Moving RBeEF to trunk

git-svn-id: https://beef.googlecode.com/svn/trunk@503 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
2010-11-11 09:16:11 +00:00
parent 8d073f8738
commit ffa735caff
346 changed files with 84143 additions and 0 deletions
--- a/lib/server/commandhandler.rb
+++ b/lib/server/commandhandler.rb
@@ -0,0 +1,61 @@
+module BeEF
+  
+  class CommandHandler < WEBrick::HTTPServlet::AbstractServlet
+    
+    include BeEF::Server::Modules::Common
+    
+    attr_reader :guard
+    
+    def initialize(config, kclass)
+      @guard = Mutex.new
+      @kclass = BeEF::Modules::Commands.const_get(kclass.capitalize)
+    end
+    
+    def do_POST(request, response)
+      @body = ''
+      @request = request
+      @response = response
+      @http_params = @request.query  # used to populate datastore
+      @http_header = @request.header # used to populate datastore
+      @http_header['referer'] ||= '' # used to populate datastore
+
+      # get and check command id from the request
+      command_id  = @request.get_command_id()
+      raise WEBrick::HTTPStatus::BadRequest, "command_id is invalid" if not BeEF::Filter.is_valid_commmamd_id?(command_id)   
+
+      # get and check session id from the request
+      hook_session_id = request.get_hook_session_value()
+      raise WEBrick::HTTPStatus::BadRequest, "hook_session_id is invalid" if not BeEF::Filter.is_valid_hook_session_id?(hook_session_id)   
+
+      @guard.synchronize {
+        # create the command module to handle the response
+        command = @kclass.new # create the commamd module 
+        command.build_callback_datastore(@http_params, @http_header) # build datastore from the response
+        command.session_id = hook_session_id
+        command.callback # call the command module's callback function - it will parse and save the results
+
+        # get/set details for datastore and log entry
+        command_friendly_name = command.friendlyname
+        raise WEBrick::HTTPStatus::BadRequest, "command friendly name empty" if command_friendly_name.empty?
+        command_results = command.get_results()
+        raise WEBrick::HTTPStatus::BadRequest, "command results empty" if command_results.empty?
+
+        # save the command module results to the datastore and create a log entry
+        BeEF::Models::Command.save_result(hook_session_id, command_id, command_friendly_name, command_results) 
+      }
+
+      response.set_no_cache
+      response.header['Content-Type'] = 'text/javascript' 
+      response.header['Access-Control-Allow-Origin'] = '*'
+      response.header['Access-Control-Allow-Methods'] = 'POST'
+      response.body = @body
+    end
+    
+    private
+    
+    @request
+    @response
+    
+  end
+  
+end