Class: Rex::Post::Meterpreter::Extensions::Extapi::Wmi::Wmi
- Inherits:
-
Object
- Object
- Rex::Post::Meterpreter::Extensions::Extapi::Wmi::Wmi
- Defined in:
- lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb
Overview
This meterpreter extension contains extended API functions for performing WMI queries.
Instance Attribute Summary collapse
-
#client ⇒ Object
Returns the value of attribute client.
Instance Method Summary collapse
-
#initialize(client) ⇒ Wmi
constructor
A new instance of Wmi.
-
#query(query, root = nil) ⇒ Hash
Perform a generic wmi query against the target machine.
Constructor Details
#initialize(client) ⇒ Wmi
Returns a new instance of Wmi.
18 19 20 |
# File 'lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb', line 18 def initialize(client) @client = client end |
Instance Attribute Details
#client ⇒ Object
Returns the value of attribute client.
70 71 72 |
# File 'lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb', line 70 def client @client end |
Instance Method Details
#query(query, root = nil) ⇒ Hash
Perform a generic wmi query against the target machine.
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 |
# File 'lib/rex/post/meterpreter/extensions/extapi/wmi/wmi.rb', line 31 def query(query, root = nil) request = Packet.create_request(COMMAND_ID_EXTAPI_WMI_QUERY) request.add_tlv(TLV_TYPE_EXT_WMI_DOMAIN, root) unless root.to_s.strip.empty? request.add_tlv(TLV_TYPE_EXT_WMI_QUERY, query) response = client.send_request(request) # Bomb out with the right error messa error_msg = response.get_tlv_value(TLV_TYPE_EXT_WMI_ERROR) raise error_msg if error_msg fields = [] fields_tlv = response.get_tlv(TLV_TYPE_EXT_WMI_FIELDS) # If we didn't get any fields back, then we didn't get any results. # The reason is because without results, we don't know which fields # were requested in the first place return nil unless fields_tlv fields_tlv.each(TLV_TYPE_EXT_WMI_FIELD) { |f| fields << f.value } values = [] response.each(TLV_TYPE_EXT_WMI_VALUES) { |r| value = [] r.each(TLV_TYPE_EXT_WMI_VALUE) { |v| value << v.value } values << value } return { :fields => fields, :values => values } end |