Browse Source

Remove unsupported msfweb interface. (fixes #503)

* This will significantly decrease the size of the msf install (~5 MB)
* ActiveRecord & ActiveSupport are still used, and have been moved to lib/

git-svn-id: file:///home/svn/framework3/trunk@10682 4d416f70-5f16-0410-b530-b9f4589650
Mike Smith 9 years ago
parent
commit
756e6d2ad8
100 changed files with 0 additions and 2973 deletions
  1. 0
    243
      data/msfweb/README
  2. 0
    10
      data/msfweb/Rakefile
  3. 0
    86
      data/msfweb/app/controllers/application.rb
  4. 0
    85
      data/msfweb/app/controllers/auxiliaries_controller.rb
  5. 0
    109
      data/msfweb/app/controllers/console_controller.rb
  6. 0
    22
      data/msfweb/app/controllers/encoders_controller.rb
  7. 0
    124
      data/msfweb/app/controllers/exploits_controller.rb
  8. 0
    49
      data/msfweb/app/controllers/ide_controller.rb
  9. 0
    10
      data/msfweb/app/controllers/jobs_controller.rb
  10. 0
    47
      data/msfweb/app/controllers/msf_controller.rb
  11. 0
    22
      data/msfweb/app/controllers/nops_controller.rb
  12. 0
    23
      data/msfweb/app/controllers/options_controller.rb
  13. 0
    72
      data/msfweb/app/controllers/payloads_controller.rb
  14. 0
    13
      data/msfweb/app/controllers/sessions_controller.rb
  15. 0
    80
      data/msfweb/app/helpers/application_helper.rb
  16. 0
    2
      data/msfweb/app/helpers/auxiliaries_helper.rb
  17. 0
    2
      data/msfweb/app/helpers/encoders_helper.rb
  18. 0
    2
      data/msfweb/app/helpers/exploits_helper.rb
  19. 0
    2
      data/msfweb/app/helpers/ide_helper.rb
  20. 0
    2
      data/msfweb/app/helpers/jobs_helper.rb
  21. 0
    2
      data/msfweb/app/helpers/msf_helper.rb
  22. 0
    2
      data/msfweb/app/helpers/msfconsole_helper.rb
  23. 0
    2
      data/msfweb/app/helpers/nops_helper.rb
  24. 0
    2
      data/msfweb/app/helpers/payloads_helper.rb
  25. 0
    2
      data/msfweb/app/helpers/sessions_helper.rb
  26. 0
    7
      data/msfweb/app/models/auxiliary.rb
  27. 0
    7
      data/msfweb/app/models/encoder.rb
  28. 0
    7
      data/msfweb/app/models/exploit.rb
  29. 0
    5
      data/msfweb/app/models/job.rb
  30. 0
    7
      data/msfweb/app/models/nop.rb
  31. 0
    12
      data/msfweb/app/models/payload.rb
  32. 0
    5
      data/msfweb/app/models/session.rb
  33. 0
    160
      data/msfweb/app/views/auxiliaries/config.rhtml
  34. 0
    13
      data/msfweb/app/views/auxiliaries/list.rhtml
  35. 0
    2
      data/msfweb/app/views/auxiliaries/run.rhtml
  36. 0
    75
      data/msfweb/app/views/auxiliaries/view.rhtml
  37. 0
    51
      data/msfweb/app/views/console/index.rhtml
  38. 0
    2
      data/msfweb/app/views/encoders/encode.rhtml
  39. 0
    12
      data/msfweb/app/views/encoders/list.rhtml
  40. 0
    46
      data/msfweb/app/views/encoders/view.rhtml
  41. 0
    264
      data/msfweb/app/views/exploits/config.rhtml
  42. 0
    13
      data/msfweb/app/views/exploits/list.rhtml
  43. 0
    70
      data/msfweb/app/views/exploits/view.rhtml
  44. 0
    0
      data/msfweb/app/views/ide/advanced.rhtml
  45. 0
    47
      data/msfweb/app/views/ide/start.rhtml
  46. 0
    98
