Merge pull request #5 from tabassassin/retab/pr/2325

Retab/pr/2325
kernelsmith · Sep 5, 2013 · 6725786 · 6725786
2 parents 50c6f26 + 896bb12
commit 6725786
Show file tree

Hide file tree

Showing 3,153 changed files with 524,447 additions and 524,458 deletions.
diff --git a/data/meterpreter/ext_server_stdapi.py b/data/meterpreter/ext_server_stdapi.py
@@ -303,6 +303,7 @@ def channel_create_stdapi_fs_file(request, response):
 	fmode = packet_get_tlv(request, TLV_TYPE_FILE_MODE)
 	if fmode:
 		fmode = fmode['value']
+		fmode = fmode.replace('bb', 'b')
 	else:
 		fmode = 'rb'
 	file_h = open(fpath, fmode)
@@ -320,6 +321,7 @@ def channel_create_stdapi_net_tcp_client(request, response):
 	connected = False
 	for i in range(retries + 1):
 		sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+		sock.settimeout(3.0)
 		if local_host.get('value') and local_port.get('value'):
 			sock.bind((local_host['value'], local_port['value']))
 		try:
@@ -380,7 +382,7 @@ def stdapi_sys_process_execute(request, response):
 	if len(cmd) == 0:
 		return ERROR_FAILURE, response
 	if os.path.isfile('/bin/sh'):
-		args = ['/bin/sh', '-c', cmd, raw_args]
+		args = ['/bin/sh', '-c', cmd + ' ' + raw_args]
 	else:
 		args = [cmd]
 		args.extend(shlex.split(raw_args))

diff --git a/data/meterpreter/meterpreter.py b/data/meterpreter/meterpreter.py
@@ -404,5 +404,7 @@ def create_response(self, request):
 		return resp
 
 if not hasattr(os, 'fork') or (hasattr(os, 'fork') and os.fork() == 0):
+	if hasattr(os, 'setsid'):
+		os.setsid()
 	met = PythonMeterpreter(s)
 	met.run()
diff --git a/lib/anemone/core.rb b/lib/anemone/core.rb
@@ -298,10 +298,10 @@ def skip_link?(link)
     #
     # Kills all active threads
     #
-	def shutdown
+  def shutdown
       @tentacles.each {|t| t.kill rescue nil }
       @pages = nil
-	end
+  end
 
   end
 end
diff --git a/lib/anemone/extractors/anchors.rb b/lib/anemone/extractors/anchors.rb
@@ -1,7 +1,7 @@
 class Anemone::Extractors::Anchors < Anemone::Extractors::Base
 
-	def run
-		doc.search( '//a[@href]' ).map { |a| a['href'] }
-	end
+  def run
+    doc.search( '//a[@href]' ).map { |a| a['href'] }
+  end
 
 end
diff --git a/lib/anemone/extractors/dirbuster.rb b/lib/anemone/extractors/dirbuster.rb
@@ -1,12 +1,12 @@
 class Anemone::Extractors::Dirbuster < Anemone::Extractors::Base
 
-	def run
-		return [] if page.code.to_i != 200
+  def run
+    return [] if page.code.to_i != 200
 
-		@@dirs ||= nil
+    @@dirs ||= nil
 
-		return @@dirs if @@dirs
-		@@dirs = IO.read( File.dirname( __FILE__ ) + '/dirbuster/directories' ).split( "\n" )
-	end
-	
+    return @@dirs if @@dirs
+    @@dirs = IO.read( File.dirname( __FILE__ ) + '/dirbuster/directories' ).split( "\n" )
+  end
+  
 end
diff --git a/lib/anemone/extractors/forms.rb b/lib/anemone/extractors/forms.rb
@@ -1,7 +1,7 @@
 class Anemone::Extractors::Forms < Anemone::Extractors::Base
 
-	def run
-		doc.search( '//form[@action]' ).map { |a| a['action'] }
-	end
-	
+  def run
+    doc.search( '//form[@action]' ).map { |a| a['action'] }
+  end
+  
 end
diff --git a/lib/anemone/extractors/frames.rb b/lib/anemone/extractors/frames.rb
@@ -1,7 +1,7 @@
 class Anemone::Extractors::Frames < Anemone::Extractors::Base
 
-	def run
-		doc.css( 'frame', 'iframe' ).map { |a| a.attributes['src'].content rescue next }
-	end
+  def run
+    doc.css( 'frame', 'iframe' ).map { |a| a.attributes['src'].content rescue next }
+  end
 
 end
diff --git a/lib/anemone/extractors/generic.rb b/lib/anemone/extractors/generic.rb
@@ -2,49 +2,49 @@
 
 class Anemone::Extractors::Generic < Anemone::Extractors::Base
 
-	def run
-		URI.extract( doc.to_s, %w(http https) ).map do |u|
-			#
-			# This extractor needs to be a tiny bit intelligent because
-			# due to its generic nature it'll inevitably match some garbage.
-			#
-			# For example, if some JS code contains:
-			#
-			#	var = 'http://blah.com?id=1'
-			#
-			# or
-			#
-			#	var = { 'http://blah.com?id=1', 1 }
-			#
-			#
-			# The URI.extract call will match:
-			#
-			#	http://blah.com?id=1'
-			#
-			# and
-			#
-			#	http://blah.com?id=1',
-			#
-			# respectively.
-			#
-			if !includes_quotes?( u )
-				u
-			else
-				if html.include?( "'#{u}" )
-					u.split( '\'' ).first
-				elsif html.include?( "\"#{u}" )
-					u.split( '"' ).first
-				else
-					u
-				end
-			end
-		end
-	rescue
-		[]
-	end
+  def run
+    URI.extract( doc.to_s, %w(http https) ).map do |u|
+      #
+      # This extractor needs to be a tiny bit intelligent because
+      # due to its generic nature it'll inevitably match some garbage.
+      #
+      # For example, if some JS code contains:
+      #
+      #	var = 'http://blah.com?id=1'
+      #
+      # or
+      #
+      #	var = { 'http://blah.com?id=1', 1 }
+      #
+      #
+      # The URI.extract call will match:
+      #
+      #	http://blah.com?id=1'
+      #
+      # and
+      #
+      #	http://blah.com?id=1',
+      #
+      # respectively.
+      #
+      if !includes_quotes?( u )
+        u
+      else
+        if html.include?( "'#{u}" )
+          u.split( '\'' ).first
+        elsif html.include?( "\"#{u}" )
+          u.split( '"' ).first
+        else
+          u
+        end
+      end
+    end
+  rescue
+    []
+  end
 
-	def includes_quotes?( url )
-		url.include?( '\'' ) || url.include?( '"' )
-	end
+  def includes_quotes?( url )
+    url.include?( '\'' ) || url.include?( '"' )
+  end
 
 end
diff --git a/lib/anemone/extractors/links.rb b/lib/anemone/extractors/links.rb
@@ -1,7 +1,7 @@
 class Anemone::Extractors::Links < Anemone::Extractors::Base
 
-	def run
-		doc.search( "//link[@href]" ).map { |a| a['href'] }
-	end
+  def run
+    doc.search( "//link[@href]" ).map { |a| a['href'] }
+  end
 
 end
diff --git a/lib/anemone/extractors/meta_refresh.rb b/lib/anemone/extractors/meta_refresh.rb
@@ -1,24 +1,24 @@
 class Anemone::Extractors::MetaRefresh < Anemone::Extractors::Base
 
-	def run
-		doc.search( "//meta[@http-equiv='refresh']" ).map do |url|
-			begin
-				_, url = url['content'].split( ';', 2 )
-				next if !url
-				unquote( url.split( '=', 2 ).last )
-			rescue
-				next
-			end
-		end
-	rescue
-		nil
-	end
+  def run
+    doc.search( "//meta[@http-equiv='refresh']" ).map do |url|
+      begin
+        _, url = url['content'].split( ';', 2 )
+        next if !url
+        unquote( url.split( '=', 2 ).last )
+      rescue
+        next
+      end
+    end
+  rescue
+    nil
+  end
 
