From 6188fe4be9db89c4a43f84e0b4d0bab77ddf0cbf Mon Sep 17 00:00:00 2001
From: antisnatchor <antisnatchor@gmail.com>
Date: Sun, 22 Jul 2012 11:52:27 +0100
Subject: [PATCH] Fix issue #723. Added amin_ui authenticated endpoints that
 returns the RESTful api token. useful when calling the Restful api from ExtJS

---
 extensions/admin_ui/controllers/modules/modules.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/extensions/admin_ui/controllers/modules/modules.rb b/extensions/admin_ui/controllers/modules/modules.rb
index 6fce2a02c..a3d0c087c 100644
--- a/extensions/admin_ui/controllers/modules/modules.rb
+++ b/extensions/admin_ui/controllers/modules/modules.rb
@@ -28,6 +28,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
   def initialize
     super({
       'paths' => {
+        '/getRestfulApiToken.json'          => method(:get_restful_api_token),
         '/select/commandmodules/all.json'   => method(:select_all_command_modules),
         '/select/commandmodules/tree.json'  => method(:select_command_modules_tree),
         '/select/commandmodule.json'        => method(:select_command_module),
@@ -43,6 +44,17 @@ class Modules < BeEF::Extension::AdminUI::HttpController
     
     @session = BeEF::Extension::AdminUI::Session.instance
   end
+
+  # @note Returns the RESTful api key. Authenticated call, so callable only
+  # from the admin UI after successful authentication (cookie).
+  # -> http://127.0.0.1:3000/ui/modules/getRestfulApiToken.json
+  # response
+  # <- {"token":"800679edbb59976935d7673924caaa9e99f55c32"}
+  def get_restful_api_token
+     @body = {
+         'token' => BeEF::Core::Configuration.instance.get("beef.api_token")
+     }.to_json
+  end
   
   # Returns a JSON array containing the summary for a selected zombie.
   def select_zombie_summary