Class: Rex::Post::Meterpreter::Ui::Console::CommandDispatcher::Extapi::Service

Inherits:
Object
  • Object
show all
Includes:
Extensions::Extapi, Rex::Post::Meterpreter::Ui::Console::CommandDispatcher
Defined in:
lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb

Overview

Extended API window management user interface.

Constant Summary collapse

Klass = 
Console::CommandDispatcher::Extapi::Service
@@service_enum_opts =

Options for the service_enum command.

Rex::Parser::Arguments.new(
  "-h" => [ false, "Help banner" ]
)
@@service_query_opts =

Options for the service_query command.

Rex::Parser::Arguments.new(
  "-h" => [ false, "Help banner" ]
)
@@service_control_opts =

Options for the service_control command.

Rex::Parser::Arguments.new(
  "-h" => [ false, "Help banner" ]
)

Constants included from Extensions::Extapi

Extensions::Extapi::COMMAND_ID_EXTAPI_ADSI_DOMAIN_QUERY, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_GET_DATA, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_DUMP, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_PAUSE, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_PURGE, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_RESUME, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_START, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_STOP, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_SET_DATA, Extensions::Extapi::COMMAND_ID_EXTAPI_NTDS_PARSE, Extensions::Extapi::COMMAND_ID_EXTAPI_PAGEANT_SEND_QUERY, Extensions::Extapi::COMMAND_ID_EXTAPI_SERVICE_CONTROL, Extensions::Extapi::COMMAND_ID_EXTAPI_SERVICE_ENUM, Extensions::Extapi::COMMAND_ID_EXTAPI_SERVICE_QUERY, Extensions::Extapi::COMMAND_ID_EXTAPI_WINDOW_ENUM, Extensions::Extapi::COMMAND_ID_EXTAPI_WMI_QUERY, Extensions::Extapi::EXTENSION_ID_EXTAPI, Extensions::Extapi::TLV_TYPE_EXTENSION_EXTAPI, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_BLOB_IN, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_ERRORMESSAGE, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_RETURNEDBLOB, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_SIZE_IN, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_STATUS, Extensions::Extapi::TLV_TYPE_EXT_ADSI_ARRAY, Extensions::Extapi::TLV_TYPE_EXT_ADSI_BIGNUMBER, Extensions::Extapi::TLV_TYPE_EXT_ADSI_BOOL, Extensions::Extapi::TLV_TYPE_EXT_ADSI_DN, Extensions::Extapi::TLV_TYPE_EXT_ADSI_DOMAIN, Extensions::Extapi::TLV_TYPE_EXT_ADSI_FIELD, Extensions::Extapi::TLV_TYPE_EXT_ADSI_FILTER, Extensions::Extapi::TLV_TYPE_EXT_ADSI_MAXRESULTS, Extensions::Extapi::TLV_TYPE_EXT_ADSI_NUMBER, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PAGESIZE, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PATH, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PATH_PATH, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PATH_TYPE, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PATH_VOL, Extensions::Extapi::TLV_TYPE_EXT_ADSI_RAW, Extensions::Extapi::TLV_TYPE_EXT_ADSI_RESULT, Extensions::Extapi::TLV_TYPE_EXT_ADSI_STRING, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_DOWNLOAD, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_MON_CAP_IMG_DATA, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_MON_DUMP, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_MON_PURGE, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_MON_WIN_CLASS, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_FILES, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE_NAME, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE_SIZE, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_IMAGE_JPG, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_IMAGE_JPG_DATA, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_IMAGE_JPG_DIMX, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_IMAGE_JPG_DIMY, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_TEXT, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_TEXT_CONTENT, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_TIMESTAMP, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_CTRL_NAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_CTRL_OP, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_DISPLAYNAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_GROUP, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_INTERACTIVE, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_NAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_PID, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_STATUS, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_DACL, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_DISPLAYNAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_INTERACTIVE, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_LOADORDERGROUP, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_PATH, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_STARTNAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_STARTTYPE, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_STATUS, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_CLASSNAME, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_GROUP, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_HANDLE, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_INCLUDEUNKNOWN, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_PID, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_TITLE, Extensions::Extapi::TLV_TYPE_EXT_WMI_DOMAIN, Extensions::Extapi::TLV_TYPE_EXT_WMI_ERROR, Extensions::Extapi::TLV_TYPE_EXT_WMI_FIELD, Extensions::Extapi::TLV_TYPE_EXT_WMI_FIELDS, Extensions::Extapi::TLV_TYPE_EXT_WMI_QUERY, Extensions::Extapi::TLV_TYPE_EXT_WMI_VALUE, Extensions::Extapi::TLV_TYPE_EXT_WMI_VALUES, Extensions::Extapi::TLV_TYPE_NTDS_PATH, Extensions::Extapi::TLV_TYPE_NTDS_TEST

Instance Attribute Summary

Attributes included from Ui::Text::DispatcherShell::CommandDispatcher

#shell, #tab_complete_items

Instance Method Summary collapse

Methods included from Rex::Post::Meterpreter::Ui::Console::CommandDispatcher

check_hash, #client, #docs_dir, #filter_commands, #log_error, #msf_loaded?, #session, set_hash, #unknown_command

