diff --git a/core/main/handlers/modules/command.rb b/core/main/handlers/modules/command.rb index db4152a55..d999c9919 100644 --- a/core/main/handlers/modules/command.rb +++ b/core/main/handlers/modules/command.rb @@ -21,7 +21,7 @@ module Modules raise WEBrick::HTTPStatus::BadRequest, "command_module.path is nil" if command_module.path.nil? if(command_module.path.match(/^Dynamic/)) - command_module = BeEF::Modules::Commands.const_get(command_module.name.capitalize).new + command_module = BeEF::Modules::Commands.const_get(command_module.path.split('/').last.capitalize).new else command_module = BeEF::Core::Command.const_get(command_module.name.capitalize).new end diff --git a/core/modules.rb b/core/modules.rb index c9a99787a..47da1bc55 100644 --- a/core/modules.rb +++ b/core/modules.rb @@ -10,6 +10,10 @@ module Modules def self.get_loaded return BeEF::Core::Configuration.instance.get('beef.module').select {|k,v| v['loaded'] == true } end + + def self.get_stored_in_db + return BeEF::Core::Models::CommandModule.all(:order => [:id.asc]) + end # Loads modules diff --git a/extensions/admin_ui/controllers/modules/modules.rb b/extensions/admin_ui/controllers/modules/modules.rb index 7508b7727..b6c102f5a 100644 --- a/extensions/admin_ui/controllers/modules/modules.rb +++ b/extensions/admin_ui/controllers/modules/modules.rb @@ -185,50 +185,65 @@ class Modules < BeEF::Extension::AdminUI::HttpController def select_all_command_modules @body = command_modules2json(BeEF::Modules.get_loaded.keys) end + + # Set the correct icon for the command module + def set_command_module_icon(command_mod) + command_module_icon_path = BeEF::Extension::AdminUI::Constants::Icons::MODULE_TARGET_IMG_PATH # add icon path + case command_mod.verify_target() + when BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING + command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_NOT_WORKING_IMG + when BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY + command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_USER_NOTIFY_IMG + when BeEF::Core::Constants::CommandModule::VERIFIED_WORKING + command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_WORKING_IMG + when BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN + command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_UNKNOWN_IMG + else + command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_UNKNOWN_IMG + end + #return command_module_icon_path + command_module_icon_path + end + + # Set the correct working status for the command module + def set_command_module_status(command_mod) + case command_mod.verify_target() + when BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING + command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING + when BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY + command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY + when BeEF::Core::Constants::CommandModule::VERIFIED_WORKING + command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_WORKING + when BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN + command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN + else + command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN + end +# return command_module_status + command_module_status + end # Returns the list of all command_modules for a TreePanel in the interface. def select_command_modules_tree tree = [] categories = [] - - BeEF::Modules.get_loaded.each{|k,mod| + + BeEF::Modules.get_loaded.each{|k, mod| # get the hooked browser session id and set it in the command module hook_session_id = @params['zombie_session'] || nil raise WEBrick::HTTPStatus::BadRequest, "hook_session_id is nil" if hook_session_id.nil? - if(mod['db']['path'].match(/^Dynamic/)) - print_debug ("Loading Dynamic command module: #{mod['name'].to_s}") - command_mod = BeEF::Modules::Commands.const_get(k.capitalize).new - else - command_mod = BeEF::Core::Command.const_get(k.capitalize).new - end - + command_mod = BeEF::Core::Command.const_get(k.capitalize).new command_mod.session_id = hook_session_id command_mod.update_info(mod['db']['id']) if (mod['db']['path'].match(/^Dynamic/)) # create url path and file for the command module