adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Post/Windows.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

372 lines
16 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Post::Windows
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Post::Windows";
relpath = '../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../_index.html">Index (W)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Post.html" title="Msf::Post (class)">Post</a></span></span>
&raquo;
<span class="title">Windows</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Post::Windows
</h1>
<div class="box_info">
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/post/windows.rb<span class="defines">,<br />
lib/msf/core/post/windows/lsa.rb,<br /> lib/msf/core/post/windows/kiwi.rb,<br /> lib/msf/core/post/windows/ldap.rb,<br /> lib/msf/core/post/windows/wmic.rb,<br /> lib/msf/core/post/windows/mssql.rb,<br /> lib/msf/core/post/windows/extapi.rb,<br /> lib/msf/core/post/windows/system.rb,<br /> lib/msf/core/post/windows/net_api.rb,<br /> lib/msf/core/post/windows/packrat.rb,<br /> lib/msf/core/post/windows/process.rb,<br /> lib/msf/core/post/windows/accounts.rb,<br /> lib/msf/core/post/windows/eventlog.rb,<br /> lib/msf/core/post/windows/registry.rb,<br /> lib/msf/core/post/windows/services.rb,<br /> lib/msf/core/post/windows/cli_parse.rb,<br /> lib/msf/core/post/windows/file_info.rb,<br /> lib/msf/core/post/windows/powershell.rb,<br /> lib/msf/core/post/windows/file_system.rb,<br /> lib/msf/core/post/windows/shadow_copy.rb,<br /> lib/msf/core/post/windows/user_profiles.rb,<br /> lib/msf/core/post/windows/task_scheduler.rb</span>
</dd>
</dl>
</div>
<h2>Defined Under Namespace</h2>
<p class="children">
<strong class="modules">Modules:</strong> <span class='object_link'><a href="Windows/Accounts.html" title="Msf::Post::Windows::Accounts (module)">Accounts</a></span>, <span class='object_link'><a href="Windows/CliParse.html" title="Msf::Post::Windows::CliParse (module)">CliParse</a></span>, <span class='object_link'><a href="Windows/Dotnet.html" title="Msf::Post::Windows::Dotnet (module)">Dotnet</a></span>, <span class='object_link'><a href="Windows/Error.html" title="Msf::Post::Windows::Error (module)">Error</a></span>, <span class='object_link'><a href="Windows/Eventlog.html" title="Msf::Post::Windows::Eventlog (module)">Eventlog</a></span>, <span class='object_link'><a href="Windows/ExtAPI.html" title="Msf::Post::Windows::ExtAPI (module)">ExtAPI</a></span>, <span class='object_link'><a href="Windows/FileInfo.html" title="Msf::Post::Windows::FileInfo (module)">FileInfo</a></span>, <span class='object_link'><a href="Windows/FileSystem.html" title="Msf::Post::Windows::FileSystem (module)">FileSystem</a></span>, <span class='object_link'><a href="Windows/Kiwi.html" title="Msf::Post::Windows::Kiwi (module)">Kiwi</a></span>, <span class='object_link'><a href="Windows/LDAP.html" title="Msf::Post::Windows::LDAP (module)">LDAP</a></span>, <span class='object_link'><a href="Windows/Lsa.html" title="Msf::Post::Windows::Lsa (module)">Lsa</a></span>, <span class='object_link'><a href="Windows/MSSQL.html" title="Msf::Post::Windows::MSSQL (module)">MSSQL</a></span>, <span class='object_link'><a href="Windows/NetAPI.html" title="Msf::Post::Windows::NetAPI (module)">NetAPI</a></span>, <span class='object_link'><a href="Windows/Packrat.html" title="Msf::Post::Windows::Packrat (module)">Packrat</a></span>, <span class='object_link'><a href="Windows/Powershell.html" title="Msf::Post::Windows::Powershell (module)">Powershell</a></span>, <span class='object_link'><a href="Windows/Priv.html" title="Msf::Post::Windows::Priv (module)">Priv</a></span>, <span class='object_link'><a href="Windows/Process.html" title="Msf::Post::Windows::Process (module)">Process</a></span>, <span class='object_link'><a href="Windows/ReflectiveDLLInjection.html" title="Msf::Post::Windows::ReflectiveDLLInjection (module)">ReflectiveDLLInjection</a></span>, <span class='object_link'><a href="Windows/Registry.html" title="Msf::Post::Windows::Registry (module)">Registry</a></span>, <span class='object_link'><a href="Windows/Runas.html" title="Msf::Post::Windows::Runas (module)">Runas</a></span>, <span class='object_link'><a href="Windows/Services.html" title="Msf::Post::Windows::Services (module)">Services</a></span>, <span class='object_link'><a href="Windows/ShadowCopy.html" title="Msf::Post::Windows::ShadowCopy (module)">ShadowCopy</a></span>, <span class='object_link'><a href="Windows/System.html" title="Msf::Post::Windows::System (module)">System</a></span>, <span class='object_link'><a href="Windows/TaskScheduler.html" title="Msf::Post::Windows::TaskScheduler (module)">TaskScheduler</a></span>, <span class='object_link'><a href="Windows/UserProfiles.html" title="Msf::Post::Windows::UserProfiles (module)">UserProfiles</a></span>, <span class='object_link'><a href="Windows/Version.html" title="Msf::Post::Windows::Version (module)">Version</a></span>, <span class='object_link'><a href="Windows/WMIC.html" title="Msf::Post::Windows::WMIC (module)">WMIC</a></span>, <span class='object_link'><a href="Windows/WindowsServices.html" title="Msf::Post::Windows::WindowsServices (module)">WindowsServices</a></span>
</p>
<h2>
Class Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#escape_cmd_literal-class_method" title="escape_cmd_literal (class method)">.<strong>escape_cmd_literal</strong>(string, spaces:) &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Escape a string literal value to be included as an argument to cmd.exe.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#escape_powershell_literal-class_method" title="escape_powershell_literal (class method)">.<strong>escape_powershell_literal</strong>(string) &#x21d2; String </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Escape a string literal value to be included as an argument to powershell.exe.</p>
</div></span>
</li>
</ul>
<div id="class_method_details" class="method_details_list">
