From 70aece63a6740a6724dada8726ffa0568495799d Mon Sep 17 00:00:00 2001 From: Nicholas O'Brien Date: Mon, 22 Jan 2024 03:00:20 +0000 Subject: [PATCH 1/2] fixed all the problems --- implants/imix/src/tasks.rs | 12 +--- .../eldritch/src/sys/write_reg_hex_impl.rs | 63 ++++++++++--------- .../eldritch/src/sys/write_reg_int_impl.rs | 61 +++++++++--------- .../eldritch/src/sys/write_reg_str_impl.rs | 62 +++++++++--------- 4 files changed, 97 insertions(+), 101 deletions(-) diff --git a/implants/imix/src/tasks.rs b/implants/imix/src/tasks.rs index 35b228983..772020afb 100644 --- a/implants/imix/src/tasks.rs +++ b/implants/imix/src/tasks.rs @@ -13,7 +13,6 @@ use c2::pb::{ use chrono::Utc; use std::sync::mpsc::channel; use tokio::task; -use tonic::transport::Channel; use tonic::Status; pub async fn get_new_tasks( @@ -229,16 +228,11 @@ async fn send_tavern_output( #[cfg(test)] mod tests { use anyhow::Result; - use c2::pb::{Task, TaskOutput}; - use chrono::Utc; + use c2::pb::Task; use std::collections::HashMap; - use std::sync::mpsc::channel; - use std::thread; - use std::time::{Duration, Instant}; - use tokio::task; + use std::time::Instant; - use crate::exec::{handle_exec_timeout_and_response, AsyncTask}; - use crate::tasks::queue_task_output; + use crate::exec::AsyncTask; use crate::TaskID; use super::start_new_tasks; diff --git a/implants/lib/eldritch/src/sys/write_reg_hex_impl.rs b/implants/lib/eldritch/src/sys/write_reg_hex_impl.rs index aa6a6e8c4..504e4f808 100644 --- a/implants/lib/eldritch/src/sys/write_reg_hex_impl.rs +++ b/implants/lib/eldritch/src/sys/write_reg_hex_impl.rs @@ -1,11 +1,11 @@ use anyhow::Result; pub fn write_reg_hex( - reghive: String, - regpath: String, - regname: String, - regtype: String, - regvalue: String, + _reghive: String, + _regpath: String, + _regname: String, + _regtype: String, + _regvalue: String, ) -> Result { #[cfg(not(target_os = "windows"))] return Err(anyhow::anyhow!( @@ -18,7 +18,7 @@ pub fn write_reg_hex( //Accepted values for reghive : //HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_PERFORMANCE_DATA, HKEY_PERFORMANCE_TEXT, HKEY_PERFORMANCE_NLSTEXT, HKEY_CURRENT_CONFIG, HKEY_DYN_DATA, HKEY_CURRENT_USER_LOCAL_SETTINGS - let ihive: isize = match reghive.as_ref() { + let ihive: isize = match _reghive.as_ref() { "HKEY_CLASSES_ROOT" => HKEY_CLASSES_ROOT, "HKEY_CURRENT_USER" => HKEY_CURRENT_USER, "HKEY_LOCAL_MACHINE" => HKEY_LOCAL_MACHINE, @@ -34,55 +34,55 @@ pub fn write_reg_hex( }; let hive = RegKey::predef(ihive); - let (nkey, _ndisp) = hive.create_subkey(regpath)?; + let (nkey, _ndisp) = hive.create_subkey(_regpath)?; - match regtype.as_ref() { + match _regtype.as_ref() { "REG_NONE" => { - nkey.set_value(regname, ®value)?; + nkey.set_value(_regname, &_regvalue)?; }, - "REG_SZ" => nkey.set_value(regname, ®value)?, - "REG_EXPAND_SZ" => nkey.set_value(regname, ®value)?, + "REG_SZ" => nkey.set_value(_regname, &_regvalue)?, + "REG_EXPAND_SZ" => nkey.set_value(_regname, &_regvalue)?, "REG_BINARY" => { - let parsed_value: Vec = hex::decode(regvalue)?; + let parsed_value: Vec = hex::decode(_regvalue)?; let data = RegValue{ vtype: REG_BINARY, bytes: parsed_value}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, "REG_DWORD" => { - let