Status of testing
REGISTRY:
Data::Meterpreter
[*] Running against session 1
[*] Session type is meterpreter
[*]
[*] TESTING: registry_value_exist? for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair
[*] RESULTS: TrueClass true
[*]
[*] TESTING: registry_value_exist? for key:HKLM\Non\Existent\key, val:DisableRepair
[*] RESULTS (Expecting false): FalseClass false
[*]
[*] TESTING: registry_value_exist? for key:HKLM\Software\Microsoft\Active Setup, val:'NonExistentValue'
[*] RESULTS (Expecting false): FalseClass false
[*]
[*] TESTING: registry_key_exist? for key: 'HKLM\NonExistentkey'
[*] RESULTS (Expecting false): FalseClass false
[*]
[*] TESTING: registry_key_exist? for key:HKLM\Software\Microsoft\Active Setup
[*] RESULTS: TrueClass true
[*]
[*] TESTING: registry_getvalinfo for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair
[*] RESULTS: Hash {"Data"=>1, "Type"=>4}
[*]
[*] TESTING: registry_getvaldata for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair
[*] RESULTS: Fixnum 1
[*]
[*] TESTING: registry_createkey for key:HKLM\Software\Microsoft\Active Setup\test
[*] RESULTS: NilClass nil
[*]
[*] TESTING: registry_setvaldata for key:HKLM\Software\Microsoft\Active Setup\test, val:test, data:test, type:REG_SZ
[*] RESULTS: NilClass nil
[*]
[*] Running registry_getvalinfo for freshly created key:HKLM\Software\Microsoft\Active Setup\test, val:test
[*] RESULTS: Hash {"Data"=>"test", "Type"=>1}
[*]
[*] TESTING: registry_deleteval for key:HKLM\Software\Microsoft\Active Setup\test, val:test
[*] RESULTS: NilClass nil
[*]
[*] TESTING: registry_deletekey
[*] RESULTS: NilClass nil
[*]
[*] Running registry_getvalinfo for deleted key:HKLM\Software\Microsoft\Active Setup\test, val:test
[*] NOTE: this OUGHT to throw an error which this test will catch
[*] RESULTS (Expecting to catch Rex::Post::Meterpreter::RequestError):
[+] Good, the error was: Rex::Post::Meterpreter::RequestError check_valid_key: Operation failed: Invalid key: HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\test
[*]
[*] TESTING: registry_enumkeys
[*] RESULTS: Array ["ClsidFeature", "Declined Install On Demand IEv5", "FeatureComponentID", "Install Check", "Installed Components", "MimeFeature", "WebJITURLs"]
[*]
[*] TESTING: registry_enumvals
[*] RESULTS: Array ["DisableRepair", "JITSetupPage"]
[*]
[*] Testing Complete!
[*] Post module execution completed
Data::Shell
[*] Running against session 2
[*] Session type is shell
[*]
[*] TESTING: registry_value_exist? for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair
[*] RESULTS: TrueClass true
[*]
[*] TESTING: registry_value_exist? for key:HKLM\Non\Existent\key, val:DisableRepair
[*] RESULTS (Expecting false): FalseClass false
[*]
[*] TESTING: registry_value_exist? for key:HKLM\Software\Microsoft\Active Setup, val:'NonExistentValue'
[*] RESULTS (Expecting false): FalseClass false
[*]
[*] TESTING: registry_key_exist? for key: 'HKLM\NonExistentkey'
[*] RESULTS (Expecting false): FalseClass false
[*]
[*] TESTING: registry_key_exist? for key:HKLM\Software\Microsoft\Active Setup
[*] RESULTS: TrueClass true
[*]
[*] TESTING: registry_getvalinfo for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair
[*] RESULTS: Hash {"Data"=>"0x1", "Type"=>"REG_DWORD"}
[*]
[*] TESTING: registry_getvaldata for key:HKLM\Software\Microsoft\Active Setup, val:DisableRepair
[*] RESULTS: String "0x1"
[*]
[*] TESTING: registry_createkey for key:HKLM\Software\Microsoft\Active Setup\test
[*] RESULTS: NilClass nil
[*]
[*] TESTING: registry_setvaldata for key:HKLM\Software\Microsoft\Active Setup\test, val:test, data:test, type:REG_SZ
[*] RESULTS: NilClass nil
[*]
[*] Running registry_getvalinfo for freshly created key:HKLM\Software\Microsoft\Active Setup\test, val:test
[*] RESULTS: Hash {"Data"=>"test", "Type"=>"REG_SZ"}
[*]
[*] TESTING: registry_deleteval for key:HKLM\Software\Microsoft\Active Setup\test, val:test
[*] RESULTS: NilClass nil
[*]
[*] TESTING: registry_deletekey
[*] RESULTS: NilClass nil
[*]
[*] Running registry_getvalinfo for deleted key:HKLM\Software\Microsoft\Active Setup\test, val:test
[*] NOTE: this OUGHT to throw an error which this test will catch
[*] RESULTS (Expecting to catch Rex::Post::Meterpreter::RequestError):
[+] Good, the error was: Rex::Post::Meterpreter::RequestError check_valid_key: Operation failed: Invalid key: HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\test
[*]
[*] TESTING: registry_enumkeys
[*] RESULTS: Array ["ClsidFeature", "Declined Install On Demand IEv5", "FeatureComponentID", "Install Check", "Installed Components", "MimeFeature", "WebJITURLs"]
[*]
[*] TESTING: registry_enumvals
[*] RESULTS: Array ["DisableRepair", "JITSetupPage"]
[*]
[*] Testing Complete!
