2013-10-22 02:02:01 +00:00
|
|
|
# -*- coding: binary -*-
|
|
|
|
|
|
|
|
|
|
require 'msf/core'
|
|
|
|
|
|
|
|
|
|
module Rex
|
|
|
|
|
module Exploitation
|
|
|
|
|
module Js
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Provides networking functions in JavaScript
|
|
|
|
|
#
|
|
|
|
|
class Network
|
|
|
|
|
|
2013-11-02 19:52:50 +00:00
|
|
|
# @param [Hash] opts the options hash
|
|
|
|
|
# @option opts [Boolean] :obfuscate toggles js obfuscation. defaults to true.
|
|
|
|
|
# @option opts [Boolean] :use_xhr_shim automatically stubs XHR to use ActiveXObject when needed.
|
|
|
|
|
# defaults to true.
|
|
|
|
|
# @return [String] javascript code to perform a synchronous ajax request to the remote
|
|
|
|
|
# and returns the response
|
|
|
|
|
def self.ajax_download(opts={})
|
|
|
|
|
should_obfuscate = opts.fetch(:obfuscate, true)
|
2013-10-22 02:02:01 +00:00
|
|
|
js = ::File.read(::File.join(Msf::Config.data_directory, "js", "network", "ajax_download.js"))
|
|
|
|
|
|
2013-11-02 19:52:50 +00:00
|
|
|
if should_obfuscate
|
|
|
|
|
js = ::Rex::Exploitation::ObfuscateJS.new(js,
|
|
|
|
|
{
|
|
|
|
|
'Symbols' => {
|
|
|
|
|
'Variables' => %w{ xmlHttp }
|
|
|
|
|
}
|
2013-10-22 02:02:01 +00:00
|
|
|
}).obfuscate
|
2013-11-02 19:52:50 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
xhr_shim(opts) + js
|
2013-10-22 02:02:01 +00:00
|
|
|
end
|
|
|
|
|
|
2013-11-02 19:52:50 +00:00
|
|
|
# @param [Hash] opts the options hash
|
|
|
|
|
# @option opts [Boolean] :obfuscate toggles js obfuscation. defaults to true.
|
|
|
|
|
# @option opts [Boolean] :use_xhr_shim automatically stubs XHR to use ActiveXObject when needed.
|
|
|
|
|
# defaults to true.
|
|
|
|
|
# @return [String] javascript code to perform a synchronous ajax request to the remote with
|
|
|
|
|
# the data specified
|
|
|
|
|
def self.ajax_post(opts={})
|
|
|
|
|
should_obfuscate = opts.fetch(:obfuscate, true)
|
|
|
|
|
js = :File.read(::File.join(Msf::Config.data_directory, "js", "network", "ajax_post.js"))
|
2013-10-31 18:55:22 +00:00
|
|
|
|
2013-11-02 19:52:50 +00:00
|
|
|
if should_obfuscate
|
|
|
|
|
::Rex::Exploitation::ObfuscateJS.new(js,
|
|
|
|
|
{
|
|
|
|
|
'Symbols' => {
|
|
|
|
|
'Variables' => %w{ xmlHttp }
|
|
|
|
|
}
|
|
|
|
|
}).obfuscate
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
xhr_shim(opts) + js
|
|
|
|
|
end
|
2013-10-31 18:55:22 +00:00
|
|
|
|
2013-11-02 19:52:50 +00:00
|
|
|
# @param [Hash] opts the options hash
|
|
|
|
|
# @option opts [Boolean] :obfuscate toggles js obfuscation. defaults to true.
|
|
|
|
|
# @option opts [Boolean] :use_xhr_shim false causes this method to return ''. defaults to true.
|
|
|
|
|
# @return [String] javascript code that adds XMLHttpRequest to the global scope if it
|
|
|
|
|
# does not exist (e.g. on IE6, where you have to use the ActiveXObject constructor)
|
|
|
|
|
def self.xhr_shim(opts={})
|
|
|
|
|
return '' unless opts.fetch(:use_xhr_shim, true)
|
|
|
|
|
|
|
|
|
|
should_obfuscate = opts.fetch(:obfuscate, true)
|
|
|
|
|
js = ::File.read(::File.join(Msf::Config.data_directory, "js", "network", "xhr_shim.js"))
|
|
|
|
|
|
|
|
|
|
if should_obfuscate
|
|
|
|
|
::Rex::Exploitation::ObfuscateJS.new(js,
|
|
|
|
|
{
|
|
|
|
|
'Symbols' => {
|
|
|
|
|
'Variables' => %w{ i objs }
|
|
|
|
|
}
|
2013-10-31 18:55:22 +00:00
|
|
|
}
|
2013-11-02 19:52:50 +00:00
|
|
|
).obfuscate
|
|
|
|
|
end
|
2013-10-31 18:55:22 +00:00
|
|
|
end
|
|
|
|
|
|
2013-10-22 02:02:01 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
