diff --git a/core/ruby/hash.rb b/core/ruby/hash.rb
index 97f7725fd..fdf3090a4 100644
--- a/core/ruby/hash.rb
+++ b/core/ruby/hash.rb
@@ -15,7 +15,11 @@
#
class Hash
- # http://snippets.dzone.com/posts/show/4706
+ # Recursively deep merge two hashes together
+ # @param [Hash] hash Hash to be merged
+ # @return [Hash] Combined hash
+ # @note Duplicate keys are overwritten by the value defined in the hash calling deep_merge (not the parameter hash)
+ # @note http://snippets.dzone.com/posts/show/4706
def deep_merge(hash)
target = dup
hash.keys.each do |key|
diff --git a/core/ruby/module.rb b/core/ruby/module.rb
index 03d34a316..f0214a92f 100644
--- a/core/ruby/module.rb
+++ b/core/ruby/module.rb
@@ -14,25 +14,9 @@
# limitations under the License.
#
class Module
- # Returns the classes in the current ObjectSpace where this module has been
- # mixed in according to Module#included_modules.
- #
- # module M
- # end
- #
- # module N
- # include M
- # end
- #
- # class C
- # include M
- # end
- #
- # class D < C
- # end
- #
- # p M.included_in_classes # => [C, D]
- #
+
+ # Returns the classes in the current ObjectSpace where this module has been mixed in according to Module#included_modules.
+ # @return [Array] An array of classes
def included_in_classes
classes = []
ObjectSpace.each_object(Class) { |k| classes << k if k.included_modules.include?(self) }
@@ -42,19 +26,9 @@ class Module
unique_classes
end
end
-
- # Returns the modules in the current ObjectSpace where this module has been
- # mixed in according to Module#included_modules.
- #
- # module M
- # end
- #
- # module N
- # include M
- # end
- #
- # p M.included_in_modules # => [N]
- #
+
+ # Returns the modules in the current ObjectSpace where this module has been mixed in according to Module#included_modules.
+ # @return [Array] An array of modules
def included_in_modules
modules = []
ObjectSpace.each_object(Module) { |k| modules << k if k.included_modules.include?(self) }
@@ -65,30 +39,14 @@ class Module
end
end
- #
- # module M
- # end
- #
- # module N
- # extend M
- # end
- #
- # p N.extended_modules # => [M]
- #
+ # Returns the modules extended inside the target module
+ # @return [Array] Array of modules
def extended_modules
(class << self; self end).included_modules
end
- #
- # module M
- # end
- #
- # module N
- # extend M
- # end
- #
- # p M.extended_in_modules # => [N]
- #
+ # Returns the modules extending the target module
+ # @return [Array] Array of modules
def extended_in_modules
modules = []
ObjectSpace.each_object(Module) { |k| modules << k if k.extended_modules.include?(self) }
@@ -98,4 +56,4 @@ class Module
unique_modules
end
end
-end
\ No newline at end of file
+end
diff --git a/core/ruby/object.rb b/core/ruby/object.rb
index d60bba4f9..a792e91ca 100644
--- a/core/ruby/object.rb
+++ b/core/ruby/object.rb
@@ -15,72 +15,34 @@
#
class Object
- #
# Returns true if the object is a Boolean
- #
- # Example:
- #
- # a = true
- # b = false
- # c = 1234 # Integer
- #
- # a.boolean? # => true
- # b.boolean? # => false
- # c.boolean? # => false
- #
+ # @return [Boolean] Whether the object is boolean
def boolean?
self.is_a?(TrueClass) || self.is_a?(FalseClass)
end
- #
# Returns true if the object is a String
- #
- # Example:
- #
- # 1.string? # => false
- # 'abc'.string? # => true
- #
+ # @return [Boolean] Whether the object is a string
def string?
self.is_a?(String)
end
- #
# Returns true if the object is an Integer
- #
- # Example:
- #
- # 1.integer? # => true
- # 'abc'.integer? # => false
- #
+ # @return [Boolean] Whether the object is an integer
def integer?
self.is_a?(Integer)
end
- #
# Returns true if the object is a hash
- #
- # Example:
- #
- # {}.hash? # => true
- # 1.hash? # => false
- #
+ # @return [Boolean] Whether the object is a hash
def hash?
self.is_a?(Hash)
end
- #
# Returns true if the object is a class
- #
- # Example:
- #
- # class A
- # end
- #
- # obj = A.new
- # obj.class? # => true
- #
+ # @return [Boolean] Whether the object is a class
def class?
