Submitted it to MSF via pull request here: https://github.com/rapid7/metasploit-framework/pull/538
Added to trunk: https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/gather/tcpnetstat.rb
I promised this one a while ago, sorry for the delay. This only does TCP, it’d be trivial to do UDP as well but never really found anything interesting and actively going on on the UDP side. It’s real simple, first we’ve gotta add the GetTcpTable function to railgun:
session.railgun.add_function('iphlpapi', 'GetTcpTable', 'DWORD', [ ['PBLOB', 'pTcpTable', 'out'], ['PDWORD', 'pdwSize', 'inout'], ['BOOL', 'bOrder', 'in'] ]) Then gauge the size of the table:![]()
![]()
![]()
![]()
![]()
↧