Fix for #264 - new issue will be raised to correct the lax filter introduced in this commit

git-svn-id: https://beef.googlecode.com/svn/trunk@724 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
2011-02-03 08:34:19 +00:00
parent fef9915a76
commit 6042ff0530
4 changed files with 12 additions and 6 deletions
--- a/lib/filter/base.rb
+++ b/lib/filter/base.rb
@@ -89,6 +89,12 @@ module BeEF
      return false if not is_non_empty_string?(str)
      (str =~ /[^\302\256[:print:]]/).nil? # \302\256 is the (r) character 
    end  
+    
+    # verbose filter
+    def self.has_valid_verbose_details_chars?(str)
+      return false if not is_non_empty_string?(str)
+      (str =~ /[^\w\d\s{}()-.,;:&_=\/!\302\256]/).nil? # \302\256 is the (r) character 
+    end

  end
  
--- a/lib/filter/command.rb
+++ b/lib/filter/command.rb
@@ -34,7 +34,7 @@ module BeEF
    # check if valid command module datastore value
    def self.is_valid_command_module_datastore_param?(str)
      return false if has_null?(str)
-      return false if not has_valid_base_chars?(str)
+      return false if not has_valid_verbose_details_chars?(str)
      true
    end

--- a/lib/modules/command.rb
+++ b/lib/modules/command.rb
@@ -105,7 +105,7 @@ module BeEF
      @datastore = {'http_headers' => {}} # init the datastore
      
      # get, check and add the http_params to the datastore
-      http_params.keys.each {|http_params_key|
+      http_params.keys.each { |http_params_key|
        raise WEBrick::HTTPStatus::BadRequest, "http_params_key is invalid" if not BeEF::Filter.is_valid_command_module_datastore_key?(http_params_key)
        http_params_value = Erubis::XmlHelper.escape_xml(http_params[http_params_key])
        raise WEBrick::HTTPStatus::BadRequest, "http_params_value is invalid" if not BeEF::Filter.is_valid_command_module_datastore_param?(http_params_value)
--- a/modules/commands/browser/detect_details/detect_details.js
+++ b/modules/commands/browser/detect_details/detect_details.js
@@ -50,13 +50,13 @@ function serialize(_obj)
 	}
 }

-	var plugins = beef.browser.getPlugins();
-	var browser_type = serialize(beef.browser.type());
+	var plugins = escape(beef.browser.getPlugins());
+	var browser_type = escape(serialize(beef.browser.type()));
    var java_enabled = (beef.browser.hasJava())? "Yes" : "No";
    var vbscript_enabled = (beef.browser.hasVBScript())? "Yes" : "No";
    var has_flash = (beef.browser.hasFlash())? "Yes" : "No";
    var has_googlegears = (beef.browser.hasGoogleGears())? "Yes" : "No";
-    var screen_params = serialize(beef.browser.getScreenParams());
-    var window_size = serialize(beef.browser.getWindowSize());
+    var screen_params = escape(serialize(beef.browser.getScreenParams()));
+    var window_size = escape(serialize(beef.browser.getWindowSize()));
    beef.net.sendback('<%= @command_url %>', <%= @command_id %>, 'plugins='+plugins+'&java_enabled='+java_enabled+'&vbscript_enabled='+vbscript_enabled+'&has_flash='+has_flash+'&has_googlegears='+has_googlegears+'&browser_type='+browser_type+'&screen_params='+screen_params+'&window_size='+window_size);
 });