parsed_value: Vec = hex::decode(regvalue)?; + let parsed_value: Vec = hex::decode(_regvalue)?; let data = RegValue{ vtype: REG_DWORD, bytes: parsed_value}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, "REG_DWORD_BIG_ENDIAN" => { - let parsed_value: u32 = u32::from_str_radix(®value, 16)?; + let parsed_value: u32 = u32::from_str_radix(&_regvalue, 16)?; let data = RegValue{ vtype: REG_DWORD_BIG_ENDIAN, bytes: parsed_value.to_be_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, "REG_LINK" => { - nkey.set_value(regname, ®value)?; + nkey.set_value(_regname, &_regvalue)?; }, "REG_MULTI_SZ" => { - let parsed_value: Vec<&str> = regvalue.split(',').collect(); - nkey.set_value(regname, &parsed_value)?; + let parsed_value: Vec<&str> = _regvalue.split(',').collect(); + nkey.set_value(_regname, &parsed_value)?; }, "REG_RESOURCE_LIST" => { - let parsed_value: Vec = hex::decode(regvalue)?; + let parsed_value: Vec = hex::decode(_regvalue)?; let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: parsed_value}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, "REG_FULL_RESOURCE_DESCRIPTOR" => { - let parsed_value: Vec = hex::decode(regvalue)?; + let parsed_value: Vec = hex::decode(_regvalue)?; let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: parsed_value}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, "REG_RESOURCE_REQUIREMENTS_LIST" => { - let parsed_value: Vec = hex::decode(regvalue)?; + let parsed_value: Vec = hex::decode(_regvalue)?; let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: parsed_value}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, "REG_QWORD" => { - let parsed_value: u64 = u64::from_str_radix(®value, 16)?; + let parsed_value: u64 = u64::from_str_radix(&_regvalue, 16)?; let data = RegValue{ vtype: REG_QWORD, bytes: parsed_value.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, _ => return Err(anyhow::anyhow!("RegType can only be one of the following values - REG_NONE, REG_SZ, REG_EXPAND_SZ, REG_BINARY, REG_DWORD, REG_DWORD_BIG_ENDIAN, REG_LINK, REG_MULTI_SZ, REG_RESOURCE_LIST, REG_RESOURCE_LIST, REG_FULL_RESOURCE_DESCRIPTOR, REG_QWORD. ")), }; @@ -93,15 +93,16 @@ pub fn write_reg_hex( #[cfg(test)] mod tests { - use super::*; - use std::str; - use uuid::Uuid; #[test] fn test_write_reg_hex() -> anyhow::Result<()> { #[cfg(target_os = "windows")] { + use super::*; + use std::str; + use uuid::Uuid; use winreg::{enums::*, RegKey}; + let id = Uuid::new_v4(); // -------------------- WRITE_REG_HEX TESTS --------------------------------------- diff --git a/implants/lib/eldritch/src/sys/write_reg_int_impl.rs b/implants/lib/eldritch/src/sys/write_reg_int_impl.rs index a7cda6cd2..d60685bf9 100644 --- a/implants/lib/eldritch/src/sys/write_reg_int_impl.rs +++ b/implants/lib/eldritch/src/sys/write_reg_int_impl.rs @@ -1,11 +1,11 @@ use anyhow::Result; pub fn write_reg_int( - reghive: String, - regpath: String, - regname: String, - regtype: String, - regvalue: u32, + _reghive: String, + _regpath: String, + _regname: String, + _regtype: String, + _regvalue: u32, ) -> Result { #[cfg(not(target_os = "windows"))] return Err(anyhow::anyhow!