Do a different wmic query for newer systems

wchen-r7 · wchen-r7 · commit 11f94a6efc95 · 2016-08-04T14:50:46.000-05:00
diff --git a/lib/msf/core/post/windows/powershell.rb b/lib/msf/core/post/windows/powershell.rb
@@ -34,8 +34,14 @@ def have_powershell?
   # Returns the .Net version
   #
   def get_dotnet_version
-    cmd_out = cmd_exec('wmic /namespace:\\\\root\\cimv2 path win32_product where "name like \'%%.NET%%\'" get version')
-    cmd_out.scan(/[\d\.]+/).flatten.first || ''
+    case sysinfo['OS']
+    when /Windows 8|10/
+      cmd_out = cmd_exec('wmic /namespace:\\\\root\\cimv2 path win32_optionalfeature where "caption like \'.NET Framework%\' and InstallState = 1" get caption')
+      cmd_out.scan(/(\d\.[\d\.]+)/).flatten.first || ''
+    else
+      cmd_out = cmd_exec('wmic /namespace:\\\\root\\cimv2 path win32_product where "name like \'%%.NET%%\'" get version')
+      cmd_out.scan(/[\d\.]+/).flatten.first || ''
+    end
   end
 
 
@@ -61,8 +67,6 @@ def get_powershell_version
       end
     end
 
-    o
-
     o.scan(/[\d \-]+/).last.split[0,2] * '.'
   end
 
