From 275bbfaad2b12b5aef26c9c91afbaa64d973296a Mon Sep 17 00:00:00 2001 From: Wade Alcorn Date: Sun, 26 Feb 2012 21:35:03 +1000 Subject: [PATCH] Updates to test jenkins --- core/main/command.rb | 334 ++++++++++----------- core/main/configuration.rb | 154 +++++----- core/ruby/patches/dm-do-adapter/adapter.rb | 38 +-- 3 files changed, 263 insertions(+), 263 deletions(-) diff --git a/core/main/command.rb b/core/main/command.rb index 9336ff420..826d10425 100644 --- a/core/main/command.rb +++ b/core/main/command.rb @@ -15,199 +15,199 @@ # module BeEF -module Core + module Core - # @note This module contains a list of utils functions to use when writing commands - module CommandUtils - - # Format a string to support multiline in javascript. - # @param [String] text String to convert - # @return [String] Formatted string - def format_multiline(text); text.gsub(/\n/, '\n'); end - - end + # @note This module contains a list of utils functions to use when writing commands + module CommandUtils + # Format a string to support multiline in javascript. + # @param [String] text String to convert + # @return [String] Formatted string + def format_multiline(text); text.gsub(/\n/, '\n'); end - - # @note The Command Module Context is being used when evaluating code in eruby. - # In other words, we use that code to add funky functions to the - # javascript templates of our commands. - class CommandContext < Erubis::Context - include BeEF::Core::CommandUtils - - # Constructor - # @param [Hash] hash - def initialize(hash=nil); - super(hash); end - - end - - # @note This class is the base class for all command modules in the framework. - # Two instances of this object are created during the execution of command module. - class Command - - attr_reader :datastore, :path, :default_command_url, :beefjs_components, :friendlyname - attr_accessor :zombie, :command_id, :session_id - - include BeEF::Core::CommandUtils - include BeEF::Core::Constants::Browsers - include BeEF::Core::Constants::CommandModule - # Super class controller - # @param [String] key command module key - def initialize(key) - config = BeEF::Core::Configuration.instance - @key = key - @datastore = {} - @friendlyname = config.get("beef.module.#{key}.name") - @output = '' - @path = config.get("beef.module.#{key}.path") - @default_command_url = config.get("beef.module.#{key}.mount") - @id = config.get("beef.module.#{key}.db.id") - @auto_update_zombie = false - @results = {} - @beefjs_components = {} + + # @note The Command Module Context is being used when evaluating code in eruby. + # In other words, we use that code to add funky functions to the + # javascript templates of our commands. + class CommandContext < Erubis::Context + include BeEF::Core::CommandUtils + + # Constructor + # @param [Hash] hash + def initialize(hash=nil); + super(hash); + end + end - - # This function is called just before the instructions are sent to hooked browser. - def pre_send; end - - # Callback method. This function is called when the hooked browser sends results back. - def callback; end - - # If the command requires some data to be sent back, this function will process them. - # @param [] head - # @param [Hash] params Hash of parameters - # @todo Determine argument "head" type - def process_zombie_response(head, params); end - - # Returns true if the command needs configurations to work. False if not. - # @deprecated This command should not be used since the implementation of the new configuration system - def needs_configuration?; !@datastore.nil?; end - - # Returns information about the command in a JSON format. - # @return [String] JSON formatted string - def to_json - { - 'Name' => @friendlyname, - 'Description' => BeEF::Core::Configuration.instance.get("beef.module.#{@key}.description"), - 'Category' => BeEF::Core::Configuration.instance.get("beef.module.#{@key}.category"), - 'Data' => BeEF::Module.get_options(@key) - }.to_json - end - - # Builds the 'datastore' attribute of the command which is used to generate javascript code. - # @param [Hash] data Data to be inserted into the datastore - # @todo Confirm argument "data" type - def build_datastore(data); + + # @note This class is the base class for all command modules in the framework. + # Two instances of this object are created during the execution of command module. + class Command + + attr_reader :datastore, :path, :default_command_url, :beefjs_components, :friendlyname + attr_accessor :zombie, :command_id, :session_id + + include BeEF::Core::CommandUtils + include BeEF::Core::Constants::Browsers + include BeEF::Core::Constants::CommandModule + + # Super class controller + # @param [String] key command module key + def initialize(key) + config = BeEF::Core::Configuration.instance + + @key = key + @datastore = {} + @friendlyname = config.get("beef.module.#{key}.name") + @output = '' + @path = config.get("beef.module.#{key}.path") + @default_command_url = config.get("beef.module.#{key}.mount") + @id = config.get("beef.module.#{key}.db.id") + @auto_update_zombie = false + @results = {} + @beefjs_components = {} + end + + # This function is called just before the instructions are sent to hooked browser. + def pre_send; end + + # Callback method. This function is called when the hooked browser sends results back. + def callback; end + + # If the command requires some data to be sent back, this function will process them. + # @param [] head + # @param [Hash] params Hash of parameters + # @todo Determine argument "head" type + def process_zombie_response(head, params); end + + # Returns true if the command needs configurations to work. False if not. + # @deprecated This command should not be used since the implementation of the new configuration system + def needs_configuration?; !@datastore.nil?; end + + # Returns information about the command in a JSON format. + # @return [String] JSON formatted string + def to_json + { + 'Name' => @friendlyname, + 'Description' => BeEF::Core::Configuration.instance.get("beef.module.#{@key}.description"), + 'Category' => BeEF::Core::Configuration.instance.get("beef.module.#{@key}.category"), + 'Data' => BeEF::Module.get_options(@key) + }.to_json + end + + # Builds the 'datastore' attribute of the command which is used to generate javascript code. + # @param [Hash] data Data to be inserted into the datastore + # @todo Confirm argument "data" type + def build_datastore(data); @datastore = JSON.parse(data) - end - - # Sets the datastore for the callback function. This function is meant to be called by the CommandHandler - # @param [Hash] http_params HTTP parameters - # @param [Hash] http_headers HTTP headers - def build_callback_datastore(http_params, http_headers) - @datastore = {'http_headers' => {}} # init the datastore - - # get, check and add the http_params to the datastore - http_params.keys.each { |http_params_key| - (print_error 'http_params_key is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_key?(http_params_key) - http_params_value = Erubis::XmlHelper.escape_xml(http_params[http_params_key]) - (print_error 'http_params_value is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_param?(http_params_value) - @datastore[http_params_key] = http_params_value # add the checked key and value to the datastore - } + end - # get, check and add the http_headers to the datastore - http_headers.keys.each { |http_header_key| - (print_error 'http_header_key is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_key?(http_header_key) - http_header_value = Erubis::XmlHelper.escape_xml(http_headers[http_header_key][0]) - (print_error 'http_header_value is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_param?(http_header_value) - @datastore['http_headers'][http_header_key] = http_header_value # add the checked key and value to the datastore - } - end - - # Returns the output of the command. These are the actual instructions sent to the browser. - # @return [String] The command output - def output + # Sets the datastore for the callback function. This function is meant to be called by the CommandHandler + # @param [Hash] http_params HTTP parameters + # @param [Hash] http_headers HTTP headers + def build_callback_datastore(http_params, http_headers) + @datastore = {'http_headers' => {}} # init the datastore + + # get, check and add the http_params to the datastore + http_params.keys.each { |http_params_key| + (print_error 'http_params_key is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_key?(http_params_key) + http_params_value = Erubis::XmlHelper.escape_xml(http_params[http_params_key]) + (print_error 'http_params_value is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_param?