From f39b16712acb1dc78869b2f31a90709a42d43857 Mon Sep 17 00:00:00 2001
From: qswain2 <qswain2@washcoll.edu>
Date: Fri, 16 Nov 2012 20:49:33 -0500
Subject: [PATCH] Added auto-run tab

Added a new tab in the ui for the auto-run.
and allows modules to be selected with a
checkboxes.Added a handler to hide autorun
tab. Added stubs to ARE.
---
 core/main/client/are.js                       |  35 +-
 .../admin_ui/controllers/panel/index.html     |   3 +-
 .../media/javascript/ui/panel/ZombieTab.js    |  14 +-
 .../ui/panel/tabs/ZombieTabAutorun.js         | 361 ++++++++++++++++++
 4 files changed, 404 insertions(+), 9 deletions(-)
 create mode 100644 extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabAutorun.js

diff --git a/core/main/client/are.js b/core/main/client/are.js
index e7d781f64..fce1728cc 100644
--- a/core/main/client/are.js
+++ b/core/main/client/are.js
@@ -9,8 +9,39 @@ beef.are = {
    var Jools = require('jools');
    this.ruleEngine = new Jools();
   },
-  rules:[],
+  send:function(module){
+    // there will probably be some other stuff here before things are finished
+    this.commands.push(module);
+  },
+  execute:function(inputs){
+    this.rulesEngine.execute(input);
+  },
+  cache_modules:function(modules){},
+  rules:[
+    {
+      'name':"exec_no_input",
+      'condition':function(command,browser){
+          //need to figure out how to handle the inputs
+          return (!command['inputs'] || command['inputs'].length == 0)
+       },
+      'consequence':function(command,browser){}
+    },
+    {
+      'name':"module_has_sibling",
+      'condition':function(command,commands){
+        return false;
+      },
+      'consequence':function(command,commands){}
+    },
+    {
+      'name':"module_depends_on_module",
+      'condition':function(command,commands){
+        return false;
+      },
+      'consequence':function(command,commands){}
+    }
+  ],
   commands:[],
   results:[]
 };
-beef.regCmp("beef.are");
\ No newline at end of file
+beef.regCmp("beef.are");
diff --git a/extensions/admin_ui/controllers/panel/index.html b/extensions/admin_ui/controllers/panel/index.html
index dcbed16a4..a104a41e8 100644
--- a/extensions/admin_ui/controllers/panel/index.html
+++ b/extensions/admin_ui/controllers/panel/index.html
@@ -37,7 +37,7 @@
     <%= stylesheet_tag 'wterm.css' %>
     <script type="text/javascript" language="JavaScript">var $jwterm = jQuery.noConflict();</script>
     <%= script_tag 'ui/panel/tabs/ZombieTabIpec.js' %>
-
+    <%= script_tag 'ui/panel/tabs/ZombieTabAutorun.js' %>
     <%= script_tag 'ui/panel/PanelViewer.js' %>
 	<%= script_tag 'ui/panel/DataGrid.js' %>
 	<%= script_tag 'ui/panel/MainPanel.js' %>
@@ -45,7 +45,6 @@
 	<%= script_tag 'ui/panel/ZombieTabs.js' %>
 	<%= script_tag 'ui/panel/zombiesTreeList.js' %>
 	<%= script_tag 'ui/panel/ZombiesMgr.js' %>
-	
 	<%= script_tag 'ui/panel/Logout.js' %>
 	<%= script_tag 'ui/panel/WelcomeTab.js' %>
 	<!-- <%= script_tag 'ui/panel/HackVertorTab.js' %> -->
diff --git a/extensions/admin_ui/media/javascript/ui/panel/ZombieTab.js b/extensions/admin_ui/media/javascript/ui/panel/ZombieTab.js
index 238b59746..12917314c 100644
--- a/extensions/admin_ui/media/javascript/ui/panel/ZombieTab.js
+++ b/extensions/admin_ui/media/javascript/ui/panel/ZombieTab.js
@@ -5,16 +5,14 @@
 //
 
 ZombieTab = function(zombie) {
-	
 	main_tab = new ZombieTab_DetailsTab(zombie);
 	log_tab = new ZombieTab_LogTab(zombie);
 	commands_tab = new ZombieTab_Commands(zombie);
 	requester_tab = new ZombieTab_Requester(zombie);
     xssrays_tab =  new ZombieTab_XssRaysTab(zombie);
     ipec_tab = new ZombieTab_IpecTab(zombie);
-
-
-    ZombieTab.superclass.constructor.call(this, {
+    autorun_tab = new ZombieTab_Autorun(zombie);
+	ZombieTab.superclass.constructor.call(this, {
         id:"current-browser",
 		activeTab: 0,
 		loadMask: {msg:'Loading browser...'},
@@ -25,7 +23,13 @@ ZombieTab = function(zombie) {
 			forceFit: true,
 			type: 'fit'
 		},
-		items:[main_tab, log_tab, commands_tab, requester_tab, xssrays_tab, ipec_tab]
+		items:[main_tab, log_tab, commands_tab, requester_tab, xssrays_tab, ipec_tab, autorun_tab],
+        listeners:{
+            afterrender:function(component){
+                // Hide auto-run tab
+                component.hideTabStripItem(autorun_tab);
+            }
+        }
 	});
 };
 
diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabAutorun.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabAutorun.js
new file mode 100644
index 000000000..f5e56c140
--- /dev/null
+++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabAutorun.js
@@ -0,0 +1,361 @@
+//
+//   Copyright 2012 Wade Alcorn wade@bindshell.net
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+//
+/*
+ * The command tab panel. Listing the list of commands sent to the zombie.
+ * Loaded in /ui/panel/index.html
+ */
+function generate_form_input_field(form, input, value, disabled, zombie) {
+    var input_field = null;
+    var input_def = null;
+    if (!input['ui_label'])
+        input['ui_label'] = input['name'];
+
+    if (!input['type'])
+        input['type'] = 'textfield';
+
+    if (!input['value'])
+        input['value'] = '';
+
+    input_def = {
+        id: 'form-zombie-'+zombie.session+'-field-'+input['name'],
+        name: 'txt_'+input['name'],
+        fieldLabel: input['ui_label'],
+        anchor:'70%',
+        allowBlank: false,
+        value: input['value']
+    };
+
+        // create the input field object based upon the type supplied
+    switch(input['type'].toLowerCase()) {
+        case 'textfield':
+            input_field = new Ext.form.TextField(input_def);
+            break;
+        case 'textarea':
+            input_field = new Ext.form.TextArea(input_def);
+            break;
+        case 'hidden':
+            input_field = new Ext.form.Hidden(input_def);
+            break;
+        case 'label':
+            input_def['fieldLabel'] = ''
+            input_def['html'] = input['html'];
+            input_field = new Ext.form.Label(input_def);
+            break;
+        case 'checkbox':
+            input_def['name'] = 'chk_' + input['name'];
+            input_field = new Ext.form.Checkbox(input_def);
+            break;
+        case 'checkboxgroup':
+            input_def['name'] = 'chkg_' + input['name'];
+            input_def['items'] = input['items'];
+            input_field = new Ext.form.CheckboxGroup(input_def);
+            break;
+        case 'combobox':
+            input_def['name'] = 'com_' + input['name'];
+            input_def['triggerAction'] = 'all';
+
+            if(input.reloadOnChange || input.defaultPayload != null) {
+                // defined in msfcommand.rb
+                // initially the panel will be empty so it may appear still hidden
+                Ext.getCmp("payload-panel").show();
+                input_def['listeners'] = {
+                    // update the payload options when one of them is selected
+                    'select': function(combo, value) {
+                        get_dynamic_payload_details(combo.getValue(), zombie);
+                    },
+                    // set the default payload value as defined in defaultPayload
+                    'afterrender': function(combo){
+                        combo.setValue(input.defaultPayload);
+                        get_dynamic_payload_details(combo.getValue(),zombie);
+                    }
+                };
+            }
+
+            // create store to contain options for the combo box
+            input_def['store']  = new Ext.data.ArrayStore( {
+                fields: input['store_fields'],
+                data: input['store_data']
+            });
+
+            input_field = new Ext.form.ComboBox(input_def);
+            break;
+
+       default:
+            input_field = new Ext.form.TextField(input_def);
+            break;
+        }
+
+    // add the properties for the input element, for example: widths, default values and the html lables
+    for(definition in input) {
+        if( (typeof input[definition] == 'string') && (definition != 'type') && (definition != 'name')) {
+            input_field[definition] = input[definition];
+        }
+    }
+
+    if(value)
+         input_field.setValue(value);
+    if(disabled)
+        input_field.setDisabled(true);
+
+    form.add(input_field);
+};
+
+function get_rest_token(){
+    var token = "";
+    var url = "/ui/modules/getRestfulApiToken.json";
+    $jwterm.ajax({
+        contentType: 'application/json',
+        dataType: 'json',
+        type: 'GET',
+        url: url,
+        async: false,
+        processData: false,
+        success: function(data){
+            token = data.token;
+        },
+        error: function(){
+            console.log("Error getting RESTful API token");
+        }
+    });
+    return token;
+}
+
+function get_module_details(id,token){
+    var mod = null;
+    var url = "http://127.0.0.1:3000/api/modules/"+id+"?token="+token;
+    $jwterm.ajax({
+        contentType: 'application/json',
+        dataType: 'json',
+        type: 'GET',
+        url: url,
+        async:false,
+        processData: false,
+        success: function(data){
+            mod = data;
+        }
+    });
+    return mod;
+}
+
+function process_module_opts(mod){
+    var mod_json = {
+       'mod_id': mod['id'],
+       'mod_input':[]
+    };
+   var opts = mod['options'];
+   var label='ui_label';
+   var type = 'type';
+   var type_val;
+   var label_val
+   var value;
+   var type;
+   var key = value = label = type_val = "";
+   var input;
+
+   if(opts.length > 0){
+       for( var i=0;i<opts.length;i++){
+           input = {};
+           key = opts[i]['name'];
+           value = opts[i]['value'];
+           type_val = opts[i]['type']
+           label_val = opts[i][label];
+           input[key]=value;
+           input[label]=label_val;
+           input[type] = type_val;
+           mod_json['mod_input'].push(input);
+       }
+   return mod_json;
+   }
+}
+
+function send_modules(token,module_data){
+    //TODO: Fix hardcoded api url
+    var url = "http://127.0.0.1:3000/api/modules/multi_module"+"?token="+token;
+    var payload = Ext.encode(module_data);
+    $jwterm.ajax({
+        contentType: 'application/json',
+        data: payload,
+        dataType: 'json',
+        type: 'POST',
+        url: url,
+        async:false,
+        processData: false,
+        success: function(data){
+            var results = data;
+        }
+    });
+}
+
+    /* Creates the same tree as the command module list*/
+ZombieTab_Autorun = function(zombie) {
+
+    var token = get_rest_token();
+
+    var details_panel = new Ext.FormPanel({
+        id: "zombie-autorun_details"+zombie.session,
+        title: "Module Details",
+        region:'west',
+        border: true,
+        width: 250,
+        minSize: 250,
+        maxSize: 500,
+    });
+
+    var list_panel = new Ext.Panel({
+        id: "zombie-autorun-list"+zombie.session,
+        title: "Selected Modules",
+        region:'west',
+        border: true,
+        width: 190,
+        minSize: 190,
+        maxSize: 500,
+    });
+
+    var command_module_tree = new Ext.tree.TreePanel({
+        id: "zombie-autorun-modules"+zombie.session,
+        title: "Module Tree",
+        border: true,
+        region: 'west',
+        width: 190,
+        minSize: 190,
+        maxSize: 500, // if some command module names are even longer, adjust this value
+        useArrows: true,
+        autoScroll: true,
+        animate: true,
+        containerScroll: true,
+        rootVisible: false,
+        root: {nodeType: 'async'},
+        buttons:[new Ext.Button({
+            text:'Execute',
+            hidden:false,
+            handler:function(){
+                var tree = Ext.getCmp('zombie-autorun-modules'+zombie.session);
+                var sel_nodes = tree.getChecked();
+                if(sel_nodes.length > 0){
+                    sel_nodes.forEach(function(item){
+                        if(item.hasChildNodes())
+                            sel_nodes.remove(item)
+                    });
+
+                    var mods_to_send = {
+                        'hb':zombie.session,
+                        'modules':[]
+                    };
+
+                    Ext.each(sel_nodes,function(item){
+                        var id = item.id;
+                        var module = get_module_details(id,token);
+                        var mod_json = {
+                            'mod_id': id,
+                            'mod_input':[]
+                        };
+
+                        module = process_module_opts(module);
+                        mods_to_send['modules'].push(module);
+                    });
+                    send_modules(token,mods_to_send);
+                }
+                else {
+                }
+         }})],
+         loader: new Ext.tree.TreeLoader({
+                dataUrl: '/ui/modules/select/commandmodules/tree.json',
+                baseParams: {zombie_session: zombie.session},
+                createNode: function(attr) {
+                if(attr.checked == null){attr.checked = false;}
+                        return Ext.tree.TreeLoader.prototype.createNode.call(this, attr);
+            },
+            listeners:{
+                beforeload: function(treeloader, node, callback) {
+                // Show loading mask on body, to prevent the user interacting with the UI
+                    treeloader.treeLoadingMask = new Ext.LoadMask(Ext.getBody(),{msg:"Please wait, command tree is loading..."});
+                    treeloader.treeLoadingMask.show();
+                    return true;
+                },
+                load: function(treeloader, node, response) {
+                       // Hide loading mask after tree is fully loaded
+                       treeloader.treeLoadingMask.hide();
+                       //if(node.parentNode.isChecked())
+                         node.getUI().toggleCheck();
+                          return true;
+                 }
+            }
+        }),
+        listeners: {
+            'click': function(node) {
+                if(!node.hasChildNodes()){
+                    details_panel.removeAll();
+                    details_panel.doLayout();
+                    // needs to be a functions (get_module_opts)
+                    var id = node.id;
+                    var module = get_module_details(id,token);
+                    if(!module){
+                        Ext.beef.msg("Module is null");
+                    }
+
+                    var inputs = module['options'];
+                    Ext.each(inputs,function(item){
+                        generate_form_input_field(details_panel,item,item['value'],false,zombie);
+                    });
+
+                    details_panel.doLayout();
+               }
+            },
+            'afterrender' : function() {},
+            'selectionchange' : function() {},
+            'activate' : function() {},
+            'select' : function() {},
+            'keyup' : function() {},
+            'render' : function(c) { c.getEl().on('keyup', function() {});},
+            'checkchange':function(node,check){
+                if(check){
+                    // expand and select all nodes under a parent
+                    if(node.isExpandable())
+                        node.expand();
+                        node.cascade(function(n){
+                        if(!n.getUI().isChecked())
+                            n.getUI().toggleCheck();
+                    });
+                }
+                // Collapse and deselect all children under the parent
+                else{
+                    node.cascade(function(n){
+                    if(n.getUI().isChecked())
+                        n.getUI().toggleCheck();
+                    });
+                    node.collapse();
+                }
+
+            }
+        }
+    });
+
+    ZombieTab_Autorun.superclass.constructor.call(this, {
+        id: 'zombie-'+zombie.session+'-autorun-panel',
+        title:'Autorun',
+        layout: 'hbox',
+        hidden: true,
+        layoutConfig:{align:'stretch'},
+        region: 'center',
+        selModel:Ext.tree.MultiSelectionModel,
+        items:[command_module_tree,details_panel],
+    });
+}
+
+Ext.extend(ZombieTab_Autorun, Ext.Panel, {
+    listeners: {close: function(panel) {}}
+});
+