Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
03ffb4703d37555fc9723907e1ee052552391926
beef/include/ui_zombie.inc.php
wade@bindshell.net 03ffb4703d Initial Import 
git-svn-id: https://beef.googlecode.com/svn/trunk@2 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
2010-01-11 00:54:08 +00:00

231 lines
6.6 KiB
PHP
Raw Blame History

<?
// Copyright (c) 2006-2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("globals.inc.php");
require_once("browserdetection.inc.php");
require_once("common.inc.php");
// ---[ GET_ZOMBIE_OS
// the output of this function must be escaped
function get_zombie_os($zombie_id) {
$heartbeat_file = ZOMBIE_TMP_DIR . $_SESSION[$zombie_id] . "/" . HEARTBEAT_FILENAME;
$zombie_heartbeat_contents = file($heartbeat_file);
return $zombie_heartbeat_contents[3];
}
// ---[ GET_ZOMBIE_BROWSER
// the output of this function must be escaped
function get_zombie_browser($zombie_id) {
$heartbeat_file = ZOMBIE_TMP_DIR . $_SESSION[$zombie_id] . "/" . HEARTBEAT_FILENAME;
$zombie_heartbeat_contents = file($heartbeat_file);
return trim($zombie_heartbeat_contents[1]) . " " . trim($zombie_heartbeat_contents[2]);
}
// ---[ GET_ZOMBIE_METADATA
function get_zombie_metadata($zombie_id) {
$heartbeat_file = ZOMBIE_TMP_DIR . $_SESSION[$zombie_id] . "/" . HEARTBEAT_FILENAME;
$zombie_details = get_zombie_data($heartbeat_file);
$zombie_data = trim($zombie_details['ip']);
$zombie_data .= ',' . $zombie_details['agent_image'];
$zombie_data .= ',' . $zombie_details['os_image'];
return $zombie_data;
}
// ---[ GET_ZOMBIE_IP
function get_zombie_ip($zombie_id) {
$heartbeat_file = ZOMBIE_TMP_DIR . $_SESSION[$zombie_id] . "/" . HEARTBEAT_FILENAME;
$zombie_details = get_zombie_data($heartbeat_file);
return trim($zombie_details['ip']);
}
// --[ GET_ZOMBIE_VAR
function get_zombie_var() {
if(!isset($_GET["zombie"])) { beef_error('no zombie submitted'); }
$zombie = $_GET["zombie"];
if(!isset($_SESSION[$zombie])) { beef_error('zombie not in session'); }
return $zombie;
}
// --[ GET_ZOMBIE_DATAFILE
function get_zombie_datafile($filename) {
$zombie = get_zombie_var();
$zombie_dir = ZOMBIE_TMP_DIR . $_SESSION[$zombie];
$zombie_file = $zombie_dir . "/" . $filename;
if(!file_exists($zombie_file)) {
return DNA_STRING;
}
return file_get_contents($zombie_file);
}
// --[ DELETE_ZOMBIE_RESULTS
function delete_zombie_results() {
$zombie = get_zombie_var();
$zombie_dir = ZOMBIE_TMP_DIR . $_SESSION[$zombie];
$zombie_file = $zombie_dir . "/" . RES_FILENAME;
if(file_exists($zombie_file)) {
unlink($zombie_file);
}
}
// ---[ GET_ZOMBIE_LIST
function get_zombie_list() {
$result = "";
// check installed properly
if(!file_exists(BASE_DIR)) {
return INSTALL_WARNING;
}
$d = opendir(ZOMBIE_TMP_DIR);
if(!$d) return false;
// iterate through directory and parse the heartbeat files
while($dir_name = readdir($d)) {
if(!is_dir(ZOMBIE_TMP_DIR . $dir_name)) { continue; } // skip files
$heartbeat_file = ZOMBIE_TMP_DIR . $dir_name . "/" . HEARTBEAT_FILENAME;
if(!file_exists($heartbeat_file)) { continue; } // check heartbeat exists
// check that the heartbeat file is within the age window (HEARTBEAT_TIME)
$filetime = date("U",filemtime($heartbeat_file));
if((time() - $filetime) < ((HEARTBEAT_TIME/1000)+1)) {
// parse zombie details into $zombie_details
$_SESSION[md5($dir_name)] = $dir_name;