[*] Post module execution completed
Data::Diff
1,2c1,2
< [*] Running against session 1
< [*] Session type is meterpreter
---
> [*] Running against session 2
> [*] Session type is shell
20c20
< [*] RESULTS: Hash {"Data"=>1, "Type"=>4}
---
> [*] RESULTS: Hash {"Data"=>"0x1", "Type"=>"REG_DWORD"}
23c23
< [*] RESULTS: Fixnum 1
---
> [*] RESULTS: String "0x1"
32c32
< [*] RESULTS: Hash {"Data"=>"test", "Type"=>1}
---
> [*] RESULTS: Hash {"Data"=>"test", "Type"=>"REG_SZ"}
52a53
>
SERVICES:
Diff::
1,2c1,2
< [*] Running against session 1
< [*] Session type is meterpreter
---
> unning against session 2
> [*] Session type is shell
9,15c9,15
< [*] RESULTS: Hash {:controls=>7,
< :type=>"20",
< :win32_exit_code=>0,
< :state=>4,
< :service_exit_code=>0,
< :pid=>1412,
< :checkpoint=>0,
---
> [*] RESULTS: Hash {:type=>"20",
> :win32_exit_code=>"0",
> :service_name=>"winmgmt",
> :state=>"4",
> :service_exit_code=>"0",
> :pid=>"1412",
> :checkpoint=>"0x0",
17c17
< :wait_hint=>0}
---
> :wait_hint=>"0x0"}
22,23c22,23
< ["ALG",
< "Alerter",
---
> ["Alerter",
> "ALG",
28c28
< "COMSysApp",
---
> "cisvc",
29a30
> "COMSysApp",
32a34,35
> "dmadmin",
> "dmserver",
35d37
< "ERSvc",
37c39
< "EventSystem",
---
> "ERSvc",
38a41
> "EventSystem",
40,41c43
< "Fax",
< "HTTPFilter",
---
> "helpsvc",
42a45,46
> "hkmsvc",
> "HTTPFilter",
43a48,49
> "lanmanserver",
> "lanmanworkstation",
44a51,52
> "Messenger",
> "mnmsrvc",
47c55
< "Messenger",
---
> "napagent",
58,59d65
< "RDSessMgr",
< "RSVP",
61a68
> "RDSessMgr",
66,68c73
< "SCardSvr",
< "SENS",
< "SSDPSRV",
---
> "RSVP",
69a75
> "SCardSvr",
70a77,78
> "seclogon",
> "SENS",
73a82,84
> "srservice",
> "SSDPSRV",
> "stisvc",
80a92
> "upnphost",
83d94
< "VSS",
84a96
> "VSS",
86d97
< "WZCSVC",
87a99
> "winmgmt",
91,104d102
< "cisvc",
< "dmadmin",
< "dmserver",
< "helpsvc",
< "hkmsvc",
< "lanmanserver",
< "lanmanworkstation",
< "mnmsrvc",
< "napagent",
< "seclogon",
< "srservice",
< "stisvc",
< "upnphost",
< "winmgmt",
107c105,107
< "xmlprov"]
---
> "WZCSVC",
> "xmlprov",
> "Fax"]
117a118
> "dmserver",
120d120
< "EventSystem",
121a122
> "EventSystem",
122a124,126
> "helpsvc",
> "lanmanserver",
> "lanmanworkstation",
132,133d135
< "SENS",
< "SSDPSRV",
135a138,139
> "seclogon",
> "SENS",
138a143,144
> "srservice",
> "SSDPSRV",
145d150
< "WZCSVC",
147,152d151
< "dmserver",
< "helpsvc",
< "lanmanserver",
< "lanmanworkstation",
< "seclogon",
< "srservice",
155c154,155
< "wuauserv"]
---
> "wuauserv",
> "WZCSVC"]
164c164,165
< :start_type=>2,
---
> :start_type=>"2",
> :dependencies=>"RPCSS,Eventlog",
166,167c167
< :dependencies=>"Eventlog",
< :error_control=>0,
---
> :error_control=>"0",
169c169
< :load_order_group=>"AAARPCSS",
---
> :load_order_group=>nil,
171c171
< :tag=>0}
