Class: Rex::Post::Meterpreter::Ui::Console::CommandDispatcher::Extapi::Wmi

Inherits:
Object
  • Object
show all
Includes:
Extensions::Extapi, Rex::Post::Meterpreter::Ui::Console::CommandDispatcher
Defined in:
lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb

Overview

Extended API WMI Querying interface.

Constant Summary collapse

Klass = 
Console::CommandDispatcher::Extapi::Wmi
DEFAULT_MAX_RESULTS =

Zero indicates “no limit”

0
DEFAULT_PAGE_SIZE = 
0
@@wmi_query_opts =

Options for the wmi_query command.

Rex::Parser::Arguments.new(
  "-h" => [ false, "Help banner" ],
  "-r" => [ true, "Specify a different root object (defaults to 'root\\CIMV2')" ]
)

Constants included from Extensions::Extapi

Extensions::Extapi::COMMAND_ID_EXTAPI_ADSI_DOMAIN_QUERY, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_GET_DATA, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_DUMP, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_PAUSE, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_PURGE, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_RESUME, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_START, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_MONITOR_STOP, Extensions::Extapi::COMMAND_ID_EXTAPI_CLIPBOARD_SET_DATA, Extensions::Extapi::COMMAND_ID_EXTAPI_NTDS_PARSE, Extensions::Extapi::COMMAND_ID_EXTAPI_PAGEANT_SEND_QUERY, Extensions::Extapi::COMMAND_ID_EXTAPI_SERVICE_CONTROL, Extensions::Extapi::COMMAND_ID_EXTAPI_SERVICE_ENUM, Extensions::Extapi::COMMAND_ID_EXTAPI_SERVICE_QUERY, Extensions::Extapi::COMMAND_ID_EXTAPI_WINDOW_ENUM, Extensions::Extapi::COMMAND_ID_EXTAPI_WMI_QUERY, Extensions::Extapi::EXTENSION_ID_EXTAPI, Extensions::Extapi::TLV_TYPE_EXTENSION_EXTAPI, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_BLOB_IN, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_ERRORMESSAGE, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_RETURNEDBLOB, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_SIZE_IN, Extensions::Extapi::TLV_TYPE_EXTENSION_PAGEANT_STATUS, Extensions::Extapi::TLV_TYPE_EXT_ADSI_ARRAY, Extensions::Extapi::TLV_TYPE_EXT_ADSI_BIGNUMBER, Extensions::Extapi::TLV_TYPE_EXT_ADSI_BOOL, Extensions::Extapi::TLV_TYPE_EXT_ADSI_DN, Extensions::Extapi::TLV_TYPE_EXT_ADSI_DOMAIN, Extensions::Extapi::TLV_TYPE_EXT_ADSI_FIELD, Extensions::Extapi::TLV_TYPE_EXT_ADSI_FILTER, Extensions::Extapi::TLV_TYPE_EXT_ADSI_MAXRESULTS, Extensions::Extapi::TLV_TYPE_EXT_ADSI_NUMBER, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PAGESIZE, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PATH, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PATH_PATH, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PATH_TYPE, Extensions::Extapi::TLV_TYPE_EXT_ADSI_PATH_VOL, Extensions::Extapi::TLV_TYPE_EXT_ADSI_RAW, Extensions::Extapi::TLV_TYPE_EXT_ADSI_RESULT, Extensions::Extapi::TLV_TYPE_EXT_ADSI_STRING, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_DOWNLOAD, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_MON_CAP_IMG_DATA, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_MON_DUMP, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_MON_PURGE, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_MON_WIN_CLASS, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_FILES, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE_NAME, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_FILE_SIZE, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_IMAGE_JPG, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_IMAGE_JPG_DATA, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_IMAGE_JPG_DIMX, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_IMAGE_JPG_DIMY, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_TEXT, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_TEXT_CONTENT, Extensions::Extapi::TLV_TYPE_EXT_CLIPBOARD_TYPE_TIMESTAMP, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_CTRL_NAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_CTRL_OP, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_DISPLAYNAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_GROUP, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_INTERACTIVE, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_NAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_PID, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_ENUM_STATUS, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_DACL, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_DISPLAYNAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_INTERACTIVE, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_LOADORDERGROUP, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_PATH, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_STARTNAME, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_STARTTYPE, Extensions::Extapi::TLV_TYPE_EXT_SERVICE_QUERY_STATUS, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_CLASSNAME, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_GROUP, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_HANDLE, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_INCLUDEUNKNOWN, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_PID, Extensions::Extapi::TLV_TYPE_EXT_WINDOW_ENUM_TITLE, Extensions::Extapi::TLV_TYPE_EXT_WMI_DOMAIN, Extensions::Extapi::TLV_TYPE_EXT_WMI_ERROR, Extensions::Extapi::TLV_TYPE_EXT_WMI_FIELD, Extensions::Extapi::TLV_TYPE_EXT_WMI_FIELDS, Extensions::Extapi::TLV_TYPE_EXT_WMI_QUERY, Extensions::Extapi::TLV_TYPE_EXT_WMI_VALUE, Extensions::Extapi::TLV_TYPE_EXT_WMI_VALUES, Extensions::Extapi::TLV_TYPE_NTDS_PATH, Extensions::Extapi::TLV_TYPE_NTDS_TEST

Instance Attribute Summary

Attributes included from Ui::Text::DispatcherShell::CommandDispatcher

#shell, #tab_complete_items

Instance Method Summary collapse

Methods included from Rex::Post::Meterpreter::Ui::Console::CommandDispatcher

check_hash, #client, #docs_dir, #filter_commands, #initialize, #log_error, #msf_loaded?, #session, set_hash, #unknown_command

Methods included from Msf::Ui::Console::CommandDispatcher::Session

#cmd_background, #cmd_background_help, #cmd_exit, #cmd_irb, #cmd_irb_help, #cmd_irb_tabs, #cmd_pry, #cmd_pry_help, #cmd_resource, #cmd_resource_help, #cmd_resource_tabs, #cmd_sessions, #cmd_sessions_help

Methods included from Ui::Text::DispatcherShell::CommandDispatcher

#cmd_help, #cmd_help_help, #cmd_help_tabs, #deprecated_cmd, #deprecated_commands, #deprecated_help, #docs_dir, #help_to_s, included, #initialize, #print, #print_error, #print_good, #print_line, #print_status, #print_warning, #tab_complete_directory, #tab_complete_filenames, #tab_complete_generic, #tab_complete_source_address, #unknown_command, #update_prompt

Instance Method Details

#cmd_wmi_query(*args) ⇒ Object

Enumerate WMI objects.



64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb', line 64

def cmd_wmi_query(*args)
  args.unshift("-h") if args.length < 1

  root = nil

  @@wmi_query_opts.parse(args) { |opt, idx, val|
    case opt
    when "-r"
      root = val
    when "-h"
      wmi_query_usage
      return true
    end
  }

  query = args.shift

  objects = client.extapi.wmi.query(query, root)

  if objects
    table = Rex::Text::Table.new(
      'Header'    => query,
      'Indent'    => 0,
      'SortIndex' => 0,
      'Columns'   => objects[:fields]
    )

    objects[:values].each do |c|
      table << c
    end

    print_line
    print_line(table.to_s)

    print_line("Total objects: #{objects[:values].length}")
  else
    print_status("The WMI query yielded no results.")
  end

  print_line

  return true
end

#commandsObject

List of supported commands.



29
30
31
32
33
34
35
36
37
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb', line 29

def commands
  all = {
    'wmi_query' => 'Perform a generic WMI query and return the results',
  }
  reqs = {
    'wmi_query' => [COMMAND_ID_EXTAPI_WMI_QUERY],
  }
  filter_commands(all, reqs)
end

#nameObject

Name for this dispatcher



42
43
44
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb', line 42

def name
  'Extapi: WMI Querying'
end

#wmi_query_usageObject 



54
55
56
57
58
59
 
# File 'lib/rex/post/meterpreter/ui/console/command_dispatcher/extapi/wmi.rb', line 54

def wmi_query_usage
  print(
    "\nUsage: wmi_query <query string> [-r root]\n\n" +
    "Query the target and display the results.\n\n" +
    @@wmi_query_opts.usage)
end