Pull shared XHR shim out, add option to static Js module method.
* Moves shim to data/js/network/xhr_shim.js * Add some yardoc commentsbug/bundler_fix
parent
094abdd093
commit
c7c1fcfa98
|
@ -7,19 +7,7 @@ function ajax_download(oArg) {
|
|||
if (method == path) { throw "Missing parameter 'path'"; }
|
||||
if (data == undefined) { data = null; }
|
||||
|
||||
if (window.XMLHttpRequest) {
|
||||
xmlHttp = new XMLHttpRequest();
|
||||
}
|
||||
else {
|
||||
var objs = ["Microsoft.XMLHTTP", "Msxml2.XMLHTTP", "Msxml2.XMLHTTP.4.0"];
|
||||
for (var i=0; i < objs.length; i++) {
|
||||
try {
|
||||
xmlHttp = new ActiveXObject(objs[i]);
|
||||
break;
|
||||
}
|
||||
catch (e) {}
|
||||
}
|
||||
}
|
||||
var xmlHttp = new XMLHttpRequest();
|
||||
|
||||
if (xmlHttp.overrideMimeType) {
|
||||
xmlHttp.overrideMimeType("text/plain; charset=x-user-defined");
|
||||
|
|
|
@ -1,18 +1,5 @@
|
|||
function postInfo(path, data) {
|
||||
var xmlHttp = '';
|
||||
if (window.XMLHttpRequest) {
|
||||
xmlHttp = new XMLHttpRequest();
|
||||
}
|
||||
else {
|
||||
var objs = ["Microsoft.XMLHTTP", "Msxml2.XMLHTTP", "Msxml2.XMLHTTP.4.0"];
|
||||
for (var i=0; i < objs.length; i++) {
|
||||
try {
|
||||
xmlHttp = new ActiveXObject(objs[i]);
|
||||
break;
|
||||
}
|
||||
catch (e) {}
|
||||
}
|
||||
}
|
||||
var xmlHttp = new XMLHttpRequest();
|
||||
|
||||
if (xmlHttp.overrideMimeType) {
|
||||
xmlHttp.overrideMimeType("text/plain; charset=x-user-defined");
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
if (!window.XMLHTTPRequest) {
|
||||
var i, ids = ["Microsoft.XMLHTTP", "Msxml2.XMLHTTP", "Msxml2.XMLHTTP.6.0", "Msxml2.XMLHTTP.3.0"];
|
||||
for (i = 0; i < ids.length; i++) {
|
||||
try {
|
||||
new ActiveXObject(ids[i]);
|
||||
window.XMLHttpRequest = function() {
|
||||
return new ActiveXObject(ids[i]);
|
||||
};
|
||||
break;
|
||||
}
|
||||
catch (e) {}
|
||||
}
|
||||
}
|
|
@ -11,27 +11,70 @@ module Js
|
|||
#
|
||||
class Network
|
||||
|
||||
def self.ajax_download
|
||||
# @param [Hash] opts the options hash
|
||||
# @option opts [Boolean] :obfuscate toggles js obfuscation. defaults to true.
|
||||
# @option opts [Boolean] :use_xhr_shim automatically stubs XHR to use ActiveXObject when needed.
|
||||
# defaults to true.
|
||||
# @return [String] javascript code to perform a synchronous ajax request to the remote
|
||||
# and returns the response
|
||||
def self.ajax_download(opts={})
|
||||
should_obfuscate = opts.fetch(:obfuscate, true)
|
||||
js = ::File.read(::File.join(Msf::Config.data_directory, "js", "network", "ajax_download.js"))
|
||||
|
||||
::Rex::Exploitation::ObfuscateJS.new(js,
|
||||
{
|
||||
'Symbols' => {
|
||||
'Variables' => %w{ xmlHttp }
|
||||
}
|
||||
if should_obfuscate
|
||||
js = ::Rex::Exploitation::ObfuscateJS.new(js,
|
||||
{
|
||||
'Symbols' => {
|
||||
'Variables' => %w{ xmlHttp }
|
||||
}
|
||||
}).obfuscate
|
||||
end
|
||||
|
||||
xhr_shim(opts) + js
|
||||
end
|
||||
|
||||
# @param [Hash] opts the options hash
|
||||
# @option opts [Boolean] :obfuscate toggles js obfuscation. defaults to true.
|
||||
# @option opts [Boolean] :use_xhr_shim automatically stubs XHR to use ActiveXObject when needed.
|
||||
# defaults to true.
|
||||
# @return [String] javascript code to perform a synchronous ajax request to the remote with
|
||||
# the data specified
|
||||
def self.ajax_post(opts={})
|
||||
should_obfuscate = opts.fetch(:obfuscate, true)
|
||||
js = :File.read(::File.join(Msf::Config.data_directory, "js", "network", "ajax_post.js"))
|
||||
|
||||
def self.ajax_post
|
||||
js = ::File.read(::File.join(Msf::Config.data_directory, "js", "network", "ajax_post.js"))
|
||||
if should_obfuscate
|
||||
::Rex::Exploitation::ObfuscateJS.new(js,
|
||||
{
|
||||
'Symbols' => {
|
||||
'Variables' => %w{ xmlHttp }
|
||||
}
|
||||
}).obfuscate
|
||||
end
|
||||
|
||||
::Rex::Exploitation::ObfuscateJS.new(js,
|
||||
{
|
||||
'Symbols' => {
|
||||
'Variables' => %w{ xmlHttp }
|
||||
xhr_shim(opts) + js
|
||||
end
|
||||
|
||||
# @param [Hash] opts the options hash
|
||||
# @option opts [Boolean] :obfuscate toggles js obfuscation. defaults to true.
|
||||
# @option opts [Boolean] :use_xhr_shim false causes this method to return ''. defaults to true.
|
||||
# @return [String] javascript code that adds XMLHttpRequest to the global scope if it
|
||||
# does not exist (e.g. on IE6, where you have to use the ActiveXObject constructor)
|
||||
def self.xhr_shim(opts={})
|
||||
return '' unless opts.fetch(:use_xhr_shim, true)
|
||||
|
||||
should_obfuscate = opts.fetch(:obfuscate, true)
|
||||
js = ::File.read(::File.join(Msf::Config.data_directory, "js", "network", "xhr_shim.js"))
|
||||
|
||||
if should_obfuscate
|
||||
::Rex::Exploitation::ObfuscateJS.new(js,
|
||||
{
|
||||
'Symbols' => {
|
||||
'Variables' => %w{ i objs }
|
||||
}
|
||||
}
|
||||
}).obfuscate
|
||||
).obfuscate
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue