Skip to content

local_admin_search_enum: Flimsy Windows version detection #16064

New issue
New issue
Open
Open
local_admin_search_enum: Flimsy Windows version detection#16064
Labels
bugmodulenot-staleLabel to stop an issue from being auto closed
@bcoles

Description

@bcoles
bcoles
opened on Jan 18, 2022

Untested, but based on code review, this is likely to fail:

metasploit-framework/modules/post/windows/gather/local_admin_search_enum.rb

Lines 78 to 79 in 7a49a91

# If Vista/2008 or later add /R
if (sysinfo['OS'] =~ /Build [6-9]\d\d\d/)

Same issue as #14309 in exploits/windows/local/s4u_persistence.rb :

metasploit-framework/modules/exploits/windows/local/s4u_persistence.rb

Lines 61 to 63 in 65fcf67

if not (sysinfo['OS'] =~ /Build [6-9]\d\d\d/)
fail_with(Failure::NoTarget, "This module only works on Vista/2008 and above")
end

I thought we'd standardized Windows version detection/comparison at some point. Someone [else] should review modules for version comparison and ensure this code pattern isn't used elsewhere.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugmodulenot-staleLabel to stop an issue from being auto closed

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions