background image

Meterpreter Scripting

243

file_local_write(file2wrt, data2wrt)

Writes a given string to a specified file.

is_admin?()

Identifies whether or not the user is an admin. Returns 

true

 

if the user is an admin and 

false

 if not.

is_uac_enabled?()

Determines whether User Account Control (UAC) is 

enabled on the system.

registry_createkey(key)

Creates a given registry key and returns 

true

 if 

successful.

registry_deleteval(key,valname)

Deletes a registry value given the key 

and value name. Returns 

true

 if successful.

registry_delkey(key)

Deletes a given registry key and returns 

true

 if 

successful.

registry_enumkeys(key)

Enumerates the subkeys of a given registry key 

and returns an array of subkeys.

registry_enumvals(key)

Enumerates the values of a given registry key and 

returns an array of value names.

registry_getvaldata(key,valname)

Returns the data of a given registry key 

and its value.

registry_getvalinfo(key,valname)

Returns the data and type of a given 

registry key and its value.

registry_setvaldata(key,valname,data,type)

Sets the data for a given 

value and type of data on the target registry. Returns 

true

 if successful.

service_change_startup(name,mode)

Changes a given service startup mode. 

The name and the mode must be provided. The mode is a string set with 
either a corresponding auto, manual, or disable setting. The service name 
is case sensitive.

service_create(name, display_name, executable_on_host,startup=2)

Function 

for the creation of a service that runs its own process. Its parameters are 
the service name as a string, the display name as a string, the path of the 
executable on the host that will execute at startup as a string, and the 
startup type as an integer: 

2

 for Auto, 

3

 for Manual, or 

4

 for Disable 

(default is Auto).

service_delete(name)

Function for deleting a service by deleting the key 

in the registry.

service_info(name)

Gets Windows service information. The information 

is returned in a hash with display name, startup mode, and command 
executed by the service. The service name is case sensitive. Hash keys are 

Name

Start

Command

, and 

Credentials

.

service_list()

Lists all Windows services present. Returns an array con-

taining the services’ names.

service_start(name)

Function for service startup. Returns 

0

 if the service 

is started, 

1

 if the service is already started, and 

2

 if service is disabled.