Land rapid7#6956, Check presence in local admin group

wwebb-r7 · wwebb-r7 · commit 24eba6b831f0 · 2016-06-15T10:37:17.000-05:00
diff --git a/modules/post/windows/gather/win_privs.rb b/modules/post/windows/gather/win_privs.rb
@@ -29,7 +29,7 @@ def run
     usr_tbl = Rex::Ui::Text::Table.new(
       'Header'  => 'Current User',
       'Indent'  => 1,
-      'Columns' => ['Is Admin', 'Is System', 'UAC Enabled', 'Foreground ID', 'UID']
+      'Columns' => ['Is Admin', 'Is System', 'Is In Local Admin Group', 'UAC Enabled', 'Foreground ID', 'UID']
     )
 
     privs_tbl = Rex::Ui::Text::Table.new(
@@ -39,10 +39,11 @@ def run
     )
 
     # Gather data
-    uac   = is_uac_enabled? ? 'True' : 'False'
-    admin = is_admin? ? 'True' : 'False'
-    sys   = is_system? ? 'True' : 'False'
-    uid   = client.sys.config.getuid.inspect
+    uac         = is_uac_enabled? ? 'True' : 'False'
+    admin       = is_admin? ? 'True' : 'False'
+    admin_group = is_in_admin_group? ? 'True' : 'False'
+    sys         = is_system? ? 'True' : 'False'
+    uid         = client.sys.config.getuid.inspect
     begin
       # Older OS might not have this (min support is XP)
       fid = client.railgun.kernel32.WTSGetActiveConsoleSessionId["return"]
@@ -52,7 +53,7 @@ def run
     privs = client.sys.config.getprivs
 
     # Store in tables
-    usr_tbl << [admin, sys, uac, fid, uid]
+    usr_tbl << [admin, sys, admin_group, uac, fid, uid]
     privs.each do |priv|
       privs_tbl << [priv]
     end