icon - command_module_icon_path = BeEF::Extension::AdminUI::Constants::Icons::MODULE_TARGET_IMG_PATH # add icon path - case command_mod.verify_target() # select the correct icon for the command module - when BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING - command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_NOT_WORKING_IMG - command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING - when BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY - command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_USER_NOTIFY_IMG - command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY - when BeEF::Core::Constants::CommandModule::VERIFIED_WORKING - command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_WORKING_IMG - command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_WORKING - when BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN - command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_UNKNOWN_IMG - command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN - else - command_module_icon_path += BeEF::Extension::AdminUI::Constants::Icons::VERIFIED_UNKNOWN_IMG - command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN - end + command_module_icon_path = set_command_module_icon(command_mod) + command_module_status = set_command_module_status(command_mod) # construct the category branch if it doesn't exist for the command module tree if not categories.include? mod['category'] - categories.push(mod['category']) # flag that the categor has been added + categories.push(mod['category']) # flag that the category has been added tree.push({ # add the branch structure 'text' => mod['category'], 'cls' => 'folder', @@ -254,6 +269,64 @@ class Modules < BeEF::Extension::AdminUI::HttpController } } + + # if dynamic modules are found in the DB, then we don't have yaml config for them + # and loading must proceed in a different way. + dynamic_modules = BeEF::Core::Models::CommandModule.all(:order => [:id.asc]) + + if(dynamic_modules != nil) + dynamic_modules.each{|dyn_mod| + next if !dyn_mod.path.split('/').first.match(/^Dynamic/) + + hook_session_id = @params['zombie_session'] || nil + raise WEBrick::HTTPStatus::BadRequest, "hook_session_id is nil" if hook_session_id.nil? + + dyn_mod_name = dyn_mod.path.split('/').last + dyn_mod_category = nil + if(dyn_mod_name == "Msf") + dyn_mod_category = "Metasploit" + else + # future dynamic modules... + end + + print_debug ("Loading Dynamic command module: category [#{dyn_mod_category}] - name [#{dyn_mod.name.to_s}]") + command_mod = BeEF::Modules::Commands.const_get(dyn_mod_name.capitalize).new + command_mod.session_id = hook_session_id + command_mod.update_info(dyn_mod.id) + command_mod_name = command_mod.info['Name'].downcase + + # create url path and file for the command module icon + command_module_icon_path = set_command_module_icon(command_mod) + command_module_status = set_command_module_status(command_mod) + + # construct the category branch if it doesn't exist for the command module tree + if not categories.include? dyn_mod_category + categories.push(dyn_mod_category) # flag that the category has been added + tree.push({ # add the branch structure + 'text' => dyn_mod_category, + 'cls' => 'folder', + 'children' => [] + }) + end + + # construct leaf node for the command module tree + leaf_node = { + 'text' => command_mod_name, + 'leaf' => true, + 'icon' => command_module_icon_path, + 'status' => command_module_status, + 'id' => dyn_mod.id + } + + # add the node to the branch in the command module tree + tree.each {|x| + if x['text'].eql? dyn_mod_category + x['children'].push( leaf_node ) + break + end + } + } + end # sort the parent array nodes tree.sort! {|a,b| a['text'] <=> b['text']} @@ -276,31 +349,22 @@ class Modules < BeEF::Extension::AdminUI::HttpController end # Returns the inputs definition of an command_module. - def select_command_module - - # get command_module id + def select_command_module command_module_id = @params['command_module_id'] || nil raise WEBrick::HTTPStatus::BadRequest, "command_module_id is nil" if command_module_id.nil? + command_module = BeEF::Core::Models::CommandModule.get(command_module_id) - # get the command_module path - key = BeEF::Module.get_key_by_database_id(command_module_id) - mod = BeEF::Core::Configuration.instance.get('beef.module.'