Created
June 15, 2012 16:18
-
-
Save kernelsmith/2937355 to your computer and use it in GitHub Desktop.
Status of testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
REGISTRY: | |
Data::Meterpreter | |
[*] Running against session 1 | |
[*] Session type is meterpreter | |
[*] | |
[*] TESTING: registry_value_exist? for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair | |
[*] RESULTS: TrueClass true | |
[*] | |
[*] TESTING: registry_value_exist? for key:HKLM\Non\Existent\key, val:DisableRepair | |
[*] RESULTS (Expecting false): FalseClass false | |
[*] | |
[*] TESTING: registry_value_exist? for key:HKLM\Software\Microsoft\Active Setup, val:'NonExistentValue' | |
[*] RESULTS (Expecting false): FalseClass false | |
[*] | |
[*] TESTING: registry_key_exist? for key: 'HKLM\NonExistentkey' | |
[*] RESULTS (Expecting false): FalseClass false | |
[*] | |
[*] TESTING: registry_key_exist? for key:HKLM\Software\Microsoft\Active Setup | |
[*] RESULTS: TrueClass true | |
[*] | |
[*] TESTING: registry_getvalinfo for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair | |
[*] RESULTS: Hash {"Data"=>1, "Type"=>4} | |
[*] | |
[*] TESTING: registry_getvaldata for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair | |
[*] RESULTS: Fixnum 1 | |
[*] | |
[*] TESTING: registry_createkey for key:HKLM\Software\Microsoft\Active Setup\test | |
[*] RESULTS: NilClass nil | |
[*] | |
[*] TESTING: registry_setvaldata for key:HKLM\Software\Microsoft\Active Setup\test, val:test, data:test, type:REG_SZ | |
[*] RESULTS: NilClass nil | |
[*] | |
[*] Running registry_getvalinfo for freshly created key:HKLM\Software\Microsoft\Active Setup\test, val:test | |
[*] RESULTS: Hash {"Data"=>"test", "Type"=>1} | |
[*] | |
[*] TESTING: registry_deleteval for key:HKLM\Software\Microsoft\Active Setup\test, val:test | |
[*] RESULTS: NilClass nil | |
[*] | |
[*] TESTING: registry_deletekey | |
[*] RESULTS: NilClass nil | |
[*] | |
[*] Running registry_getvalinfo for deleted key:HKLM\Software\Microsoft\Active Setup\test, val:test | |
[*] NOTE: this OUGHT to throw an error which this test will catch | |
[*] RESULTS (Expecting to catch Rex::Post::Meterpreter::RequestError): | |
[+] Good, the error was: Rex::Post::Meterpreter::RequestError check_valid_key: Operation failed: Invalid key: HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\test | |
[*] | |
[*] TESTING: registry_enumkeys | |
[*] RESULTS: Array ["ClsidFeature", "Declined Install On Demand IEv5", "FeatureComponentID", "Install Check", "Installed Components", "MimeFeature", "WebJITURLs"] | |
[*] | |
[*] TESTING: registry_enumvals | |
[*] RESULTS: Array ["DisableRepair", "JITSetupPage"] | |
[*] | |
[*] Testing Complete! | |
[*] Post module execution completed | |
Data::Shell | |
[*] Running against session 2 | |
[*] Session type is shell | |
[*] | |
[*] TESTING: registry_value_exist? for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair | |
[*] RESULTS: TrueClass true | |
[*] | |
[*] TESTING: registry_value_exist? for key:HKLM\Non\Existent\key, val:DisableRepair | |
