkstationSpecificVersions::Win11_22H2, WorkstationSpecificVersions::Win11_23H2, WorkstationSpecificVersions::Win11_24H2, WorkstationSpecificVersions::Win2000, WorkstationSpecificVersions::Win7_SP0, WorkstationSpecificVersions::Win7_SP1, WorkstationSpecificVersions::Win8, WorkstationSpecificVersions::Win81, WorkstationSpecificVersions::XP_SP0, WorkstationSpecificVersions::XP_SP1, WorkstationSpecificVersions::XP_SP2, WorkstationSpecificVersions::XP_SP3

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(major, minor, build, service_pack, revision, product_type) ⇒ WindowsVersion

Returns a new instance of WindowsVersion.



146
147
148
149
150
151
152
153
 
# File 'lib/msf/core/windows_version.rb', line 146

def initialize(major, minor, build, service_pack, revision, product_type)
  self._major = major
  self._minor = minor
  self._build = build
  self._service_pack = service_pack
  self._revision = revision
  self.product_type = product_type
end

Class Method Details

.from_ntlm_os_version(major, minor, build) ⇒ String

Get the string representation of the OS, given a major, minor and build number (as reported by an NTLM handshake). The NTLM structure makes no guarantee that the underlying OS of the server is actually Windows, so if we don’t find a precise match, return nil

Parameters:

  • major (Integer)

    The major build number reported in the NTLM handshake

  • minor (Integer)

    The minor build number reported in the NTLM handshake

  • build (Integer)

    The build build number reported in the NTLM handshake

Returns:

  • (String)

    The possible matching OS versions, or nil if no corresponding match can be found



232
233
234
235
236
237
238
239
240
241
242
243
244
245
 
# File 'lib/msf/core/windows_version.rb', line 232

def self.from_ntlm_os_version(major, minor, build)
  workstation_string = self.version_string(major, minor, build, WorkstationSpecificVersions, WorkstationNameMapping)
  server_string = self.version_string(major, minor, build, ServerSpecificVersions, ServerNameMapping)

  version_strings = []
  version_strings.append(workstation_string) unless workstation_string.nil?
  version_strings.append(server_string) unless server_string.nil?

  if version_strings.length > 0
    version_strings.join('/')
  else
    nil
  end
end

Instance Method Details

#build_numberObject

The specific build number of this version (major.minor.build.service_pack)



162
163
164
 
# File 'lib/msf/core/windows_version.rb', line 162

def build_number
  Rex::Version.new("#{_major}.#{_minor}.#{_build}.#{_service_pack}")
end

#domain_controller?Boolean

This Windows Server has been promoted to a DC

Returns:

  • (Boolean) 


180
181
182
 
# File 'lib/msf/core/windows_version.rb', line 180

def domain_controller?
  product_type == VER_NT_DOMAIN_CONTROLLER
end

#product_nameObject

The name of the OS, as it is most commonly rendered. Includes Service Pack if present, or build number if Win10 or higher.



185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
 
# File 'lib/msf/core/windows_version.rb', line 185

def product_name
  # First check if there's a specific, known version we have a string for
  if windows_server?
    known_version = self.class.version_string(_major, _minor, _build, ServerSpecificVersions, ServerNameMapping)
  else
    known_version = self.class.version_string(_major, _minor, _build, WorkstationSpecificVersions, WorkstationNameMapping)
  end
  return known_version unless known_version.nil?

  # Otherwise, build it up from version numbers, to the best of our ability
  result = "Unknown Windows version: #{_major}.#{_minor}.#{_build}"
  name = major_release_name
  result = name unless name.nil?
  result = "#{result} Service Pack #{_service_pack}" if _service_pack != 0
  result = "#{result} Build #{_build}" if build_number >= Win10_InitialRelease

  result
end

#revision_numberObject

The specific revision number of this version This is mainly going to be present on Windows 10+, wherein it’s easy to get it from the registry.



157
158
159
 
# File 'lib/msf/core/windows_version.rb', line 157

def revision_number
  _revision
end

#to_sObject 



204
205
206
 
# File 'lib/msf/core/windows_version.rb', line 204

def to_s
  product_name
end

#vista_or_2008?Boolean

Is this version number from the Vista/Server 2008 generation of Windows OSes

Returns:

  • (Boolean) 


209
210
211
 
# File 'lib/msf/core/windows_version.rb', line 209

def vista_or_2008?
  build_number.between?(Vista_SP0, Vista_SP2)
end

#win7_or_2008r2?Boolean

Is this version number from the Windows 7/Server 2008 R2 generation of Windows OSes

Returns:

  • (Boolean) 


214
215
216
 
# File 'lib/msf/core/windows_version.rb', line 214

def win7_or_2008r2?
  build_number.between?(Win7_SP0, Win7_SP1)
end

#windows_server?Boolean

Is this OS a Windows Server instance?

Returns:

  • (Boolean) 


167
168
169
170
171
172
 
# File 'lib/msf/core/windows_version.rb', line 167

def windows_server?
  # There are other types than just workstation/server/DC, but Microsoft's own documentation says
  # "If it's not Workstation, then it's Server"
  # https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-osversioninfoexa
  product_type != VER_NT_WORKSTATION
end

#workstation?Boolean

Is this a Workstation build?

Returns:

  • (Boolean) 


175
176
177
 
# File 'lib/msf/core/windows_version.rb', line 175

def workstation?
  product_type == VER_NT_WORKSTATION
end

#xp_or_2003?Boolean

Is this version number from the XP/Server 2003 generation of Windows OSes

Returns:

  • (Boolean) 


219
220
221
 
# File 'lib/msf/core/windows_version.rb', line 219

def xp_or_2003?
  build_number.between?(XP_SP0, Server2003_SP2)
end