allow process architecture to be a string (allow more than x86)

busterb · Brent Cook · commit 9cb4880747f8 · 2016-07-27T08:49:19.000-05:00
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb
@@ -224,13 +224,15 @@ def Process.get_processes
     response.each(TLV_TYPE_PROCESS_GROUP) { |p|
     arch = ""
 
-    pa = p.get_tlv_value( TLV_TYPE_PROCESS_ARCH )
-    if( pa != nil )
+    pa = p.get_tlv_value(TLV_TYPE_PROCESS_ARCH)
+    if !pa.nil?
       if pa == 1 # PROCESS_ARCH_X86
         arch = ARCH_X86
       elsif pa == 2 # PROCESS_ARCH_X64
         arch = ARCH_X86_64
       end
+    else
+      arch = p.get_tlv_value(TLV_TYPE_PROCESS_ARCH_NAME)
     end
 
     processes <<
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
@@ -156,6 +156,7 @@ module Stdapi
 TLV_TYPE_PROCESS_ARCH       = TLV_META_TYPE_UINT    | 2306
 TLV_TYPE_PARENT_PID         = TLV_META_TYPE_UINT    | 2307
 TLV_TYPE_PROCESS_SESSION    = TLV_META_TYPE_UINT    | 2308
+TLV_TYPE_PROCESS_ARCH_NAME  = TLV_META_TYPE_STRING  | 2309
 
 TLV_TYPE_IMAGE_FILE         = TLV_META_TYPE_STRING  | 2400
 TLV_TYPE_IMAGE_FILE_PATH    = TLV_META_TYPE_STRING  | 2401
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
@@ -63,11 +63,11 @@ class Console::CommandDispatcher::Stdapi::Sys
   # Options for the 'ps' command.
   #
   @@ps_opts = Rex::Parser::Arguments.new(
-    "-S" => [ true,  "String to search for (converts to regex)"                ],
-    "-h" => [ false, "Help menu."                                              ],
-    "-A" => [ true,  "Filters processes on architecture (x86 or x86_64)"	   ],
-    "-s" => [ false, "Show only SYSTEM processes"				   ],
-    "-U" => [ true,  "Filters processes on the user using the supplied RegEx"  ])
+    "-S" => [ true,  "String to search for (converts to regex)" ],
+    "-h" => [ false, "Help menu." ],
+    "-A" => [ true,  "Filters processes on architecture" ],
+    "-s" => [ false, "Show only SYSTEM processes" ],
+    "-U" => [ true,  "Filters processes on the user using the supplied RegEx"])
 
   #
   # Options for the 'suspend' command.
@@ -445,8 +445,7 @@ def cmd_ps(*args)
         searched_procs = Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList.new
         processes.each do |proc|
           next if proc['arch'].nil? or proc['arch'].empty?
-          if val.nil? or val.empty? or !(val == "x86" or val == "x86_64")
-            print_line "You must select either x86 or x86_64"
+          if val.nil? or val.empty?
             return false
           end
           searched_procs << proc if proc["arch"] == val