      data/msfweb/app/views/ide/wizard.rhtml
  47. 0
    13
      data/msfweb/app/views/jobs/list.rhtml
  48. 0
    2
      data/msfweb/app/views/jobs/stop.rhtml
  49. 0
    23
      data/msfweb/app/views/layouts/_menu_bar.rhtml
  50. 0
    27
      data/msfweb/app/views/layouts/msfide.rhtml
  51. 0
    30
      data/msfweb/app/views/layouts/msfweb.rhtml
  52. 0
    22
      data/msfweb/app/views/layouts/windows.rhtml
  53. 0
    0
      data/msfweb/app/views/msf/index.rhtml
  54. 0
    56
      data/msfweb/app/views/msf/search.rhtml
  55. 0
    2
      data/msfweb/app/views/nops/generate.rhtml
  56. 0
    12
      data/msfweb/app/views/nops/list.rhtml
  57. 0
    46
      data/msfweb/app/views/nops/view.rhtml
  58. 0
    45
      data/msfweb/app/views/options/index.rhtml
  59. 0
    2
      data/msfweb/app/views/payloads/generate.rhtml
  60. 0
    13
      data/msfweb/app/views/payloads/list.rhtml
  61. 0
    154
      data/msfweb/app/views/payloads/view.rhtml
  62. 0
    24
      data/msfweb/app/views/sessions/list.rhtml
  63. 0
    110
      data/msfweb/config/boot.rb
  64. 0
    22
      data/msfweb/config/database.yml
  65. 0
    99
      data/msfweb/config/environment.rb
  66. 0
    17
      data/msfweb/config/environments/development.rb
  67. 0
    28
      data/msfweb/config/environments/production.rb
  68. 0
    28
      data/msfweb/config/environments/test.rb
  69. 0
    7
      data/msfweb/config/initializers/backtrace_silencers.rb
  70. 0
    10
      data/msfweb/config/initializers/inflections.rb
  71. 0
    5
      data/msfweb/config/initializers/mime_types.rb
  72. 0
    19
      data/msfweb/config/initializers/new_rails_defaults.rb
  73. 0
    15
      data/msfweb/config/initializers/session_store.rb
  74. 0
    5
      data/msfweb/config/locales/en.yml
  75. 0
    43
      data/msfweb/config/routes.rb
  76. 0
    2
      data/msfweb/doc/README_FOR_APP
  77. 0
    40
      data/msfweb/public/.htaccess
  78. 0
    30
      data/msfweb/public/404.html
  79. 0
    30
      data/msfweb/public/422.html
  80. 0
    30
      data/msfweb/public/500.html
  81. 0
    10
      data/msfweb/public/dispatch.cgi
  82. 0
    24
      data/msfweb/public/dispatch.fcgi
  83. 0
    10
      data/msfweb/public/dispatch.rb
  84. 0
    0
      data/msfweb/public/favicon.ico
  85. BIN
      data/msfweb/public/images/banner.gif
  86. BIN
      data/msfweb/public/images/bomb.png
  87. BIN
      data/msfweb/public/images/bug.png
  88. BIN
      data/msfweb/public/images/bullet_go.png
  89. BIN
      data/msfweb/public/images/bullet_wrench.png
  90. BIN
      data/msfweb/public/images/encoder.png
  91. BIN
      data/msfweb/public/images/help.png
  92. BIN
      data/msfweb/public/images/ide-logo.png
  93. BIN
      data/msfweb/public/images/ide/devil.png
  94. BIN
      data/msfweb/public/images/ide/devil_ne.png
  95. BIN
      data/msfweb/public/images/ide/doomed.png
  96. BIN
      data/msfweb/public/images/ide/doomed_ne.png
  97. BIN
      data/msfweb/public/images/jobs.png
  98. BIN
      data/msfweb/public/images/lightbulb-off.png
  99. BIN
      data/msfweb/public/images/metasploit-graf.jpg
  100. 0
    0
      data/msfweb/public/images/platform-icons/3com.png

+ 0
- 243
data/msfweb/README View File

@@ -1,243 +0,0 @@
1
-== Welcome to Rails
2
-
3
-Rails is a web-application framework that includes everything needed to create 
4
-database-backed web applications according to the Model-View-Control pattern. 
5
-
6
-This pattern splits the view (also called the presentation) into "dumb" templates
7
-that are primarily responsible for inserting pre-built data in between HTML tags.
8
-The model contains the "smart" domain objects (such as Account, Product, Person,
9
-Post) that holds all the business logic and knows how to persist themselves to
10
-a database. The controller handles the incoming requests (such as Save New Account,
11
-Update Product, Show Post) by manipulating the model and directing data to the view.
12
-
13
-In Rails, the model is handled by what's called an object-relational mapping
14
-layer entitled Active Record. This layer allows you to present the data from
15
-database rows as objects and embellish these data objects with business logic
16
-methods. You can read more about Active Record in
17
-link:files/vendor/rails/activerecord/README.html.
18
-
19
-The controller and view are handled by the Action Pack, which handles both
20
-layers by its two parts: Action View and Action Controller. These two layers
21
-are bundled in a single package due to their heavy interdependence. This is
22
-unlike the relationship between the Active Record and Action Pack that is much
23
-more separate. Each of these packages can be used independently outside of
24
-Rails.  You can read more about Action Pack in
25
-link:files/vendor/rails/actionpack/README.html.
26
-
27
-
28
-== Getting Started
29
-
30
-1. At the command prompt, start a new Rails application using the <tt>rails</tt> command
31
-   and your application name. Ex: rails myapp
32
-2. Change directory into myapp and start the web server: <tt>script/server</tt> (run with --help for options)
33
-3. Go to http://localhost:3000/ and get "Welcome aboard: You're riding the Rails!"
34
-4. Follow the guidelines to start developing your application
35
-
36
-
37
-== Web Servers
38
-
39
-By default, Rails will try to use Mongrel if it's are installed when started with script/server, otherwise Rails will use WEBrick, the webserver that ships with Ruby. But you can also use Rails
40
-with a variety of other web servers.
41
-
42
-Mongrel is a Ruby-based webserver with a C component (which requires compilation) that is
43
-suitable for development and deployment of Rails applications. If you have Ruby Gems installed,
44
-getting up and running with mongrel is as easy as: <tt>gem install mongrel</tt>.
45
-More info at: http://mongrel.rubyforge.org
46
-
47
-Say other Ruby web servers like Thin and Ebb or regular web servers like Apache or LiteSpeed or
48
-Lighttpd or IIS. The Ruby web servers are run through Rack and the latter can either be setup to use
49
-FCGI or proxy to a pack of Mongrels/Thin/Ebb servers.
50
-
51
-== Apache .htaccess example for FCGI/CGI
52
-
53
-# General Apache options
54
-AddHandler fastcgi-script .fcgi
55
-AddHandler cgi-script .cgi
56
-Options +FollowSymLinks +ExecCGI
57
-
58
-# If you don't want Rails to look in certain directories,
59
-# use the following rewrite rules so that Apache won't rewrite certain requests
60
-# 
61
-# Example:
62
-#   RewriteCond %{REQUEST_URI} ^/notrails.*
63
-#   RewriteRule .* - [L]
64
-
65
-# Redirect all requests not available on the filesystem to Rails
66
-# By default the cgi dispatcher is used which is very slow
67
-# 
68
-# For better performance replace the dispatcher with the fastcgi one
69
-#
70
-# Example:
71
-#   RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
72
-RewriteEngine On
73
-
