Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Update enum_ms_product_keys to only run on supported versions. #901

Closed
wants to merge 1 commit into from

4 participants

@brandonprry

This pull request updates the enum_ms_product_keys module to only run on XP, Vista, or 7. Above windows 7, MS removes the license key from the registry, so the module is not useful.

@jlee-r7 jlee-r7 commented on the diff
modules/post/windows/gather/enum_ms_product_keys.rb
((9 lines not shown))
print_status("Finding Microsoft key on #{sysinfo['Computer']}")
app_list
end
+ #MS removes the key from the registry after windows 7
+ def os_supportable?(os)
+ return true if os =~ / XP / || os =~ / Vista / || os =~ / 7 /
@jlee-r7 Collaborator
jlee-r7 added a note

2000?

@wchen-r7 Collaborator

2000?

@FireFart Collaborator

what about the server products? server 2000, 2003 and 2008?

Server 2008 falls to the same issue as windows 8, the key is being removed after activation. Server/2000 and 2003 though I totally forgot about and don't have machines available off hand to test with. Let me see if I can fix this so I can test them as well.

@FireFart Collaborator

Are you sure that 2008 will not work? 2008 and Windows 7 share the same kernel. The Windows 8 like Server product would be Server 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@brandonprry brandonprry reopened this
@brandonprry

Will reopen when I test all the server variants.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
Showing with 15 additions and 4 deletions.
  1. +15 −4 modules/post/windows/gather/enum_ms_product_keys.rb
View
19 modules/post/windows/gather/enum_ms_product_keys.rb
@@ -20,7 +20,7 @@ class Metasploit3 < Msf::Post
def initialize(info={})
super(update_info(info,
'Name' => 'Windows Gather Product Key',
- 'Description' => %q{ This module will enumerate the OS license key },
+ 'Description' => %q{ This module will enumerate the OS license key and various other MS product keys. },
'License' => MSF_LICENSE,
'Author' => [ 'Brandon Perry <bperry.volatile[at]gmail.com>'],
'Version' => '$Revision$',
@@ -93,13 +93,13 @@ def app_list
def decode(chunk)
start = 52
- finish = start + 15
+ string_length = 15
+ finish = start + string_length
#charmap idex
alphas = %w[B C D F G H J K M P Q R T V W X Y 2 3 4 6 7 8 9]
decode_length = 29
- string_length = 15
#product ID in coded bytes
product_id = Array.new
@@ -108,7 +108,7 @@ def decode(chunk)
key = ""
#From byte 52 to byte 67, inclusive
- (52).upto(67) do |i|
+ (start).upto(finish) do |i|
product_id[i-start] = chunk[i]
end
@@ -135,8 +135,19 @@ def decode(chunk)
end
def run
+ if not os_supportable? sysinfo['OS']
+ print_error("Sorry, #{sysinfo['OS']} is not supported");
+ return
+ end
+
print_status("Finding Microsoft key on #{sysinfo['Computer']}")
app_list
end
+ #MS removes the key from the registry after windows 7
+ def os_supportable?(os)
+ return true if os =~ / XP / || os =~ / Vista / || os =~ / 7 /
@jlee-r7 Collaborator
jlee-r7 added a note

2000?

@wchen-r7 Collaborator

2000?

@FireFart Collaborator

what about the server products? server 2000, 2003 and 2008?

Server 2008 falls to the same issue as windows 8, the key is being removed after activation. Server/2000 and 2003 though I totally forgot about and don't have machines available off hand to test with. Let me see if I can fix this so I can test them as well.

@FireFart Collaborator

Are you sure that 2008 will not work? 2008 and Windows 7 share the same kernel. The Windows 8 like Server product would be Server 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ false
+ end
+
end
Something went wrong with that request. Please try again.