$zombie_details = get_zombie_data($heartbeat_file);
$zombie_details['id'] = md5($dir_name);
if(!empty($result)) $result .= ",";
$result .= $zombie_details['id'];
} else {
// this means the zombie has been lost
// leave history/details in directory
}
}
closedir($d);
// if no zombies return the default value
if($result == "") { $result = 'none'; }
return $result;
}
// --[ GET_ZOMBIE_MENU
function get_zombie_menu() {
$result = "";
// check installed properly
if(!file_exists(BASE_DIR)) {
return INSTALL_WARNING;
}
$d = opendir(ZOMBIE_TMP_DIR);
if(!$d) return false;
// iterate through directory and parse the heartbeat files
while($dir_name = readdir($d)) {
if(!is_dir(ZOMBIE_TMP_DIR . $dir_name)) { continue; } // skip files
$heartbeat_file = ZOMBIE_TMP_DIR . $dir_name . "/" . HEARTBEAT_FILENAME;
if(!file_exists($heartbeat_file)) { continue; } // check heartbeat exists
// check that the heartbeat file is within the age window (HEARTBEAT_TIME)
$filetime = date("U",filemtime($heartbeat_file));
if((time() - $filetime) < ((HEARTBEAT_TIME/1000)+1)) {
// parse zombie details into $zombie_details
$_SESSION[md5($dir_name)] = $dir_name;
$zombie_details = get_zombie_data($heartbeat_file);
$zombie_details['id'] = trim(md5($dir_name));
$result .= '<li><a href="javascript:change_zombie(\'' . $zombie_details['id'] . '\')">' .
'<img src="/beef/images/' . $zombie_details['agent_image'] . '" align="top" border="0" height="12" width="12" vspace="2"> ' .
'<img src="/beef/images/' . $zombie_details['os_image'] . '" align="top" border="0" height="12" width="12" vspace="2"> ' .
$zombie_details['ip'] . '</a></li>';
} else {
// this means the zombie has been lost
// leave history/details in directory
}
}
closedir($d);
// if no zombies return the default value
if($result == "") { $result = ZOMBIE_NONE; }
return $result;
}
// ---[ GET_ZOMBIE_DATA
function get_zombie_data($file){
$browser_details = file_get_contents($file);
$zombie_data['ip'] = extract_zombie_ip($browser_details);
$zombie_data['agent_image'] = extract_zombie_useragent($browser_details);
$zombie_data['os_image'] = extract_zombie_os($browser_details);
return $zombie_data;
}
// ---[ EXTRACT_ZOMBIE_IP
function extract_zombie_ip($raw_zombie_data) {
// get ip address from data
return substr("$raw_zombie_data",0,strpos($raw_zombie_data,"\n")+strlen("\n"));
}
// ---[ EXTRACT_ZOMBIE_USERAGENT
function extract_zombie_useragent($raw_zombie_data) {
// find agent type
if(stristr($raw_zombie_data, AGENT_FIREFOX_UA_STR)) {
return AGENT_FIREFOX_IMG;
}
if(stristr($raw_zombie_data, AGENT_IE_UA_STR)) {
return AGENT_IE_IMG;
}
if(stristr($raw_zombie_data, AGENT_CHROME_UA_STR)) {
return AGENT_CHROME_IMG;
}
if(stristr($raw_zombie_data, AGENT_SAFARI_UA_STR)) {
return AGENT_SAFARI_IMG;
}
if(stristr($raw_zombie_data, AGENT_KONQ_UA_STR)) {
return AGENT_KONQ_IMG;
}
if(stristr($raw_zombie_data, AGENT_MOZILLA_UA_STR)) {
return AGENT_MOZILLA_IMG;
}
return AGENT_UNKNOWN_IMG;
}
// ---[ EXTRACT_ZOMBIE_OS
function extract_zombie_os($raw_zombie_data) {
// find os type
if(stristr($raw_zombie_data, OS_WINDOWS_UA_STR)) {
return OS_WINDOWS_IMG;
}
if(stristr($raw_zombie_data, OS_LINUX_UA_STR)) {
return OS_LINUX_IMG;
}
if(stristr($raw_zombie_data, OS_MAC_UA_STR)) {
return OS_MAC_IMG;
}
return OS_UNKNOWN_IMG;
}
?>
Reference in New Issue View Git Blame Copy Permalink