74
-# If your Rails application is accessed via an Alias directive,
75
-# then you MUST also set the RewriteBase in this htaccess file.
76
-#
77
-# Example:
78
-#   Alias /myrailsapp /path/to/myrailsapp/public
79
-#   RewriteBase /myrailsapp
80
-
81
-RewriteRule ^$ index.html [QSA]
82
-RewriteRule ^([^.]+)$ $1.html [QSA]
83
-RewriteCond %{REQUEST_FILENAME} !-f
84
-RewriteRule ^(.*)$ dispatch.cgi [QSA,L]
85
-
86
-# In case Rails experiences terminal errors
87
-# Instead of displaying this message you can supply a file here which will be rendered instead
88
-# 
89
-# Example:
90
-#   ErrorDocument 500 /500.html
91
-
92
-ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"
93
-
94
-
95
-== Debugging Rails
96
-
97
-Sometimes your application goes wrong.  Fortunately there are a lot of tools that
98
-will help you debug it and get it back on the rails.
99
-
100
-First area to check is the application log files.  Have "tail -f" commands running
101
-on the server.log and development.log. Rails will automatically display debugging
102
-and runtime information to these files. Debugging info will also be shown in the
103
-browser on requests from 127.0.0.1.
104
-
105
-You can also log your own messages directly into the log file from your code using
106
-the Ruby logger class from inside your controllers. Example:
107
-
108
-  class WeblogController < ActionController::Base
109
-    def destroy
110
-      @weblog = Weblog.find(params[:id])
111
-      @weblog.destroy
112
-      logger.info("#{Time.now} Destroyed Weblog ID ##{@weblog.id}!")
113
-    end
114
-  end
115
-
116
-The result will be a message in your log file along the lines of:
117
-
118
-  Mon Oct 08 14:22:29 +1000 2007 Destroyed Weblog ID #1
119
-
120
-More information on how to use the logger is at http://www.ruby-doc.org/core/
121
-
122
-Also, Ruby documentation can be found at http://www.ruby-lang.org/ including:
123
-
124
-* The Learning Ruby (Pickaxe) Book: http://www.ruby-doc.org/docs/ProgrammingRuby/
125
-* Learn to Program: http://pine.fm/LearnToProgram/  (a beginners guide)
126
-
127
-These two online (and free) books will bring you up to speed on the Ruby language
128
-and also on programming in general.
129
-
130
-
131
-== Debugger
132
-
133
-Debugger support is available through the debugger command when you start your Mongrel or
134
-Webrick server with --debugger. This means that you can break out of execution at any point
135
-in the code, investigate and change the model, AND then resume execution! 
136
-You need to install ruby-debug to run the server in debugging mode. With gems, use 'gem install ruby-debug'
137
-Example:
138
-
139
-  class WeblogController < ActionController::Base
140
-    def index
141
-      @posts = Post.find(:all)
142
-      debugger
143
-    end
144
-  end
145
-
146
-So the controller will accept the action, run the first line, then present you
147
-with a IRB prompt in the server window. Here you can do things like:
148
-
149
-  >> @posts.inspect
150
-  => "[#<Post:0x14a6be8 @attributes={\"title\"=>nil, \"body\"=>nil, \"id\"=>\"1\"}>,
151
-       #<Post:0x14a6620 @attributes={\"title\"=>\"Rails you know!\", \"body\"=>\"Only ten..\", \"id\"=>\"2\"}>]"
152
-  >> @posts.first.title = "hello from a debugger"
153
-  => "hello from a debugger"
154
-
155
-...and even better is that you can examine how your runtime objects actually work:
156
-
157
-  >> f = @posts.first
158
-  => #<Post:0x13630c4 @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>
159
-  >> f.
160
-  Display all 152 possibilities? (y or n)
161
-
162
-Finally, when you're ready to resume execution, you enter "cont"
163
-
164
-
165
-== Console
166
-
167
