Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
db29962c4b32160895a1665c295446cbb673ec12
beef/lib/server/inithandler.rb
scotty.b.brown@gmail.com db29962c4b Filter added for browser plugins for #179 
git-svn-id: https://beef.googlecode.com/svn/trunk@657 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
2011-01-03 02:46:26 +00:00

113 lines
4.8 KiB
Ruby
Raw Blame History

module BeEF
#
# The http handler that manages the return of the initial browser details.
#
class InitHandler < WEBrick::HTTPServlet::AbstractServlet
attr_reader :guard
HB = BeEF::Models::Zombie
BD = BeEF::Models::BrowserDetails
#
# Class constructor
#
def initialize(config)
# we set up a mutex
@guard = Mutex.new
end
#
# This function receives any POST http requests. We only
# allow the hooked browser to send back results using POST.
#
def do_POST(request, response)
response.body = ''
# validate hook session value
session_id = request.query['BEEFHOOK'] || nil
raise WEBrick::HTTPStatus::BadRequest, "session id is invalid" if not Filter.is_valid_hook_session_id?(session_id)
hooked_browser = HB.first(:session => session_id)
return if not hooked_browser.nil? # browser is already registered with framework
# create the structure repesenting the hooked browser
zombie = BeEF::Models::Zombie.new(:ip => request.peeraddr[3], :session => session_id)
zombie.firstseen = Time.new.to_i
zombie.httpheaders = request.header.to_json
@guard.synchronize {
zombie.save # the save needs to be conducted before any hooked browser specific logging
}
# add a log entry for the newly hooked browser
log_zombie_domain = zombie.domain
log_zombie_domain = "(blank)" if log_zombie_domain.nil? or log_zombie_domain.empty?
BeEF::Logger.instance.register('Zombie', "#{zombie.ip} just joined the horde from the domain: #{log_zombie_domain}", "#{zombie.id}")
# get and store browser name
browser_name = get_param(request.query, 'BrowserName')
raise WEBrick::HTTPStatus::BadRequest, "Invalid browser name" if not Filter.is_valid_browsername?(browser_name)
BD.set(session_id, 'BrowserName', browser_name)
# get and store browser version
browser_version = get_param(request.query, 'BrowserVersion')
raise WEBrick::HTTPStatus::BadRequest, "Invalid browser version" if not Filter.is_valid_browserversion?(browser_version)
BD.set(session_id, 'BrowserVersion', browser_version)
# get and store browser string
browser_string = get_param(request.query, 'BrowserReportedName')
raise WEBrick::HTTPStatus::BadRequest, "Invalid browser browser string" if not Filter.is_valid_browserstring?(browser_string)
BD.set(session_id, 'BrowserReportedName', browser_string)
# get and store the os name
os_name = get_param(request.query, 'OsName')
raise WEBrick::HTTPStatus::BadRequest, "Invalid browser os name" if not Filter.is_valid_osname?(os_name)
BD.set(session_id, 'OsName', os_name)
# get and store page title
page_title = get_param(request.query, 'PageTitle')
raise WEBrick::HTTPStatus::BadRequest, "Invalid page title name" if not Filter.is_valid_pagetitle?(page_title)
BD.set(session_id, 'PageTitle', page_title)
# get and store page title
host_name = get_param(request.query, 'HostName')
raise WEBrick::HTTPStatus::BadRequest, "Invalid host name" if not Filter.is_valid_hostname?(host_name)
BD.set(session_id, 'HostName', host_name)
# get and store the browser plugins
browser_plugins = get_param(request.query, 'BrowserPlugins')
raise WEBrick::HTTPStatus::BadRequest, "Invalid browser plugins" if not Filter.is_valid_browser_plugins?(browser_plugins)
BD.set(session_id, 'BrowserPlugins', browser_plugins)
# get and store the internal ip address
internal_ip = get_param(request.query, 'InternalIP')
if not internal_ip.nil?
raise WEBrick::HTTPStatus::BadRequest, "Invalid internal IP address" if not Filter.is_valid_ip?(internal_ip)
BD.set(session_id, 'InternalIP', internal_ip)
end
# get and store the internal hostname
internal_hostname = get_param(request.query, 'InternalHostname')
if not internal_hostname.nil?
raise WEBrick::HTTPStatus::BadRequest, "Invalid internal host name" if not Filter.is_valid_hostname?(host_name)
BD.set(session_id, 'InternalHostname', internal_hostname)
end
end
# returns a selected parameter from the query string.
def get_param(query, key)
return nil if query[key].nil?
b64_param = query[key]
raise WEBrick::HTTPStatus::BadRequest, "Invalid init base64 value" if Filter.has_non_printable_char?(b64_param)
escaped_param = CGI.unescapeHTML(b64_param)
raise WEBrick::HTTPStatus::BadRequest, "Invalid init escaped value" if Filter.has_non_printable_char?(escaped_param)
param = Base64.decode64(escaped_param)
raise WEBrick::HTTPStatus::BadRequest, "Invalid init value" if Filter.has_valid_browser_details_chars?(param)
param
end
end
end
Reference in New Issue View Git Blame Copy Permalink