+key.to_s) - - path = (mod['db']['path'].match(/^Dynamic/)) ? mod['db']['path'] : "#{$root_dir}"+mod['db']['path'] - - # check if the request relates to a dynamic module - if(path.match(/^Dynamic/)) - # get command_module id - payload_name = @params['payload_name'] || nil - - if not payload_name.nil? - @body = dynamic_payload2json(command_module_id, payload_name) - else - @body = dynamic_modules2json(command_module_id); - end - else - @body = command_modules2json([key]); - end + if(command_module != nil && command_module.path.match(/^Dynamic/)) + payload_name = @params['payload_name'] || nil + if not payload_name.nil? + @body = dynamic_payload2json(command_module_id, payload_name) + else + @body = dynamic_modules2json(command_module_id); + end + else + key = BeEF::Module.get_key_by_database_id(command_module_id) + @body = command_modules2json([key]); + end end # Returns the list of commands for an command_module @@ -361,7 +425,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController definition[param[4..-1]] = params[param] oc = BeEF::Core::Models::OptionCache.first_or_create(:name => param[4..-1]) oc.value = params[param] - oc.save + oc.save } zombie = Z.first(:session => zombie_session) @@ -424,31 +488,34 @@ class Modules < BeEF::Extension::AdminUI::HttpController raise WEBrick::HTTPStatus::BadRequest, "Zombie is nil" if zombie.nil? zombie_id = zombie.id raise WEBrick::HTTPStatus::BadRequest, "Zombie id is nil" if zombie_id.nil? - - key = BeEF::Module.get_key_by_database_id(command_module_id) - mod = BeEF::Core::Configuration.instance.get('beef.module.'+key.to_s) + command_module = BeEF::Core::Models::CommandModule.get(command_module_id) - # if the module id is not in the database return false - return {'success' => 'false'}.to_json if(not mod) - - # the path will equal Dynamic/ and this will get just the type - e = BeEF::Modules::Commands.const_get(mod['class']).new - e.update_info(command_module_id) - e.update_data() - ret = e.launch_exploit(definition) + if(command_module != nil && command_module.path.match(/^Dynamic/)) + dyn_mod_name = command_module.path.split('/').last + e = BeEF::Modules::Commands.const_get(dyn_mod_name.capitalize).new + e.update_info(command_module_id) + e.update_data() + ret = e.launch_exploit(definition) + + return {'success' => 'false'}.to_json if ret['result'] != 'success' + + basedef = {} + basedef['sploit_url'] = ret['uri'] + + C.new( :data => basedef.to_json, + :hooked_browser_id => zombie_id, + :command_module_id => command_module_id, + :creationdate => Time.new.to_i + ).save + + @body = '{success : true}' + else +# return {'success' => 'false'}.to_json + {'success' => 'false'}.to_json + end - return {'success' => 'false'}.to_json if ret['result'] != 'success' - basedef = {} - basedef['sploit_url'] = ret['uri'] - C.new( :data => basedef.to_json, - :hooked_browser_id => zombie_id, - :command_module_id => command_module_id, - :creationdate => Time.new.to_i - ).save - - @body = '{success : true}' end # Returns the results of a command diff --git a/extensions/metasploit/dbmigration.rb b/extensions/metasploit/dbmigration.rb index 1e692fe6a..f9c2f69cd 100644 --- a/extensions/metasploit/dbmigration.rb +++ b/extensions/metasploit/dbmigration.rb @@ -26,7 +26,6 @@ module Metasploit os_name = BeEF::Core::Constants::Os::match_os(st) browsers = BeEF::Core::Constants::Browsers::match_browser(msfi['name'] + msfi['targets'].to_json) - targets << {'os_name' => os_name, 'browser_name' => 'ALL', 'verified_status' => BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN} if browsers.count == 0 diff --git a/extensions/metasploit/rpcclient.rb b/extensions/metasploit/rpcclient.rb index da92bab70..d6469f69a 100644 --- a/extensions/metasploit/rpcclient.rb +++ b/extensions/metasploit/rpcclient.rb @@ -60,7 +60,7 @@ module Metasploit return false end - print_info 'Successful connection with Metastploit.' if not @lastauth + print_info 'Successful connection with Metasploit.' if not @lastauth @token = res['token'] @lastauth = Time.now