[*] RESULTS (Expecting false): FalseClass false | |
[*] | |
[*] TESTING: registry_value_exist? for key:HKLM\Software\Microsoft\Active Setup, val:'NonExistentValue' | |
[*] RESULTS (Expecting false): FalseClass false | |
[*] | |
[*] TESTING: registry_key_exist? for key: 'HKLM\NonExistentkey' | |
[*] RESULTS (Expecting false): FalseClass false | |
[*] | |
[*] TESTING: registry_key_exist? for key:HKLM\Software\Microsoft\Active Setup | |
[*] RESULTS: TrueClass true | |
[*] | |
[*] TESTING: registry_getvalinfo for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair | |
[*] RESULTS: Hash {"Data"=>"0x1", "Type"=>"REG_DWORD"} | |
[*] | |
[*] TESTING: registry_getvaldata for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair | |
[*] RESULTS: String "0x1" | |
[*] | |
[*] TESTING: registry_createkey for key:HKLM\Software\Microsoft\Active Setup\test | |
[*] RESULTS: NilClass nil | |
[*] | |
[*] TESTING: registry_setvaldata for key:HKLM\Software\Microsoft\Active Setup\test, val:test, data:test, type:REG_SZ | |
[*] RESULTS: NilClass nil | |
[*] | |
[*] Running registry_getvalinfo for freshly created key:HKLM\Software\Microsoft\Active Setup\test, val:test | |
[*] RESULTS: Hash {"Data"=>"test", "Type"=>"REG_SZ"} | |
[*] | |
[*] TESTING: registry_deleteval for key:HKLM\Software\Microsoft\Active Setup\test, val:test | |
[*] RESULTS: NilClass nil | |
[*] | |
[*] TESTING: registry_deletekey | |
[*] RESULTS: NilClass nil | |
[*] | |
[*] Running registry_getvalinfo for deleted key:HKLM\Software\Microsoft\Active Setup\test, val:test | |
[*] NOTE: this OUGHT to throw an error which this test will catch | |
[*] RESULTS (Expecting to catch Rex::Post::Meterpreter::RequestError): | |
[+] Good, the error was: Rex::Post::Meterpreter::RequestError check_valid_key: Operation failed: Invalid key: HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\test | |
[*] | |
[*] TESTING: registry_enumkeys | |
[*] RESULTS: Array ["ClsidFeature", "Declined Install On Demand IEv5", "FeatureComponentID", "Install Check", "Installed Components", "MimeFeature", "WebJITURLs"] | |
[*] | |
[*] TESTING: registry_enumvals | |
[*] RESULTS: Array ["DisableRepair", "JITSetupPage"] | |
[*] | |
[*] Testing Complete! | |
[*] Post module execution completed | |
Data::Diff | |
1,2c1,2 | |
< [*] Running against session 1 | |
< [*] Session type is meterpreter | |
--- | |
> [*] Running against session 2 | |
> [*] Session type is shell | |
20c20 | |
< [*] RESULTS: Hash {"Data"=>1, "Type"=>4} | |
--- | |
> [*] RESULTS: Hash {"Data"=>"0x1", "Type"=>"REG_DWORD"} | |
23c23 | |
< [*] RESULTS: Fixnum 1 | |
--- | |
> [*] RESULTS: String "0x1" | |
32c32 | |
< [*] RESULTS: Hash {"Data"=>"test", "Type"=>1} | |
--- | |
> [*] RESULTS: Hash {"Data"=>"test", "Type"=>"REG_SZ"} | |
52a53 | |
> | |
SERVICES: | |
Diff:: | |
1,2c1,2 | |
< [*] Running against session 1 | |
< [*] Session type is meterpreter | |
--- | |
> unning against session 2 | |
> [*] Session type is shell | |
9,15c9,15 | |
