Land #4655, @wchen-r7's custom 404 for BrowserExploitServer

2015-01-27 23:03:08 -06:00 · 2015-01-27 23:03:08 -06:00 · 5475cf50aa
parent 465b4a5c1b 457598eb02
commit 5475cf50aa
1 changed files with 37 additions and 1 deletions
--- a/lib/msf/core/exploit/remote/browser_exploit_server.rb
+++ b/lib/msf/core/exploit/remote/browser_exploit_server.rb
@ -11,6 +11,9 @@ require 'msf/core/exploit/jsobfu'
 #
 # The BrowserExploitServer mixin provides methods to do common tasks seen in modern browser
 # exploitation, and is designed to work against common setups such as on Windows, OSX, and Linux.
+# Wiki documentations about this mixin can be found here:
+# https://github.com/rapid7/metasploit-framework/wiki/How-to-write-a-browser-exploit-using-BrowserExploitServer
+# https://github.com/rapid7/metasploit-framework/wiki/Information-About-Unmet-Browser-Exploit-Requirements
 #
 ###

@ -87,10 +90,28 @@ module Msf

      register_advanced_options([
        OptString.new('CookieName', [false,  "The name of the tracking cookie", DEFAULT_COOKIE_NAME]),
-        OptString.new('CookieExpiration', [false,  "Cookie expiration in years (blank=expire on exit)"])
+        OptString.new('CookieExpiration', [false,  "Cookie expiration in years (blank=expire on exit)"]),
+        OptString.new('Custom404', [false, "An external custom 404 URL (Example: http://example.com/404.html)"])
      ], Exploit::Remote::BrowserExploitServer)
    end

+    def setup
+      custom_404 = get_custom_404_url
+      if !custom_404.blank? && custom_404 !~ /^http/i
+        raise Msf::OptionValidateError.new(['Custom404 (must begin with http or https)'])
+      end
+      super
+    end
+
+    #
+    # Returns the custom 404 URL set by the user
+    #
+    # @return [String]
+    #
+    def get_custom_404_url
+      datastore['Custom404'].to_s
+    end
+
    #
    # Allows a block of code to access BES resources in a thread-safe fashion
    #
@ -514,6 +535,7 @@ module Msf
        end

      else
+        print_error("Target has requested an unknown path: #{request.uri}")
        send_not_found(cli)
      end
    end
@ -578,5 +600,19 @@ module Msf
      end
    end

+    private
+
+    #
+    # Sends a 404 respons. If a custom 404 is configured, then it will redirect to that instead.
+    #
+    def send_not_found(cli)
+      custom_404_url = get_custom_404_url
+      if custom_404_url.blank?
+        super(cli)
+      else
+        send_redirect(cli, custom_404_url)
+      end
+    end
+
  end
 end