diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js index d045c6832..5b1eb6e6e 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js @@ -171,6 +171,24 @@ ZombieTab_Requester = function(zombie) { genResultTab(grid.getStore().getAt(rowIndex).data, zombie, commands_statusbar); } } + },{ + text: 'Delete Response', + iconCls: 'zombie-tree-ctxMenu-delete', + handler: function() { + var response_id = record.get('id'); + + if(record.get('has_ran') != "complete") { + commands_statusbar.update_fail("Response for this request has not been received yet."); + return; + } else { + if (!confirm('Are you sure you want to remove response [id: '+response_id+'] ?')) { + commands_statusbar.update_fail('Cancelled'); + return; + } + commands_statusbar.update_sending('Removing network host [id: '+ response_id +'] ...'); + deleteResponse(grid.getStore().getAt(rowIndex).data, zombie, commands_statusbar); + } + } }] }); grid.rowCtxMenu.showAt(e.getXY()); @@ -271,7 +289,35 @@ ZombieTab_Requester = function(zombie) { panel.setTitle('Forge Request'); panel.add(form); }; - + + // Function to delete a response from the requester history + //------------------------------------------------------------------ + function deleteResponse(request, zombie, bar) { + + Ext.Ajax.request({ + url: '<%= @base_path %>/requester/delete', + loadMask: true, + + params: { + nonce: Ext.get("nonce").dom.value, + http_id: request.id + }, + + success: function(response) { + var xhr = Ext.decode(response.responseText); + if (xhr['success'] == 'true') { + bar.update_sent("Deleted response."); + } else { + bar.update_fail("Error! Could not delete the response."); + } + }, + + failure: function() { + bar.update_fail("Error! Could not delete the response."); + } + }); + } + // Function generating the panel that shows the results of a request // This function is called when the user clicks on a row in the grid // showing the results in the history. @@ -292,7 +338,12 @@ ZombieTab_Requester = function(zombie) { success: function(response) { var xhr = Ext.decode(response.responseText); - + + if (xhr['success'] !== 'true') { + bar.update_fail("Error! Could not load the response."); + return; + } + var tab_result_response_headers = new Ext.Panel({ title: 'Response Headers', border: false, diff --git a/extensions/requester/controllers/requester.rb b/extensions/requester/controllers/requester.rb index f8e30ce88..00c462d6a 100644 --- a/extensions/requester/controllers/requester.rb +++ b/extensions/requester/controllers/requester.rb @@ -20,6 +20,7 @@ class Requester < BeEF::Extension::AdminUI::HttpController super({ 'paths' => { '/send' => method(:send_request), + '/delete' => method(:delete_zombie_response), '/history.json' => method(:get_zombie_history), '/response.json' => method(:get_zombie_response) } @@ -179,7 +180,28 @@ class Requester < BeEF::Extension::AdminUI::HttpController @body = {'success' => 'true', 'result' => res}.to_json end - + + # Deletes a response from the requester history + def delete_zombie_response + # validate nonce + nonce = @params['nonce'] || nil + (self.err_msg "nonce is nil";return @body = '{success : false}') if nonce.nil? + (self.err_msg "nonce incorrect";return @body = '{success : false}') if @session.get_nonce != nonce + + # validate the http id + http_id = @params['http_id'] || nil + (self.err_msg "http_id is nil";return @body = '{success : false}') if http_id.nil? + + # validate that the http object exist in the dabatase + http_db = H.first(:id => http_id) || nil + (self.err_msg "http object could not be found in the database";return @body = '{success : false}') if http_db.nil? + + # delete response + http_db.destroy + + @body = {'success' => 'true'}.to_json + end + end end