< [*] RESULTS: Hash {:controls=>7, | |
< :type=>"20", | |
< :win32_exit_code=>0, | |
< :state=>4, | |
< :service_exit_code=>0, | |
< :pid=>1412, | |
< :checkpoint=>0, | |
--- | |
> [*] RESULTS: Hash {:type=>"20", | |
> :win32_exit_code=>"0", | |
> :service_name=>"winmgmt", | |
> :state=>"4", | |
> :service_exit_code=>"0", | |
> :pid=>"1412", | |
> :checkpoint=>"0x0", | |
17c17 | |
< :wait_hint=>0} | |
--- | |
> :wait_hint=>"0x0"} | |
22,23c22,23 | |
< ["ALG", | |
< "Alerter", | |
--- | |
> ["Alerter", | |
> "ALG", | |
28c28 | |
< "COMSysApp", | |
--- | |
> "cisvc", | |
29a30 | |
> "COMSysApp", | |
32a34,35 | |
> "dmadmin", | |
> "dmserver", | |
35d37 | |
< "ERSvc", | |
37c39 | |
< "EventSystem", | |
--- | |
> "ERSvc", | |
38a41 | |
> "EventSystem", | |
40,41c43 | |
< "Fax", | |
< "HTTPFilter", | |
--- | |
> "helpsvc", | |
42a45,46 | |
> "hkmsvc", | |
> "HTTPFilter", | |
43a48,49 | |
> "lanmanserver", | |
> "lanmanworkstation", | |
44a51,52 | |
> "Messenger", | |
> "mnmsrvc", | |
47c55 | |
< "Messenger", | |
--- | |
> "napagent", | |
58,59d65 | |
< "RDSessMgr", | |
< "RSVP", | |
61a68 | |
> "RDSessMgr", | |
66,68c73 | |
< "SCardSvr", | |
< "SENS", | |
< "SSDPSRV", | |
--- | |
> "RSVP", | |
69a75 | |
> "SCardSvr", | |
70a77,78 | |
> "seclogon", | |
> "SENS", | |
73a82,84 | |
> "srservice", | |
> "SSDPSRV", | |
> "stisvc", | |
80a92 | |
> "upnphost", | |
83d94 | |
< "VSS", | |
84a96 | |
> "VSS", | |
86d97 | |
< "WZCSVC", | |
87a99 | |
> "winmgmt", | |
91,104d102 | |
< "cisvc", | |
< "dmadmin", | |
< "dmserver", | |
< "helpsvc", | |
< "hkmsvc", | |
< "lanmanserver", | |
< "lanmanworkstation", | |
< "mnmsrvc", | |
< "napagent", | |
< "seclogon", | |
< "srservice", | |
< "stisvc", | |
< "upnphost", | |
< "winmgmt", | |
107c105,107 | |
< "xmlprov"] | |
--- | |
> "WZCSVC", | |
> "xmlprov", | |
> "Fax"] | |
117a118 | |
> "dmserver", | |
120d120 | |
< "EventSystem", | |
121a122 | |
> "EventSystem", | |
122a124,126 | |
> "helpsvc", | |
> "lanmanserver", | |
> "lanmanworkstation", | |
132,133d135 | |
< "SENS", | |
< "SSDPSRV", | |
135a138,139 | |
> "seclogon", | |
> "SENS", | |
138a143,144 | |
> "srservice", | |
> "SSDPSRV", | |
145d150 | |
< "WZCSVC", | |
147,152d151 | |
< "dmserver", | |
< "helpsvc", | |
< "lanmanserver", | |
< "lanmanworkstation", | |
< "seclogon", | |
< "srservice", | |
155c154,155 | |
< "wuauserv"] | |
--- | |
> "wuauserv", | |
> "WZCSVC"] | |
164c164,165 | |
< :start_type=>2, | |
--- | |
> :start_type=>"2", | |
> :dependencies=>"RPCSS,Eventlog", | |
166,167c167 | |
< :dependencies=>"Eventlog", | |
< :error_control=>0, | |
--- | |
> :error_control=>"0", | |
169c169 | |
< :load_order_group=>"AAARPCSS", | |
--- | |
> :load_order_group=>nil, | |
171c171 | |
< :tag=>0} | |
--- | |
> :tag=>"0"} | |
175,181c175,181 | |
< [*] RESULTS: Hash {:controls=>7, | |
< :type=>"20", | |
< :win32_exit_code=>0, | |
< :state=>4, | |
< :service_exit_code=>0, | |
< :pid=>1412, | |
< :checkpoint=>0, | |
--- | |
> [*] RESULTS: Hash {:type=>"20", | |
> :win32_exit_code=>"0", | |
