@Meatballs1 fixes

mubix · mubix · commit 6435b4370a86 · 2014-05-25T10:40:23.000-04:00
diff --git a/modules/post/windows/gather/enum_patches.rb b/modules/post/windows/gather/enum_patches.rb
@@ -9,6 +9,7 @@
 
 class Metasploit3 < Msf::Post
   include Msf::Post::Common
+  include Msf::Post::Windows::ExtAPI
 
   def initialize(info={})
     super(update_info(info,
@@ -28,7 +29,7 @@ def initialize(info={})
 
     register_options(
       [
-        OptBool.new('MSFLOCALS', [ false, 'Search for missing patchs for which there is a MSF local module', true]),
+        OptBool.new('MSFLOCALS', [ true, 'Search for missing patchs for which there is a MSF local module', true]),
         OptString.new('KB',  [ true, 'A comma separated list of KB patches to search for', 'KB2871997, KB2928120'])
       ], self.class)
   end
@@ -53,35 +54,39 @@ def run
       patches = patches + msfmodules
     end
 
-    client.core.use("extapi") if not client.ext.aliases.include?("extapi")
-    begin
-      objects = client.extapi.wmi.query("SELECT HotFixID FROM Win32_QuickFixEngineering")
-    rescue RuntimeError
-      print_error "Known bug in WMI query, try migrating to another process"
-      return
-    end
-    kb_ids = objects[:values].map { |kb| kb[0] }
-    patches.each do |kb|
-      if kb_ids.include?(kb)
-        print_status("#{kb} applied")
-      else
-        case kb
-        when "KB977165"
-          print_good("KB977165 - Possibly vulnerable to MS10-015 kitrap0d if Windows 2K SP4 - Windows 7 (x86)")
-        when "KB2305420"
-          print_good("KB2305420 - Possibly vulnerable to MS10-092 schelevator if Vista, 7, and 2008")
-        when "KB2592799"
-          print_good("KB2592799 - Possibly vulnerable to MS11-080 afdjoinleaf if XP SP2/SP3 Win 2k3 SP2")
-        when "KB2778930"
-          print_good("KB2778930 - Possibly vulnerable to MS13-005 hwnd_broadcast, elevates from Low to Medium integrity")
-        when "KB2850851"
-          print_good("KB2850851 - Possibly vulnerable to MS13-053 schlamperei if x86 Win7 SP0/SP1")
-        when "KB2870008"
-          print_good("KB2870008 - Possibly vulnerable to MS13-081 track_popup_menu")
+    extapi_loaded = load_extapi
+    if extapi_loaded
+      begin
+        objects = session.extapi.wmi.query("SELECT HotFixID FROM Win32_QuickFixEngineering")
+      rescue RuntimeError
+        print_error "Known bug in WMI query, try migrating to another process"
+        return
+      end
+      kb_ids = objects[:values].map { |kb| kb[0] }
+      patches.each do |kb|
+        if kb_ids.include?(kb)
+          print_status("#{kb} applied")
         else
-          print_good("#{kb} is missing")
+          case kb
+          when "KB977165"
+            print_good("KB977165 - Possibly vulnerable to MS10-015 kitrap0d if Windows 2K SP4 - Windows 7 (x86)")
+          when "KB2305420"
+            print_good("KB2305420 - Possibly vulnerable to MS10-092 schelevator if Vista, 7, and 2008")
+          when "KB2592799"
+            print_good("KB2592799 - Possibly vulnerable to MS11-080 afdjoinleaf if XP SP2/SP3 Win 2k3 SP2")
+          when "KB2778930"
+            print_good("KB2778930 - Possibly vulnerable to MS13-005 hwnd_broadcast, elevates from Low to Medium integrity")
+          when "KB2850851"
+            print_good("KB2850851 - Possibly vulnerable to MS13-053 schlamperei if x86 Win7 SP0/SP1")
+          when "KB2870008"
+            print_good("KB2870008 - Possibly vulnerable to MS13-081 track_popup_menu")
+          else
+            print_good("#{kb} is missing")
+          end
         end
       end
+    else
+      print_error "ExtAPI failed to load"
     end
   end
 end