<h2>Class Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="escape_cmd_literal-class_method">
.<strong>escape_cmd_literal</strong>(string, spaces:) &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Escape a string literal value to be included as an argument to cmd.exe. The escaped value *should not* be placed within double quotes as this will alter now it is evaluated (e.g. echo “^”((^&amp;test) Foo^“”` is different than `echo ^“((^&amp;test) Foo^”`.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>string</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The string to escape for use with cmd.exe.</p>
</div>
</li>
<li>
<span class='name'>spaces</span>
<span class='type'>(<tt>Boolean</tt>)</span>
&mdash;
<div class='inline'>
<p>Whether or not to escape spaces. If the string is being passed to echo, set this to false otherwise if it's an argument, set it to true.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The escaped string.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
12
13
14
15
16
17</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/post/windows.rb', line 12</span>
<span class='kw'>def</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_escape_cmd_literal'>escape_cmd_literal</span><span class='lparen'>(</span><span class='id identifier rubyid_string'>string</span><span class='comma'>,</span> <span class='label'>spaces:</span><span class='rparen'>)</span>
<span class='id identifier rubyid_string'>string</span> <span class='op'>=</span> <span class='id identifier rubyid_string'>string</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span>
<span class='qwords_beg'>%w[</span><span class='words_sep'> </span><span class='tstring_content'>^</span><span class='words_sep'> </span><span class='tstring_content'>&amp;</span><span class='words_sep'> </span><span class='tstring_content'>&lt;</span><span class='words_sep'> </span><span class='tstring_content'>&gt;</span><span class='words_sep'> </span><span class='tstring_content'>|</span><span class='words_sep'> </span><span class='tstring_content'>&quot;</span><span class='words_sep'> </span><span class='tstring_end'>]</span></span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_char'>char</span><span class='op'>|</span> <span class='id identifier rubyid_string'>string</span><span class='period'>.</span><span class='id identifier rubyid_gsub!'>gsub!</span><span class='lparen'>(</span><span class='id identifier rubyid_char'>char</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>^</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_char'>char</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span> <span class='rbrace'>}</span>
<span class='id identifier rubyid_string'>string</span><span class='period'>.</span><span class='id identifier rubyid_gsub!'>gsub!</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'> </span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>&quot; &quot;</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_spaces'>spaces</span>
<span class='id identifier rubyid_string'>string</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="escape_powershell_literal-class_method">
.<strong>escape_powershell_literal</strong>(string) &#x21d2; <tt>String</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Escape a string literal value to be included as an argument to powershell.exe. The escaped value *should be* placed within single quotes which is a Powershell verbatim string. See: <a href="https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_quoting_rules?view=powershell-7.4#single-quoted-strings">learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_quoting_rules?view=powershell-7.4#single-quoted-strings</a></p>
<p>This will help in cases where one might need to use &amp; as in PowerShell this is a reserved character whereas in cmd.exe this is used to indicate the start of an additional command to execute.</p>
<p>Example (without this escaping): powershell -Command “cmd /c echo hello &amp; echo world” &lt;- This will result in errors as &amp; is a reserved character. powershell -Command “cmd.exe /c echo hello &amp; echo world’” &lt;- This will succeed as &amp; is interpreted as part of a string by PowerShell.</p>
<p>In our case we use PowerShell quoting as described at <a href="https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_quoting_rules?view=powershell-7.3">learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_quoting_rules?view=powershell-7.3</a> which states that to use a single quote inside of a single quoted string, use a second consecutive single quote. Therefore this is valid in PowerShell: don”t Which in turn becomes the string “dont” (sans double quotes) inside PowerShell.</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>string</span>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The string to escape for use with powershell.exe.</p>
</div>
</li>
</ul>
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>String</tt>)</span>
&mdash;
<div class='inline'>
<p>The escaped string.</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
38
39
40
41
42</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/post/windows.rb', line 38</span>
<span class='kw'>def</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_escape_powershell_literal'>escape_powershell_literal</span><span class='lparen'>(</span><span class='id identifier rubyid_string'>string</span><span class='rparen'>)</span>
<span class='id identifier rubyid_string'>string</span> <span class='op'>=</span> <span class='id identifier rubyid_string'>string</span><span class='period'>.</span><span class='id identifier rubyid_dup'>dup</span>
<span class='id identifier rubyid_string'>string</span><span class='period'>.</span><span class='id identifier rubyid_gsub!'>gsub!</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>&#39;&#39;</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_string'>string</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:01:05 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink