Metasploit mailing list archives
How can I read Binary Windows Registry Data?
From: metasploit at backstep.net (Lukas Kuzmiak)
Date: Mon, 15 Dec 2008 01:16:39 +0100
Hi, for this situation (keys for wifi) the best way should be to convert the data into HEX format (you can use it as key without any other conversions) .. Lately i've wrote patch for registry module to read/write binary data encoded with base64, that's the way too.. L. 2008/12/15 Carlos Perez <carlos_perez at darkoperator.com>:
Guys I'm writing a small module for a meterpreter script that will read the registry keys where WEP and WPA keys and the SSID for the corresponsing keys are stored, this data is in binary formay can anyone pointme in a direction or help in interpreting the binary data? Thanks here is the code: def wlanzeroconfig key = 'HKLM\\Software\\Microsoft\\WZCSVC\\Parameters\\Interfaces' root_key, base_key = client.sys.registry.splitkey(key) open_key = client.sys.registry.open_key(root_key,base_key,KEY_READ) keys = open_key.enum_key vals = open_key.enum_value if (keys.length > 0) keys.each { |subkey| format = 'z50z20z1020c' keyint = key+"\\#{subkey}" root_key, base_key = client.sys.registry.splitkey(keyint) open_keyint = client.sys.registry.open_key(root_key,base_key,KEY_READ) valsint = open_keyint.enum_value valsint.find_all {|val| print_line(val.name) v = open_keyint.query_value(val.name) puts = v.data.to_s } } else print_line("This target appears to not have a Wireless Interface") end end _______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework
-- Only wimps use tape backup: _real_ men just upload their important stuff on ftp, and let the rest of the world mirror it ;). Torvalds, Linus (1996-07-20).
Current thread:
- How can I read Binary Windows Registry Data? Carlos Perez (Dec 14)
- How can I read Binary Windows Registry Data? Lukas Kuzmiak (Dec 14)