Foro de elhacker.NET

PATHS v0.3
By Elektro H@cker
   Opciones:

   /? (or) -help | Muestra la ayuda.

   -l (or) -list | Lista las entradas del PATH.

   -c (or) -clean | Limpia entradas inválidas o duplicados en los PATH.

   -r (or) -reset | Resetea el PATH al PATH de Windows por defecto.

   -a (or) -add | Añade una entrada.

   -d (or) -del | Elimina una entrada.

   -add -current | Fuerza el añadido de una entrada al "Current_User" PATH.

   -add -local | Fuerza el añadido de una entrada al "Local_Machine" PATH.

   Ejemplos:

   PATHS -l
Lista (Indexa) las entradas dle path.
PATHS -a "C:\Folder"
Añade la entrada "C:\Folder" al LOCAL_MACHINE PATH.
PATHS -a current "C:\Folder"
Añade la entrada "C:\Folder" al CURRENT_USER PATH..
PATHS -d "3"
Elimina la entrada nº3 de la lista.
PATHS -d "C:\Folder"
Elimina la entrada "C:\Folder".
Compilado: http://elektrostudios.tk/PATHS.exe

PATHS.rb

(El código está algo sucio, pero lo que importa es que funciona xD)
Código
require 'win32/registry'
require 'rainbow'
 
 
# PATHS v0.3
#
# By Elektro H@cker
 
 
# Description:
# -----------
# This is a tool to manage the windows PATH enviroment.
# Add, delete, backup, clean, list, and reset the PATH.
 
 
exit if Object.const_defined?(:Ocra)
 
 
def logo()
  print "
   PATHS v0.3
 
   By Elektro H@cker
 
".foreground(:white)
end
 
 
def help()
  print '
 
   Options:
 
   /? (or) -help   | Show this info.
 
   -l (or) -list   | List the entries.
 
   -b (or) -backup | Backup the entries.   
 
   -c (or) -clean  | Clean duplicates and invalid directories in the paths.
 
   -r (or) -reset  | Reset the paths to the Windows defaults.
 
   -a (or) -add    | Add a entry.
 
   -d (or) -del    | Delete a entry.
 
   -add -current   | Force adding a entry into the current user path.
 
   -add -local     | Force adding a entry into the local machine path.
 
 
 
   Examples:
 
   PATHS -l
   [+] Indexes all the entries.
 
   PATHS -a "C:\Folder"
   [+] Adds a entry into the local path.
 
   PATHS -a current "C:\Folder"
   [+] Adds a entry into the current user path.
 
   PATHS -d "3"
   [+] Deletes the 3rd entry of the indexed list.
 
   PATHS -d "C:\Folder"
   [+] Deletes a entry.
 
  '
  exit
end
 
 
def error(kind)
  print "[+] ERROR"
  if kind == "pos"      then print "\n    Index #{ARGV[1]} is out of range, only #{$pos} entries.\n" end
  if kind == "notfound" then print "\n    Directory \"#{ARGV[1]}\" not found in PATH.\n" end
  exit
end
 
 
def args()
  if ARGV.empty?                                   then get_paths("visible") end
  if ARGV[0] == "/?"    or ARGV[0] =~ /^-help$/i   then help()               end  
  if ARGV[0] =~ /^-l$/i or ARGV[0] =~ /^-list$/i   then get_paths("visible") end
  if ARGV[0] =~ /^-b$/i or ARGV[0] =~ /^-backup$/i then backup_path()        end
  if ARGV[0] =~ /^-c$/i or ARGV[0] =~ /^-clean$/i  then clean_path()         end    
  if ARGV[0] =~ /^-d$/i or ARGV[0] =~ /^-del$/i    then del_path()           end
  if ARGV[0] =~ /^-a$/i or ARGV[0] =~ /^-add$/i    then add_path()           end
  if ARGV[0] =~ /^-r$/i or ARGV[0] =~ /^-reset$/i  then reset_path()         end
end
 
 
def get_paths(visibility)
 
  $pos = 0
 
  # HKCU path
  if not visibility == "hidden" then puts "\n   [+] Current User PATH:\n\n" end
  Win32::Registry::HKEY_CURRENT_USER.open('Environment') do |reg|
    for dir in reg['Path'].split(";").sort do
	  $pos = $pos+1
	  dir = dir.gsub(/^PATH=/, "")
      instance_variable_set "@_#{$pos}", dir + "?CURRENT_USER"
      if not File.directory? dir then invalid = "(Directory doesn't exist)".foreground(:red).bright else invalid ="" end
      if not visibility == "hidden"
        if $pos < 10 then puts "    #{$pos.to_s} = #{dir} #{invalid}" else puts "    #{$pos.to_s}= #{dir} #{invalid}"end
      end
    end
  end
 
  # HKLM path
  if not visibility == "hidden" then puts "\n\n   [+] Local Machine PATH:\n\n" end
  Win32::Registry::HKEY_LOCAL_MACHINE.open('SYSTEM\CurrentControlSet\Control\Session Manager\Environment') do |reg|
    for dir in reg['Path'].split(";").sort do
	  $pos = $pos+1
	  dir = dir.gsub(/^PATH=/, "")
      instance_variable_set "@_#{$pos}", dir + "?LOCAL_MACHINE"
      if not File.directory? dir then invalid = "(Directory doesn't exist)".foreground(:red).bright else invalid ="" end
      if not visibility == "hidden"
        if $pos < 10 then puts "    #{$pos.to_s} = #{dir} #{invalid}" else puts "    #{$pos.to_s}= #{dir} #{invalid}"end
      end
    end
  end
  if not visibility == "hidden" then exit end
  $max_pos = $pos
 
end
 
 
def add_path()
 
  if ARGV[1] =~ /^-current$/ then key = "current" else key = "local" end
 
  # HKCU path
  if key == "current"
    Win32::Registry::HKEY_CURRENT_USER.open('Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
      value = reg['Path']
      reg.write('Path', Win32::Registry::REG_SZ, "#{value};#{ARGV.last}")
      puts "[+] Entry added in User PATH: #{ARGV.last}"
    end
  end
 
  # HKLM path
  if key == "local"
    Win32::Registry::HKEY_LOCAL_MACHINE.open('SYSTEM\CurrentControlSet\Control\Session Manager\Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
      value = reg['Path']
      reg.write('Path', Win32::Registry::REG_SZ, "#{value};#{ARGV.last}")
      puts "[+] Entry added in Local PATH: #{ARGV.last}"
    end
  end
 
end
 
 
def del_path()
 
    get_paths("hidden")
    final_path = ""
    found      = 0
    notfound   = 0
 
  if ARGV[1] =~ /^[1-9]+$/
 
    choose     = instance_variable_get "@_#{ARGV[1]}"
 
    if ARGV[1].to_i > $max_pos.to_i then error("pos") end
 
    # HKCU PATH index deletion
    if choose["?CURRENT_USER"]
      Win32::Registry::HKEY_CURRENT_USER.open('Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
        value = reg['Path']
        for dir in reg['Path'].split(";").sort do
          if not dir == choose.split("?").first then final_path << ";" + dir end
        end
        reg.write('Path', Win32::Registry::REG_SZ, final_path[1..-1])
      end
      puts "[+] Entry deleted in User PATH: #{choose.split("?").first}"
    end
 
    # HKLM PATH index deletion
    if choose["?LOCAL_MACHINE"]
      Win32::Registry::HKEY_LOCAL_MACHINE.open('SYSTEM\CurrentControlSet\Control\Session Manager\Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
        value = reg['Path']
        for dir in reg['Path'].split(";").sort do
          if not dir == choose.split("?").first then final_path << ";" + dir end
        end
        reg.write('Path', Win32::Registry::REG_SZ, final_path[1..-1])
      end
      puts "[+] Entry deleted in Local PATH: #{choose.split("?").first}"
    end
 
  elsif
 
    # HKCU PATH str deletion
      Win32::Registry::HKEY_CURRENT_USER.open('Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
        value = reg['Path']
        for dir in reg['Path'].split(";").sort do
          if not dir =~ /^#{Regexp.escape(ARGV[1])}$/i then final_path << ";" + dir else found = "yes" end
        end
        reg.write('Path', Win32::Registry::REG_SZ, final_path[1..-1])
        if found == "yes" then puts "[+] Entry deleted in User PATH: #{ARGV[1]}" else notfound = 1 end
      end
 
    # HKLM PATH str deletion
      final_path = ""
      found = ""
      Win32::Registry::HKEY_LOCAL_MACHINE.open('SYSTEM\CurrentControlSet\Control\Session Manager\Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
        value = reg['Path']
        for dir in reg['Path'].split(";").sort do
          if not dir =~ /^#{Regexp.escape(ARGV[1])}$/i then final_path << ";" + dir else found = "yes" end
        end
        reg.write('Path', Win32::Registry::REG_SZ, final_path[1..-1])
        if found == "yes" then puts "[+] Entry deleted in Local PATH: #{ARGV[1]}" else notfound = notfound+1 end
        if notfound == 2 then error("notfound") end
      end
 
    end
 
end
 
 
def backup_path()
 
  # if type REG_EXPAND_SZ convert it first to REG_SZ
  # HKCU path
    Win32::Registry::HKEY_CURRENT_USER.open('Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
      value = reg['Path']
      reg.write('Path', Win32::Registry::REG_SZ, value)
    end
  # HKLM path
    Win32::Registry::HKEY_LOCAL_MACHINE.open('SYSTEM\CurrentControlSet\Control\Session Manager\Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
      value = reg['Path']
      reg.write('Path', Win32::Registry::REG_SZ, value)
    end
  # Conversion end
 
  system('Regedit.exe /E "%TEMP%\HKCU PATH.reg" "HKEY_CURRENT_USER\Environment"')
  system('Regedit.exe /E "%TEMP%\HKLM PATH.reg"  "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment"')
  system('type "%TEMP%\HKCU PATH.reg" | Findstr /I "\"PATH\" HKEY_CURRENT_USER Registry" > "%USERPROFILE%\Desktop\HKCU PATH %DATE:/=-%.reg"')
  system('type "%TEMP%\HKLM PATH.reg" | Findstr /I "\"PATH\" HKEY_LOCAL_MACHINE Registry" > "%USERPROFILE%\Desktop\HKLM PATH %DATE:/=-%.reg"')
  puts "[+] A copy of your current PATH saved at your desktop."
  exit
end
 
 
def reset_path()
  Win32::Registry::HKEY_CURRENT_USER.open('Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg| reg.write('Path', Win32::Registry::REG_SZ, 'C:\Windows;C:\Windows\system32;C:\Windows\System32\Wbem;C:\Windows\syswow64;C:\Windows\System32\WindowsPowerShell\v1.0') end
  Win32::Registry::HKEY_LOCAL_MACHINE.open('SYSTEM\CurrentControlSet\Control\Session Manager\Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg| reg.write('Path', Win32::Registry::REG_SZ, 'C:\Windows;C:\Windows\system32;C:\Windows\System32\Wbem;C:\Windows\syswow64;C:\Windows\System32\WindowsPowerShell\v1.0') end
  puts "[+] PATH restored to Windows defaults."
end
 
 
def clean_path()
 
  puts "\n[+] Searching invalid or duplicated entries in the PATH...\n\n"
 
  # HKCU PATH
  final_path = ""
  Win32::Registry::HKEY_CURRENT_USER.open('Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
    value = reg['Path']
    for dir in reg['Path'].split(";").sort do
      if File.directory? dir and not final_path[/#{Regexp.escape(dir)}$/i] then final_path << ";" + dir else puts "[+] Entry deleted in User PATH: #{dir}" end
    end
    reg.write('Path', Win32::Registry::REG_SZ, final_path[1..-1])
  end
 
  # HKLM PATH
  final_path = ""
  Win32::Registry::HKEY_LOCAL_MACHINE.open('SYSTEM\CurrentControlSet\Control\Session Manager\Environment', Win32::Registry::KEY_ALL_ACCESS) do |reg|
    value = reg['Path']
    for dir in reg['Path'].split(";").sort do
      if File.directory? dir and not final_path[/#{Regexp.escape(dir)}$/i] then final_path << ";" + dir else puts "[+] Entry deleted in Local PATH: #{dir}" end
    end
    reg.write('Path', Win32::Registry::REG_SZ, final_path[1..-1])
  end
 
  puts "\n[+] PATH is cleaned.\n\n"
 
end
 
logo()
args()
 
exit