> :service_name=>"winmgmt", | |
> :state=>"4", | |
> :service_exit_code=>"0", | |
> :pid=>"1412", | |
> :checkpoint=>"0x0", | |
183c183 | |
< :wait_hint=>0} | |
--- | |
> :wait_hint=>"0x0"} | |
191c191 | |
< [*] RESULTS (Expecting nil on success): String "TODO" | |
--- | |
> [*] RESULTS (Expecting nil on success): NilClass nil | |
193,199c193,199 | |
< [*] Current status of this service {:controls=>7, | |
< :type=>"20", | |
< :win32_exit_code=>0, | |
< :state=>4, | |
< :service_exit_code=>0, | |
< :pid=>1412, | |
< :checkpoint=>0, | |
--- | |
> [*] Current status of this service {:type=>"20", | |
> :win32_exit_code=>"0", | |
> :service_name=>"winmgmt", | |
> :state=>"4", | |
> :service_exit_code=>"0", | |
> :pid=>"1412", | |
> :checkpoint=>"0x0", | |
201c201 | |
< :wait_hint=>0} | |
--- | |
> :wait_hint=>"0x0"} | |
208,214c208,214 | |
< [*] Current status of this service {:controls=>7, | |
< :type=>"20", | |
< :win32_exit_code=>0, | |
< :state=>4, | |
< :service_exit_code=>0, | |
< :pid=>1412, | |
< :checkpoint=>0, | |
--- | |
> [*] Current status of this service {:type=>"20", | |
> :win32_exit_code=>"0", | |
> :service_name=>"winmgmt", | |
> :state=>"4", | |
> :service_exit_code=>"0", | |
> :pid=>"1412", | |
> :checkpoint=>"0x0", | |
216c216 | |
< :wait_hint=>0} | |
--- | |
> :wait_hint=>"0x0"} | |
223,229c223,229 | |
< [*] Current status of this service {:controls=>0, | |
< :type=>"20", | |
< :win32_exit_code=>0, | |
< :state=>1, | |
< :service_exit_code=>0, | |
< :pid=>0, | |
< :checkpoint=>0, | |
--- | |
> [*] Current status of this service {:type=>"20", | |
> :win32_exit_code=>"0", | |
> :service_name=>"W32Time", | |
> :state=>"1", | |
> :service_exit_code=>"0", | |
> :pid=>"0", | |
> :checkpoint=>"0x0", | |
231c231 | |
< :wait_hint=>0} | |
--- | |
> :wait_hint=>"0x0"} | |
239,245c239,245 | |
< [*] Current status of this service {:controls=>125, | |
< :type=>"20", | |
< :win32_exit_code=>0, | |
< :state=>4, | |
< :service_exit_code=>0, | |
< :pid=>1412, | |
< :checkpoint=>0, | |
--- | |
> [*] Current status of this service {:type=>"20", | |
> :win32_exit_code=>"0", | |
> :service_name=>"W32Time", | |
> :state=>"4", | |
> :service_exit_code=>"0", | |
> :pid=>"1412", | |
> :checkpoint=>"0x0", | |
247c247 | |
< :wait_hint=>0} | |
--- | |
> :wait_hint=>"0x0"} | |
253,259c253,259 | |
< [*] Current status of this service {:controls=>7, | |
< :type=>"20", | |
< :win32_exit_code=>0, | |
< :state=>4, | |
< :service_exit_code=>0, | |
< :pid=>1412, | |
< :checkpoint=>0, | |
--- | |
> [*] Current status of this service {:type=>"20", | |
> :win32_exit_code=>"0", | |
> :service_name=>"winmgmt", | |
> :state=>"4", | |
> :service_exit_code=>"0", | |
> :pid=>"1412", | |
> :checkpoint=>"0x0", | |
261c261 | |
< :wait_hint=>0} | |
--- | |
> :wait_hint=>"0x0"} | |
266,267c266,267 | |
< "Startup"=>"auto", | |
< "Name"=>"Windows Management Instrumentation", | |
--- | |
> "Startup"=>"demand", | |
> "Name"=>"winmgmt", |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment