From d855100ac9849f10c628a8e4241013cd0f531d12 Mon Sep 17 00:00:00 2001 From: Christian Frichot Date: Mon, 8 Apr 2013 21:52:50 +0800 Subject: [PATCH] Fixes #878 and #758. --- .../console/lib/command_dispatcher/command.rb | 14 +++++- .../console/lib/command_dispatcher/core.rb | 14 ++++-- .../console/lib/command_dispatcher/target.rb | 46 ++++++++++++++++--- extensions/console/lib/shellinterface.rb | 10 ++-- 4 files changed, 69 insertions(+), 15 deletions(-) diff --git a/extensions/console/lib/command_dispatcher/command.rb b/extensions/console/lib/command_dispatcher/command.rb index d891b3ad4..4c74acbfa 100644 --- a/extensions/console/lib/command_dispatcher/command.rb +++ b/extensions/console/lib/command_dispatcher/command.rb @@ -41,7 +41,7 @@ class Command } print_line("Module name: " + driver.interface.cmd['Name']) - print_line("Module category: " + driver.interface.cmd['Category']) + print_line("Module category: " + driver.interface.cmd['Category'].to_s) print_line("Module description: " + driver.interface.cmd['Description']) print_line("Module parameters:") if not driver.interface.cmd['Data'].length == 0 @@ -119,6 +119,7 @@ class Command ]) if args[0] == nil + lastcmdid = nil driver.interface.getcommandresponses.each do |resp| indiresp = driver.interface.getindividualresponse(resp['object_id']) respout = "" @@ -126,6 +127,7 @@ class Command respout = "No response yet" else respout = Time.at(indiresp[0]['date'].to_i).to_s + lastcmdid = resp['object_id'] end tbl << [resp['object_id'].to_s, resp['creationdate'], respout] end @@ -133,6 +135,16 @@ class Command puts "\n" puts "List of responses for this command module:\n" puts tbl.to_s + "\n" + + if not lastcmdid.nil? + resp = driver.interface.getindividualresponse(lastcmdid) + puts "\n" + print_line("The last response [" + lastcmdid.to_s + "] was retrieved: " + Time.at(resp[0]['date'].to_i).to_s) + print_line("Response:") + resp.each do |op| + print_line(op['data']['data'].to_s) + end + end else output = driver.interface.getindividualresponse(args[0]) if output.nil? diff --git a/extensions/console/lib/command_dispatcher/core.rb b/extensions/console/lib/command_dispatcher/core.rb index 904e5991a..15844da23 100644 --- a/extensions/console/lib/command_dispatcher/core.rb +++ b/extensions/console/lib/command_dispatcher/core.rb @@ -141,13 +141,14 @@ class Core [ 'Id', 'IP', + 'Hook Host', 'Browser', 'OS', 'Hardware' ]) BeEF::Core::Models::HookedBrowser.all(:lastseen.gte => (Time.new.to_i - 30)).each do |zombie| - tbl << [zombie.id,zombie.ip,BeEF::Core::Models::BrowserDetails.get(zombie.session, 'BrowserName')+"-"+BeEF::Core::Models::BrowserDetails.get(zombie.session, 'BrowserVersion'),BeEF::Core::Models::BrowserDetails.get(zombie.session, 'OsName'),BeEF::Core::Models::BrowserDetails.get(zombie.session, 'Hardware')] + tbl << [zombie.id,zombie.ip,BeEF::Core::Models::BrowserDetails.get(zombie.session,"HostName").to_s,BeEF::Core::Models::BrowserDetails.get(zombie.session, 'BrowserName').to_s+"-"+BeEF::Core::Models::BrowserDetails.get(zombie.session, 'BrowserVersion').to_s,BeEF::Core::Models::BrowserDetails.get(zombie.session, 'OsName'),BeEF::Core::Models::BrowserDetails.get(zombie.session, 'Hardware')] end puts "\n" @@ -174,12 +175,14 @@ class Core [ 'Id', 'IP', + 'Hook Host', 'Browser', - 'OS' + 'OS', + 'Hardware' ]) BeEF::Core::Models::HookedBrowser.all(:lastseen.lt => (Time.new.to_i - 30)).each do |zombie| - tbl << [zombie.id,zombie.ip,BeEF::Core::Models::BrowserDetails.get(zombie.session, 'BrowserName')+"-"+BeEF::Core::Models::BrowserDetails.get(zombie.session, 'BrowserVersion'),BeEF::Core::Models::BrowserDetails.get(zombie.session, 'OsName')] + tbl << [zombie.id,zombie.ip,BeEF::Core::Models::BrowserDetails.get(zombie.session,"HostName").to_s,BeEF::Core::Models::BrowserDetails.get(zombie.session, 'BrowserName').to_s+"-"+BeEF::Core::Models::BrowserDetails.get(zombie.session, 'BrowserVersion').to_s,BeEF::Core::Models::BrowserDetails.get(zombie.session, 'OsName'),BeEF::Core::Models::BrowserDetails.get(zombie.session, 'Hardware')] end puts "\n" @@ -327,7 +330,12 @@ class Core driver.run_single("offline") when 'commands' if driver.dispatched_enstacked(Target) + if args[1] == "-s" and not args[2].nil? + driver.run_single("commands #{args[1]} #{args[2]}") + return + else driver.run_single("commands") + end else print_error("You aren't targeting a zombie yet") end diff --git a/extensions/console/lib/command_dispatcher/target.rb b/extensions/console/lib/command_dispatcher/target.rb index 5c06e94d2..e7e22e30f 100644 --- a/extensions/console/lib/command_dispatcher/target.rb +++ b/extensions/console/lib/command_dispatcher/target.rb @@ -18,7 +18,7 @@ class Target begin driver.interface.getcommands.each { |folder| folder['children'].each { |command| - @@commands << folder['text'] + command['text'].gsub(/[-\(\)]/,"").gsub(/\W+/,"_") + @@commands << folder['text'].gsub(/\s/,"_") + command['text'].gsub(/[-\(\)]/,"").gsub(/\W+/,"_") } } rescue @@ -40,17 +40,29 @@ class Target @@bare_opts = Rex::Parser::Arguments.new( "-h" => [ false, "Help." ]) + + @@commands_opts = Rex::Parser::Arguments.new( + "-h" => [ false, "Help."], + "-s" => [ false, ""], + "-r" => [ false, "List modules which have responses against them only"]) def cmd_commands(*args) + + searchstring = nil + responly = nil - @@bare_opts.parse(args) {|opt, idx, val| + @@commands_opts.parse(args) {|opt, idx, val| case opt when "-h" cmd_commands_help return false + when "-s" + searchstring = args[1].downcase if not args[1].nil? + when "-r" + responly = true end } - + tbl = Rex::Ui::Text::Table.new( 'Columns' => [ @@ -63,10 +75,29 @@ class Target driver.interface.getcommands.each { |folder| folder['children'].each { |command| - tbl << [command['id'].to_i, - folder['text'] + command['text'].gsub(/[-\(\)]/,"").gsub(/\W+/,"_"), + + cmdstring = folder['text'].gsub(/\s/,"_") + command['text'].gsub(/[-\(\)]/,"").gsub(/\W+/,"_") + + if not searchstring.nil? + if not cmdstring.downcase.index(searchstring).nil? + tbl << [command['id'].to_i, + cmdstring, command['status'].gsub(/^Verified /,""), driver.interface.getcommandresponses(command['id']).length] #TODO + end + elsif not responly.nil? + tbl << [command['id'].to_i, + cmdstring, + command['status'].gsub(/^Verified /,""), + driver.interface.getcommandresponses(command['id']).length] if driver.interface.getcommandresponses(command['id']).length.to_i > 0 + + else + tbl << [command['id'].to_i, + cmdstring, + command['status'].gsub(/^Verified /,""), + driver.interface.getcommandresponses(command['id']).length] #TODO + end + } } @@ -78,6 +109,9 @@ class Target def cmd_commands_help(*args) print_status("List command modules for this target") + print_line("Usage: commands [options]") + print_line + print @@commands_opts.usage() end def cmd_info(*args) @@ -133,7 +167,7 @@ class Target else driver.interface.getcommands.each { |x| x['children'].each { |y| - if args[0].chomp == x['text']+"/"+y['text'].gsub(/[-\(\)]/,"").gsub(/\W+/,"_") + if args[0].chomp == x['text'].gsub(/\s/,"_")+y['text'].gsub(/[-\(\)]/,"").gsub(/\W+/,"_") modid = y['id'] end } diff --git a/extensions/console/lib/shellinterface.rb b/extensions/console/lib/shellinterface.rb index e122933e5..ff9082626 100644 --- a/extensions/console/lib/shellinterface.rb +++ b/extensions/console/lib/shellinterface.rb @@ -310,7 +310,7 @@ class ShellInterface ['Hooked Page', 'Page Title', 'PageTitle'], ['Hooked Page', 'Page URI', 'PageURI'], ['Hooked Page', 'Page Referrer', 'PageReferrer'], - ['Hooked Page', 'Host Name/IP', 'HostName'], + ['Hooked Page', 'Hook Host', 'HostName'], ['Hooked Page', 'Cookies', 'Cookies'], # Host @@ -328,22 +328,22 @@ class ShellInterface case p[2] when "BrowserName" - data = BeEF::Core::Constants::Browsers.friendly_name(BD.get(zombie_session, p[2])) + data = BeEF::Core::Constants::Browsers.friendly_name(BD.get(self.targetsession.to_s, p[2])).to_s when "ScreenSize" - screen_size_hash = JSON.parse(BD.get(zombie_session, p[2]).gsub(/\"\=\>/, '":')) # tidy up the string for JSON + screen_size_hash = JSON.parse(BD.get(self.targetsession.to_s, p[2]).gsub(/\"\=\>/, '":')) # tidy up the string for JSON width = screen_size_hash['width'] height = screen_size_hash['height'] cdepth = screen_size_hash['colordepth'] data = "Width: #{width}, Height: #{height}, Colour Depth: #{cdepth}" when "WindowSize" - window_size_hash = JSON.parse(BD.get(zombie_session, p[2]).gsub(/\"\=\>/, '":')) # tidy up the string for JSON + window_size_hash = JSON.parse(BD.get(self.targetsession.to_s, p[2]).gsub(/\"\=\>/, '":')) # tidy up the string for JSON width = window_size_hash['width'] height = window_size_hash['height'] data = "Width: #{width}, Height: #{height}" else - data = BD.get(zombie_session, p[2]) + data = BD.get(self.targetsession, p[2]) end # add property to summary hash