---
> :tag=>"0"}
175,181c175,181
< [*] RESULTS: Hash {:controls=>7,
< :type=>"20",
< :win32_exit_code=>0,
< :state=>4,
< :service_exit_code=>0,
< :pid=>1412,
< :checkpoint=>0,
---
> [*] RESULTS: Hash {:type=>"20",
> :win32_exit_code=>"0",
> :service_name=>"winmgmt",
> :state=>"4",
> :service_exit_code=>"0",
> :pid=>"1412",
> :checkpoint=>"0x0",
183c183
< :wait_hint=>0}
---
> :wait_hint=>"0x0"}
191c191
< [*] RESULTS (Expecting nil on success): String "TODO"
---
> [*] RESULTS (Expecting nil on success): NilClass nil
193,199c193,199
< [*] Current status of this service {:controls=>7,
< :type=>"20",
< :win32_exit_code=>0,
< :state=>4,
< :service_exit_code=>0,
< :pid=>1412,
< :checkpoint=>0,
---
> [*] Current status of this service {:type=>"20",
> :win32_exit_code=>"0",
> :service_name=>"winmgmt",
> :state=>"4",
> :service_exit_code=>"0",
> :pid=>"1412",
> :checkpoint=>"0x0",
201c201
< :wait_hint=>0}
---
> :wait_hint=>"0x0"}
208,214c208,214
< [*] Current status of this service {:controls=>7,
< :type=>"20",
< :win32_exit_code=>0,
< :state=>4,
< :service_exit_code=>0,
< :pid=>1412,
< :checkpoint=>0,
---
> [*] Current status of this service {:type=>"20",
> :win32_exit_code=>"0",
> :service_name=>"winmgmt",
> :state=>"4",
> :service_exit_code=>"0",
> :pid=>"1412",
> :checkpoint=>"0x0",
216c216
< :wait_hint=>0}
---
> :wait_hint=>"0x0"}
223,229c223,229
< [*] Current status of this service {:controls=>0,
< :type=>"20",
< :win32_exit_code=>0,
< :state=>1,
< :service_exit_code=>0,
< :pid=>0,
< :checkpoint=>0,
---
> [*] Current status of this service {:type=>"20",
> :win32_exit_code=>"0",
> :service_name=>"W32Time",
> :state=>"1",
> :service_exit_code=>"0",
> :pid=>"0",
> :checkpoint=>"0x0",
231c231
< :wait_hint=>0}
---
> :wait_hint=>"0x0"}
239,245c239,245
< [*] Current status of this service {:controls=>125,
< :type=>"20",
< :win32_exit_code=>0,
< :state=>4,
< :service_exit_code=>0,
< :pid=>1412,
< :checkpoint=>0,
---
> [*] Current status of this service {:type=>"20",
> :win32_exit_code=>"0",
> :service_name=>"W32Time",
> :state=>"4",
> :service_exit_code=>"0",
> :pid=>"1412",
> :checkpoint=>"0x0",
247c247
< :wait_hint=>0}
---
> :wait_hint=>"0x0"}
253,259c253,259
< [*] Current status of this service {:controls=>7,
< :type=>"20",
< :win32_exit_code=>0,
< :state=>4,
< :service_exit_code=>0,
< :pid=>1412,
< :checkpoint=>0,
---
> [*] Current status of this service {:type=>"20",
> :win32_exit_code=>"0",
> :service_name=>"winmgmt",
> :state=>"4",
> :service_exit_code=>"0",
> :pid=>"1412",
> :checkpoint=>"0x0",
261c261
< :wait_hint=>0}
---
> :wait_hint=>"0x0"}
266,267c266,267
< "Startup"=>"auto",
< "Name"=>"Windows Management Instrumentation",
---
> "Startup"=>"demand",
> "Name"=>"winmgmt",