-You can interact with the domain model by starting the console through <tt>script/console</tt>.
168
-Here you'll have all parts of the application configured, just like it is when the
169
-application is running. You can inspect domain models, change values, and save to the
170
-database. Starting the script without arguments will launch it in the development environment.
171
-Passing an argument will specify a different environment, like <tt>script/console production</tt>.
172
-
173
-To reload your controllers and models after launching the console run <tt>reload!</tt>
174
-
175
-== dbconsole
176
-
177
-You can go to the command line of your database directly through <tt>script/dbconsole</tt>.
178
-You would be connected to the database with the credentials defined in database.yml.
179
-Starting the script without arguments will connect you to the development database. Passing an
180
-argument will connect you to a different database, like <tt>script/dbconsole production</tt>.
181
-Currently works for mysql, postgresql and sqlite.
182
-
183
-== Description of Contents
184
-
185
-app
186
-  Holds all the code that's specific to this particular application.
187
-
188
-app/controllers
189
-  Holds controllers that should be named like weblogs_controller.rb for
190
-  automated URL mapping. All controllers should descend from ApplicationController
191
-  which itself descends from ActionController::Base.
192
-
193
-app/models
194
-  Holds models that should be named like post.rb.
195
-  Most models will descend from ActiveRecord::Base.
196
-
197
-app/views
198
-  Holds the template files for the view that should be named like
199
-  weblogs/index.html.erb for the WeblogsController#index action. All views use eRuby
200
-  syntax.
201
-
202
-app/views/layouts
203
-  Holds the template files for layouts to be used with views. This models the common
204
-  header/footer method of wrapping views. In your views, define a layout using the
205
-  <tt>layout :default</tt> and create a file named default.html.erb. Inside default.html.erb,
206
-  call <% yield %> to render the view using this layout.
207
-
208
-app/helpers
209
-  Holds view helpers that should be named like weblogs_helper.rb. These are generated
210
-  for you automatically when using script/generate for controllers. Helpers can be used to
211
-  wrap functionality for your views into methods.
212
-
213
-config
214
-  Configuration files for the Rails environment, the routing map, the database, and other dependencies.
215
-
216
-db
217
-  Contains the database schema in schema.rb.  db/migrate contains all
218
-  the sequence of Migrations for your schema.
219
-
220
-doc
221
-  This directory is where your application documentation will be stored when generated
222
-  using <tt>rake doc:app</tt>
223
-
224
-lib
225
-  Application specific libraries. Basically, any kind of custom code that doesn't
226
-  belong under controllers, models, or helpers. This directory is in the load path.
227
-
228
-public
229
-  The directory available for the web server. Contains subdirectories for images, stylesheets,
230
-  and javascripts. Also contains the dispatchers and the default HTML files. This should be
231
-  set as the DOCUMENT_ROOT of your web server.
232
-
233
-script
234
-  Helper scripts for automation and generation.
235
-
236
-test
237
-  Unit and functional tests along with fixtures. When using the script/generate scripts, template
238
-  test files will be generated for you and placed in this directory.
239
-
240
-vendor
241
-  External libraries that the application depends on. Also includes the plugins subdirectory.
242
-  If the app has frozen rails, those gems also go here, under vendor/rails/.
243
-  This directory is in the load path.

+ 0
- 10
data/msfweb/Rakefile View File

@@ -1,10 +0,0 @@
1
-# Add your own tasks in files placed in lib/tasks ending in .rake,
2
-# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
3
-
4
-require(File.join(File.dirname(__FILE__), 'config', 'boot'))
5
-
6
-require 'rake'
7
-require 'rake/testtask'
8
-require 'rake/rdoctask'
9
-
10
-require 'tasks/rails'

+ 0
- 86
data/msfweb/app/controllers/application.rb View File

@@ -1,86 +0,0 @@
1
-# Author: HDM <hdm@metasploit.com> and LMH <lmh@info-pull.com>
2
-# Description: Helper methods for the controllers, including search and other
3
-# functionality.
4
-
5
-# Filters added to this controller will be run for all controllers in the application.
6
-# Likewise, all the methods added will be available for all controllers.
7
-class ApplicationController < ActionController::Base
8
-
9
-  # Search functionality for modules
10
-  def search_modules(mlist, terms)
11
-    res = {}
12
-    
13
-    unless terms
14
-      return nil
15
-    end
16
-    
17
-    terms.strip! 
18
-    
19
-    # Match search terms
20
-    mlist.each do |m|
21
-	  
22
-      if (terms.length == 0)
23
-        res[m.refname]=m
24
-        next
25
-      end
26
-	
27
-      terms.split(/,/).each do |term|
28
-			
29
-		# handle a search string, search deep
30
-		if(
31
-			m.name.downcase.index(term) or
32
-			m.description.downcase.index(term) or
33
-			m.refname.downcase.index(term) or
34
-			m.references.to_s.downcase.index(term) or
35
-			m.author.to_s.downcase.index(term)
36
-		)
37
-          res[m.refname]=m
38
-          break
39
-        end
40
-        
41
-      end 
42
-    end
43
-	
44
-    # Sort the modules by name
45
-    list = []
46
-    res.keys.sort{|a,b| res[a].name <=> res[b].name }.each do |n|
47
-      list << res[n]
48
-    end
49
-      
50
-    list
51
-  end
52
-  
53
-  # Returns the module by id of specified type.
54
-  def get_view_for_module(module_type, module_refname)
55
-    @tmod = nil
56
-    
57
-    # Get available moduls of specified type
58
-    case module_type
59
-      when "exploit"
60
-        @mod_list = Exploit.find_all()
61
-      when "auxiliary"
62
-        @mod_list = Auxiliary.find_all()
63
-      when "payload"
64
-        @mod_list = Payload.find_all()
65
-      when "nop"
66
-        @mod_list = Nop.find_all()
67
-      when "encoder"
68
-        @mod_list = Encoder.find_all()
69
-      else
70
-        return @tmod
71
-    end
72
-    
73
-    # Return the module if found
74
-	if module_refname
75
-		@mod_list.each do |m|
76
-			if m.refname.gsub('/', ':') == module_refname
77
-				@tmod = m
78
-				break
79
-			end
80
-		end
81
-	end
82
-	
83
-	return @tmod
84
-  end
85
-
86
-end

+ 0
- 85
data/msfweb/app/controllers/auxiliaries_controller.rb View File

@@ -1,85 +0,0 @@
1
-#
2
-# Original version is Copyright (c) 2006 LMH <lmh[at]info-pull.com>
3
-# Added to Metasploit under the terms of the Metasploit Framework License v1.2
4
-#
5
-# Description: The auxiliary controller of msfweb v.3. Handles views, listing
6
-# and other actions related to auxiliary modules. Code and processing goes here.
7
-# Instance variables, final values, etc, go into views.
8
-
9
-class AuxiliariesController < ApplicationController
10
-  layout 'windows'
11
-    
12
-def list
13
-end
14
-
15
-def view
16
-	@tmod = get_view_for_module("auxiliary", params[:refname])
17
-	
18
-	unless @tmod
19
-	 render_text "Unknown module specified."
20
-	end
21
-end
22
-
23
-def config
24
-	# Retrieve object to module with the given refname
25
-	@tmod     = get_view_for_module("auxiliary", params[:refname])
26
-	unless @tmod
27
-		render_text "Unknown module specified."
28
-	end
29
-
30
-	if (@tmod.actions.length > 0)
31
-		@act = @tmod.actions[params[:act].to_i]
32
-		unless @act
33
-			render_text "Unknown action specified."
34
-		end
35
-	end	
36
-	
37
-	@cur_step = nil
38
-	if params[:step]
39
-		@cur_step = params[:step]
40
-	end
41
-
42
-	if @cur_step == "run"
43
-		
44
-		# Always show the option page after an exploit is launched
45
-		@cur_step = "config"
46
-		
47
-		# Create a new console driver instance
48
-		@cid = $msfweb.create_console()
49
-		@con = $msfweb.consoles[@cid]
50
-
51
-		# Use the selected module
52
-		@con.execute("use auxiliary/#{@tmod.refname}")
53
-
54
-		@aux = @con.active_module
55
-		
56
-		if (@act)
57
-			@aux.datastore['ACTION']  = @act.name
58
-		end
59
-
60
-		# Configure the selected options
61
-		params.each_key do |k|
62
-			aopt = k.to_s.match(/^aopt_/) ? true : false
63
-			name = k.to_s.gsub(/^.opt_/, '')
64
-
65
-			if (aopt)
66
-				if (params[k] and params[k].to_s.length > 0)
67
-					@aux.datastore[name] = params[k].to_s
68
-				end
69
-			end
70
-		end
71
-		
72
-		begin
73
-			@aux.options.validate(@aux.datastore)
74
-			@con.write("run\n")
75
-			@aux_console = @cid
76
-		rescue ::Exception => e
77
-			$msfweb.destroy_console(@cid)
78
-			@aux_error = e.to_s
79
-		end	
80
-	end
81
-	
82
-
83
-end
84
-
85
-end