( @@ -18,7 +18,7 @@ pub fn write_reg_int( //Accepted values for reghive : //HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_PERFORMANCE_DATA, HKEY_PERFORMANCE_TEXT, HKEY_PERFORMANCE_NLSTEXT, HKEY_CURRENT_CONFIG, HKEY_DYN_DATA, HKEY_CURRENT_USER_LOCAL_SETTINGS - let ihive: isize = match reghive.as_ref() { + let ihive: isize = match _reghive.as_ref() { "HKEY_CLASSES_ROOT" => HKEY_CLASSES_ROOT, "HKEY_CURRENT_USER" => HKEY_CURRENT_USER, "HKEY_LOCAL_MACHINE" => HKEY_LOCAL_MACHINE, @@ -34,47 +34,47 @@ pub fn write_reg_int( }; let hive = RegKey::predef(ihive); - let (nkey, _ndisp) = hive.create_subkey(regpath)?; + let (nkey, _ndisp) = hive.create_subkey(_regpath)?; - match regtype.as_ref() { + match _regtype.as_ref() { "REG_NONE" => { - nkey.set_value(regname, ®value)?; + nkey.set_value(_regname, &_regvalue)?; }, - "REG_SZ" => nkey.set_value(regname, ®value)?, - "REG_EXPAND_SZ" => nkey.set_value(regname, ®value)?, + "REG_SZ" => nkey.set_value(_regname, &_regvalue)?, + "REG_EXPAND_SZ" => nkey.set_value(_regname, &_regvalue)?, "REG_BINARY" => { - let data = RegValue{ vtype: REG_BINARY, bytes: regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_BINARY, bytes: _regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_DWORD" => { - let data = RegValue{ vtype: REG_DWORD, bytes: regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_DWORD, bytes: _regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_DWORD_BIG_ENDIAN" => { - let data = RegValue{ vtype: REG_DWORD_BIG_ENDIAN, bytes: regvalue.to_be_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_DWORD_BIG_ENDIAN, bytes: _regvalue.to_be_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_LINK" => { - nkey.set_value(regname, ®value)?; + nkey.set_value(_regname, &_regvalue)?; }, "REG_MULTI_SZ" => { - nkey.set_value(regname, ®value)?; + nkey.set_value(_regname, &_regvalue)?; }, "REG_RESOURCE_LIST" => { - let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: _regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_FULL_RESOURCE_DESCRIPTOR" => { - let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: _regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_RESOURCE_REQUIREMENTS_LIST" => { - let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: _regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_QWORD" => { - let data = RegValue{ vtype: REG_QWORD, bytes: regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_QWORD, bytes: _regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, _ => return Err(anyhow::anyhow!("RegType can only be one of the following values - REG_NONE, REG_SZ, REG_EXPAND_SZ, REG_BINARY, REG_DWORD, REG_DWORD_BIG_ENDIAN, REG_LINK, REG_MULTI_SZ, REG_RESOURCE_LIST, REG_RESOURCE_LIST, REG_FULL_RESOURCE_DESCRIPTOR, REG_QWORD. ")), }; @@ -85,15 +85,16 @@ pub fn write_reg_int( #[cfg(test)] mod tests { - use super::*; - use std::str; - use uuid::Uuid; #[test] fn test_write_reg_int() -> anyhow::Result<()> { #[cfg(target_os = "windows")] { + use super::*; + use std::str; + use uuid::Uuid; use winreg::{enums::*, RegKey}; + let id = Uuid::new_v4(); // -------------------- WRITE_REG_INT TESTS --------------------------------------- diff --git a/implants/lib/eldritch/src/sys/write_reg_str_impl.rs b/implants/lib/eldritch/src/sys/write_reg_str_impl.rs index b98edae6f..69734401d 100644 --- a/implants/lib/eldritch/src/sys/write_reg_str_impl.rs +++ b/implants/lib/eldritch/src/sys/write_reg_str_impl.rs @@ -1,11 +1,11 @@ use anyhow::Result; pub fn write_reg_str( - reghive: String, - regpath: String, - regname: String, - regtype: String, - regvalue: String, + _reghive: String, + _regpath: String, + _regname: String, + _regtype: String, + _regvalue: String, ) -> Result { #[cfg(not(target_os = "windows"))] return Err(anyhow::anyhow!