Class: Rex::Post::Meterpreter::Extensions::Extapi::Service::Service

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/post/meterpreter/extensions/extapi/service/service.rb

Overview

This meterpreter extension contains extended API functions for querying and managing Windows services.

Constant Summary collapse

SERVICE_OP_START =
1
SERVICE_OP_PAUSE =
2
SERVICE_OP_RESUME =
3
SERVICE_OP_STOP =
4
SERVICE_OP_RESTART =
5

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client) ⇒ Service

Returns a new instance of Service.



24
25
26
# File 'lib/rex/post/meterpreter/extensions/extapi/service/service.rb', line 24

def initialize(client)
  @client = client
end

Instance Attribute Details

#clientObject

Returns the value of attribute client.



100
101
102
# File 'lib/rex/post/meterpreter/extensions/extapi/service/service.rb', line 100

def client
  @client
end

Instance Method Details

#control(service_name, op) ⇒ Object

Control a single service



74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# File 'lib/rex/post/meterpreter/extensions/extapi/service/service.rb', line 74

def control(service_name, op)
  if op.is_a? String
    case op.strip.downcase
    when "start"
      op = SERVICE_OP_START
    when "pause"
      op = SERVICE_OP_PAUSE
    when "resume"
      op = SERVICE_OP_RESUME
    when "stop"
      op = SERVICE_OP_STOP
    when "restart"
      op = SERVICE_OP_RESTART
    end
  end

  unless (op.is_a? Integer) && op >= SERVICE_OP_START && op <= SERVICE_OP_RESTART
    raise ArgumentError, "Invalid operation: #{op}"
  end

  request = Packet.create_request(COMMAND_ID_EXTAPI_SERVICE_CONTROL)
  request.add_tlv(TLV_TYPE_EXT_SERVICE_CTRL_NAME, service_name)
  request.add_tlv(TLV_TYPE_EXT_SERVICE_CTRL_OP, op)
  client.send_request(request)
end

#enumerateObject

Enumerate all the services on the target.



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# File 'lib/rex/post/meterpreter/extensions/extapi/service/service.rb', line 31

def enumerate
  request = Packet.create_request(COMMAND_ID_EXTAPI_SERVICE_ENUM)
  response = client.send_request(request)

  services = []

  response.each(TLV_TYPE_EXT_SERVICE_ENUM_GROUP) do |s|
    services << {
      :name         => s.get_tlv_value(TLV_TYPE_EXT_SERVICE_ENUM_NAME),
      :display      => s.get_tlv_value(TLV_TYPE_EXT_SERVICE_ENUM_DISPLAYNAME),
      :pid          => s.get_tlv_value(TLV_TYPE_EXT_SERVICE_ENUM_PID),
      :status       => s.get_tlv_value(TLV_TYPE_EXT_SERVICE_ENUM_STATUS),
      :interactive  => s.get_tlv_value(TLV_TYPE_EXT_SERVICE_ENUM_INTERACTIVE)
    }
  end

  services.sort_by { |s| s[:name].upcase }
end

#query(service_name) ⇒ Object

Query some detailed parameters about a particular service.



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# File 'lib/rex/post/meterpreter/extensions/extapi/service/service.rb', line 53

def query(service_name)
  request = Packet.create_request(COMMAND_ID_EXTAPI_SERVICE_QUERY)
  request.add_tlv(TLV_TYPE_EXT_SERVICE_ENUM_NAME, service_name)

  response = client.send_request(request)

  {
    :starttype   => response.get_tlv_value(TLV_TYPE_EXT_SERVICE_QUERY_STARTTYPE),
    :display     => response.get_tlv_value(TLV_TYPE_EXT_SERVICE_QUERY_DISPLAYNAME),
    :startname   => response.get_tlv_value(TLV_TYPE_EXT_SERVICE_QUERY_STARTNAME),
    :path        => response.get_tlv_value(TLV_TYPE_EXT_SERVICE_QUERY_PATH),
    :logroup     => response.get_tlv_value(TLV_TYPE_EXT_SERVICE_QUERY_LOADORDERGROUP),
    :interactive => response.get_tlv_value(TLV_TYPE_EXT_SERVICE_QUERY_INTERACTIVE),
    :dacl        => response.get_tlv_value(TLV_TYPE_EXT_SERVICE_QUERY_DACL),
    :status      => response.get_tlv_value(TLV_TYPE_EXT_SERVICE_QUERY_STATUS)
  }
end