diff --git a/core/filters/base.rb b/core/filters/base.rb index ffc899f07..53cc6605e 100644 --- a/core/filters/base.rb +++ b/core/filters/base.rb @@ -16,7 +16,9 @@ module BeEF module Filters - # check if the string is not empty and not nil + # Check if the string is not empty and not nil + # @param [String] str String for testing + # @return [Boolean] Whether the string is not empty def self.is_non_empty_string?(str) return false if str.nil? return false if not str.is_a? String @@ -24,85 +26,116 @@ module Filters true end - # check if only the characters in 'chars' are in 'str' + # Check if only the characters in 'chars' are in 'str' + # @param [String] chars List of characters to match + # @param [String] str String for testing + # @return [Boolean] Whether or not the only characters in str are specified in chars def self.only?(chars, str) regex = Regexp.new('[^' + chars + ']') regex.match(str).nil? end - # check if one or more characters in 'chars' are in 'str' + # Check if one or more characters in 'chars' are in 'str' + # @param [String] chars List of characters to match + # @param [String] str String for testing + # @return [Boolean] Whether one of the characters exists in the string def self.exists?(chars, str) regex = Regexp.new(chars) not regex.match(str).nil? end - # check for null char + # Check for null char + # @param [String] str String for testing + # @return [Boolean] If the string has a null character def self.has_null? (str) return false if not is_non_empty_string?(str) exists?('\x00', str) end - # check for non-printalbe char + # Check for non-printable char + # @param [String] str String for testing + # @return [Boolean] Whether or not the string has non-printable characters def self.has_non_printable_char?(str) return false if not is_non_empty_string?(str) not only?('[:print:]', str) end - # check if num chars only + # Check if num characters only + # @param [String] str String for testing + # @return [Boolean] If the string only contains numbers def self.nums_only?(str) return false if not is_non_empty_string?(str) only?('0-9', str) end - # check if valid float + # Check if valid float + # @param [String] str String for float testing + # @return [Boolean] If the string is a valid float def self.is_valid_float?(str) return false if not is_non_empty_string?(str) return false if not only?('0-9\.', str) not (str =~ /^[\d]+\.[\d]+$/).nil? end - # check if hex chars only + # Check if hex characters only + # @param [String] str String for testing + # @return [Boolean] If the string only contains hex characters def self.hexs_only?(str) return false if not is_non_empty_string?(str) only?('0123456789ABCDEFabcdef', str) end - # check if first char is a num + # Check if first character is a number + # @param [String] String for testing + # @return [Boolean] If the first character of the string is a number def self.first_char_is_num?(str) return false if not is_non_empty_string?(str) not (str =~ /^\d.*/).nil? end - # check for space chars: \t\n\r\f + # Check for space characters: \t\n\r\f + # @param [String] str String for testing + # @return [Boolean] If the string has a whitespace character def self.has_whitespace_char?(str) return false if not is_non_empty_string?(str) exists?('\s', str) end - # check for non word chars: a-zA-Z0-9 + # Check for non word characters: a-zA-Z0-9 + # @param [String] str String for testing + # @return [Boolean] If the string only has alphanums def self.alphanums_only?(str) return false if not is_non_empty_string?(str) only?("a-zA-Z0-9", str) end - # check if valid ip address string + # Check if valid ip address string + # @param [String] ip String for testing + # @return [Boolean] If the string is a valid IP address + # @note only IPv4 compliant def self.is_valid_ip?(ip) return true if ip =~ /^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})?$/ false end - # check for valid browser details chars + # Check for valid browser details characters + # @param [String] str String for testing + # @return [Boolean] If the string has valid browser details characters + # @note This function passes the \302\256 character which translates to the registered symbol (r) def self.has_valid_browser_details_chars?(str) return false if not is_non_empty_string?(str) - not (str =~ /[^\w\d\s()-.,;:_\/!\302\256]/).nil? # \302\256 is the (r) character + not (str =~ /[^\w\d\s()-.,;:_\/!\302\256]/).nil? end - # check for valid base details chars - # this is for basic flitering where possible all specific filters must be implemented + # Check for valid base details characters + # @param [String] str String for testing + # @return [Boolean] If the string has only valid base characters + # @note This is for basic filtering where possible all specific filters must be implemented + # @note This function passes the \302\256 character which translates to the registered symbol (r) def self.has_valid_base_chars?(str) return false if not is_non_empty_string?(str) - (str =~ /[^\302\256[:print:]]/).nil? # \302\256 is the (r) character + (str =~ /[^\302\256[:print:]]/).nil? end end -end \ No newline at end of file +end diff --git a/core/filters/browser.rb b/core/filters/browser.rb index ff58ebae3..9bda345fe 100644 --- a/core/filters/browser.rb +++ b/core/filters/browser.rb @@ -16,7 +16,9 @@ module BeEF module Filters - # check the browser type value - for example, 'FF' + # Check the browser type value - for example, 'FF' + # @param [String] str String for testing + # @return [Boolean] If the string has valid browser name characters def self.is_valid_browsername?(str) return false if not is_non_empty_string?(str) return false if str.length > 2 @@ -24,7 +26,9 @@ module Filters true end - # check the browser type value - for example, {"FF5":true,"FF":true} & {"S":true} + # Check the browser type value - for example, {"FF5":true,"FF":true} & {"S":true} + # @param [String] str String for testing + # @return [Boolean] If the string has valid browser type characters def self.is_valid_browsertype?(str) return false if not is_non_empty_string?(str) return false if str.length < 10 @@ -33,7 +37,9 @@ module Filters true end - # check the os name value - for example, 'Windows XP' + # Check the Operating System name value - for example, 'Windows XP' + # @param [String] str String for testing + # @return [Boolean] If the string has valid Operating System name characters def self.is_valid_osname?(str) return false if not is_non_empty_string?