( @@ -18,7 +18,7 @@ pub fn write_reg_str( //Accepted values for reghive : //HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_PERFORMANCE_DATA, HKEY_PERFORMANCE_TEXT, HKEY_PERFORMANCE_NLSTEXT, HKEY_CURRENT_CONFIG, HKEY_DYN_DATA, HKEY_CURRENT_USER_LOCAL_SETTINGS - let ihive: isize = match reghive.as_ref() { + let ihive: isize = match _reghive.as_ref() { "HKEY_CLASSES_ROOT" => HKEY_CLASSES_ROOT, "HKEY_CURRENT_USER" => HKEY_CURRENT_USER, "HKEY_LOCAL_MACHINE" => HKEY_LOCAL_MACHINE, @@ -34,51 +34,51 @@ pub fn write_reg_str( }; let hive = RegKey::predef(ihive); - let (nkey, _ndisp) = hive.create_subkey(regpath)?; + let (nkey, _ndisp) = hive.create_subkey(_regpath)?; - match regtype.as_ref() { + match _regtype.as_ref() { "REG_NONE" => { - nkey.set_value(regname, ®value)?; + nkey.set_value(_regname, &_regvalue)?; }, - "REG_SZ" => nkey.set_value(regname, ®value)?, - "REG_EXPAND_SZ" => nkey.set_value(regname, ®value)?, + "REG_SZ" => nkey.set_value(_regname, &_regvalue)?, + "REG_EXPAND_SZ" => nkey.set_value(_regname, &_regvalue)?, "REG_BINARY" => { - let data = RegValue{ vtype: REG_BINARY, bytes: regvalue.as_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_BINARY, bytes: _regvalue.as_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_DWORD" => { - let parsed_value: u32 = u32::from_str_radix(®value, 10)?; + let parsed_value: u32 = u32::from_str_radix(&_regvalue, 10)?; let data = RegValue{ vtype: REG_DWORD, bytes: parsed_value.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, "REG_DWORD_BIG_ENDIAN" => { - let parsed_value: u32 = u32::from_str_radix(®value, 10)?; + let parsed_value: u32 = u32::from_str_radix(&_regvalue, 10)?; let data = RegValue{ vtype: REG_DWORD_BIG_ENDIAN, bytes: parsed_value.to_be_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, "REG_LINK" => { - nkey.set_value(regname, ®value)?; + nkey.set_value(_regname, &_regvalue)?; }, "REG_MULTI_SZ" => { - let parsed_value: Vec<&str> = regvalue.split(',').collect(); - nkey.set_value(regname, &parsed_value)?; + let parsed_value: Vec<&str> = _regvalue.split(',').collect(); + nkey.set_value(_regname, &parsed_value)?; }, "REG_RESOURCE_LIST" => { - let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: regvalue.as_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: _regvalue.as_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_FULL_RESOURCE_DESCRIPTOR" => { - let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: regvalue.as_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: _regvalue.as_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_RESOURCE_REQUIREMENTS_LIST" => { - let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: regvalue.as_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: _regvalue.as_bytes().to_vec()}; + nkey.set_raw_value(_regname, &data)?; }, "REG_QWORD" => { - let parsed_value: u64 = u64::from_str_radix(®value, 10)?; + let parsed_value: u64 = u64::from_str_radix(&_regvalue, 10)?; let data = RegValue{ vtype: REG_QWORD, bytes: parsed_value.to_le_bytes().to_vec()}; - nkey.set_raw_value(regname, &data)?; + nkey.set_raw_value(_regname, &data)?; }, _ => return Err(anyhow::anyhow!