Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:beefproject/beef

Browse Source
This commit is contained in:
Mike Haworth
2012-05-29 22:44:52 +12:00
parent 5aa2cefc43 0ac7023df1
commit 4e75c869ff
6 changed files with 85 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
core/filters/browser.rb
View File

@@ -78,10 +78,10 @@ module Filters
true
end
# Verify the screen params are valid
# Verify the screen size is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid screen param characters
def self.is_valid_screen_params?(str)
# @return [Boolean] If the string has valid screen size characters
def self.is_valid_screen_size?(str)
return false if has_non_printable_char?(str)
return false if str.length > 200
true
@@ -105,6 +105,15 @@ module Filters
true
end
# Verify the date stamp is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid date stamp characters
def self.is_valid_date_stamp?(str)
return false if has_non_printable_char?(str)
return false if str.length > 200
true
end
# Verify the browser_plugins string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid browser plugin characters

8
core/main/client/browser.js
View File

@@ -714,7 +714,7 @@ beef.browser = {
/**
* Returns zombie screen size and color depth.
*/
getScreenParams: function() {
getScreenSize: function() {
return {
width: window.screen.width,
height: window.screen.height,
@@ -763,10 +763,11 @@ beef.browser = {
var hostname = document.location.hostname;
var hostport = (document.location.port)? document.location.port : "80";
var browser_plugins = beef.browser.getPlugins();
var date_stamp = new Date().toString();
var os_name = beef.os.getName();
var system_platform = (typeof(navigator.platform) != "undefined" && navigator.platform != "") ? navigator.platform : null;
var browser_type = JSON.stringify(beef.browser.type(), function (key, value) {if (value == true) return value; else if (typeof value == 'object') return value; else return;});
var screen_params = beef.browser.getScreenParams();
var screen_size = beef.browser.getScreenSize();
var window_size = beef.browser.getWindowSize();
var java_enabled = (beef.browser.javaEnabled())? "Yes" : "No";
var vbscript_enabled=(beef.browser.hasVBScript())? "Yes" : "No";
@@ -788,9 +789,10 @@ beef.browser = {
if(hostport) details["HostPort"] = hostport;
if(browser_plugins) details["BrowserPlugins"] = browser_plugins;
if(os_name) details['OsName'] = os_name;
if(date_stamp) details['DateStamp'] = date_stamp;
if(system_platform) details['SystemPlatform'] = system_platform;
if(browser_type) details['BrowserType'] = browser_type;
if(screen_params) details['ScreenParams'] = screen_params;
if(screen_size) details['ScreenSize'] = screen_size;
if(window_size) details['WindowSize'] = window_size;
if(java_enabled) details['JavaEnabled'] = java_enabled;
if(vbscript_enabled) details['VBScriptEnabled'] = vbscript_enabled

4
core/main/client/browser/popup.js
View File

@@ -25,7 +25,7 @@ beef.browser.popup = {
blocker_enbabled: function ()
{
screenParams = beef.browser.getScreenParams();
screenParams = beef.browser.getScreenSize();
var popUp = window.open('/', 'windowName0', 'width=1, height=1, left='+screenParams.width+', top='+screenParams.height+', scrollbars, resizable');
if (popUp == null || typeof(popUp)=='undefined') {
return true;
@@ -36,4 +36,4 @@ beef.browser.popup = {
}
};
beef.regCmp('beef.browser.popup');
beef.regCmp('beef.browser.popup');

16
core/main/handlers/browserdetails.rb
View File

@@ -118,6 +118,14 @@ module BeEF
self.err_msg "Invalid operating system name returned from the hook browser's initial connection."
end
# get and store the date
date_stamp = get_param(@data['results'], 'DateStamp')
if BeEF::Filters.is_valid_date_stamp?(date_stamp)
BD.set(session_id, 'DateStamp', date_stamp)
else
self.err_msg "Invalid date returned from the hook browser's initial connection."
end
# get and store page title
page_title = get_param(@data['results'], 'PageTitle')
if BeEF::Filters.is_valid_pagetitle?(page_title)
@@ -175,11 +183,11 @@ module BeEF
end
# get and store the zombie screen size and color depth
screen_params = get_param(@data['results'], 'ScreenParams')
if BeEF::Filters.is_valid_screen_params?(screen_params)
BD.set(session_id, 'ScreenParams', screen_params)
screen_size = get_param(@data['results'], 'ScreenSize')
if BeEF::Filters.is_valid_screen_size?(screen_size)
BD.set(session_id, 'ScreenSize', screen_size)
else
self.err_msg "Invalid screen params returned from the hook browser's initial connection."
self.err_msg "Invalid screen size returned from the hook browser's initial connection."
end
# get and store the window size

39
extensions/admin_ui/controllers/modules/modules.rb
View File

@@ -119,21 +119,36 @@ class Modules < BeEF::Extension::AdminUI::HttpController
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the date stamp
date_stamp = BD.get(zombie_session, 'DateStamp')
if not date_stamp.nil?
encoded_date_stamp = CGI.escapeHTML(date_stamp)
encoded_date_stamp_hash = { 'Date' => encoded_date_stamp }
page_name_row = {
'category' => 'Host',
'data' => encoded_date_stamp_hash,
'from' => 'Initialization'
}
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the os name
os_name = BD.get(zombie_session, 'OsName')
if not host_name.nil?
encoded_os_name = CGI.escapeHTML(os_name)
encoded_os_name_hash = { 'OS Name' => encoded_os_name }
page_name_row = {
'category' => 'Host',
'data' => encoded_os_name_hash,
'from' => 'Initialization'
}
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the browser name
browser_name = BD.get(zombie_session, 'BrowserName')
if not browser_name.nil?
@@ -224,24 +239,24 @@ class Modules < BeEF::Extension::AdminUI::HttpController
end
# set and add the zombie screen size and color depth
screen_params = BD.get(zombie_session, 'ScreenParams')
if not screen_params.nil?
screen_size = BD.get(zombie_session, 'ScreenSize')
if not screen_size.nil?
screen_params_hash = JSON.parse(screen_params.gsub(/\"\=\>/, '":')) # tidy up the string for JSON
width = screen_params_hash['width']
screen_size_hash = JSON.parse(screen_size.gsub(/\"\=\>/, '":')) # tidy up the string for JSON
width = screen_size_hash['width']
(print_error "width is wrong type";return) if not width.is_a?(Fixnum)
height = screen_params_hash['height']
height = screen_size_hash['height']
(print_error "height is wrong type";return) if not height.is_a?(Fixnum)
colordepth = screen_params_hash['colordepth']
colordepth = screen_size_hash['colordepth']
(print_error "colordepth is wrong type";return) if not colordepth.is_a?(Fixnum)
# construct the string to be displayed in the details tab
encoded_screen_params = CGI.escapeHTML("Width: "+width.to_s + ", Height: " + height.to_s + ", Colour Depth: " + colordepth.to_s)
encoded_screen_params_hash = { 'Screen Params' => encoded_screen_params }
encoded_screen_size = CGI.escapeHTML("Width: "+width.to_s + ", Height: " + height.to_s + ", Colour Depth: " + colordepth.to_s)
encoded_screen_size_hash = { 'Screen Size' => encoded_screen_size }
page_name_row = {
'category' => 'Host',
'data' => encoded_screen_params_hash,
'data' => encoded_screen_size_hash,
'from' => 'Initialization'
}

39
extensions/console/lib/shellinterface.rb
View File

@@ -328,21 +328,36 @@ class ShellInterface
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the date
date_stamp = BD.get(self.targetsession, 'DateStamp')
if not date_stamp.nil?
encoded_date_stamp = CGI.escapeHTML(date_stamp)
encoded_date_stamp_hash = { 'Date' => encoded_date_stamp }
page_name_row = {
'category' => 'Host',
'data' => encoded_date_stamp,
'from' => 'Initialization'
}
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the os name
os_name = BD.get(self.targetsession, 'OsName')
if not os_name.nil?
encoded_os_name = CGI.escapeHTML(os_name)
encoded_os_name_hash = { 'OS Name' => encoded_os_name }
page_name_row = {
'category' => 'Host',
'data' => encoded_os_name_hash,
'from' => 'Initialization'
}
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the browser name
browser_name = BD.get(self.targetsession, 'BrowserName')
if not browser_name.nil?
@@ -433,21 +448,21 @@ class ShellInterface
end
# set and add the zombie screen size and color depth
screen_params = BD.get(self.targetsession, 'ScreenParams')
if not screen_params.nil?
screen_size = BD.get(self.targetsession, 'ScreenSize')
if not screen_size.nil?
screen_params_hash = JSON.parse(screen_params.gsub(/\"\=\>/, '":')) # tidy up the string for JSON
width = screen_params_hash['width']
height = screen_params_hash['height']
colordepth = screen_params_hash['colordepth']
screen_size_hash = JSON.parse(screen_size.gsub(/\"\=\>/, '":')) # tidy up the string for JSON
width = screen_size_hash['width']
height = screen_size_hash['height']
colordepth = screen_size_hash['colordepth']
# construct the string to be displayed in the details tab
encoded_screen_params = CGI.escapeHTML("Width: "+width.to_s + ", Height: " + height.to_s + ", Colour Depth: " + colordepth.to_s)
encoded_screen_params_hash = { 'Screen Params' => encoded_screen_params }
encoded_screen_size = CGI.escapeHTML("Width: "+width.to_s + ", Height: " + height.to_s + ", Colour Depth: " + colordepth.to_s)
encoded_screen_size_hash = { 'Screen Size' => encoded_screen_size }
page_name_row = {
'category' => 'Host',
'data' => encoded_screen_params_hash,
'data' => encoded_screen_size_hash,
'from' => 'Initialization'
}