+ 0
- 109
data/msfweb/app/controllers/console_controller.rb View File

@@ -1,109 +0,0 @@
1
-#
2
-# Author: Metasploit LLC
3
-# Description: The AJAX console controller of msfweb
4
-#
5
-class ConsoleController < ApplicationController
6
-
7
-	#
8
-	# Show the working shell and related facilities.
9
-	#
10
-	def index
11
-
12
-		cid = params[:id]
13
-
14
-		if (not (cid and $msfweb.consoles[cid]))
15
-			cid = $msfweb.create_console
16
-			
17
-			if (params[:sid])
18
-				$msfweb.consoles[cid].write("sessions -i #{params[:sid]}\n")
19
-				$msfweb.consoles[cid].write("\n\n")
20
-			end
21
-			
22
-			redirect_to :id => cid
23
-			return
24
-		end
25
-
26
-
27
-		script = "// Metasploit Web Console Data\n"
28
-		out    = ""
29
-		
30
-		@cid = params[:id]
31
-		@console = $msfweb.consoles[@cid]
32
-
33
-
34
-		if(params[:cmd])
35
-			@console.write(params[:cmd] + "\n")
36
-		end
37
-
38
-		if(params[:read])
39
-			out = @console.read() || ''
40
-		end
41
-
42
-		
43
-		if(params[:special])
44
-			case params[:special]
45
-			when 'kill'
46
-				@console.session_kill
47
-			when 'detach'		
48
-				@console.session_detach	
49
-			end
50
-		end
51
-		
52
-		if(params[:tab])
53
-			opts = []
54
-			cmdl = params[:tab]
55
-			out  = ""
56
-
57
-			if (not @console.busy and params[:tab].strip.length > 0)
58
-				opts = @console.tab_complete(params[:tab]) || []
59
-			end
60
-
61
-			if (opts.length == 1)
62
-				cmdl = opts[0]
63
-			else
64
-				if (opts.length == 0)
65
-					# aint got nothin
66
-				else
67
-
68
-					cmd_top = opts[0]
69
-					depth   = 0
70
-
71
-					while (depth < cmd_top.length)
72
-						match = true
73
-						opts.each do |line|
74
-							next if line[depth] == cmd_top[depth]
75
-							match = false
76
-							break
77
-						end
78
-						break if not match
79
-						depth += 1
80
-					end
81
-
82
-					if (depth > 0)
83
-						cmdl = cmd_top[0, depth]
84
-					end
85
-
86
-					out << "\n" + opts.map{ |c| ">> " + c }.join("\n")
87
-				end
88
-			end
89
-
90
-			tln = cmdl.unpack('C*').map{|c| sprintf("%%%.2x", c)}.join
91
-			script += "var con_tabbed = unescape('#{tln}');\n"			
92
-		end
93
-	
94
-		if(params[:read])
95
-		
96
-			out = out.unpack('C*').map{|c| sprintf("%%%.2x", c)}.join
97
-			pro = @console.prompt.unpack('C*').map{|c| sprintf("%%%.2x", c)}.join
98
-			if (@console.busy)
99
-				pro = '(running)'.unpack('C*').map{|c| sprintf("%%%.2x", c)}.join
100
-			end
101
-
102
-			script += "var con_prompt = unescape('#{pro}');\n"
103
-			script += "var con_update = unescape('#{out}');\n"
104
-
105
-			send_data(script, :type => "text/javascript")
106
-		end
107
-	end
108
-
109
-end