("RegType can only be one of the following values - REG_NONE, REG_SZ, REG_EXPAND_SZ, REG_BINARY, REG_DWORD, REG_DWORD_BIG_ENDIAN, REG_LINK, REG_MULTI_SZ, REG_RESOURCE_LIST, REG_RESOURCE_LIST, REG_FULL_RESOURCE_DESCRIPTOR, REG_QWORD. ")), }; @@ -89,14 +89,14 @@ pub fn write_reg_str( #[cfg(test)] mod tests { - use super::*; - use std::str; - use uuid::Uuid; #[test] fn test_write_reg_str() -> anyhow::Result<()> { #[cfg(target_os = "windows")] { + use super::*; + use std::str; + use uuid::Uuid; use winreg::{enums::*, RegKey}; let id = Uuid::new_v4(); From 6dc42208e8fb3f79ca3e7b9d7535377dddd8327b Mon Sep 17 00:00:00 2001 From: Nicholas O'Brien Date: Mon, 22 Jan 2024 03:19:05 +0000 Subject: [PATCH 2/2] do the allow unused instead of _ --- .../eldritch/src/sys/write_reg_hex_impl.rs | 57 ++++++++++--------- .../eldritch/src/sys/write_reg_int_impl.rs | 55 +++++++++--------- .../eldritch/src/sys/write_reg_str_impl.rs | 57 ++++++++++--------- 3 files changed, 86 insertions(+), 83 deletions(-) diff --git a/implants/lib/eldritch/src/sys/write_reg_hex_impl.rs b/implants/lib/eldritch/src/sys/write_reg_hex_impl.rs index 504e4f808..9f42e3b67 100644 --- a/implants/lib/eldritch/src/sys/write_reg_hex_impl.rs +++ b/implants/lib/eldritch/src/sys/write_reg_hex_impl.rs @@ -1,11 +1,12 @@ use anyhow::Result; +#[allow(unused_variables)] pub fn write_reg_hex( - _reghive: String, - _regpath: String, - _regname: String, - _regtype: String, - _regvalue: String, + reghive: String, + regpath: String, + regname: String, + regtype: String, + regvalue: String, ) -> Result { #[cfg(not(target_os = "windows"))] return Err(anyhow::anyhow!( @@ -18,7 +19,7 @@ pub fn write_reg_hex( //Accepted values for reghive : //HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_PERFORMANCE_DATA, HKEY_PERFORMANCE_TEXT, HKEY_PERFORMANCE_NLSTEXT, HKEY_CURRENT_CONFIG, HKEY_DYN_DATA, HKEY_CURRENT_USER_LOCAL_SETTINGS - let ihive: isize = match _reghive.as_ref() { + let ihive: isize = match reghive.as_ref() { "HKEY_CLASSES_ROOT" => HKEY_CLASSES_ROOT, "HKEY_CURRENT_USER" => HKEY_CURRENT_USER, "HKEY_LOCAL_MACHINE" => HKEY_LOCAL_MACHINE, @@ -34,55 +35,55 @@ pub fn write_reg_hex( }; let hive = RegKey::predef(ihive); - let (nkey, _ndisp) = hive.create_subkey(_regpath)?; + let (nkey, _ndisp) = hive.create_subkey(regpath)?; - match _regtype.as_ref() { + match regtype.as_ref() { "REG_NONE" => { - nkey.set_value(_regname, &_regvalue)?; + nkey.set_value(regname, ®value)?; }, - "REG_SZ" => nkey.set_value(_regname, &_regvalue)?, - "REG_EXPAND_SZ" => nkey.set_value(_regname, &_regvalue)?, + "REG_SZ" => nkey.set_value(regname, ®value)?, + "REG_EXPAND_SZ" => nkey.set_value(regname, ®value)?, "REG_BINARY" => { - let parsed_value: Vec = hex::decode(_regvalue)?; + let parsed_value: Vec = hex::decode(regvalue)?; let data = RegValue{ vtype: REG_BINARY, bytes: parsed_value}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, "REG_DWORD" => { - let