(http_params_value) + @datastore[http_params_key] = http_params_value # add the checked key and value to the datastore + } + + # get, check and add the http_headers to the datastore + http_headers.keys.each { |http_header_key| + (print_error 'http_header_key is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_key?(http_header_key) + http_header_value = Erubis::XmlHelper.escape_xml(http_headers[http_header_key][0]) + (print_error 'http_header_value is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_param?(http_header_value) + @datastore['http_headers'][http_header_key] = http_header_value # add the checked key and value to the datastore + } + end + + # Returns the output of the command. These are the actual instructions sent to the browser. + # @return [String] The command output + def output f = @path+'command.js' (print_error "#{f} file does not exist";return) if not File.exists? f command = BeEF::Core::Models::Command.first(:id => @command_id) - - @eruby = Erubis::FastEruby.new(File.read(f)) + + @eruby = Erubis::FastEruby.new(File.read(f)) data = BeEF::Core::Configuration.instance.get("beef.module.#{@key}") cc = BeEF::Core::CommandContext.new cc['command_url'] = @default_command_url cc['command_id'] = @command_id JSON.parse(command['data']).each{|v| - cc[v['name']] = v['value'] + cc[v['name']] = v['value'] } if self.respond_to?(:execute) - self.execute + self.execute end @output = @eruby.evaluate(cc) - - @output - end - - # Saves the results received from the hooked browser - # @param [Hash] results Results from hooked browser - def save(results) - @results = results - end - # If nothing else than the file is specified, the function will map the file to a random path without any extension. - # @param [String] file File to be mounted - # @param [String] path URL path to mounted file - # @param [String] extension URL extension - # @param [Integer] count The amount of times this file can be accessed before being automatically unmounted - # @deprecated This function is possibly deprecated in place of the API - def map_file_to_url(file, path=nil, extension=nil, count=1) - return BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind(file, path, extension, count) - end - - # Tells the framework to load a specific module of the BeEFJS library that the command will be using. - # @param [String] component String of BeEFJS component to load - # @note Example: use 'beef.net.local' - def use(component) - return if @beefjs_components.include? component - - component_path = '/'+component - component_path.gsub!(/beef./, '') - component_path.gsub!(/\./, '/') - component_path.replace "#{$root_dir}/core/main/client/#{component_path}.js" - - raise "Invalid beefjs component for command module #{@path}" if not File.exists?(component_path) - - @beefjs_components[component] = component_path - end + @output + end - # @todo Document - def oc_value(name) + # Saves the results received from the hooked browser + # @param [Hash] results Results from hooked browser + def save(results) + @results = results + end + + # If nothing else than the file is specified, the function will map the file to a random path without any extension. + # @param [String] file File to be mounted + # @param [String] path URL path to mounted file + # @param [String] extension URL extension + # @param [Integer] count The amount of times this file can be accessed before being automatically unmounted + # @deprecated This function is possibly deprecated in place of the API + def map_file_to_url(file, path=nil, extension=nil, count=1) + return BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind(file, path, extension, count) + end + + # Tells the framework to load a specific module of the BeEFJS library that the command will be using. + # @param [String] component String of BeEFJS component to load + # @note Example: use 'beef.net.local' + def use(component) + return if @beefjs_components.include? component + + component_path = '/'+component + component_path.gsub!(/beef./, '') + component_path.gsub!(/\./, '/') + component_path.replace "#{$root_dir}/core/main/client/#{component_path}.js" + + raise "Invalid beefjs component for command module #{@path}" if not File.exists?