From c099be75ededceba83369e8781fbb5e56732ef29 Mon Sep 17 00:00:00 2001
From: Brendan Coles <bcoles@gmail.com>
Date: Wed, 4 Feb 2015 08:36:44 +0000
Subject: [PATCH] Use filters

---
 .../router/asus_rt_series_get_info/module.rb  | 20 +++++++++++--------
 modules/host/detect_cups/module.rb            |  8 +++++---
 modules/host/get_internal_ip_webrtc/module.rb |  1 +
 .../network/cross_origin_scanner/module.rb    |  2 +-
 modules/network/get_http_servers/module.rb    |  2 +-
 .../network/identify_lan_subnets/module.rb    |  1 +
 .../internal_network_fingerprinting/module.rb |  2 +-
 modules/network/jslanscanner/module.rb        |  2 +-
 modules/network/ping_sweep/module.rb          |  8 +++++---
 modules/network/port_scanner/module.rb        |  2 +-
 10 files changed, 29 insertions(+), 19 deletions(-)

diff --git a/modules/exploits/router/asus_rt_series_get_info/module.rb b/modules/exploits/router/asus_rt_series_get_info/module.rb
index d3e58601b..5b729ce06 100644
--- a/modules/exploits/router/asus_rt_series_get_info/module.rb
+++ b/modules/exploits/router/asus_rt_series_get_info/module.rb
@@ -29,7 +29,7 @@ class Asus_rt_series_get_info < BeEF::Core::Command
         gateway = "#{$5}"
         dns_servers = "#{$6}"
 
