make post service manipulation tests work

Brent Cook · Brent Cook · commit 0c94536b87e1 · 2015-01-07T13:31:16.000-06:00
Fix a funny default service name, adjust test to be case-agnostic. winmgmt on Windows XP and Windows 8 have different capitalization for this service. I'm not sure why it's a module parameter though - the test will still fail if its anything other than winmgmt. The following RC script has 7 successful outputs when run against a reverse_tcp shell. Run a reverse_tcp stager and the following RC script to run the test ``` loadpath test/modules use exploit/multi/handler set payload windows/meterpreter/reverse_tcp set lhost 192.168.43.1 run -j sleep 5 use post/test/services set SESSION 1 run ``` Note: this test still doesn't run very reliably on windows 8 unless you're using the code from rapid7/meterpreter#107 and rapid7#4411, though it runs ok on Windows XP.
diff --git a/test/modules/post/test/services.rb b/test/modules/post/test/services.rb
@@ -29,7 +29,7 @@ def initialize(info={})
     register_options(
       [
         OptString.new("QSERVICE" , [true, "Service (keyname) to query", "winmgmt"]),
-        OptString.new("NSERVICE" , [true, "New Service (keyname) to create/del", "testes"]),
+        OptString.new("NSERVICE" , [true, "New Service (keyname) to create/del", "test"]),
         OptString.new("SSERVICE" , [true, "Service (keyname) to start/stop", "W32Time"]),
         OptString.new("DNAME" , [true, "Display name used for create test", "Cool display name"]),
         OptString.new("BINPATH" , [true, "Binary path for create test", "C:\\WINDOWS\\system32\\svchost.exe -k netsvcs"]),
@@ -69,7 +69,18 @@ def test_list
 
       ret &&= results.kind_of? Array
       ret &&= results.length > 0
-      ret &&= results.include? datastore["QSERVICE"]
+
+      # Adjust the QSERVICE to match the case of the service name. This is used
+      # later in test_info, which is case-sensitive.
+      found = false
+      results.each do |service|
+        if service.downcase == datastore["QSERVICE"].downcase
+          datastore["QSERVICE"] = service.to_s
+          found = true
+          break
+        end
+      end
+      ret &&= found
 
       ret
     end
@@ -83,7 +94,8 @@ def test_info
       ret &&= results.kind_of? Hash
       if ret
         ret &&= results.has_key? "Name"
-        ret &&= (results["Name"] == "Windows Management Instrumentation")
+        ret &&= ([results["Name"]] &
+          ["Windows Management Instrumentation", "@%Systemroot%\\system32\\wbem\\\wmisvc.dll,-205"]).any?
         ret &&= results.has_key? "Startup"
         ret &&= results.has_key? "Command"
         ret &&= results.has_key? "Credentials"