parsed_value: Vec = hex::decode(_regvalue)?; + let parsed_value: Vec = hex::decode(regvalue)?; let data = RegValue{ vtype: REG_DWORD, bytes: parsed_value}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, "REG_DWORD_BIG_ENDIAN" => { - let parsed_value: u32 = u32::from_str_radix(&_regvalue, 16)?; + let parsed_value: u32 = u32::from_str_radix(®value, 16)?; let data = RegValue{ vtype: REG_DWORD_BIG_ENDIAN, bytes: parsed_value.to_be_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, "REG_LINK" => { - nkey.set_value(_regname, &_regvalue)?; + nkey.set_value(regname, ®value)?; }, "REG_MULTI_SZ" => { - let parsed_value: Vec<&str> = _regvalue.split(',').collect(); - nkey.set_value(_regname, &parsed_value)?; + let parsed_value: Vec<&str> = regvalue.split(',').collect(); + nkey.set_value(regname, &parsed_value)?; }, "REG_RESOURCE_LIST" => { - let parsed_value: Vec = hex::decode(_regvalue)?; + let parsed_value: Vec = hex::decode(regvalue)?; let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: parsed_value}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, "REG_FULL_RESOURCE_DESCRIPTOR" => { - let parsed_value: Vec = hex::decode(_regvalue)?; + let parsed_value: Vec = hex::decode(regvalue)?; let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: parsed_value}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, "REG_RESOURCE_REQUIREMENTS_LIST" => { - let parsed_value: Vec = hex::decode(_regvalue)?; + let parsed_value: Vec = hex::decode(regvalue)?; let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: parsed_value}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, "REG_QWORD" => { - let parsed_value: u64 = u64::from_str_radix(&_regvalue, 16)?; + let parsed_value: u64 = u64::from_str_radix(®value, 16)?; let data = RegValue{ vtype: REG_QWORD, bytes: parsed_value.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, _ => return Err(anyhow::anyhow!("RegType can only be one of the following values - REG_NONE, REG_SZ, REG_EXPAND_SZ, REG_BINARY, REG_DWORD, REG_DWORD_BIG_ENDIAN, REG_LINK, REG_MULTI_SZ, REG_RESOURCE_LIST, REG_RESOURCE_LIST, REG_FULL_RESOURCE_DESCRIPTOR, REG_QWORD. ")), }; diff --git a/implants/lib/eldritch/src/sys/write_reg_int_impl.rs b/implants/lib/eldritch/src/sys/write_reg_int_impl.rs index d60685bf9..9dffff65e 100644 --- a/implants/lib/eldritch/src/sys/write_reg_int_impl.rs +++ b/implants/lib/eldritch/src/sys/write_reg_int_impl.rs @@ -1,11 +1,12 @@ use anyhow::Result; +#[allow(unused_variables)] pub fn write_reg_int( - _reghive: String, - _regpath: String, - _regname: String, - _regtype: String, - _regvalue: u32, + reghive: String, + regpath: String, + regname: String, + regtype: String, + regvalue: u32, ) -> Result { #[cfg(not(target_os = "windows"))] return Err(anyhow::anyhow!( @@ -18,7 +19,7 @@ pub fn write_reg_int( //Accepted values for reghive : //HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_PERFORMANCE_DATA, HKEY_PERFORMANCE_TEXT, HKEY_PERFORMANCE_NLSTEXT, HKEY_CURRENT_CONFIG, HKEY_DYN_DATA, HKEY_CURRENT_USER_LOCAL_SETTINGS - let ihive: isize = match _reghive.as_ref() { + let ihive: isize = match reghive.as_ref() { "HKEY_CLASSES_ROOT" => HKEY_CLASSES_ROOT, "HKEY_CURRENT_USER" => HKEY_CURRENT_USER, "HKEY_LOCAL_MACHINE" => HKEY_LOCAL_MACHINE, @@ -34,47 +35,47 @@ pub fn write_reg_int( }; let hive = RegKey::predef(ihive); - let (nkey, _ndisp) = hive.create_subkey(_regpath)?; + let (nkey, _ndisp) = hive.create_subkey(regpath)?; - match _regtype.as_ref() { + match regtype.as_ref() { "REG_NONE" => { - nkey.set_value(_regname, &_regvalue)?; + nkey.set_value(regname, ®value)?; }, - "REG_SZ" => nkey.set_value(_regname, &_regvalue)?, - "REG_EXPAND_SZ" => nkey.set_value(_regname, &_regvalue)?, + "REG_SZ" => nkey.set_value(regname, ®value)?, + "REG_EXPAND_SZ" => nkey.set_value(regname, ®value)?, "REG_BINARY" => { - let data = RegValue{ vtype: REG_BINARY, bytes: _regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_BINARY, bytes: regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_DWORD" => { - let data = RegValue{ vtype: REG_DWORD, bytes: _regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_DWORD, bytes: regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_DWORD_BIG_ENDIAN" => { - let data = RegValue{ vtype: REG_DWORD_BIG_ENDIAN, bytes: _regvalue.to_be_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_DWORD_BIG_ENDIAN, bytes: regvalue.to_be_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_LINK" => { - nkey.set_value(_regname, &_regvalue)?; + nkey.set_value(regname, ®value)?; }, "REG_MULTI_SZ" => { - nkey.set_value(_regname, &_regvalue)?; + nkey.set_value(regname, ®value)?; }, "REG_RESOURCE_LIST" => { - let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: _regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_FULL_RESOURCE_DESCRIPTOR" => { - let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: _regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_RESOURCE_REQUIREMENTS_LIST" => { - let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: _regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_QWORD" => { - let data = RegValue{ vtype: REG_QWORD, bytes: _regvalue.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_QWORD, bytes: regvalue.to_le_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, _ => return Err(anyhow::anyhow!("RegType can only be one of the following values - REG_NONE, REG_SZ, REG_EXPAND_SZ, REG_BINARY, REG_DWORD, REG_DWORD_BIG_ENDIAN, REG_LINK, REG_MULTI_SZ, REG_RESOURCE_LIST, REG_RESOURCE_LIST, REG_FULL_RESOURCE_DESCRIPTOR, REG_QWORD. ")), }; diff --git a/implants/lib/eldritch/src/sys/write_reg_str_impl.rs b/implants/lib/eldritch/src/sys/write_reg_str_impl.rs index 69734401d..9d6fad6c0 100644 --- a/implants/lib/eldritch/src/sys/write_reg_str_impl.rs +++ b/implants/lib/eldritch/src/sys/write_reg_str_impl.rs @@ -1,11 +1,12 @@ use anyhow::Result; +#[allow(unused_variables)] pub fn write_reg_str( - _reghive: String, - _regpath: String, - _regname: String, - _regtype: String, - _regvalue: String, + reghive: String, + regpath: String, + regname: String, + regtype: String, + regvalue: String, ) -> Result { #[cfg(not(target_os = "windows"))] return Err(anyhow::anyhow!