diff --git a/core/main/network_stack/handlers/dynamicreconstruction.rb b/core/main/network_stack/handlers/dynamicreconstruction.rb index 6b2afa2e3..059f38ebf 100644 --- a/core/main/network_stack/handlers/dynamicreconstruction.rb +++ b/core/main/network_stack/handlers/dynamicreconstruction.rb @@ -19,7 +19,7 @@ module NetworkStack module Handlers # @note DynamicHandler is used reconstruct segmented traffic from the hooked browser - class DynamicReconstruction + class DynamicReconstruction < BeEF::Core::Router::Router # @note holds packet queue PQ = Array.new() @@ -27,50 +27,33 @@ module Handlers # @note obtain dynamic mount points from HttpHookServer MOUNTS = BeEF::Core::Server.instance.mounts + before do + error 404 unless params != nil + headers 'Pragma' => 'no-cache', + 'Cache-Control' => 'no-cache', + 'Expires' => '0' + end + # Combines packet information and pushes to PQ (packet queue), then checks packets - def call(env) - @request = Rack::Request.new(env) - - # skip packet checking if the request method is HEAD, PUT, DELETE or if parameters == null - if not self.is_valid_req(@request) - response = Rack::Response.new( - body = [], - status = 404, - header = { - 'Pragma' => 'no-cache', - 'Cache-Control' => 'no-cache', - 'Expires' => '0' - } - ) - return response - end - - response = Rack::Response.new( - body = [], - status = 200, - header = { - 'Pragma' => 'no-cache', + get '/' do + headers 'Pragma' => 'no-cache', 'Cache-Control' => 'no-cache', 'Expires' => '0', 'Content-Type' => 'text/javascript', 'Access-Control-Allow-Origin' => '*', 'Access-Control-Allow-Methods' => 'POST, GET' - } - ) PQ << { - :beefhook => @request['bh'], - :stream_id => Integer(@request['sid']), - :packet_id => Integer(@request['pid']), - :packet_count => Integer(@request['pc']), - :data => @request['d'] + :beefhook => params[:bh], + :stream_id => Integer(params[:sid]), + :packet_id => Integer(params[:pid]), + :packet_count => Integer(params[:pc]), + :data => params[:d] } - # @todo Test under high load, possibly limit the amount of threads being created Thread.new { check_packets() } - response end # Check packets goes through the PQ array and attempts to reconstruct the stream from multiple packets @@ -99,8 +82,8 @@ module Handlers begin res = JSON.parse(b64).first res['beefhook'] = packet[:beefhook] - res['request'] = @request - res['beefsession'] = @request[BeEF::Core::Configuration.instance.get('beef.http.hook_session_name')] + res['request'] = request + res['beefsession'] = request[BeEF::Core::Configuration.instance.get('beef.http.hook_session_name')] execute(res) rescue JSON::ParserError => e print_debug 'Network stack could not decode packet stream.' @@ -132,17 +115,6 @@ module Handlers end end end - - # 1. check methods HEAD, PUT, DELETE. return 404 if these methods are called - # 2. check for parameters = null (no parameters). return 404 in this case - # @param [Hash] request the Rack HTTP Request. - def is_valid_req(request) - is_valid = true - if request.put? or request.delete? or request.head? or request.params.empty? - is_valid = false - end - is_valid - end # Assist function for getting parameter from hash # @param [Hash] query Hash to pull key from @@ -152,9 +124,7 @@ module Handlers return nil if query[key].nil? query[key] end - end - end end end