From 3c4a0fad347e95aff03379e6f56ef890176cd4f6 Mon Sep 17 00:00:00 2001
From: Christian Frichot <xntrik@gmail.com>
Date: Sun, 20 Jan 2013 16:59:01 +0800
Subject: [PATCH] New bind_redirect method added to the AssetHandler. See #664

---
 core/bootstrap.rb                             |  1 +
 core/main/network_stack/assethandler.rb       |  9 +++
 .../main/network_stack/handlers/redirector.rb | 41 ++++++++++++
 .../main/network_stack/handlers/redirector.rb | 66 +++++++++++++++++++
 test/unit/ts_unit.rb                          |  2 +
 5 files changed, 119 insertions(+)
 create mode 100644 core/main/network_stack/handlers/redirector.rb
 create mode 100644 test/unit/core/main/network_stack/handlers/redirector.rb

diff --git a/core/bootstrap.rb b/core/bootstrap.rb
index 8d227cee6..cf23f03e3 100644
--- a/core/bootstrap.rb
+++ b/core/bootstrap.rb
@@ -24,6 +24,7 @@ require 'core/main/handlers/browserdetails'
 
 # @note Include the network stack
 require 'core/main/network_stack/handlers/dynamicreconstruction'
+require 'core/main/network_stack/handlers/redirector'
 require 'core/main/network_stack/assethandler'
 require 'core/main/network_stack/api'
 
diff --git a/core/main/network_stack/assethandler.rb b/core/main/network_stack/assethandler.rb
index 48667fdd1..a4304cc10 100644
--- a/core/main/network_stack/assethandler.rb
+++ b/core/main/network_stack/assethandler.rb
@@ -24,6 +24,15 @@ module Handlers
       @root_dir = File.expand_path('../../../../', __FILE__)
     end
 
+    def bind_redirect(target, path=nil)
+      url = build_url(path,nil)
+      @allocations[url] = {'target' => target}
+      @http_server.mount(url,BeEF::Core::NetworkStack::Handlers::Redirector.new(target))
+      @http_server.remap
+      print_info "Redirector to [" + target + "] bound to url [" + url + "]"
+      url
+    end
+
     # Binds a file to a mount point
     # @param [String] file File path to asset
     # @param [String] path URL path to mount the asset to (can be nil for random path)
diff --git a/core/main/network_stack/handlers/redirector.rb b/core/main/network_stack/handlers/redirector.rb
new file mode 100644
index 000000000..949cdd535
--- /dev/null
+++ b/core/main/network_stack/handlers/redirector.rb
@@ -0,0 +1,41 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+module BeEF
+  module Core
+    module NetworkStack
+      module Handlers
+
+        # @note Redirector is used as a Rack app for mounting HTTP redirectors, instead of content
+        class Redirector
+
+	        @target = "" 	
+
+	        def initialize(target)
+	        	@target = target
+	        end
+
+	        def call(env)
+	        	@response = Rack::Response.new(
+	        		body = ['302 found'],
+	        		status = 302,
+	        		header = {
+	        			'Content-Type' => 'text',
+	        			'Location' => @target
+	        		}
+	        	)
+	        end
+
+	        private
+
+	        @request
+
+	        @response
+
+	    end
+	end
+end
+end
+end
diff --git a/test/unit/core/main/network_stack/handlers/redirector.rb b/test/unit/core/main/network_stack/handlers/redirector.rb
new file mode 100644
index 000000000..ffdc214dc
--- /dev/null
+++ b/test/unit/core/main/network_stack/handlers/redirector.rb
@@ -0,0 +1,66 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+require 'test/unit'
+require 'rubygems'
+require 'curb'
+
+class TC_Redirector < Test::Unit::TestCase
+
+  @@port = 20000 + rand(10000)
+
+  def setup
+    $root_dir="../../"
+    $:.unshift File.join( %w{ ../../ } )
+    require 'core/loader'
+    require 'core/main/network_stack/assethandler.rb'
+    require 'core/main/network_stack/handlers/redirector.rb'
+
+    @@port += 1 # cycle through ports because the tcp teardown process is too slow
+    @port = @@port
+
+    config = {}
+    config[:BindAddress] = '127.0.0.1'
+    config[:Port] = @port.to_s
+    @mounts = {}
+    @mounts['/test'] = BeEF::Core::NetworkStack::Handlers::Redirector.new('http://www.beefproject.com')
+    @rackApp = Rack::URLMap.new(@mounts)
+    Thin::Logging.silent = true
+    @server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp)
+    trap("INT") { @server.stop }
+    trap("TERM") { @server.stop }
+
+    @pid = fork do
+      @server.start!
+    end
+  end
+
+  def teardown
+    Process.kill("INT",@pid)
+    $root_dir = nil
+  end
+
+  # the server doesn't offer a mutex or callback
+  def wait_for_server
+    max_waits = 3
+    sleep_length = 0.1
+
+    count = 0
+    while (count < max_waits)
+      break if @server.running?
+      count += 1
+      sleep sleep_length
+    end
+  end
+
+  def test_get
+    wait_for_server
+    response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test/")
+    assert_equal 302, response.response_code
+    assert_equal "302 found", response.body_str
+    assert_match /Location: http:\/\/www\.beefproject\.com/, response.header_str
+  end
+
+end
diff --git a/test/unit/ts_unit.rb b/test/unit/ts_unit.rb
index 109e99ba6..f64dee109 100644
--- a/test/unit/ts_unit.rb
+++ b/test/unit/ts_unit.rb
@@ -9,6 +9,7 @@ require '../common/ts_common'
 
 require './core/filter/tc_base'
 require './core/filter/tc_command'
+require './core/main/network_stack/handlers/redirector'
 require './core/tc_loader'
 require './core/tc_core'
 require './core/tc_api'
@@ -53,6 +54,7 @@ class TS_BeefTests
     suite << TC_Hackverter.suite
     suite << TC_EventLogger.suite
 	suite << TC_Hooks.suite
+    suite << TC_Redirector.suite
 
     return suite
   end