Methods included from Msf::Ui::Console::CommandDispatcher::Session

#cmd_background, #cmd_background_help, #cmd_exit, #cmd_irb, #cmd_irb_help, #cmd_irb_tabs, #cmd_pry, #cmd_pry_help, #cmd_resource, #cmd_resource_help, #cmd_resource_tabs, #cmd_sessions, #cmd_sessions_help

Methods included from Ui::Text::DispatcherShell::CommandDispatcher

#cmd_help, #cmd_help_help, #cmd_help_tabs, #deprecated_cmd, #deprecated_commands, #deprecated_help, #docs_dir, #help_to_s, included, #print, #print_error, #print_good, #print_line, #print_status, #print_warning, #tab_complete_directory, #tab_complete_filenames, #tab_complete_generic, #tab_complete_source_address, #unknown_command, #update_prompt

Constructor Details

#initialize(shell) ⇒ Service

Initialize the instance



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb', line 49

def initialize(shell)
  super

  @status_map = {
    1 => "Stopped",
    2 => "Starting",
    3 => "Stopping",
    4 => "Running",
    5 => "Continuing",
    6 => "Pausing",
    7 => "Paused"
  }

  @start_type_map = {
    0 => "Boot",
    1 => "System",
    2 => "Automatic",
    3 => "Manual",
    4 => "Disabled"
  }
end

Instance Method Details

#cmd_service_control(*args) ⇒ Object

Query a single service for more detail.



177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb', line 177

def cmd_service_control(*args)
  args.unshift("-h") if args.length != 2

  @@service_control_opts.parse(args) do |opt, idx, val|
    case opt
    when "-h"
      print(
        "\nUsage: service_control [-h] <servicename> <op>\n" +
        "   <servicename> : The name of the service to control.\n" +
        "            <op> : The operation to perform on the service.\n" +
        "                   Valid ops: start pause resume stop restart.\n\n")
        return true
    end
  end

  service_name = args[0]
  op = args[1]

  client.extapi.service.control(service_name, op)

  print_good("Operation #{op} succeeded.")
end

#cmd_service_enum(*args) ⇒ Object

Query a single service for more detail.



81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb', line 81

def cmd_service_enum(*args)
  @@service_enum_opts.parse(args) do |opt, idx, val|
    case opt
    when "-h"
      print(
        "\nUsage: service_enum [-h]\n\n" +
        "Enumerate services installed on the target.\n\n" +
        "Enumeration returns the Process ID, Status, and name of each installed\n" +
        "service that was enumerated. The 'Int' value indicates if the service is\n" +
        "able to interact with the desktop.\n\n")
        return true
    end
  end

  services = client.extapi.service.enumerate

  table = Rex::Text::Table.new(
    'Header'    => 'Service List',
    'Indent'    => 0,
    'SortIndex' => 3,
    'Columns'   => [
      'PID', 'Status', 'Int', 'Name (Display Name)'
    ]
  )

  services.each do |s|
    table << [
      s[:pid],
      @status_map[s[:status]],
      s[:interactive] ? "Y" : "N",
      "#{s[:name].downcase} (#{s[:display]})"
    ]
  end

  print_line
  print_line(table.to_s)
  print_line
  print_line("Total services: #{services.length}")
  print_line

  return true
end

#cmd_service_query(*args) ⇒ Object

Query a single service for more detail.



134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb', line 134

def cmd_service_query(*args)
  args.unshift("-h") if args.length != 1

  @@service_query_opts.parse(args) do |opt, idx, val|
    case opt
    when "-h"
      print(
        "\nUsage: service_query [-h] <servicename>\n" +
        "     <servicename>:  The name of the service to query.\n\n" +
        "Gets details information about a particular Windows service, including\n" +
        "binary path, DACL, load order group, start type and more.\n\n")
        return true
    end
  end

  service_name = args.shift

  detail = client.extapi.service.query(service_name)

  print_line
  print_line("Name        : #{service_name}")
  print_line("Display     : #{detail[:display]}")
  print_line("Account     : #{detail[:startname]}")
  print_line("Status      : #{@status_map[detail[:status]]}")
  print_line("Start Type  : #{@start_type_map[detail[:starttype]]}")
  print_line("Path        : #{detail[:path]}")
  print_line("L.O. Group  : #{detail[:logroup]}")
  print_line("Interactive : #{detail[:interactive] ? "Yes" : "No"}")
  print_line("DACL        : #{detail[:dacl]}")
  print_line

end

#commandsObject

List of supported commands.



25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb', line 25

def commands
  all = {
    'service_enum'    => 'Enumerate all registered Windows services',
    'service_query'   => 'Query more detail about a specific Windows service',
    'service_control' => 'Control a single service (start/pause/resume/stop/restart)'
  }
  reqs = {
    'service_enum'    => [COMMAND_ID_EXTAPI_SERVICE_ENUM],
    'service_query'   => [COMMAND_ID_EXTAPI_SERVICE_QUERY],
    'service_control' => [COMMAND_ID_EXTAPI_SERVICE_CONTROL],
  }
  filter_commands(all, reqs)
end

#nameObject

Name for this dispatcher



42
43
44
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/service.rb', line 42

def name
  "Extapi: Service Management"
end