Code review

- remove `#auxiliary_commands`, it is not necessary anymore - move the connection logic to a separate method - make sure the connection to Winreg is setup when using direct `read` and `write` commands - fix wrong method call to `save_to_file`
rapid7 · Apr 26, 2024 · 3e351e8 · 3e351e8
1 parent 30b0a03
commit 3e351e8
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 15 deletions.
diff --git a/modules/auxiliary/admin/registry_security_descriptor.rb b/modules/auxiliary/admin/registry_security_descriptor.rb
@@ -68,7 +68,7 @@ def initialize(info = {})
     )
   end
 
-  def run
+  def do_connect
     if session
       print_status("Using existing session #{session.sid}")
       client = session.client
@@ -104,6 +104,10 @@ def run
     rescue RubySMB::Error::RubySMBError => e
       fail_with(Module::Failure::Unreachable, "Error when connecting to 'winreg' interface ([#{e.class}] #{e}).")
     end
+  end
+
+  def run
+    do_connect
 
     case action.name
     when 'READ'
@@ -123,27 +127,24 @@ def run
     end
   end
 
-  def auxiliary_commands
-    {
-      'read' => 'Read a Windows registry security descriptor',
-      'write' => 'Write a Windows registry security descriptor'
-    }
-  end
-
   def cmd_read
+    do_connect unless @winreg
+
     fail_with(Failure::BadConfig, 'Unknown registry key, please set the `KEY` option') if datastore['KEY'].blank?
 
     sd = @winreg.get_key_security_descriptor(datastore['KEY'], datastore['SECURITY_INFORMATION'], bind: false)
     print_good("Raw security descriptor for #{datastore['KEY']}: #{sd.bytes.map { |c| '%02x' % c.ord }.join}")
 
     unless datastore['FILE'].blank?
       remote_reg = Msf::Util::WindowsRegistry::RemoteRegistry.new(@winreg, name: :sam)
-      remote_reg.backup_to_file(datastore['KEY'], sd, datastore['SECURITY_INFORMATION'], datastore['FILE'])
+      remote_reg.save_to_file(datastore['KEY'], sd, datastore['SECURITY_INFORMATION'], datastore['FILE'])
       print_good("Saved to file #{datastore['FILE']}")
     end
   end
 
   def cmd_write
+    do_connect unless @winreg
+
     if datastore['FILE'].blank?
       fail_with(Failure::BadConfig, 'Unknown security descriptor, please set the `SD` option') if datastore['SD'].blank?
       fail_with(Failure::BadConfig, 'Unknown registry key, please set the `KEY` option') if datastore['KEY'].blank?

diff --git a/modules/auxiliary/example.rb b/modules/auxiliary/example.rb
@@ -42,12 +42,9 @@ def run
     print_status("Running the simple auxiliary module with action #{action.name}")
   end
 
-  # auxiliary modules can register new commands, they all call cmd_* to
-  # dispatch them
-  def auxiliary_commands
-    { 'aux_extra_command' => 'Run this auxiliary test commmand' }
-  end
-
+  # Framework automatically registers `cmd_*` methods to be dispatched when the
+  # corresponding command is used. For example, here this method will be called
+  # when entering the `aux_extra_command` command in the console.
   def cmd_aux_extra_command(*args)
     print_status("Running inside aux_extra_command(#{args.join(' ')})")
   end