CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/scripts/meterpreter/service_manager.rb
Views: 1904
1
##

2
# WARNING: Metasploit no longer maintains or accepts meterpreter scripts.

3
# If you'd like to improve this script, please try to port it as a post

4
# module instead. Thank you.

5
##

6


7


8
# Author: Carlos Perez <carlos_perez [at] darkoperator.com and Shai rod (@NightRang3r)

9
#-------------------------------------------------------------------------------

10
################## Variable Declarations ##################

11


12
@client = client

13
srv_name           = nil

14
returned_value     = nil

15
srv_startup        = "Auto"

16
srv_display_name   = ""

17
srv_command        = nil

18
srv_list           = false

19
srv_start          = false

20
srv_stop           = false

21
srv_create         = false

22
srv_info           = false

23
srv_change_startup = false

24
srv_delete         = false

25


26


27
@exec_opts = Rex::Parser::Arguments.new(

28
  "-h" => [ false , "Help menu." ],

29
  "-l" => [ false , "List Services"],

30
  "-S" => [ false , "Start Service"],

31
  "-K" => [ false , "Stop Service"],

32
  "-C" => [ false , "Create Service, service will be set to auto start"],

33
  "-c" => [ false , "Change Service StartUp. Default <Auto>" ],

34
  "-i" => [ false , "Get Service Information"],

35
  "-n" => [ true  , "Service Name"],

36
  "-s" => [ true  , "Startup Parameter for service. Specify Auto, Manual or Disabled"],

37
  "-d" => [ true  , "Display Name of Service"],

38
  "-p" => [ true  , "Service command"],

39
  "-D" => [ false , "Delete Service"]

40
  )

41
meter_type = client.platform

42


43
################## Function Declarations ##################

44


45
# Usage Message Function

46
#-------------------------------------------------------------------------------

47
def usage

48
  print_line "Meterpreter Script for managing Windows Services."

49
  print_line(@exec_opts.usage)

50
  raise Rex::Script::Completed

51
end

52


53
# Wrong Meterpreter Version Message Function

54
#-------------------------------------------------------------------------------

55
def wrong_meter_version(meter = meter_type)

56
  print_error("#{meter} version of Meterpreter is not supported with this Script!")

57
  raise Rex::Script::Completed

58
end

59


60
# Check if sufficient privileges are present for certain actions

61
def priv_check

62
  if not is_uac_enabled? or is_admin?

63
    return true

64
  else

65
    print_error("Insufficient Privileges")

66
    raise Rex::Script::Completed

67
  end

68


69
end

70


71
################## Main ##################

72
# Check for Version of Meterpreter

73
wrong_meter_version(meter_type) if meter_type != 'windows'

74


75
@exec_opts.parse(args) { |opt, idx, val|

76
  case opt

77
  when "-h"

78
    usage

79
  when "-l"

80
    srv_list = true

81
  when "-n"

82
    srv_name = val

83
  when "-S"

84
    srv_start = true

85
  when "-K"

86
    srv_stop = true

87
  when "-i"

88
    srv_info = true

89
  when "-c"

90
    srv_change_startup = true

91
  when "-C"

92
    srv_create = true

93
  when "-d"

94
    srv_display_name = val

95
  when "-p"

96
    srv_command = val

97
  when "-D"

98
    srv_delete = true

99
  end

100
}

101


102
# List Services

103
if srv_list

104
  print_status("Service List:")

105
  service_list.each do |s|

106
    print_good("\t#{s}")

107
  end

108
  raise Rex::Script::Completed

109


110
# Start a service

111
elsif srv_start

112
  priv_check

113
  if srv_name

114
    begin

115
      returned_value = service_start(srv_name)

116
      if returned_value == 0

117
        print_good("Service #{srv_name} Started")

118
      elsif returned_value == 1

119
        print_good("Service #{srv_name} already Running")

120
      elsif returned_value == 2

121
        print_error("Service #{srv_name} is Disabled could not be started.")

122
      end

123


124
    rescue

125
      print_error("A Service Name must be provided, service names are case sensitive.")

126
    end

127
  else

128
    print_error("No Service Name was provided!")

129
  end

130
  raise Rex::Script::Completed

131


132
# Stop a Service

133
elsif srv_stop

134
  priv_check

135
  if srv_name

136
    begin

137
      returned_value = service_stop(srv_name)

138
      if returned_value == 0

139
        print_good("Service #{srv_name} Stopped")

140
      elsif returned_value == 1

141
        print_good("Service #{srv_name} already Stopped")

142
      elsif returned_value == 2

143
        print_error("Service #{srv_name} can not be stopped.")

144
      end

145


146
    rescue

147
      print_error("A Service Name must be provided, service names are case sensitive.")

148
    end

149
  else

150
    print_error("No Service Name was provided!")

151
  end

152
  raise Rex::Script::Completed

153


154
# Get service info

155
elsif srv_info

156
  srv_conf = {}

157
  if srv_name

158
    begin

159
      srv_conf = service_info(srv_name)

160
      print_status("Service Information for #{srv_name}:")

161
      print_good("\tName: #{srv_conf['Name']}")

162
      print_good("\tStartup: #{srv_conf['Startup']}")

163
      print_good("\tCommand: #{srv_conf['Command']}")

164
      print_good("\tCredentials: #{srv_conf['Credentials']}")

165
    rescue

166
      print_error("A Service Name must be provided, service names are case sensitive.")

167
    end

168
  else

169
    print_error("No Service Name was provided!")

170
  end

171
  raise Rex::Script::Completed

172


173
# Change startup of a service

174
elsif srv_change_startup

175
  priv_check

176
  if srv_name

177
    begin

178
      print_status("Changing Service #{srv_name} Startup to #{srv_startup}")

179
      service_change_startup(srv_name,srv_startup)

180
      print_good("Service Startup changed!")

181


182
    rescue

183
      print_error("A Service Name must be provided, service names are case sensitive.")

184
    end

185
  else

186
    print_error("No Service Name was provided!")

187
  end

188
  raise Rex::Script::Completed

189


190
# Create a service

191
elsif srv_create

192
  priv_check

193
  if srv_name and srv_command

194
    begin

195
      print_status("Creating Service #{srv_name}")

196
      service_create(srv_name,srv_display_name,srv_command)

197
      print_good("\tService Created!")

198
      print_good("\tDisplay Name: #{srv_display_name}")

199
      print_good("\tCommand: #{srv_command}")

200
      print_good("\tSet to Auto Star.")

201
    rescue::Exception => e

202
      print_error("Error: #{e}")

203
    end

204
  else

205
    print_error("No Service Name and Service Command where provided!")

206
  end

207


208
# Delete a service

209
elsif srv_delete

210
  priv_check

211
  if srv_name

212
    begin

213
      print_status("Deleting Service #{srv_name}")

214
      service_delete(srv_name)

215
      print_good("\tService #{srv_name} Delete")

216
    rescue::Exception => e

217
      print_error("A Service Name must be provided, service names are case sensitive.")

218
      print_error("Error: #{e}")

219
    end

220
  else

221
    print_error("No Service Name and Service Command where provided!")

222
  end

223
  raise Rex::Script::Completed

224
else

225
  usage

226
end

227


228