-
Notifications
You must be signed in to change notification settings - Fork 16
/
local_app.cpp
56 lines (50 loc) · 2.31 KB
/
local_app.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
/*
local_app.cpp
DetExploit program file related to local application info.
DetExploit (https://github.com/moppoi5168/DetExploit)
Licensed by GPL License
*/
#include "detexploit.hpp"
std::map<std::string, std::string> getapp_all() {
std::map<std::string, std::string> data;
std::map<std::string, std::string> wmi_data = getapp_from_wmi();
std::map<std::string, std::string> hklm_data = getapp_from_hklm();
std::map<std::string, std::string> hklmwow64_data = getapp_from_hklmwow64();
std::map<std::string, std::string> hkcu_data = getapp_from_hkcu();
data.insert(wmi_data.begin(), wmi_data.end());
data.insert(wmi_data.begin(), hklm_data.end());
data.insert(wmi_data.begin(), hklmwow64_data.end());
data.insert(wmi_data.begin(), hkcu_data.end());
return data;
}
std::map<std::string, std::string> getapp_from_wmi() {
std::map<std::string, std::string> data;
std::system("powershell.exe Get-WmiObject -class Win32_Product > WMIRET.detexploit");
// ファイルを開いて中身をstd::stringに流し込む
// NameとVersionだけ上手く取り出して、mapに入れる
if (!(DeleteFileA("WMIRET.detexploit"))) {
std::cout << "Warning: Failed to delete HKLMRET.detexploit" << std::endl;
}
return data;
}
std::map<std::string, std::string> getapp_from_hklm() {
std::map<std::string, std::string> data;
// reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall" /s | findstr "DisplayName DisplayVersion"
// DisplayNameより先にDisplayVersionが表示されることがある
// DisplayNameが来る前にDisplayVersionが来たらそれを次DisplayNameが来るまで保持する感じで
std::system("powershell.exe Get-WmiObject -class Win32_Product > HKLMRET.detexploit");
// ファイルを開いて中身をstd::stringに流し込む
// for文を回して上に書いていた機構を実装する
if (!(DeleteFileA("HKLMRET.detexploit"))) {
std::cout << "Warning: Failed to delete HKLMRET.detexploit" << std::endl;
}
return data;
}
std::map<std::string, std::string> getapp_from_hklmwow64() {
std::map<std::string, std::string> data;
return data;
}
std::map<std::string, std::string> getapp_from_hkcu() {
std::map<std::string, std::string> data;
return data;
}