diff --git a/lib/msf/core/exploit/http/server.rb b/lib/msf/core/exploit/http/server.rb index 1ca97d0472..cc4a9020f4 100644 --- a/lib/msf/core/exploit/http/server.rb +++ b/lib/msf/core/exploit/http/server.rb @@ -3,11 +3,11 @@ require 'rex/service_manager' require 'rex/exploitation/obfuscatejs' require 'rex/exploitation/encryptjs' require 'rex/exploitation/heaplib' -require 'rex/exploitation/javascriptnetwork' -require 'rex/exploitation/javascriptutils' -require 'rex/exploitation/javascriptosdetect' -require 'rex/exploitation/javascriptaddonsdetect' -require 'rex/exploitation/javascriptexploitation' +require 'rex/exploitation/js/network' +require 'rex/exploitation/js/utils' +require 'rex/exploitation/js/osdetect' +require 'rex/exploitation/js/addonsdetect' +require 'rex/exploitation/js/memory' module Msf @@ -721,7 +721,7 @@ protected end def js_base64 - @cache_base64 ||= Rex::Exploitation::JavascriptUtils.base64 + @cache_base64 ||= Rex::Exploitation::Js::Utils.base64 end @@ -744,7 +744,7 @@ protected # # def js_ajax_download - @cache_ajax_download ||= Rex::Exploitation::JavascriptNetwork.ajax_download + @cache_ajax_download ||= Rex::Exploitation::Js::Network.ajax_download end @@ -780,7 +780,7 @@ protected # # def js_mstime_malloc - @cache_mstime_malloc ||= Rex::Exploitation::JavascriptExploitation.mstime_malloc + @cache_mstime_malloc ||= Rex::Exploitation::Js::Memory.mstime_malloc end # @@ -806,15 +806,15 @@ protected # # def js_property_spray - @cache_property_spray ||= Rex::Exploitation::JavascriptExploitation.property_spray + @cache_property_spray ||= Rex::Exploitation::Js::Memory.property_spray end def js_heap_spray - @cache_heap_spray ||= Rex::Exploitation::JavascriptExploitation.heap_spray + @cache_heap_spray ||= Rex::Exploitation::Js::Memory.heap_spray end def js_os_detect - @cache_os_detect ||= ::Rex::Exploitation::JavascriptOSDetect.new + @cache_os_detect ||= ::Rex::Exploitation::Js::OSDetect.new end # Transmits a html response to the supplied client diff --git a/lib/rex/exploitation/javascriptaddonsdetect.rb b/lib/rex/exploitation/javascriptaddonsdetect.rb deleted file mode 100644 index 9ee8e0f1bc..0000000000 --- a/lib/rex/exploitation/javascriptaddonsdetect.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -*- coding: binary -*- - -require 'msf/core' -require 'rex/text' -require 'rex/exploitation/jsobfu' - -module Rex -module Exploitation - -# -# Provides javascript functions to determine addon information. -# -# getMsOfficeVersion(): Returns the version for Microsoft Office -# -class JavascriptAddonsDetect < JSObfu - - def initialize(custom_js = '', opts = {}) - @js = custom_js - @js += ::File.read(::File.join(Msf::Config.data_directory, "js", "detect", "addons.js")) - - super @js - - return @js - end - -end -end - -end diff --git a/lib/rex/exploitation/javascriptexploitation.rb b/lib/rex/exploitation/javascriptexploitation.rb deleted file mode 100644 index 2328edba3b..0000000000 --- a/lib/rex/exploitation/javascriptexploitation.rb +++ /dev/null @@ -1,51 +0,0 @@ -# -*- coding: binary -*- - -require 'msf/core' - -module Rex -module Exploitation - -# -# Provides exploitation functions in JavaScript -# -class JavascriptExploitation - - def self.mstime_malloc - js = ::File.read(::File.join(Msf::Config.data_directory, "js", "exploitation", "mstime_malloc.js")) - js = js.gsub(/W00TA/, Rex::Text.rand_text_hex(6)) - js = js.gsub(/W00TB/, Rex::Text.rand_text_hex(5)) - - ::Rex::Exploitation::ObfuscateJS.new(js, - { - 'Symbols' => { - 'Variables' => %w{ buf eleId acTag } - } - }).obfuscate - end - - def self.property_spray - js = ::File.read(::File.join(Msf::Config.data_directory, "js", "exploitation", "property_spray.js")) - - ::Rex::Exploitation::ObfuscateJS.new(js, - { - 'Symbols' => { - 'Variables' => %w{ sym_div_container data junk obj } - } - }).obfuscate - end - - def self.heap_spray - js = ::File.read(::File.join(Msf::Config.data_directory, "js", "exploitation", "heap_spray.js")) - - ::Rex::Exploitation::ObfuscateJS.new(js, - { - 'Symbols' => { - 'Variables' => %w{ index heapSprayAddr_hi heapSprayAddr_lo retSlide heapBlockCnt } - } - }).obfuscate - end - -end -end - -end diff --git a/lib/rex/exploitation/javascriptnetwork.rb b/lib/rex/exploitation/javascriptnetwork.rb deleted file mode 100644 index 23c71dd9a1..0000000000 --- a/lib/rex/exploitation/javascriptnetwork.rb +++ /dev/null @@ -1,27 +0,0 @@ -# -*- coding: binary -*- - -require 'msf/core' - -module Rex -module Exploitation - -# -# Provides networking functions in JavaScript -# -class JavascriptNetwork - - def self.ajax_download - js = ::File.read(::File.join(Msf::Config.data_directory, "js", "network", "ajax_download.js")) - - ::Rex::Exploitation::ObfuscateJS.new(js, - { - 'Symbols' => { - 'Variables' => %w{ xmlHttp } - } - }).obfuscate - end - -end -end - -end diff --git a/lib/rex/exploitation/javascriptosdetect.rb b/lib/rex/exploitation/javascriptosdetect.rb deleted file mode 100644 index 2536413911..0000000000 --- a/lib/rex/exploitation/javascriptosdetect.rb +++ /dev/null @@ -1,43 +0,0 @@ -# -*- coding: binary -*- - -require 'msf/core' -require 'rex/text' -require 'rex/exploitation/jsobfu' - -module Rex -module Exploitation - -# -# Provides several javascript functions for determining the OS and browser versions of a client. -# -# getVersion(): returns an object with the following properties -# os_name - OS name, one of the Msf::OperatingSystems constants -# os_flavor - OS flavor as a string (e.g.: "XP", "2000") -# os_sp - OS service pack (e.g.: "SP2", will be empty on non-Windows) -# os_lang - OS language (e.g.: "en-us") -# ua_name - Client name, one of the Msf::HttpClients constants -# ua_version - Client version as a string (e.g.: "3.5.1", "6.0;SP2") -# arch - Architecture, one of the ARCH_* constants -# -# The following functions work on the version returned in obj.ua_version -# -# ua_ver_cmp(a, b): returns -1, 0, or 1 based on whether a < b, a == b, or a > b respectively -# ua_ver_lt(a, b): returns true if a < b -# ua_ver_gt(a, b): returns true if a > b -# ua_ver_eq(a, b): returns true if a == b -# -class JavascriptOSDetect < JSObfu - - def initialize(custom_js = '', opts = {}) - @js = custom_js - @js += ::File.read(::File.join(Msf::Config.data_directory, "js", "detect", "os.js")) - - super @js - - return @js - end - -end -end - -end diff --git a/lib/rex/exploitation/javascriptutils.rb b/lib/rex/exploitation/javascriptutils.rb deleted file mode 100644 index df77cb9d0e..0000000000 --- a/lib/rex/exploitation/javascriptutils.rb +++ /dev/null @@ -1,32 +0,0 @@ -# -*- coding: binary -*- - -require 'msf/core' -require 'rex/text' -require 'rex/exploitation/jsobfu' - -module Rex -module Exploitation - -# -# Javascript utilities -# -class JavascriptUtils - - def self.base64 - js = ::File.read(::File.join(Msf::Config.data_directory, "js", "utils", "base64.js")) - - opts = { - 'Symbols' => { - 'Variables' => %w{ Base64 encoding result _keyStr encoded_data utftext input_idx - input output chr chr1 chr2 chr3 enc1 enc2 enc3 enc4 }, - 'Methods' => %w{ _utf8_encode _utf8_decode encode decode } - } - } - - ::Rex::Exploitation::ObfuscateJS.new(js, opts).to_s - end - -end -end - -end diff --git a/modules/auxiliary/server/browser_autopwn.rb b/modules/auxiliary/server/browser_autopwn.rb index 05c0a5067e..8c0fc65116 100644 --- a/modules/auxiliary/server/browser_autopwn.rb +++ b/modules/auxiliary/server/browser_autopwn.rb @@ -9,7 +9,7 @@ # - caching is busted when different browsers come from the same IP require 'msf/core' -require 'rex/exploitation/javascriptosdetect' +require 'rex/exploitation/js/osdetect' require 'rex/exploitation/jsobfu' class Metasploit3 < Msf::Auxiliary @@ -171,7 +171,7 @@ class Metasploit3 < Msf::Auxiliary def setup print_status("Setup") - @init_js = ::Rex::Exploitation::JavascriptOSDetect.new <<-ENDJS + @init_js = ::Rex::Exploitation::Js::OSDetect.new <<-ENDJS #{js_base64} diff --git a/spec/lib/rex/exploitation/javascriptaddonsdetect_spec.rb b/spec/lib/rex/exploitation/javascriptaddonsdetect_spec.rb deleted file mode 100644 index 25e018cc75..0000000000 --- a/spec/lib/rex/exploitation/javascriptaddonsdetect_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'rex/exploitation/javascriptaddonsdetect' - -describe Rex::Exploitation::JavascriptAddonsDetect do - - context "Class methods" do - - context ".initialize" do - it "should load the Addons Detect javascript" do - js = Rex::Exploitation::JavascriptAddonsDetect.new.to_s - js.should =~ /window\.addons_detect/ - end - end - - end - -end \ No newline at end of file diff --git a/spec/lib/rex/exploitation/javascriptexploitation_spec.rb b/spec/lib/rex/exploitation/javascriptexploitation_spec.rb deleted file mode 100644 index f0f4838bbc..0000000000 --- a/spec/lib/rex/exploitation/javascriptexploitation_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'rex/exploitation/javascriptexploitation' - -describe Rex::Exploitation::JavascriptExploitation do - - context "Class methods" do - - context ".mstime_malloc" do - it "should load the mstime_malloc javascript" do - js = Rex::Exploitation::JavascriptExploitation.mstime_malloc - js.should =~ /function mstime_malloc/ - end - end - - context ".property_spray" do - it "should load the property_spray javascript" do - js = Rex::Exploitation::JavascriptExploitation.property_spray - js.should =~ /function sprayHeap/ - end - end - - context ".heap_spray" do - it "should load the heap_spray javascript" do - js = Rex::Exploitation::JavascriptExploitation.heap_spray - js.should =~ /function sprayHeap/ - end - end - - end - -end \ No newline at end of file diff --git a/spec/lib/rex/exploitation/javascriptnetwork_spec.rb b/spec/lib/rex/exploitation/javascriptnetwork_spec.rb deleted file mode 100644 index 7b3bd5e9af..0000000000 --- a/spec/lib/rex/exploitation/javascriptnetwork_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'rex/exploitation/javascriptnetwork' - -describe Rex::Exploitation::JavascriptNetwork do - - context "Class methods" do - - context ".ajax_download" do - it "should load the ajax_download javascript" do - js = Rex::Exploitation::JavascriptNetwork.ajax_download - js.should =~ /function ajax_download/ - end - end - - end - -end \ No newline at end of file diff --git a/spec/lib/rex/exploitation/javascriptosdetect_spec.rb b/spec/lib/rex/exploitation/javascriptosdetect_spec.rb deleted file mode 100644 index cc2cae54d7..0000000000 --- a/spec/lib/rex/exploitation/javascriptosdetect_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'rex/exploitation/javascriptosdetect' - -describe Rex::Exploitation::JavascriptOSDetect do - - context "Class methods" do - - context ".initialize" do - it "should load the OSDetect javascript" do - js = Rex::Exploitation::JavascriptOSDetect.new.to_s - js.should =~ /window\.os_detect/ - end - end - - end - -end \ No newline at end of file diff --git a/spec/lib/rex/exploitation/javascriptutils_spec.rb b/spec/lib/rex/exploitation/javascriptutils_spec.rb deleted file mode 100644 index cc3722ce9b..0000000000 --- a/spec/lib/rex/exploitation/javascriptutils_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'rex/exploitation/javascriptutils' - -describe Rex::Exploitation::JavascriptUtils do - - context "Class methods" do - - context ".base64" do - it "should load the base64 javascript" do - js = Rex::Exploitation::JavascriptUtils.base64 - js.should =~ /encode : function/ - end - end - - end - -end \ No newline at end of file