-	def unquote( str )
-		[ '\'', '"' ].each do |q|
-			return str[1...-1] if str.start_with?( q ) && str.end_with?( q )
-		end
-		str
-	end
+  def unquote( str )
+    [ '\'', '"' ].each do |q|
+      return str[1...-1] if str.start_with?( q ) && str.end_with?( q )
+    end
+    str
+  end
 
 end
diff --git a/lib/anemone/extractors/scripts.rb b/lib/anemone/extractors/scripts.rb
@@ -1,7 +1,7 @@
 class Anemone::Extractors::Scripts < Anemone::Extractors::Base
 
-	def run
-		doc.search( '//script[@src]' ).map { |a| a['src'] }
-	end
+  def run
+    doc.search( '//script[@src]' ).map { |a| a['src'] }
+  end
 
 end
diff --git a/lib/anemone/page.rb b/lib/anemone/page.rb
@@ -85,8 +85,8 @@ def self.extractors
     def run_extractors
       return [] if !doc
       self.class.extractors.map do |e|
-	      next if e == Extractors::Dirbuster && !dirbust?
-	      e.new( self ).run rescue next
+        next if e == Extractors::Dirbuster && !dirbust?
+        e.new( self ).run rescue next
       end.flatten.
           compact.map do |p|
               abs = to_absolute( URI( p ) ) rescue next
@@ -186,7 +186,7 @@ def to_absolute(link)
     end
 
     def dirbust?
-	    @dirbust
+      @dirbust
     end
 
     #
@@ -240,7 +240,7 @@ def self.from_hash(hash)
     end
 
     def dup
-	  Marshal.load( Marshal.dump( self ) )
+    Marshal.load( Marshal.dump( self ) )
     end
 
   end

diff --git a/lib/anemone/rex_http.rb b/lib/anemone/rex_http.rb
@@ -51,7 +51,7 @@ def fetch_pages(url, referer = nil, depth = nil)
           )
           # Store the associated raw HTTP request
           page.request = response.request
-		  pages << page
+      pages << page
         end
 
         return pages
@@ -162,11 +162,11 @@ def get_response(url, referer = nil)
         response = nil
         request  = nil
         begin
-			conn     = connection(url)
-			request  = conn.request_raw(opts)
-			response = conn.send_recv(request, @opts[:timeout] || 10 )
-		rescue ::Errno::EPIPE, ::Timeout::Error
-		end
+      conn     = connection(url)
+      request  = conn.request_raw(opts)
+      response = conn.send_recv(request, @opts[:timeout] || 10 )
+    rescue ::Errno::EPIPE, ::Timeout::Error
+    end
 
         finish = Time.now()
 
@@ -180,28 +180,28 @@ def get_response(url, referer = nil)
     end
 
     def connection(url)
-		context =  { }
-		context['Msf']        = @opts[:framework] if @opts[:framework]
-		context['MsfExploit'] = @opts[:module] if @opts[:module]
-
-		conn = Rex::Proto::Http::Client.new(
-			url.host,
-			url.port.to_i,
-			context,
-			url.scheme == "https",
-			'SSLv23',
-			@opts[:proxies],
+    context =  { }
+    context['Msf']        = @opts[:framework] if @opts[:framework]
+    context['MsfExploit'] = @opts[:module] if @opts[:module]
+
+    conn = Rex::Proto::Http::Client.new(
+      url.host,
+      url.port.to_i,
+      context,
+      url.scheme == "https",
+      'SSLv23',
+      @opts[:proxies],
                     @opts[:username],
                     @opts[:password]
-		)
+    )
 
-		conn.set_config(
-			'vhost'      => virtual_host(url),
-			'agent'      => user_agent,
+    conn.set_config(
+      'vhost'      => virtual_host(url),
+      'agent'      => user_agent,
       'domain'     => @opts[:domain]
-		)
+    )
 
-		conn
+    conn
     end
 
     def verbose?