Metasploit-framework: Likely regression in modules/exploits/windows/local/ms16_075_reflection_juicy.rb

Created on 11 Dec 2019  路  7Comments  路  Source: rapid7/metasploit-framework

So, I was grepping for examples to pull the build numbers from Windows versions, and came across this module:
modules/exploits/windows/local/ms16_075_reflection_juicy.rb

It used the regex
win10build = client.sys.config.sysinfo['OS'].match /Windows 10 \(Build (\d+)\)/

I made some changes to the way meterpreter reported the sysinfo value, and I believe this regex is now broken. I used build_num = sysinfo_value.match(/\w+\d+\w+(\d+)/)[0].to_i in my module, but as a regex expert could tell you, I'm no regex expert....

bug newbie-friendly
Source
picture bwatters-r7

Most helpful comment

I'm a someone looking to make a first PR! Please see above for my fix. Constructive feedback welcome.

picture 0x44434241 on 10 Feb 2020
👍2 🎉1

All 7 comments

Are you taking this on?

wvu-r7 picture wvu-r7 on 11 Dec 2019

I had no definitive passion to, but I figured if I did not document it, I would forget. If you want to knock it out, feel free!

bwatters-r7 picture bwatters-r7 on 11 Dec 2019

I do not. We are in agreement. :)

wvu-r7 picture wvu-r7 on 11 Dec 2019

I mean.... the regex that I think works is right there.... if someone were looking to make a first PR, this is a ctrl-c ctrl-v problem....

bwatters-r7 picture bwatters-r7 on 11 Dec 2019

I'm a someone looking to make a first PR! Please see above for my fix. Constructive feedback welcome.

0x44434241 picture 0x44434241 on 10 Feb 2020
👍2 🎉1

Merged in c9e4ca34, this issue can be closed.

0x44434241 picture 0x44434241 on 21 Feb 2020

Thanks!

wvu-r7 picture wvu-r7 on 21 Feb 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

handsomebeast picture handsomebeast  路  3Comments
fluit105 picture fluit105  路  3Comments
wvu-r7 picture wvu-r7  路  3Comments
0x27 picture 0x27  路  3Comments
felipee07 picture felipee07  路  3Comments