self.is_a?(Class)
end
-end
\ No newline at end of file
+end
diff --git a/core/ruby/patches/dm-do-adapter/adapter.rb b/core/ruby/patches/dm-do-adapter/adapter.rb
index 763c20383..fd701ff4c 100644
--- a/core/ruby/patches/dm-do-adapter/adapter.rb
+++ b/core/ruby/patches/dm-do-adapter/adapter.rb
@@ -13,13 +13,13 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
-# The following file contains patches for DataMapper Data Objects Adapter (dm-do-adapter)
-# This patch fixes the following error:
-# DataObjects::URI.new with arguments is deprecated, use a Hash of URI components (/home/username/.rvm/gems/ruby-1.9.2-p290/gems/dm-do-adapter-1.1.0/lib/dm-do-adapter/adapter.rb:231:in `new')
-# The error is patched in dm-do-adapter 1.1.1 however it has yet to be released.
-# Patch: https://github.com/datamapper/dm-do-adapter/commit/7f0b53d1ada8735910e04ff37d60c6ff037ce288
+# @note The following file contains patches for DataMapper Data Objects Adapter (dm-do-adapter)
+# This patch fixes the following error:
+# DataObjects::URI.new with arguments is deprecated, use a Hash of URI components (/home/username/.rvm/gems/ruby-1.9.2-p290/gems/dm-do-adapter-1.1.0/lib/dm-do-adapter/adapter.rb:231:in `new')
+# The error is patched in dm-do-adapter 1.1.1 however it has yet to be released.
+# Patch: https://github.com/datamapper/dm-do-adapter/commit/7f0b53d1ada8735910e04ff37d60c6ff037ce288
=begin
Deleted:
@@ -53,7 +53,6 @@ module DataMapper
module Adapters
class DataObjectsAdapter < AbstractAdapter
- # @api private
def normalized_uri
@normalized_uri ||=
begin
diff --git a/core/ruby/patches/webrick/cookie.rb b/core/ruby/patches/webrick/cookie.rb
index 6e6a471fb..4217628fb 100644
--- a/core/ruby/patches/webrick/cookie.rb
+++ b/core/ruby/patches/webrick/cookie.rb
@@ -13,12 +13,13 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
-# The following file contains patches for WEBrick.
module WEBrick
class Cookie
attr_accessor :httponly
+ # Convert cookie object to a string representation
+ # @return [String] ret String of information about cookie
def to_s
ret = ""
ret << @name << "=" << @value
@@ -35,4 +36,4 @@ module WEBrick
end
-end
\ No newline at end of file
+end
diff --git a/core/ruby/patches/webrick/genericserver.rb b/core/ruby/patches/webrick/genericserver.rb
index 65cb136d3..1e12898db 100644
--- a/core/ruby/patches/webrick/genericserver.rb
+++ b/core/ruby/patches/webrick/genericserver.rb
@@ -13,18 +13,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
-# The following file contains patches for WEBrick.
module WEBrick
class HTTPServer < ::WEBrick::GenericServer
- # I'm patching WEBrick so it does not log http requests anymore.
- # The reason being that it seems to considerably slow down BeEF which receives
- # numerous requests simultaneously. Additionally, it was also found to crash
- # the thread when not being able to write to the log file (which happened when
- # overloaded).
+ # @note I'm patching WEBrick so it does not log http requests anymore.
+ # The reason being that it seems to considerably slow down BeEF which receives
+ # numerous requests simultaneously. Additionally, it was also found to crash
+ # the thread when not being able to write to the log file (which happened when
+ # overloaded).
def access_log(config, req, res); return; end
end
-end
\ No newline at end of file
+end
diff --git a/core/ruby/patches/webrick/httprequest.rb b/core/ruby/patches/webrick/httprequest.rb
index a55657630..031344adb 100644
--- a/core/ruby/patches/webrick/httprequest.rb
+++ b/core/ruby/patches/webrick/httprequest.rb
@@ -13,23 +13,19 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
-# The following file contains patches for WEBrick.
module WEBrick
class HTTPRequest
- # I'm patching the HTTPRequest class so that it when it receives POST
- # http requests, it parses the query present in the body even if the
- # content type is not set.
- #
- # The reason for this patch is that when a zombie sends back data to
- # BeEF, that data was not parsed because by default the content-type
- # was not set directly. I prefer patching WEBrick rather than editing
- # the BeEFJS library because cross domain http requests would be harder
- # to implement at the server level.
- #
- # Note: this function would need to be modified if we ever needed to
- # use multipart POST requests.
+ # @note I'm patching the HTTPRequest class so that it when it receives POST
+ # http requests, it parses the query present in the body even if the
+ # content type is not set.
