Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

local_admin_search_enum: Flimsy Windows version detection #16064

Open
bcoles opened this issue Jan 18, 2022 · 0 comments
Open

local_admin_search_enum: Flimsy Windows version detection #16064

bcoles opened this issue Jan 18, 2022 · 0 comments
Labels
bug module not-stale Label to stop an issue from being auto closed

Comments

@bcoles
Copy link
Contributor

bcoles commented Jan 18, 2022

Untested, but based on code review, this is likely to fail:

metasploit-framework/modules/post/windows/gather/local_admin_search_enum.rb

Lines 78 to 79 in 7a49a91

# If Vista/2008 or later add /R
if (sysinfo['OS'] =~ /Build [6-9]\d\d\d/)

Same issue as #14309 in exploits/windows/local/s4u_persistence.rb :

metasploit-framework/modules/exploits/windows/local/s4u_persistence.rb

Lines 61 to 63 in 65fcf67

if not (sysinfo['OS'] =~ /Build [6-9]\d\d\d/)
fail_with(Failure::NoTarget, "This module only works on Vista/2008 and above")
end

I thought we'd standardized Windows version detection/comparison at some point. Someone [else] should review modules for version comparison and ensure this code pattern isn't used elsewhere.
@github-actions github-actions bot added the Stale Marks an issue as stale, to be closed if no action is taken label Feb 18, 2022
@rapid7 rapid7 deleted a comment from github-actions bot Feb 18, 2022
@dwelch-r7 dwelch-r7 added not-stale Label to stop an issue from being auto closed and removed Stale Marks an issue as stale, to be closed if no action is taken labels Feb 18, 2022
@bcoles bcoles mentioned this issue Apr 14, 2022
Closed
@bcoles bcoles mentioned this issue Dec 5, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug module not-stale Label to stop an issue from being auto closed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bcoles @dwelch-r7