(component_path) + + @beefjs_components[component] = component_path + end + + # @todo Document + def oc_value(name) option = BeEF::Core::Models::OptionCache.first(:name => name) - return nil if not option - return option.value - end + return nil if not option + return option.value + end + + # @todo Document + def apply_defaults() + @datastore.each { |opt| + opt["value"] = oc_value(opt["name"]) || opt["value"] + } + end + + private + + @use_template + @eruby + @update_zombie + @results + + end + - # @todo Document - def apply_defaults() - @datastore.each { |opt| - opt["value"] = oc_value(opt["name"]) || opt["value"] - } - end - - private - - @use_template - @eruby - @update_zombie - @results - end - - -end end diff --git a/core/main/configuration.rb b/core/main/configuration.rb index 9fc1268b2..6db3b9f0d 100644 --- a/core/main/configuration.rb +++ b/core/main/configuration.rb @@ -15,115 +15,115 @@ # module BeEF -module Core + module Core - class Configuration - - include Singleton - - # Loads the default configuration system - # @param [String] configuration_file Configuration file to be loaded, by default loads $root_dir/config.yaml - def initialize(configuration_file="#{$root_dir}/config.yaml") - # argument type checking - raise Exception::TypeError, '"configuration_file" needs to be a string' if not configuration_file.string? - # test to make sure file exists - raise Exception::TypeError, 'Configuration yaml cannot be found' if not File.exist?(configuration_file) - begin - #open base config - @config = self.load(configuration_file) - # set default value if key? does not exist - @config.default = nil - rescue Exception => e - print_error "Fatal Error: cannot load configuration file" - print_debug e + class Configuration + + include Singleton + + # Loads the default configuration system + # @param [String] configuration_file Configuration file to be loaded, by default loads $root_dir/config.yaml + def initialize(configuration_file="#{$root_dir}/config.yaml") + # argument type checking + raise Exception::TypeError, '"configuration_file" needs to be a string' if not configuration_file.string? + # test to make sure file exists + raise Exception::TypeError, 'Configuration yaml cannot be found' if not File.exist?(configuration_file) + begin + #open base config + @config = self.load(configuration_file) + # set default value if key? does not exist + @config.default = nil + rescue Exception => e + print_error "Fatal Error: cannot load configuration file" + print_debug e + end end - end - # Loads yaml file - # @param [String] file YAML file to be loaded - # @return [Hash] YAML formatted hash - def load(file) - begin - return nil if not File.exists?(file) - raw = File.read(file) - return YAML.load(raw) - rescue Exception => e - print_debug "Unable to load '#{file}' #{e}" - return nil + # Loads yaml file + # @param [String] file YAML file to be loaded + # @return [Hash] YAML formatted hash + def load(file) + begin + return nil if not File.exists?(file) + raw = File.read(file) + return YAML.load(raw) + rescue Exception => e + print_debug "Unable to load '#{file}' #{e}" + return nil + end end - end - # Returns the value of a selected key in the configuration file. - # @param [String] key Key of configuration item - # @return [Hash|String] The resulting value stored against the 'key' - def get(key) + # Returns the value of a selected key in the configuration file. + # @param [String] key Key of configuration item + # @return [Hash|String] The resulting value stored against the 'key' + def get(key) subkeys = key.split('.') lastkey = subkeys.pop subhash = subkeys.inject(@config) do |hash, k| - hash[k] + hash[k] end - return (subhash != nil and subhash.has_key?(lastkey)) ? subhash[lastkey] : nil - end + return (subhash != nil and subhash.has_key?(lastkey)) ? subhash[lastkey] : nil + end - # Sets the give key value pair to the config instance - # @param [String] key The configuration key - # @param value The value to be stored against the 'key' - # @return [Boolean] If the store procedure was successful - def set(key, value) + # Sets the give key value pair to the config instance + # @param [String] key The configuration key + # @param value The value to be stored against the 'key' + # @return [Boolean] If the store procedure was successful + def set(key, value) subkeys = key.split('.').reverse return false if subkeys.length == 0 hash = {subkeys.shift.to_s => value} subkeys.each{|v| - hash = {v.to_s => hash} + hash = {v.to_s => hash} } @config = @config.deep_merge(hash) return true - end + end - # Clears the given key hash - # @param [String] key Configuration key to be cleared - # @return [Boolean] If the configuration key was cleared - def clear(key) + # Clears the given key hash + # @param [String] key Configuration key to be cleared + # @return [Boolean] If the configuration key was cleared + def clear(key) subkeys = key.split('.') return false if subkeys.length == 0 lastkey = subkeys.pop hash = @config subkeys.each{|v| - hash = hash[v] + hash = hash[v] } - return (hash.delete(lastkey) == nil) ? false : true - end + return (hash.delete(lastkey) == nil) ? false : true + end - # Load extensions configurations - def load_extensions_config + # Load extensions configurations + def load_extensions_config self.set('beef.extension', {}) Dir.glob("#{$root_dir}/extensions/*/config.yaml") do | cf | - y = self.load(cf) - if y != nil - y['beef']['extension'][y['beef']['extension'].keys.first]['path'] = cf.gsub(/config\.yaml/, '').gsub(/#{$root_dir}\//, '') - @config = y.deep_merge(@config) - else - print_error "Unable to load extension configuration '#{cf}'" - end + y = self.load(cf) + if y != nil + y['beef']['extension'][y['beef']['extension'].keys.first]['path'] = cf.gsub(/config\.yaml/, '').gsub(/#{$root_dir}\//, '') + @config = y.deep_merge(@config) + else + print_error "Unable to load extension configuration '#{cf}'" + end end - end + end - # Load module configurations - def load_modules_config + # Load module configurations + def load_modules_config self.set('beef.module', {}) Dir.glob("#{$root_dir}/modules/**/*/config.yaml") do | cf | - y = self.load(cf) - if y != nil - y['beef']['module'][y['beef']['module'].keys.first]['path'] = cf.gsub(/config\.yaml/, '').gsub(/#{$root_dir}\//, '') - @config = y.deep_merge(@config) - # API call for post module config load - BeEF::API::Registrar.instance.fire(BeEF::API::Configuration, 'module_configuration_load', y['beef']['module'].keys.first) - else - print_error "Unable to load module configuration '#{cf}'" - end + y = self.load(cf) + if y != nil + y['beef']['module'][y['beef']['module'].keys.first]['path'] = cf.gsub(/config\.yaml/, '').gsub(/#{$root_dir}\//, '') + @config = y.deep_merge(@config) + # API call for post module config load + BeEF::API::Registrar.instance.fire(BeEF::API::Configuration, 'module_configuration_load', y['beef']['module'].keys.first) + else + print_error "Unable to load module configuration '#{cf}'" + end end - end + end + end end end -end diff --git a/core/ruby/patches/dm-do-adapter/adapter.rb b/core/ruby/patches/dm-do-adapter/adapter.rb index b43fe15c0..9d5d92a60 100644 --- a/core/ruby/patches/dm-do-adapter/adapter.rb +++ b/core/ruby/patches/dm-do-adapter/adapter.rb @@ -55,27 +55,27 @@ module DataMapper def normalized_uri @normalized_uri ||= - begin - keys = [ - :adapter, :user, :password, :host, :port, :path, :fragment, - :scheme, :query, :username, :database ] - query = DataMapper::Ext::Hash.except(@options, keys) - query = nil if query.empty? + begin + keys = [ + :adapter, :user, :password, :host, :port, :path, :fragment, + :scheme, :query, :username, :database ] + query = DataMapper::Ext::Hash.except(@options, keys) + query = nil if query.empty? - # Better error message in case port is no Numeric value - port = @options[:port].nil? ? nil : @options[:port].to_int + # Better error message in case port is no Numeric value + port = @options[:port].nil? ? nil : @options[:port].to_int - DataObjects::URI.new({ - :scheme => @options[:adapter], - :user => @options[:user] || @options[:username], - :password => @options[:password], - :host => @options[:host], - :port => port, - :path => @options[:path] || @options[:database], - :query => query, - :fragment => @options[:fragment] - }).freeze - end + DataObjects::URI.new({ + :scheme => @options[:adapter], + :user => @options[:user] || @options[:username], + :password => @options[:password], + :host => @options[:host], + :port => port, + :path => @options[:path] || @options[:database], + :query => query, + :fragment => @options[:fragment] + }).freeze + end end end