diff --git a/core/main/autorun_engine/engine.rb b/core/main/autorun_engine/engine.rb index 78145aa7d..6d0f7efcd 100644 --- a/core/main/autorun_engine/engine.rb +++ b/core/main/autorun_engine/engine.rb @@ -403,19 +403,29 @@ module BeEF next unless @VERSION.include?(os_ver_rule_cond) || @VERSION_STR.include?(os_ver_rule_cond) # os_ver without checks as it can be very different or even empty, for instance on linux/bsd) - # check if the browser and OS types do match - next unless rule.browser == 'ALL' || browser == rule.browser - next unless rule.os == 'ALL' || os == rule.os - - # check if the browser version match - browser_version_match = compare_versions(browser_version.to_s, b_ver_cond, b_ver.to_s) - if browser_version_match - browser_match = true + # skip rule unless the browser matches + browser_match = false + # check if rule specifies multiple browsers + if rule.browser !~ /\A[A-Z]+\Z/ + rule.browser.gsub(/[^A-Z,]/i, '').split(',').each do |b| + browser_match = true if b == browser || b == 'ALL' + end + # else, only one browser else - browser_match = false + next unless rule.browser == 'ALL' || browser == rule.browser + # check if the browser version matches + browser_version_match = compare_versions(browser_version.to_s, b_ver_cond, b_ver.to_s) + if browser_version_match + browser_match = true + else + browser_match = false + end + print_more "Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : #{browser_version_match}" end + next unless browser_match - print_more "Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : #{browser_version_match}" + # skip rule unless the OS matches + next unless rule.os == 'ALL' || os == rule.os # check if the OS versions match if os_version != nil || rule.os_version != 'ALL' diff --git a/core/main/autorun_engine/parser.rb b/core/main/autorun_engine/parser.rb index f9a5279a1..0418e827b 100644 --- a/core/main/autorun_engine/parser.rb +++ b/core/main/autorun_engine/parser.rb @@ -28,13 +28,19 @@ module BeEF return [false, 'Illegal chain_mode definition'] unless CHAIN_MODE.include?(chain_mode) return [false, 'Illegal rule name'] unless BeEF::Filters.is_non_empty_string?(name) return [false, 'Illegal author name'] unless BeEF::Filters.is_non_empty_string?(author) - - return [false, 'Illegal browser definition'] unless BROWSER.include?(browser) - - if browser_version != 'ALL' - return [false, 'Illegal browser_version definition'] unless + # if multiple browsers were specified, check each browser + if browser.kind_of?(Array) + browser.each do |b| + return [false, 'Illegal browser definition'] unless BROWSER.include?(b) + end + # else, if only one browser was specified, check browser and browser version + else + return [false, 'Illegal browser definition'] unless BROWSER.include?(browser) + if browser_version != 'ALL' + return [false, 'Illegal browser_version definition'] unless VERSION.include?(browser_version[0,2].gsub(/\s+/,'')) && BeEF::Filters::is_valid_browserversion?(browser_version[2..-1].gsub(/\s+/,'')) && browser_version.length < MAX_VER_LEN + end end if os_version != 'ALL'