-        if !ip.nil?
+        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found Asus RT series router [ip: #{ip}]")
           r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :type => 'Asus Router', :cid => cid)
           r.save
@@ -41,21 +41,25 @@ class Asus_rt_series_get_info < BeEF::Core::Command
           if client.to_s =~ /^([\d\.]+),([:\dA-F]{17})$/
             ip = $1
             mac = $2
-            print_debug("Hooked browser found router client [ip: #{ip}, mac: #{mac}]")
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :mac => mac, :cid => cid)
-            r.save
+            if BeEF::Filters.is_valid_ip?(ip)
+              print_debug("Hooked browser found router client [ip: #{ip}, mac: #{mac}]")
+              r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :mac => mac, :cid => cid)
+              r.save
+            end
           end
         end
-        if !gateway.nil?
+        if !gateway.nil? && BeEF::Filters.is_valid_ip?(gateway)
           print_debug("Hooked browser found WAN gateway server [ip: #{gateway}]")
           r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => gateway, :type => 'WAN Gateway', :cid => cid)
           r.save
         end
         if !dns_servers.nil? && dns_servers =~ /^([\d\. ]+)$/
           dns_servers.split(/ /).uniq.each do |dns|
-            print_debug("Hooked browser found DNS server [ip: #{dns}]")
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => dns, :type => 'DNS Server', :cid => cid)
-            r.save
+            if BeEF::Filters.is_valid_ip?(dns)
+              print_debug("Hooked browser found DNS server [ip: #{dns}]")
+              r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => dns, :type => 'DNS Server', :cid => cid)
+              r.save
+            end
           end
         end
       end
diff --git a/modules/host/detect_cups/module.rb b/modules/host/detect_cups/module.rb
index 3a711366c..bb5bf4303 100644
--- a/modules/host/detect_cups/module.rb
+++ b/modules/host/detect_cups/module.rb
@@ -24,9 +24,11 @@ class Detect_cups < BeEF::Core::Command
         port = $3
         session_id = @datastore['beefhook']
         cid = @datastore['cid'].to_i
-        print_debug("Hooked browser found 'CUPS' [proto: #{proto}, ip: #{ip}, port: #{port}]")
-        r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => 'CUPS', :cid => cid)
-        r.save
+        if BeEF::Filters.is_valid_ip?(ip)
+          print_debug("Hooked browser found 'CUPS' [proto: #{proto}, ip: #{ip}, port: #{port}]")
+          r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => 'CUPS', :cid => cid)
+          r.save
+        end
       end
     end
   end
diff --git a/modules/host/get_internal_ip_webrtc/module.rb b/modules/host/get_internal_ip_webrtc/module.rb
index 7d497d1b7..9c516e87f 100755
--- a/modules/host/get_internal_ip_webrtc/module.rb
+++ b/modules/host/get_internal_ip_webrtc/module.rb
@@ -24,6 +24,7 @@ class Get_internal_ip_webrtc < BeEF::Core::Command
           ips.uniq.each do |ip|
             next unless ip =~ /^[\d\.]+$/
             next if ip =~ /^0\.0\.0\.0$/
+            next unless BeEF::Filters.is_valid_ip?(ip)
             print_debug("Hooked browser has network interface #{ip}")
             r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :os => os, :cid => cid)
             r.save
diff --git a/modules/network/cross_origin_scanner/module.rb b/modules/network/cross_origin_scanner/module.rb
index 4a080bc21..dc7804ddb 100644
--- a/modules/network/cross_origin_scanner/module.rb
+++ b/modules/network/cross_origin_scanner/module.rb
@@ -21,7 +21,7 @@ class Cross_origin_scanner < BeEF::Core::Command
         ip = $1
         port = $2
         print_debug("Hooked browser found HTTP server #{ip}:#{port}")
-        if !ip.nil? && !port.nil?
+        if !ip.nil? && !port.nil? && BeEF::Filters.is_valid_ip?(ip)
           r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => port, :type => 'HTTP Server (CORS)', :cid => cid)
           r.save
         end
diff --git a/modules/network/get_http_servers/module.rb b/modules/network/get_http_servers/module.rb
index 4afcd1d01..31c5846ed 100644
--- a/modules/network/get_http_servers/module.rb
+++ b/modules/network/get_http_servers/module.rb
@@ -33,7 +33,7 @@ class Get_http_servers < BeEF::Core::Command
         url = $4
         session_id = @datastore['beefhook']
         cid = @datastore['cid'].to_i
-        if !ip.nil?
+        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found HTTP Server [proto: #{proto}, ip: #{ip}, port: #{port}]")
           r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => "HTTP Server", :cid => cid)
           r.save
diff --git a/modules/network/identify_lan_subnets/module.rb b/modules/network/identify_lan_subnets/module.rb
index 51aa7ca93..436950477 100644
--- a/modules/network/identify_lan_subnets/module.rb
+++ b/modules/network/identify_lan_subnets/module.rb
@@ -36,6 +36,7 @@ class Identify_lan_subnets < BeEF::Core::Command
         hosts.split(',').flatten.each do |ip|
           next if ip.nil?
           next unless ip.to_s =~ /^([\d\.]+)$/
+          next unless BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found host #{ip}")
           r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
           r.save
diff --git a/modules/network/internal_network_fingerprinting/module.rb b/modules/network/internal_network_fingerprinting/module.rb
index cb928e86f..2a3086307 100644
--- a/modules/network/internal_network_fingerprinting/module.rb
+++ b/modules/network/internal_network_fingerprinting/module.rb
@@ -35,7 +35,7 @@ class Internal_network_fingerprinting < BeEF::Core::Command
         url = $5
         session_id = @datastore['beefhook']
         cid = @datastore['cid'].to_i
-        if !ip.nil?
+        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found '#{discovered}' [ip: #{ip}]")
           r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => discovered, :cid => cid)
           r.save
diff --git a/modules/network/jslanscanner/module.rb b/modules/network/jslanscanner/module.rb
index 0352c31ae..daa0a851a 100644
--- a/modules/network/jslanscanner/module.rb
+++ b/modules/network/jslanscanner/module.rb
@@ -35,7 +35,7 @@ class Fingerprint_routers < BeEF::Core::Command
         device = $2
         session_id = @datastore['beefhook']
         cid = @datastore['cid'].to_i
-        if !ip.nil?
+        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found network device " + device + " [ip: #{ip}]")
           r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :type => device, :cid => cid)
           r.save
diff --git a/modules/network/ping_sweep/module.rb b/modules/network/ping_sweep/module.rb
index 4081ff2f8..b99ef8a6e 100644
--- a/modules/network/ping_sweep/module.rb
+++ b/modules/network/ping_sweep/module.rb
@@ -36,9 +36,11 @@ class Ping_sweep < BeEF::Core::Command
       # save the network host
       if @datastore['results'] =~ /host=([\d\.]+) is alive/
         ip = $1
-        print_debug("Hooked browser has network interface #{ip}")
-        r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-        r.save
+        if BeEF::Filters.is_valid_ip?(ip)
+          print_debug("Hooked browser has network interface #{ip}")
+          r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
+          r.save
+        end
       end
     end
 
diff --git a/modules/network/port_scanner/module.rb b/modules/network/port_scanner/module.rb
index afb9c18b1..35d13dd67 100644
--- a/modules/network/port_scanner/module.rb
+++ b/modules/network/port_scanner/module.rb
@@ -38,7 +38,7 @@ class Port_scanner < BeEF::Core::Command
         service = $4
         session_id = @datastore['beefhook']
         cid = @datastore['cid'].to_i
-        if !ip.nil?
+        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]")
           r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => port, :type => service, :cid => cid)
           r.save