Modified module referencing style for consistency, added some new stuff, started the exploit functionality work.

git-svn-id: file:///home/svn/framework3/trunk@4223 4d416f70-5f16-0410-b530-b9f4589650da

data/msfweb/app/controllers/application.rb

@@ -55,7 +55,7 @@ class ApplicationController < ActionController::Base
   end
   
   # Returns the module by id of specified type.
-  def get_view_for_module(module_type, module_id)
+  def get_view_for_module(module_type, module_refname)
     @tmod = nil
     
     # Get available moduls of specified type
@@ -75,9 +75,9 @@ class ApplicationController < ActionController::Base
     end
     
     # Return the module if found
-	if id
+	if module_refname
 		@mod_list.each do |m|
-			if m.refname.gsub('/', ':') == params[:id]
+			if m.refname.gsub('/', ':') == module_refname
 				@tmod = m
 				break
 			end

data/msfweb/app/controllers/auxiliaries_controller.rb

@@ -10,7 +10,7 @@ class AuxiliariesController < ApplicationController
   end
 
   def view
-    @tmod = get_view_for_module("auxiliary", params[:id])
+    @tmod = get_view_for_module("auxiliary", params[:refname])
 	
 	unless @tmod
 	 render_text "Unknown module specified."

data/msfweb/app/controllers/encoders_controller.rb

@@ -10,7 +10,7 @@ class EncodersController < ApplicationController
   end
 
   def view
-    @tmod = get_view_for_module("encoder", params[:id])
+    @tmod = get_view_for_module("encoder", params[:refname])
 	
 	unless @tmod
 	 render_text "Unknown module specified."

data/msfweb/app/controllers/exploits_controller.rb

@@ -10,7 +10,7 @@ class ExploitsController < ApplicationController
   end
 
   def view
-    @tmod = get_view_for_module("exploit", params[:id])
+    @tmod = get_view_for_module("exploit", params[:refname])
 	
 	unless @tmod
 	 render_text "Unknown module specified."
@@ -18,8 +18,29 @@ class ExploitsController < ApplicationController
   end
 
   def exploit
-  end
-
-  def check
+    # Retrieve object to module with the given refname
+    @tmod     = get_view_for_module("exploit", params[:refname])
+    unless @tmod
+	 render_text "Unknown module specified."
+	end
+	
+	# Get target, using index given in 'target' parameter
+    @target   = @tmod.targets[params[:target].to_i]
+    unless @target
+	 render_text "Unknown target specified."
+	end
+	
+    @cur_step = nil
+    if params[:step]
+      @cur_step = params[:step]
+    end
+    
+    if @cur_step == "config"
+      @payload = get_view_for_module("payload", params[:payload])
+    elsif @cur_step == "ready"
+      @tmod.datastore['TARGET'] = params[:target].to_i
+    else
+      @payloads = @tmod.compatible_payloads
+    end
   end
 end

data/msfweb/app/controllers/nops_controller.rb

@@ -10,7 +10,7 @@ class NopsController < ApplicationController
   end
 
   def view
-    @tmod = get_view_for_module("nop", params[:id])
+    @tmod = get_view_for_module("nop", params[:refname])
 	
 	unless @tmod
 	 render_text "Unknown module specified."

data/msfweb/app/controllers/payloads_controller.rb

@@ -10,7 +10,7 @@ class PayloadsController < ApplicationController
   end
 
   def view
-    @tmod = get_view_for_module("payload", params[:id])
+    @tmod = get_view_for_module("payload", params[:refname])
 	
 	unless @tmod
 	 render_text "Unknown module specified."

data/msfweb/app/views/exploits/check.rhtml

@@ -1,2 +0,0 @@
-<h1>Exploits#check</h1>
-<p>Find me in app/views/exploits/check.rhtml</p>

