IDE being reworked.

git-svn-id: file:///home/svn/framework3/trunk@4049 4d416f70-5f16-0410-b530-b9f4589650da

data/msfweb/app/controllers/ide_controller.rb

@@ -18,46 +18,14 @@ class IdeController < ApplicationController
   
   def wizard
     if params[:exploit]
-      session[:exploit] = params[:exploit]
-      @the_exploit = session[:exploit]
+      @the_exploit = session[:exploit] = params[:exploit]
       @step = @the_exploit["step"].to_i
     elsif @step.nil?
       @step = 0
-      @the_exploit = { }
+      @the_exploit = {}
     end
     
     flash[:error] = ""
-    
-    # lmh:
-    # XXX: regex for validation needed, more nice method (helper anyone?) and polishing
-    # the whole thing should be a helper that dumps errors to flash[:error] and returns
-    # true or false depending on validation. false means @step = current (not next), true
-    # means no changes in flow.
-    case @step
-      when 1
-        if @the_exploit["name"].length < 5
-          flash[:error] << "Name is too short or not specified. "
-          @step = 0
-        end
-        if @the_exploit["description"].length < 5
-          flash[:error] << "Description is too short or not specified. "
-          @step = 0
-        end
-      when 2
-        # XXX check valid os
-        unless @the_exploit["os"].length > 0
-          flash[:error] << "Platform not specified. "
-          @step = 0
-        end
-        # XXX check valid archs ...
-        unless @the_exploit["arch"].length > 0
-          flash[:error] << "Architecture not specified. "
-          @step = 0
-        end
-        # and so on....
-      else
-        # nothing
-    end
   end
 
   def dump_current()

data/msfweb/app/helpers/application_helper.rb

@@ -65,4 +65,10 @@ module ApplicationHelper
   def return_selectable_architectures()
     return ARCH_ALL
   end
+
+  #
+  def return_selectable_exploit_mixins()
+    ret = {}
+    ret['Connect to a TCP service', '' ]
+  end
 end

data/msfweb/app/views/ide/start.rhtml

@@ -4,7 +4,8 @@
     <table width="100%" align="center">
         <tr width="100%" align="center">
             <td>
-                <a href="/ide/edit"
+                <a href="#"
+                   onclick="new Effect.Appear('edit_new')"
                    onmouseout="document.getElementById('devil').src = '/images/ide/devil.png';"
                    onmouseover="document.getElementById('devil').src = '/images/ide/devil_ne.png';">
                     <img src="/images/ide/devil.png" alt="" id="devil" /> <br />
@@ -12,7 +13,7 @@
                 </a>
             </td>
             <td>
-                <a href="/ide/wizard"
+                <a href="#"
                    onmouseout="document.getElementById('doomed').src = '/images/ide/doomed.png';"
                    onmouseover="document.getElementById('doomed').src = '/images/ide/doomed_ne.png';">
                     <img src="/images/ide/doomed.png" alt="" id="doomed" /> <br />
@@ -22,15 +23,21 @@
         </tr>
     </table>
 
-    <div id="edit-new" style="display: none;">
-        <div id="module-search-box">
+    <div id="edit_new" style="display: none;">
+        <p>Editing an existing exploit...</p>
+        <div id="module_search_box">
             Type in name or keyword:&nbsp;
             <input id="exploit_search" name="terms" type="text" size="40" value="Edit me"/>
             <div id="search_results"></div>
         </div>
-    
+        <a href="#" onclick="new Effect.Fade('edit_new')"><strong>hide</strong></a>
         <script type="text/javascript">
             generic_live_search('exploit_search', 'exploits', 'spinner', 1);
         </script>
     </div>
+    <div id="create_new" style="display: none;">
+        <%= start_form_tag :action => "wizard" %>
+            <%= select ("exploit", "type", return_selectable_exploit_mixins()) %>
+        <%= end_form_tag %>
+    </div>
 </div>

data/msfweb/app/views/ide/wizard.rhtml

@@ -4,108 +4,13 @@
     <%= flash[:error] %>
     </p>
     <% end %>
+
 <% if @step == 0 %>
     <h3>Step 1: Exploit information</h3>
     <p>
-        Please fill-in the information below. Name should describe really shortly
-        the vulnerability, if possible including version (ex. max affected version
-        with &lt;=1.2.3 format). Description should be approx. 255-characters and
-        detail the vulnerability, and any other information that may be useful.
-        List the authors separated by commas.
-        Try to avoid l33t speak...
     </p>
     <table width="100%">
     <%= start_form_tag %>
-        <%= hidden_field "exploit", "step", :value => "1" %>
-        <tr>
-            <td>Name:</td>
-            <td><%= text_field "exploit", "name", :value => h(@the_exploit["name"]) %></td>
-        </tr>
-        <tr>
-            <td>Authors:</td>
-            <td><%= text_field "exploit", "authors", :value => h(@the_exploit["authors"]) %></td>
-        </tr>
-        <tr>
-            <td>Disclosure date:</td>
-            <td><%= text_field "exploit", "ddate", :value => h(@the_exploit["ddate"]) %></td>
-        </tr>
-        <tr>
-            <td>Description:</td>
-            <td><%= text_area "exploit", "description", :rows => 7, :cols => 50,
-                    :value => h(@the_exploit["description"]) %></td>
-        </tr>
-        <tr>
-            <td colspan="2">
-                <input type="button" value="Back" onclick="history.go(-1);" />&nbsp;
-                <%= submit_tag "Next" %>
-            </td>
-        </tr>
-    <%= end_form_tag %>
-    </table>
-<% elsif @step == 1 %>
-    <h3>Step 2: References and platform information</h3>
-    <p>
-    </p>
-    <table width="100%">
-    <%= start_form_tag %>
-        <%= hidden_field "exploit", "step", :value => "2" %>
-        <tr>
-            <td>Platform/OS:</td>
-            <td>
-                <%= select "exploit", "os", return_selectable_platforms() %>
-            </td>
-        </tr>
-        <tr>
-            <td>Architecture:</td>
-            <td><%= select "exploit", "arch", return_selectable_architectures() %></td>
-        </tr>
-        <tr>
-            <td>Type:</td>
-            <td><%= select "exploit", "type", ["remote","local","omni"] %></td>
-        </tr>
-        <tr>
-            <td>References:</td>
-            <td><%= text_area "exploit", "refs", :rows => 7, :cols => 50,
-                    :value => h(@the_exploit["refs"]) %></td>
-        </tr>
-        <tr>
-            <td colspan="2">
-                <input type="button" value="Back" onclick="history.go(-1);" />&nbsp;
-                <%= submit_tag "Next" %>
-            </td>
-        </tr>
-    <%= end_form_tag %>
-    </table>
-<% elsif @step == 2 %>
-    <h3>Step 3: Payload information and targets</h3>
-    <p>
-    </p>
-    <table width="100%">
-    <%= start_form_tag %>
-        <%= hidden_field "exploit", "step", :value => "3" %>
-        <tr>
-            <td>Space available:</td>
-            <td><%= text_field "exploit", "payload_space", :value => h(@the_exploit["payload_space"]) %></td>
-        </tr>
-        <tr>
-            <td>Keywords:</td>
-            <td><%= text_field "exploit", "payload_keywords", :value => h(@the_exploit["payload_keywords"]) %></td>
-        </tr>
-        <tr>
-            <td>Bad characters:</td>
-            <td><%= text_field "exploit", "payload_badchars", :value => h(@the_exploit["payload_badchars"]) %></td>
-        </tr>
-        <tr>
-            <td>Targets:</td>
-            <td><%= text_area "exploit", "targets", :rows => 7, :cols => 50,
-                    :value => h(@the_exploit["targets"]) %></td>
-        </tr>
-        <tr>
-            <td colspan="2">
-                <input type="button" value="Back" onclick="history.go(-1);" />&nbsp;
-                <%= submit_tag "Next" %>
-            </td>
-        </tr>
     <%= end_form_tag %>
     </table>
 <% end %>