+ # The reason for this patch is that when a zombie sends back data to
+ # BeEF, that data was not parsed because by default the content-type
+ # was not set directly. I prefer patching WEBrick rather than editing
+ # the BeEFJS library because cross domain http requests would be harder
+ # to implement at the server level.
+ # @note This function would need to be modified if we ever needed to use multipart POST requests.
def parse_query()
begin
if @request_method == "GET" || @request_method == "HEAD"
@@ -47,51 +43,45 @@ module WEBrick
end
end
+ # Get cookie value
+ # @param [String] name Key name
+ # @return [String] Value stored against the key name or nil if not found
def get_cookie_value(name)
-
return nil if name.nil?
-
@cookies.each{|cookie|
c = WEBrick::Cookie.parse_set_cookie(cookie.to_s)
return c.value if (c.name.to_s.eql? name)
}
-
nil
-
end
+ # Get Referrer domain name
+ # @return [String] Domain name or nil
def get_referer_domain
-
referer = header['referer'][0]
-
if referer =~ /\:\/\/([0-9a-zA-A\.]*(\:[0-9]+)?)\//
return $1
end
-
nil
-
end
+ # Get hook session id
+ # @return [String] Hook session id or nil
def get_hook_session_id()
-
config = BeEF::Core::Configuration.instance
hook_session_name = config.get('beef.http.hook_session_name')
-
@query[hook_session_name] || nil
-
end
- # return the command module command_id value from the request
+ # Return the command module command_id value from the request
+ # @return [String] Command module id or nil
def get_command_id()
@query['command_id'] || nil
end
- #
- # Attack vectors send through the Requester/Proxy by default are parsed as Bad URIs, and not sent.
- # For example: request like the following: http://192.168.10.128/dvwa/vulnerabilities/xss_r/?name=ciccioba83e7918817a3ad
- # is blocked (ERROR bad URI)
- # We're overwriting the URI Parser UNRESERVED regex to prevent such behavior (see tolerant_parser)
- #
+ # @note Attack vectors send through the Requester/Proxy by default are parsed as Bad URIs, and not sent.
+ # For example: request like the following: http://192.168.10.128/dvwa/vulnerabilities/xss_r/?name=ciccioba83e7918817a3ad is blocked (ERROR bad URI)
+ # We're overwriting the URI Parser UNRESERVED regex to prevent such behavior (see tolerant_parser)
def parse_uri(str, scheme="http")
if @config[:Escape8bitURI]
str = HTTPUtils::escape8bit(str)
diff --git a/core/ruby/patches/webrick/httpresponse.rb b/core/ruby/patches/webrick/httpresponse.rb
index fa18486b3..006766e5b 100644
--- a/core/ruby/patches/webrick/httpresponse.rb
+++ b/core/ruby/patches/webrick/httpresponse.rb
@@ -13,21 +13,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
-# The following file contains patches for WEBrick.
module WEBrick
class HTTPResponse
- #
# Add/Update HTTP response headers with those contained in original_headers Hash
- #
+ # @param [Hash] original_headers Hash of headers
def override_headers(original_headers)
original_headers.each{ |key, value| @header[key.downcase] = value }
end
- #
- # set caching headers none
- #
+ # Set caching headers none
def set_no_cache()
@header['ETag'] = nil
@header['Last-Modified'] = Time.now + 100**4
@@ -36,12 +32,14 @@ module WEBrick
@header['Pragma'] = 'no-cache'
end
- #
- # set the cookie in the response
- # Limit: only one set-cookie will be within the response
- #
+ # Set the cookie in the response
+ # @param [String] name Name of the cookie
+ # @param [String] value Value of the cookie
+ # @param [String] path Path of the cookie
+ # @param [Boolean] httponly If the cookie is HTTP only
+ # @param [Boolean] secure If the cookie is secure only
+ # @note Limit: only one set-cookie will be within the response
def set_cookie(name, value, path = '/', httponly = true, secure = true)
-
cookie = WEBrick::Cookie.new(name, value)
cookie.path = path
cookie.httponly = httponly
@@ -51,10 +49,7 @@ module WEBrick
@header['Set-Cookie'] = cookie.to_s
end
- #
- # This patch should prevent leakage of directory listing, access
- # auth errors, etc.