(str) return false if has_non_printable_char?(str) @@ -41,7 +47,9 @@ module Filters true end - # verify the browser version string is valid + # Verify the browser version string is valid + # @param [String] str String for testing + # @return [Boolean] If the string has valid browser version characters def self.is_valid_browserversion?(str) return false if not is_non_empty_string?(str) return false if has_non_printable_char?(str) @@ -51,7 +59,9 @@ module Filters true end - # verify the browser/UA string is valid + # Verify the browser/UA string is valid + # @param [String] str String for testing + # @return [Boolean] If the string has valid browser / ua string characters def self.is_valid_browserstring?(str) return false if not is_non_empty_string?(str) return false if has_non_printable_char?(str) @@ -59,28 +69,37 @@ module Filters true end - # verify the cookies are valid + # Verify the cookies are valid + # @param [String] str String for testing + # @return [Boolean] If the string has valid cookie characters def self.is_valid_cookies?(str) return false if has_non_printable_char?(str) return false if str.length > 2000 true end - # verify the screen params are valid + # Verify the screen params are valid + # @param [String] str String for testing + # @return [Boolean] If the string has valid screen param characters def self.is_valid_screen_params?(str) return false if has_non_printable_char?(str) return false if str.length > 200 true end - # verify the window size is valid + # Verify the window size is valid + # @param [String] str String for testing + # @return [Boolean] If the string has valid window size characters def self.is_valid_window_size?(str) return false if has_non_printable_char?(str) return false if str.length > 200 true end - # verify the yes and no is valid + # Verify the yes and no is valid + # @param [String] str String for testing + # @return [Boolean] If the string is either 'yes' or 'no' + # @todo Confirm this is case insensitive def self.is_valid_yes_no?(str) return false if has_non_printable_char?(str) return false if str !~ /^(Yes|No)$/ @@ -88,10 +107,12 @@ module Filters true end - # verify the browser_plugins string is valid + # Verify the browser_plugins string is valid + # @param [String] str String for testing + # @return [Boolean] If the string has valid browser plugin characters + # @note This string can be empty if there are no browser plugins + # @todo Verify if the ruby version statement is still necessary def self.is_valid_browser_plugins?(str) - # this string can be empty if there are no browser plugins - #print_debug(str) return true if not is_non_empty_string?(str) return false if str.length > 1000 if RUBY_VERSION >= "1.9" && str.encoding === Encoding.find('UTF-8') diff --git a/core/filters/command.rb b/core/filters/command.rb index a2f2c47d4..c89d9cf7f 100644 --- a/core/filters/command.rb +++ b/core/filters/command.rb @@ -16,7 +16,9 @@ module BeEF module Filters - # check if the string is a valid path from a HTTP request + # Check if the string is a valid path from a HTTP request + # @param [String] str String for testing + # @return [Boolean] If the string has valid path characters def self.is_valid_path_info?(str) return false if str.nil? return false if not str.is_a? String @@ -24,42 +26,54 @@ module Filters true end - # check if the command id valid + # Check if the command id valid + # @param [String] str String for testing + # @return [Boolean] If the string is a valid command id def self.is_valid_command_id?(str) return false if not is_non_empty_string?(str) return false if not nums_only?(str) true end - # check if the session id valid + # Check if the session id valid + # @param [String] str String for testing + # @return [Boolean] If the string has valid hook session id characters def self.is_valid_hook_session_id?(str) return false if not is_non_empty_string?(str) return false if not has_valid_key_chars?(str) true end - # check if valid command module datastore key + # Check if valid command module datastore key + # @param [String] str String for testing + # @return [Boolean] If the string has valid command module datastore key characters def self.is_valid_command_module_datastore_key?(str) return false if not is_non_empty_string?(str) return false if not has_valid_key_chars?(str) true end - # check if valid command module datastore value + # Check if valid command module datastore value + # @param [String] str String for testing + # @return [Boolean] If the string has valid command module datastore param characters def self.is_valid_command_module_datastore_param?(str) return false if has_null?(str) return false if not has_valid_base_chars?(str) true end - # check for word and some punc chars + # Check for word and some punc chars + # @param [String] str String for testing + # @return [Boolean] If the string has valid key characters def self.has_valid_key_chars?(str) return false if not is_non_empty_string?(str) return false if not has_valid_base_chars?(str) true end - # check for word and underscore chars + # Check for word and underscore chars + # @param [String] str String for testing + # @return [Boolean] If the sting has valid param characters def self.has_valid_param_chars?(str) return false if str.nil? return false if not str.is_a? String diff --git a/core/filters/http.rb b/core/filters/http.rb index 548097109..ecadb1997 100644 --- a/core/filters/http.rb +++ b/core/filters/http.rb @@ -16,7 +16,9 @@ module BeEF module Filters - # verify the hostname string is valid + # Verify the hostname string is valid + # @param [String] str String for testing + # @return [Boolean] If the string is a valid hostname def self.is_valid_hostname?(str) return false if not is_non_empty_string?(str) return false if has_non_printable_char?(str) @@ -28,4 +30,4 @@ module Filters end end -end \ No newline at end of file +end diff --git a/core/filters/page.rb b/core/filters/page.rb index 3db2462c2..4c4bbbf2b 100644 --- a/core/filters/page.rb +++ b/core/filters/page.rb @@ -16,7 +16,9 @@ module BeEF module Filters - # verify the page title string is valid + # Verify the page title string is valid + # @param [String] str String for testing + # @return [Boolean] If the string is a valid page title def self.is_valid_pagetitle?(str) return false if not str.is_a? String return false if has_non_printable_char?(str) @@ -25,4 +27,4 @@ module Filters end end -end \ No newline at end of file +end