Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Requester filters updated

Browse Source 
git-svn-id: https://beef.googlecode.com/svn/trunk@595 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
This commit is contained in:
wade@bindshell.net
2010-12-04 02:25:51 +00:00
parent ea64c4c2c7
commit 83697ece40
3 changed files with 50 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/filter/base.rb
View File

@@ -71,6 +71,15 @@ module BeEF
only?("a-zA-Z0-9", str)
end
# check if valid ip address string
# TODO add unit tests
def self.is_valid_ip?(ip)
return true if ip =~ /^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})?$/
false
end
end

37
lib/filter/requester.rb
View File

@@ -1,26 +1,25 @@
module BeEF
module Filter
def self.is_valid_verb?(verb)
return true if verb.eql? 'GET' or verb.eql? 'POST'
false
end
# check if request is valid
# @param: {WEBrick::HTTPUtils::FormData} request object
def self.is_valid_request?(request)
#check a webrick object is sent
raise 'your request is of invalid type' if not request.is_a? WEBrick::HTTPRequest
#check http method
raise 'only GET or POST requests are supported for http requests' if not request.request_method.eql? 'GET' or request.request_method.eql? 'POST'
#check uri
raise 'the uri is missing' if not request.unparsed_uri
#check host
raise 'http host missing' if request.host.nil?
#check domain
raise 'invalid http domain' if not URI.parse(request.host)
true
def self.is_valid_url?(uri)
return true if uri.eql? WEBrick::HTTPUtils.normalize_path(uri)
false
end
def self.is_valid_http_version?(version)
return true if version.eql? "HTTP/1.1" or trailer.eql? "HTTP/1.0"
false
end
def self.is_valid_host_str?(host_str)
return true if host_str.eql? "Host:"
false
end
end

38
lib/ui/requester/requester.rb
View File

@@ -23,7 +23,7 @@ class Requester < BeEF::HttpController
def send_request
# validate that the hooked browser's session has been sent
zombie_session = @params['zombie_session'] || nil
raise WEBrick::HTTPStatus::BadRequest, "Zombie session is nil" if zombie_session.nil?
raise WEBrick::HTTPStatus::BadRequest, "Invalid session id" if not Filter.is_valid_hook_session_id?(zombie_session)
# validate that the hooked browser exists in the db
zombie = Z.first(:session => zombie_session) || nil
@@ -39,28 +39,36 @@ class Requester < BeEF::HttpController
raise WEBrick::HTTPStatus::BadRequest, "nonce is nil" if nonce.nil?
raise WEBrick::HTTPStatus::BadRequest, "nonce incorrect" if @session.get_nonce != nonce
webrick = WEBrick::HTTPRequest.new(WEBrick::Config::HTTP)
# validate that the raw request is correct and can be used
# will raise an exception on failure
s = StringIO.new raw_request
webrick.parse(s)
# if the request is invalide, an exception will be raised
Filter.is_valid_request?(webrick)
req_parts = raw_request.split(/ |\n/) # break up the request
verb = req_parts[0]
raise 'Only GET or POST requests are supported' if not Filter.is_valid_verb?(verb) #check verb
uri = req_parts[1]
raise 'Invalid URI' if not Filter.is_valid_url?(uri) #check uri
version = req_parts[2]
raise 'Invalid HTTP version' if not Filter.is_valid_http_version?(version) # check http version - HTTP/1.0
host_str = req_parts[3]
raise 'Invalid HTTP version' if not Filter.is_valid_host_str?(host_str) # check host string - Host:
host = req_parts[4]
raise 'Invalid hostname' if not Filter.is_valid_hostname?(host) # check the target hostname
# (re)build the request
green_request = StringIO.new(verb + " " + uri + " " + version + "\n" + host_str + " " + host)
request = WEBrick::HTTPRequest.new(WEBrick::Config::HTTP)
request.parse(green_request)
# Saves the new HTTP request.
http = H.new(
:request => raw_request,
:method => webrick.request_method,
:domain => webrick.host,
:path => webrick.unparsed_uri,
:method => request.request_method,
:domain => request.host,
:path => request.unparsed_uri,
:date => Time.now,
:zombie_id => zombie.id
)
if webrick.request_method.eql? 'POST'
http.content_length = webrick.content_length
if request.request_method.eql? 'POST'
http.content_length = request.content_length
end
http.save