- #
+ # @note This patch should prevent leakage of directory listing, access auth errors, etc.
def set_error(ex, backtrace=false)
# set repsonse headers
diff --git a/core/ruby/patches/webrick/httpservlet/filehandler.rb b/core/ruby/patches/webrick/httpservlet/filehandler.rb
index e19ad0e60..74b4eb252 100644
--- a/core/ruby/patches/webrick/httpservlet/filehandler.rb
+++ b/core/ruby/patches/webrick/httpservlet/filehandler.rb
@@ -20,7 +20,9 @@ module HTTPServlet
class FileHandler
- # prevent directory traversal attacks
+ # Prevent directory traversal attacks
+ # @param [Object] req Request object
+ # @param [Object] res Response object
def prevent_directory_traversal(req, res)
raise WEBrick::HTTPStatus::BadRequest, "null character in path" if has_null?(req.path_info)
@@ -33,7 +35,9 @@ module HTTPServlet
req.path_info = expanded
end
- # checks if a string contains null characters
+ # Checks if a string contains null characters
+ # @param [String] str String to test for null characters
+ # @param [Boolean] Whether the string has null characters
def has_null? (str)
str.split(//).each {|c|
return true if c.eql?("\000")
diff --git a/core/ruby/patches/webrick/httputils.rb b/core/ruby/patches/webrick/httputils.rb
index 24348f945..b00c64bd8 100644
--- a/core/ruby/patches/webrick/httputils.rb
+++ b/core/ruby/patches/webrick/httputils.rb
@@ -13,12 +13,14 @@ module WEBrick
module HTTPUtils
- # Add support for additional mime types
+ # Add support for additional mime types
+ # @param [String] filename Filename
+ # @param [Hash] mime_tab Mime Type Hash
def mime_type(filename, mime_tab)
suffix1 = (/\.(\w+)$/ =~ filename && $1.downcase)
suffix2 = (/\.(\w+)\.[\w\-]+$/ =~ filename && $1.downcase)
- # Add support for additional mime types
+ # @todo Add support for additional mime types
supported_mime_types = {
'wav' => 'audio/x-wav'
}
diff --git a/core/ruby/print.rb b/core/ruby/print.rb
index 7921041d8..4c9bd5dbd 100644
--- a/core/ruby/print.rb
+++ b/core/ruby/print.rb
@@ -13,23 +13,23 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
-#
+
# Function used to print errors to the console
-#
+# @param [String] s String to be printed
def print_error(s)
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[!]'.red+' '+s
end
-#
# Function used to print information to the console
-#
+# @param [String] s String to be printed
def print_info(s)
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[*]'.blue+' '+s
end
-#
# Function used to print debug information
-#
+# @param [String] s String to be printed
+# @note This function will only print messages if the debug flag is set to true
+# @todo Once the console extension has been merged into the core, remove the extension checks.
def print_debug(s)
config = BeEF::Core::Configuration.instance
if config.get('beef.debug') || (BeEF::Extension.is_loaded('console') && BeEF::Extension::Console.verbose?)
@@ -37,24 +37,15 @@ def print_debug(s)
end
end
-#
# Function used to print successes to the console
-#
+# @param [String] s String to be printed
def print_success(s)
puts Time.now.localtime.strftime("[%k:%M:%S]")+'[+]'.green+' '+s
end
-#
-# Produces something that looks like that:
-#
-# [12:16:32] | Hook URL: http://127.0.0.1:3000/hook.js
-# [12:16:32] | UI URL: http://127.0.0.1:3000/ui/panel
-# [12:16:32] |_ Demo URL: http://127.0.0.1:3000/demos/basic.html
-#
-# The Template is like this:
-#
-# [date] | content
-#
+# Print multiple lines with decoration split by the return character
+# @param [String] s String to be printed
+# @note The string passed needs to be separated by the "\n" for multiple lines to be printed
def print_more(s)
time = Time.now.localtime.strftime("[%k:%M:%S]")
lines = s.split("\n")
@@ -68,9 +59,9 @@ def print_more(s)
end
end
-#
# Function used to print over the current line
-#
+# @param [String] s String to print over current line
+# @note To terminate the print_over functionality your last print_over line must include a "\n" return
def print_over(s)
time = Time.now.localtime.strftime("[%k:%M:%S]")
print "\r#{time}"+"[*]".blue+" #{s}"
diff --git a/core/ruby/string.rb b/core/ruby/string.rb
index ac07a6c8f..84805da95 100644
--- a/core/ruby/string.rb
+++ b/core/ruby/string.rb
@@ -14,13 +14,9 @@
# limitations under the License.
#
class String
- #
- # Use a gem to colorize the console.
- #
- # See: http://flori.github.com/term-ansicolor/
- #
- # Example: print "red bold".red.bold, "\n"
- #
+
+ # @note Use a gem to colorize the console.
+ # @note http://flori.github.com/term-ansicolor/
include Term::ANSIColor
-end
\ No newline at end of file
+end