From 8fe714881ab7db8670a3502cf51796be6c6b1b5e Mon Sep 17 00:00:00 2001 From: passbe Date: Wed, 17 Aug 2011 02:17:19 +0000 Subject: [PATCH] Module execution functionality is now decoupled from the admin_ui. See BeEF::Module.execute(). Added Hooked Browser Manager skeleton. git-svn-id: https://beef.googlecode.com/svn/trunk@1196 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9 --- core/hbmanager.rb | 30 +++++++++++++ core/loader.rb | 1 + core/main/command.rb | 27 ++++++------ core/module.rb | 42 +++++++++++++++++++ .../admin_ui/controllers/modules/modules.rb | 20 ++++----- 5 files changed, 93 insertions(+), 27 deletions(-) create mode 100644 core/hbmanager.rb diff --git a/core/hbmanager.rb b/core/hbmanager.rb new file mode 100644 index 000000000..0f0618774 --- /dev/null +++ b/core/hbmanager.rb @@ -0,0 +1,30 @@ +# +# Copyright 2011 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +module BeEF +module HBManager + + # Get hooked browser by session id + def self.get_by_session(sid) + BeEF::Core::Models::HookedBrowser.first(:session => sid) + end + + # Get hooked browser by id + def self.get_by_id(id) + BeEF::Core::Models::HookedBrowser.first(:id => id) + end + +end +end diff --git a/core/loader.rb b/core/loader.rb index 86d7926ae..cbee48a22 100644 --- a/core/loader.rb +++ b/core/loader.rb @@ -54,3 +54,4 @@ require 'core/module' require 'core/modules' require 'core/extension' require 'core/extensions' +require 'core/hbmanager' diff --git a/core/main/command.rb b/core/main/command.rb index b2ca0743a..b909e444c 100644 --- a/core/main/command.rb +++ b/core/main/command.rb @@ -69,7 +69,7 @@ module Core @output = '' @path = config.get("beef.module.#{key}.path") @default_command_url = config.get("beef.module.#{key}.mount") - @id = config.get("beef.module.#{key}.id") + @id = config.get("beef.module.#{key}.db.id") @auto_update_zombie = false @results = {} @beefjs_components = {} @@ -158,22 +158,19 @@ module Core def output f = @path+'command.js' raise WEBrick::HTTPStatus::BadRequest, "#{f} file does not exist" if not File.exists? f + + command = BeEF::Core::Models::Command.first(:id => @command_id) @eruby = Erubis::FastEruby.new(File.read(f)) - - if @datastore - @datastore['command_url'] = BeEF::Core::Server.instance.get_command_url(@default_command_url) - @datastore['command_id'] = @command_id - - command_context = BeEF::Core::CommandContext.new - @datastore.each{|k,v| - command_context[k] = v - } - - @output = @eruby.evaluate(command_context) - else - @ouput = @eruby.result() - end + + data = BeEF::Core::Configuration.instance.get("beef.module.#{@key}") + cc = BeEF::Core::CommandContext.new + cc['command_url'] = @default_command_url + cc['command_id'] = @command_id + JSON.parse(command['data']).each{|v| + cc[v['name']] = v['value'] + } + @output = @eruby.evaluate(cc) @output end diff --git a/core/module.rb b/core/module.rb index 52847be79..f1ba0f46c 100644 --- a/core/module.rb +++ b/core/module.rb @@ -335,6 +335,48 @@ module Module return os end + # Executes module + def self.execute(mod, hbsession, opts=[]) + if not (self.is_present(mod) and self.is_enabled(mod)) + print_error "Module not found '#{mod}'. Failed to execute module." + return false + end + hb = BeEF::HBManager.get_by_session(hbsession) + if not hb + print_error "Could not find hooked browser when attempting to execute module '#{mod}'" + return false + end + c = BeEF::Core::Models::Command.new(:data => self.merge_options(mod, opts).to_json, + :hooked_browser_id => hb.id, + :command_module_id => BeEF::Core::Configuration.instance.get("beef.module.#{mod}.db.id"), + :creationdate => Time.new.to_i + ).save + return true + end + + # Merges default module options with array of custom options + def self.merge_options(mod, h) + if self.is_present(mod) + self.check_hard_load(mod) + merged = [] + defaults = self.get_options(mod) + h.each{|v| + if v.has_key?('name') + match = false + defaults.each{|o| + if o.has_key?('name') and v['name'] == o['name'] + match = true + merged.push(o.deep_merge(v)) + end + } + merged.push(v) if not match + end + } + return merged + end + return nil + end + end end diff --git a/extensions/admin_ui/controllers/modules/modules.rb b/extensions/admin_ui/controllers/modules/modules.rb index 00aa8fed9..214455e0a 100644 --- a/extensions/admin_ui/controllers/modules/modules.rb +++ b/extensions/admin_ui/controllers/modules/modules.rb @@ -560,18 +560,14 @@ class Modules < BeEF::Extension::AdminUI::HttpController oc.save } - zombie = Z.first(:session => zombie_session) - raise WEBrick::HTTPStatus::BadRequest, "Zombie is nil" if zombie.nil? - zombie_id = zombie.id - raise WEBrick::HTTPStatus::BadRequest, "Zombie id is nil" if zombie_id.nil? - - C.new( :data => definition.to_json, - :hooked_browser_id => zombie_id, - :command_module_id => command_module_id, - :creationdate => Time.new.to_i - ).save - - @body = '{success : true}' + mod_key = BeEF::Module.get_key_by_database_id(command_module_id) + # Hack to rework the old option system into the new option system + def2 = [] + definition.each{|k,v| + def2.push({'name' => k, 'value' => v}) + } + # End hack + @body = (BeEF::Module.execute(mod_key, zombie_session, def2)) ? '{success: true}' : '{success: false}' end # Re-execute an command_module to a zombie.