( @@ -18,7 +19,7 @@ pub fn write_reg_str( //Accepted values for reghive : //HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_PERFORMANCE_DATA, HKEY_PERFORMANCE_TEXT, HKEY_PERFORMANCE_NLSTEXT, HKEY_CURRENT_CONFIG, HKEY_DYN_DATA, HKEY_CURRENT_USER_LOCAL_SETTINGS - let ihive: isize = match _reghive.as_ref() { + let ihive: isize = match reghive.as_ref() { "HKEY_CLASSES_ROOT" => HKEY_CLASSES_ROOT, "HKEY_CURRENT_USER" => HKEY_CURRENT_USER, "HKEY_LOCAL_MACHINE" => HKEY_LOCAL_MACHINE, @@ -34,51 +35,51 @@ pub fn write_reg_str( }; let hive = RegKey::predef(ihive); - let (nkey, _ndisp) = hive.create_subkey(_regpath)?; + let (nkey, _ndisp) = hive.create_subkey(regpath)?; - match _regtype.as_ref() { + match regtype.as_ref() { "REG_NONE" => { - nkey.set_value(_regname, &_regvalue)?; + nkey.set_value(regname, ®value)?; }, - "REG_SZ" => nkey.set_value(_regname, &_regvalue)?, - "REG_EXPAND_SZ" => nkey.set_value(_regname, &_regvalue)?, + "REG_SZ" => nkey.set_value(regname, ®value)?, + "REG_EXPAND_SZ" => nkey.set_value(regname, ®value)?, "REG_BINARY" => { - let data = RegValue{ vtype: REG_BINARY, bytes: _regvalue.as_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_BINARY, bytes: regvalue.as_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_DWORD" => { - let parsed_value: u32 = u32::from_str_radix(&_regvalue, 10)?; + let parsed_value: u32 = u32::from_str_radix(®value, 10)?; let data = RegValue{ vtype: REG_DWORD, bytes: parsed_value.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, "REG_DWORD_BIG_ENDIAN" => { - let parsed_value: u32 = u32::from_str_radix(&_regvalue, 10)?; + let parsed_value: u32 = u32::from_str_radix(®value, 10)?; let data = RegValue{ vtype: REG_DWORD_BIG_ENDIAN, bytes: parsed_value.to_be_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, "REG_LINK" => { - nkey.set_value(_regname, &_regvalue)?; + nkey.set_value(regname, ®value)?; }, "REG_MULTI_SZ" => { - let parsed_value: Vec<&str> = _regvalue.split(',').collect(); - nkey.set_value(_regname, &parsed_value)?; + let parsed_value: Vec<&str> = regvalue.split(',').collect(); + nkey.set_value(regname, &parsed_value)?; }, "REG_RESOURCE_LIST" => { - let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: _regvalue.as_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_RESOURCE_LIST, bytes: regvalue.as_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_FULL_RESOURCE_DESCRIPTOR" => { - let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: _regvalue.as_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_FULL_RESOURCE_DESCRIPTOR, bytes: regvalue.as_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_RESOURCE_REQUIREMENTS_LIST" => { - let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: _regvalue.as_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + let data = RegValue{ vtype: REG_RESOURCE_REQUIREMENTS_LIST, bytes: regvalue.as_bytes().to_vec()}; + nkey.set_raw_value(regname, &data)?; }, "REG_QWORD" => { - let parsed_value: u64 = u64::from_str_radix(&_regvalue, 10)?; + let parsed_value: u64 = u64::from_str_radix(®value, 10)?; let data = RegValue{ vtype: REG_QWORD, bytes: parsed_value.to_le_bytes().to_vec()}; - nkey.set_raw_value(_regname, &data)?; + nkey.set_raw_value(regname, &data)?; }, _ => return Err(anyhow::anyhow!("RegType can only be one of the following values - REG_NONE, REG_SZ, REG_EXPAND_SZ, REG_BINARY, REG_DWORD, REG_DWORD_BIG_ENDIAN, REG_LINK, REG_MULTI_SZ, REG_RESOURCE_LIST, REG_RESOURCE_LIST, REG_FULL_RESOURCE_DESCRIPTOR, REG_QWORD. ")), };