data/msfweb/app/views/exploits/exploit.rhtml

@@ -1,2 +1,39 @@
-<h1>Exploits#exploit</h1>
-<p>Find me in app/views/exploits/exploit.rhtml</p>
+<table align="center" width="100%" cellspacing="0" cellpadding="3" border="0" class="moduleInfo">
+    
+	<tr width="100%" align="center">
+        <p class="moduleName">
+            Exploit: <%= h(@tmod.name) %> (<%= h(params[:refname].gsub(':', '/')) %>)<br />
+        </p>
+    </tr>
+
+<% if @cur_step == nil %>
+
+    <p>Select payload for <strong><%= h(@target.name) %></strong>:</p>
+
+    <tr>
+        <th class="moduleOptionsHeader">Name</th>
+        <th class="moduleOptionsHeader">Description</th>
+    </tr>
+
+    <% @payloads.each do |p| %>
+    <tr><% o = p[1].new %>
+        <td><%= link_to h(p[0]), :refname => @tmod.refname.gsub('/', ':'), :step => "config",
+        :target => h(params[:target].to_i), :payload => o.refname.gsub('/', ':') %></td>
+        <td><%= h(o.description) %></td>
+    </tr>
+    <% end %>
+    
+<% elsif @cur_step == "config" %>
+
+    <p>Exploit and payload configuration:</p>
+
+    <form action="/exploits/exploit" method="post">
+        <%= hidden_field_tag "refname", h(params[:refname]) %>
+        <%= hidden_field_tag "step", "ready" %>
+        <%= hidden_field_tag "target", h(params[:target]) %>
+        <%= hidden_field_tag "payload", h(params[:payload]) %>
+    </form>
+    
+<% end %>
+
+</table>

data/msfweb/app/views/exploits/view.rhtml

@@ -18,7 +18,9 @@
     <tr width="100%" align="center">
 		<blockquote>
 		  <p class="moduleDescription">
-		      This module (revision <%= h @tmod.version.gsub(/\$Revision:\s+|\s+\$/, '') %>) was provided by <%= h @tmod.author.map{ |a| a.to_s.gsub(/\<.*/, '') }.join(' and ').strip %>, under the <%= @tmod.license %>.
+		      This module (revision <%= h @tmod.version.gsub(/\$Revision:\s+|\s+\$/, '') %>) was
+		      provided by <%= h @tmod.author.map{ |a| a.to_s.gsub(/\<.*/, '') }.join(' and ').strip %>,
+		      under the <%= @tmod.license %>.
 		  </p>
 		</blockquote>   
     </tr>
@@ -49,7 +51,7 @@
 		Available targets:
 		<ul class="moduleTargets">
 			<% @tmod.targets.each_with_index { |tgt, idx| %>
-				<li><a href='#'><%= h(tgt.name) %></a></li>
+				<li><%= link_to h(tgt.name), :action =>  "exploit", :refname => @tmod.refname.gsub('/', ':'), :target => idx %></a></li>
 			<% } %>
 		</ul>
 		

data/msfweb/app/views/payloads/view.rhtml

@@ -70,7 +70,7 @@
 
 <form action="/payloads/view" method="post">
     
-    <%= hidden_field_tag "id", h(params[:id]) %>
+    <%= hidden_field_tag "refname", h(params[:refname]) %>
     <%= hidden_field_tag "step", "1" %>
     <% @tmod.options.each { |name, option|
         next if (option.advanced?)
@@ -116,6 +116,7 @@
                 <option value="c">C</option>
                 <option value="ruby">Ruby</option>
                 <option value="perl">Perl</option>
+                <option value="javascript">Javascript</option>
                 <option value="raw">Raw</option>
             </select>
         </td>
@@ -131,7 +132,7 @@
     <tr>
         <th colspan="2" class="moduleOptionsHeader">
             Payload code
-            (<%= link_to "back", :action => "view", :id => h(params[:id]) %>)
+            (<%= link_to "back", :action => "view", :refname => h(params[:refname]) %>)
         </th>
     </tr>
 

data/msfweb/public/javascripts/application.js

@@ -163,7 +163,7 @@ function create_window_ajax(target_url, wid, wtitle, wwidth, wheight) {
  * Height and width are fixed, should be working values in all cases.
  */
 function openModuleWindow(mtype, refname, wtitle) {
-    var mWin = create_window_ajax("/" + mtype + "/view/" + refname, mtype + "-view-" + obtainWindowId(), wtitle, 500, 500);
+    var mWin = create_window_ajax("/" + mtype + "/view?refname=" + refname, mtype + "-view-" + obtainWindowId(), wtitle, 500, 500);
     mWin.setDestroyOnClose();
     mWin.showCenter();
 }