update youtube urls in post exploit module

2017-08-17 16:44:35 -04:00 · 2017-08-17 16:44:35 -04:00 · 9c196041ce
parent 5e0223fce0
commit 9c196041ce
1 changed files with 5 additions and 3 deletions
--- a/modules/post/multi/manage/play_youtube.rb
+++ b/modules/post/multi/manage/play_youtube.rb
@ -28,11 +28,13 @@ class MetasploitModule < Msf::Post
      ])
  end

+  YOUTUBE_BASE_URL = "https://youtube.com/embed/"
+
  #
  # The OSX version uses an apple script to do this
  #
  def osx_start_video(id)
-    url = "https://youtube.googleapis.com/v/#{id}?fs=1&#{PLAY_OPTIONS}"
+    url = "#{YOUTUBE_BASE_URL}#{id}?#{PLAY_OPTIONS}"
    script = ''
    script << %Q|osascript -e 'tell application "Safari" to open location "#{url}"' |
    script << %Q|-e 'activate application "Safari"' |
@ -53,7 +55,7 @@ class MetasploitModule < Msf::Post
  def win_start_video(id)
    iexplore_path = "C:\\Program Files\\Internet Explorer\\iexplore.exe"
    begin
-      session.sys.process.execute(iexplore_path, "-k https://www.youtube.com/embed/#{id}?#{PLAY_OPTIONS}")
+      session.sys.process.execute(iexplore_path, "-k #{YOUTUBE_BASE_URL}#{id}?#{PLAY_OPTIONS}")
    rescue Rex::Post::Meterpreter::RequestError => e
      return false
    end
@ -80,7 +82,7 @@ class MetasploitModule < Msf::Post
      write_file("/tmp/#{profile_name}/prefs.js", s)

      # Start the video
-      url = "https://youtube.googleapis.com/v/#{id}?fs=1&#{PLAY_OPTIONS}"
+      url = "#{YOUTUBE_BASE_URL}#{id}?#{PLAY_OPTIONS}"
      data_js = %Q|"data:text/html,<script>window.open('#{url}','','width:100000px;height:100000px');</script>"|
      joe = "firefox --display :0 -p #{profile_name} #{data_js} &"
      cmd_exec("/bin/sh -c #{joe.shellescape}")