fix deletekey API usage from the meterpreter CLI

Brent Cook · Brent Cook · commit db9a3d167a52 · 2015-04-07T15:34:23.000-05:00
There is an old-looking bug where the deletekey command opens the key it tries
to delete, then deletes the same key name again. Basically, it uses the wrong
level of indirection.
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb b/lib/rex/post/meterpreter/extensions/stdapi/sys/registry_subsystem/registry_key.rb
@@ -163,7 +163,11 @@ def delete_value(name)
   # Returns the path to the key.
   #
   def to_s
-    return self.root_key.to_s + "\\" + self.base_key
+    if self.base_key.nil?
+      self.root_key.to_s + "\\"
+    else
+      self.root_key.to_s + "\\" + self.base_key
+    end
   end
 
   #
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb
@@ -641,11 +641,11 @@ def cmd_reg(*args)
         when "deletekey"
           open_key = nil
           if not rem
-            open_key = client.sys.registry.open_key(root_key, base_key, KEY_WRITE + wowflag)
+            open_key = client.sys.registry.open_key(root_key, nil, KEY_WRITE + wowflag)
           else
             remote_key = client.sys.registry.open_remote_key(rem, root_key)
             if remote_key
-              open_key = remote_key.open_key(base_key, KEY_WRITE + wowflag)
+              open_key = remote_key.open_key(nil, KEY_WRITE + wowflag)
             end
           end
           open_key.delete_key(base_key)

Original file line number	Diff line number	Diff line change
`@@ -163,7 +163,11 @@ def delete_value(name)`
`163`	`163`	`# Returns the path to the key.`
`164`	`164`	`#`
`165`	`165`	`def to_s`
`166`		`- return self.root_key.to_s + "\\" + self.base_key`
	`166`	`+ if self.base_key.nil?`
	`167`	`+ self.root_key.to_s + "\\"`
	`168`	`+ else`
	`169`	`+ self.root_key.to_s + "\\" + self.base_key`
	`170`	`+ end`
`167`	`171`	`end`
`168`	`172`
`169`	`173`	`#`