Skip to content

Commit

Permalink
Correctly use process glob when searching for processes
Browse files Browse the repository at this point in the history
  • Loading branch information
@sjanusz-r7
sjanusz-r7 committed Jan 18, 2024
1 parent 6d14a24 commit 9703d45
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions modules/post/multi/gather/memory_search.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ def initialize(info = {})

register_options(
[
::Msf::OptString.new('PROCESS_NAMES_GLOB', [false, 'Regular expression used to target processes', 'ssh.*']),
::Msf::OptString.new('PROCESS_NAMES_GLOB', [false, 'Glob used to target processes', 'ssh.*']),
::Msf::OptString.new('PROCESS_IDS', [false, 'Comma delimited process ID/IDs to search through']),
::Msf::OptString.new('REGEX', [true, 'Regular expression to search for within memory', 'publickey,password.*']),
::Msf::OptInt.new('MIN_MATCH_LEN', [true, 'The minimum number of bytes to match', 5]),
Expand Down Expand Up @@ -84,7 +84,7 @@ def get_target_processes
session_processes = session.sys.process.get_processes
session_processes.each do |session_process|
pid, _ppid, name, _path, _session, _user, _arch = *session_process.values
if (name.match?(process_names_glob) unless process_names_glob.empty?) || (target_pids.include? pid)
if (::File.fnmatch(process_names_glob, name) unless process_names_glob.empty?) || (target_pids.include? pid)
target_processes.append session_process
end
end
Expand Down

0 comments on commit 9703d45

Please sign in to comment.