From 21d5164d4d03cfc9bc9a642f0771f391ea503d6b Mon Sep 17 00:00:00 2001 From: "bcoles@gmail.com" Date: Sun, 21 Aug 2011 03:29:42 +0000 Subject: [PATCH] Response Headers is now the default accordion panel displayed (rather than the Request panel) when viewing requester HTTP response details The requester history panel now automatically refreshes upon display Changed processed status from 'false' to 'waiting' and 'true' to 'complete' in the requester Fixes Issue 459 git-svn-id: https://beef.googlecode.com/svn/trunk@1226 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9 --- .../ui/panel/tabs/ZombieTabRequester.js | 48 ++++++++++--------- extensions/proxy/handlers/zombie/handler.rb | 2 +- extensions/requester/api/hook.rb | 2 +- extensions/requester/handler.rb | 6 +-- extensions/requester/models/http.rb | 5 +- 5 files changed, 32 insertions(+), 31 deletions(-) diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRequester.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRequester.js index 53aab0e0f..84acf74b3 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRequester.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRequester.js @@ -73,7 +73,7 @@ ZombieTab_Requester = function(zombie) { autoDestroy: true, autoLoad: false, root: 'history', - + fields: ['domain', 'port', 'method', 'request_date', 'response_date','id', 'has_ran', 'path','response_status_code', 'response_status_text', 'response_port_status'], sortInfo: {field: 'request_date', direction: 'DESC'}, @@ -154,7 +154,7 @@ ZombieTab_Requester = function(zombie) { var tab_panel = Ext.getCmp('zombie-requester-tab-zombie-'+zombie.session); var r = grid.getStore().getAt(rowIndex).data; - if(!r.has_ran) { + if(r.has_ran != "complete") { commands_statusbar.update_fail("Response for this request has not been received yet."); return; } @@ -170,7 +170,8 @@ ZombieTab_Requester = function(zombie) { Ext.DomHelper.append('header', {tag: 'div', id: 'requesterWelcomeWinShown'}); } datagrid.store.reload({params:{start:0,limit:req_pagesize, sort: "date", dir:"DESC"}}); - } + }, + // Uncomment it when we'll add a contextMenu (right click on a row) in the history grid // ,rowcontextmenu: function(grid, rowIndex, event){ // event.stopEvent(); @@ -191,20 +192,20 @@ ZombieTab_Requester = function(zombie) { listeners: { activate: function(history_panel) { - history_panel.items.items[0].store.reload(); + history_panel.items.items[0].store.reload({params:{url:'/ui/requester/history.json'}}); } } }); - // Return the extension_requester_http table row ID given a grid row index - function getHttpDbId(grid, rowIndex){ + // Return the extension_requester_http table row ID given a grid row index + function getHttpDbId(grid, rowIndex){ var row = grid.getStore().getAt(rowIndex).data; - var result = null; - if(row != null){ - result = row.id; - } - return result; - } + var result = null; + if(row != null){ + result = row.id; + } + return result; + } // Function generating the requests panel to send raw requests //------------------------------------------------------------- @@ -248,14 +249,14 @@ ZombieTab_Requester = function(zombie) { } }] }); - - if(!value) { - value = "GET /demos/secret_page.html HTTP/1.1\n"; - if (zombie.domain) value += "Host: "+zombie.domain+"\n"; - else value += "Host: \n"; + if(!value) { + if (zombie.domain) { + value = "GET /demos/secret_page.html HTTP/1.1\n"; + value += "Host: "+zombie.domain+":3000\n"; + } else value = "GET / HTTP/1.1\nHost: \n"; } - + form.get('raw-request-zombie-'+zombie.session).value = value; panel = Ext.getCmp('requester-forge-requests-zombie-'+zombie.session); @@ -287,14 +288,16 @@ ZombieTab_Requester = function(zombie) { var tab_result_response_headers = new Ext.Panel({ title: 'Response Headers', border: false, + collapsed: false, layout: 'fit', padding: '5px 5px 5px 5px', - items:[new Ext.form.TextArea({id: 'requester-response-res-headers-'+request.id, value: xhr.result.response_headers + "\n"})] + items:[new Ext.form.TextArea({id: 'requester-response-res-headers-'+request.id, value: xhr.result.response_headers + "\n"})] }); var tab_result_response_body = new Ext.Panel({ title: 'Response Body', border: false, + collapsed: false, layout: 'fit', padding: '5px 5px 5px 5px', items:[new Ext.form.TextArea({id: 'requester-response-res-body-'+request.id, value: xhr.result.response + "\n"})] @@ -303,6 +306,7 @@ ZombieTab_Requester = function(zombie) { var tab_result_request = new Ext.Panel({ title: 'Request', border: false, + collapsed: true, layout: 'fit', padding: '5px 5px 5px 5px', items:[new Ext.form.TextArea({id: 'requester-response-req-'+request.id, value: xhr.result.request})] @@ -315,7 +319,7 @@ ZombieTab_Requester = function(zombie) { border: false, layout:'accordion', closable: true, - items:[tab_result_request, tab_result_response_headers, tab_result_response_body] + items:[tab_result_request, tab_result_response_headers, tab_result_response_body] }); tab_panel.add(tab_result_accordion); @@ -329,8 +333,8 @@ ZombieTab_Requester = function(zombie) { } }); }; - - + + ZombieTab_Requester.superclass.constructor.call(this, { id: 'zombie-requester-tab-zombie-'+zombie.session, title: 'Requester', diff --git a/extensions/proxy/handlers/zombie/handler.rb b/extensions/proxy/handlers/zombie/handler.rb index a6efd62e6..ef0e95fbb 100644 --- a/extensions/proxy/handlers/zombie/handler.rb +++ b/extensions/proxy/handlers/zombie/handler.rb @@ -66,7 +66,7 @@ module Zombie # while waiting for the HTTP response to be stored in the db. print_info("[PROXY] Thread started in order to process request ##{http.id} to [#{req.path.to_s}] on domain [#{req.host}:#{req.port}]") @response_thread = Thread.new do - while !H.first(:id => http.id).has_ran + while H.first(:id => http.id).has_ran != "complete" sleep 0.5 end @response = H.first(:id => http.id) diff --git a/extensions/requester/api/hook.rb b/extensions/requester/api/hook.rb index e65b78302..3f2f0bfb0 100644 --- a/extensions/requester/api/hook.rb +++ b/extensions/requester/api/hook.rb @@ -35,7 +35,7 @@ module BeEF @body = body # we generate all the requests and output them to the hooked browser output = [] - BeEF::Core::Models::Http.all(:hooked_browser_id => hb.id, :has_ran => false).each { |h| + BeEF::Core::Models::Http.all(:hooked_browser_id => hb.id, :has_ran => "waiting").each { |h| output << self.requester_parse_db_request(h) } diff --git a/extensions/requester/handler.rb b/extensions/requester/handler.rb index c217efff9..5b32042b6 100644 --- a/extensions/requester/handler.rb +++ b/extensions/requester/handler.rb @@ -56,8 +56,8 @@ module Requester raise WEBrick::HTTPStatus::BadRequest, "Invalid http_db: no such request found in the database" if http_db.nil? # validates that the http request has not be ran before - raise WEBrick::HTTPStatus::BadRequest, "This http request has been saved before" if http_db.has_ran.eql? true - + raise WEBrick::HTTPStatus::BadRequest, "This http request has been saved before" if http_db.has_ran.eql? "complete" + # validates the response code response_code = @data['results']['response_status_code'] || nil raise WEBrick::HTTPStatus::BadRequest, "Http response code is null" if response_code.nil? @@ -70,7 +70,7 @@ module Requester http_db.response_port_status = @data['results']['response_port_status'] http_db.response_data = @data['results']['response_data'] http_db.response_date = Time.now - http_db.has_ran = true + http_db.has_ran = "complete" # Store images as binary diff --git a/extensions/requester/models/http.rb b/extensions/requester/models/http.rb index b02c93459..36a9dc709 100644 --- a/extensions/requester/models/http.rb +++ b/extensions/requester/models/http.rb @@ -61,7 +61,7 @@ module Models property :port, Text, :lazy => false # Boolean value to say if the request was cross-domain - property :has_ran, Boolean, :default => false + property :has_ran, Text, :lazy => false, :default => "waiting" # The path of the request. # Example: /secret.html @@ -73,9 +73,6 @@ module Models # The date at which the http request has been saved. property :request_date, DateTime, :lazy => false - # Boolean value to say if the http response has been received or not. - property :has_ran, Boolean, :default => false - end end