lib/msf/core/post/osx/system.rb

# -*- coding: binary -*-

module Msf::Post::OSX::System
  include ::Msf::Post::Common
  include ::Msf::Post::File

  def get_system_version
    cmd_exec("/usr/bin/sw_vers -productVersion")
  end

  #
  # Return a hash with system Information
  #
  def get_sysinfo
    system_info = {}
    cmd_output = cmd_exec("/usr/bin/sw_vers").split("\n")
    cmd_output.each do |l|
      field,val = l.chomp.split(":")
      system_info[field] = val.strip
    end
    system_info["Kernel"] = cmd_exec("uname -a")
    system_info["Hostname"] = system_info["Kernel"].split(" ")[1]

    report_host({
      :host => rhost,
      :os_name => 'osx',
      :os_flavor => system_info["Kernel"],
      :name => system_info["Hostname"]
    })

    return system_info
  end

  #
  # Returns an array of hashes each representing a user on the system
  # Keys are name, gid, uid, dir and shell
  #
  def get_users
    cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
    users = []
    users_arry = cmd_output.tr("\r", "").split("\n\n")
    users_arry.each do |u|
      entry = Hash.new
      u.each_line do |l|
        field,val = l.chomp.split(": ")
        next if field == "password"
        unless val.nil?
          entry[field] = val.strip
        end
      end
      users << entry
    end
    return users
  end

  #
  # Returns an array of hashes each representing a system accounts on the system
  # Keys are name, gid, uid, dir and shell
  #
  def get_system_accounts
    cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
    users = []
    users_arry = cmd_output.tr("\r", "").split("\n\n")
    users_arry.each do |u|
      entry = {}
      u.each_line do |l|
        field,val = l.chomp.split(": ")
        next if field == "password"
        unless val.nil?
          entry[field] = val.strip
        end
      end
      next if entry["name"][0] != '_'
      users << entry
    end
    return users
  end

  #
  # Returns an array of hashes each representing non system accounts on the system
  # Keys are name, gid, uid, dir and shell
  #
  def get_nonsystem_accounts
    cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")
    users = []
    users_arry = cmd_output.tr("\r", "").split("\n\n")
    users_arry.each do |u|
      entry = {}
      u.each_line do |l|
        field,val = l.chomp.split(": ")
        next if field == "password"
        unless val.nil?
          entry[field] = val.strip
        end
      end
      next if entry["name"][0] == '_'
      users << entry
    end
    return users
  end

  #
  # Returns an array of hashes each representing user group on the system
  # Keys are name, guid and users
  #
  def get_groups
    cmd_output = cmd_exec("/usr/bin/dscacheutil -q group")
    groups = []
    groups_arry = cmd_output.split("\n\n")
    groups_arry.each do |u|
      entry = Hash.new
      u.each_line do |l|
        field,val = l.chomp.split(": ")
        next if field == "password"
        unless val.nil?
          entry[field] = val.strip
        end
      end
      groups << entry
    end
    return groups
  end
end
Mark all libraries as defaulting to 8-bit strings 2012-06-29 00:18:28 -05:00			`# -- coding: binary --`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00
Fix load order in posts, hopefully forever 2013-08-29 13:37:50 -05:00			`module Msf::Post::OSX::System`
Retab changes for PR #2304 2013-09-05 13:41:25 -05:00			`include ::Msf::Post::Common`
			`include ::Msf::Post::File`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00
add CVE-2018-4237 2018-11-15 08:48:10 +08:00			`def get_system_version`
			`cmd_exec("/usr/bin/sw_vers -productVersion")`
			`end`

Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`#`
			`# Return a hash with system Information`
			`#`
			`def get_sysinfo`
			`system_info = {}`
			`cmd_output = cmd_exec("/usr/bin/sw_vers").split("\n")`
			`cmd_output.each do \|l\|`
			`field,val = l.chomp.split(":")`
			`system_info[field] = val.strip`
fix formating, replace spaces for tabs 2011-06-02 23:17:52 +00:00			`end`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`system_info["Kernel"] = cmd_exec("uname -a")`
			`system_info["Hostname"] = system_info["Kernel"].split(" ")[1]`

database host info from post modules 2018-10-17 12:43:05 -04:00			`report_host({`
			`:host => rhost,`
			`:os_name => 'osx',`
enhancements to solaris host info db regex 2018-11-03 17:05:47 -04:00			`:os_flavor => system_info["Kernel"],`
database host info from post modules 2018-10-17 12:43:05 -04:00			`:name => system_info["Hostname"]`
			`})`

Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`return system_info`
			`end`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`#`
			`# Returns an array of hashes each representing a user on the system`
			`# Keys are name, gid, uid, dir and shell`
			`#`
			`def get_users`
			`cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")`
			`users = []`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`users_arry = cmd_output.tr("\r", "").split("\n\n")`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`users_arry.each do \|u\|`
			`entry = Hash.new`
			`u.each_line do \|l\|`
			`field,val = l.chomp.split(": ")`
			`next if field == "password"`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`unless val.nil?`
			`entry[field] = val.strip`
			`end`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00			`end`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`users << entry`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00			`end`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`return users`
			`end`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`#`
			`# Returns an array of hashes each representing a system accounts on the system`
			`# Keys are name, gid, uid, dir and shell`
			`#`
			`def get_system_accounts`
			`cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")`
			`users = []`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`users_arry = cmd_output.tr("\r", "").split("\n\n")`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`users_arry.each do \|u\|`
			`entry = {}`
			`u.each_line do \|l\|`
			`field,val = l.chomp.split(": ")`
			`next if field == "password"`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`unless val.nil?`
			`entry[field] = val.strip`
			`end`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00			`end`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`next if entry["name"][0] != '_'`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`users << entry`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00			`end`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`return users`
			`end`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`#`
			`# Returns an array of hashes each representing non system accounts on the system`
			`# Keys are name, gid, uid, dir and shell`
			`#`
			`def get_nonsystem_accounts`
			`cmd_output = cmd_exec("/usr/bin/dscacheutil -q user")`
			`users = []`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`users_arry = cmd_output.tr("\r", "").split("\n\n")`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`users_arry.each do \|u\|`
			`entry = {}`
			`u.each_line do \|l\|`
			`field,val = l.chomp.split(": ")`
			`next if field == "password"`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`unless val.nil?`
			`entry[field] = val.strip`
			`end`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00			`end`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`next if entry["name"][0] == '_'`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`users << entry`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00			`end`
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`return users`
			`end`
OSX Post mixin lib 2011-06-02 22:20:36 +00:00
Adding documentation to the post modules library. 2012-08-23 23:57:55 -04:00			`#`
			`# Returns an array of hashes each representing user group on the system`
			`# Keys are name, guid and users`
			`#`
			`def get_groups`
			`cmd_output = cmd_exec("/usr/bin/dscacheutil -q group")`
			`groups = []`
			`groups_arry = cmd_output.split("\n\n")`
			`groups_arry.each do \|u\|`
			`entry = Hash.new`
			`u.each_line do \|l\|`
			`field,val = l.chomp.split(": ")`
			`next if field == "password"`
fix user enumeration methods, be more robust 2018-09-24 22:17:32 -05:00			`unless val.nil?`
			`entry[field] = val.strip`
			`end`
Retab changes for PR #2304 2013-09-05 13:41:25 -05:00			`end`
			`groups << entry`
			`end`
			`return groups`
			`end`
Fix load order in posts, hopefully forever 2013-08-29 13:37:50 -05:00			`end`