+ 0
- 22
data/msfweb/app/controllers/encoders_controller.rb View File

@@ -1,22 +0,0 @@
1
-# Author: LMH <lmh@info-pull.com>
2
-# Description: The encoder controller of msfweb v.3. Handles views, listing
3
-# and other actions related to encoder modules. Code and processing goes here.
4
-# Instance variables, final values, etc, go into views.
5
-
6
-class EncodersController < ApplicationController
7
-  layout 'windows'
8
-    
9
-  def list
10
-  end
11
-
12
-  def view
13
-    @tmod = get_view_for_module("encoder", params[:refname])
14
-	
15
-	unless @tmod
16
-	 render_text "Unknown module specified."
17
-	end
18
-  end
19
-
20
-  def encode
21
-  end
22
-end

+ 0
- 124
data/msfweb/app/controllers/exploits_controller.rb View File

@@ -1,124 +0,0 @@
1
-# Author: LMH <lmh@info-pull.com>
2
-# Description: The exploit controller of msfweb v.3. Handles views, listing
3
-# and other actions related to exploit modules. Code and processing goes here.
4
-# Instance variables, final values, etc, go into views.
5
-
6
-class ExploitsController < ApplicationController
7
-layout 'windows'
8
-
9
-def list
10
-end
11
-
12
-def view
13
-	@tmod = get_view_for_module("exploit", params[:refname])
14
-	
15
-	unless @tmod
16
-	 render_text "Unknown module specified."
17
-	end
18
-end
19
-
20
-def config
21
-	# Retrieve object to module with the given refname
22
-	@tmod     = get_view_for_module("exploit", params[:refname])
23
-	unless @tmod
24
-		render_text "Unknown module specified."
25
-	end
26
-	
27
-	# Get target, using index given in 'target' parameter
28
-	@target   = @tmod.targets[params[:target].to_i]
29
-	unless @target
30
-		render_text "Unknown target specified."
31
-	end
32
-	
33
-	@tmod.datastore['TARGET'] = params[:target].to_i
34
-	
35
-	@cur_step = nil
36
-	if params[:step]
37
-		@cur_step = params[:step]
38
-	end
39
-	
40
-	
41
-	if (params[:payload])
42
-	
43
-		if (params[:payload] =~ /^\d+$/ )
44
-			@payload_ref = @tmod.compatible_payloads[params[:payload].to_i]
45
-		else
46
-			@tmod.compatible_payloads.each_with_index do |ref, i|
47
-
48
-				if(ref[0] == params[:payload])
49
-					@payload_ref = ref
50
-				end
51
-			end
52
-		end
53
-	end
54
-
55
-
56
-	if @cur_step == "exploit"
57
-		
58
-		# Always show the option page after an exploit is launched
59
-		@cur_step = "config"
60
-		
61
-		unless @payload_ref
62
-			render_text "Unknown payload specified or not supported."
63
-		end
64
-		
65
-		@payload_name, @payload_class  = @payload_ref
66
-		@payload_inst = @payload_class.new 
67
-
68
-		# Create a new console driver instance
69
-		@cid = $msfweb.create_console()
70
-		@con = $msfweb.consoles[@cid]
71
-
72
-		# Use the selected module
73
-		@con.execute("use exploit/#{@tmod.refname}")
74
-
75
-		# Configure the target and payload	
76
-		@exploit = @con.active_module
77
-		@exploit.datastore['PAYLOAD'] = @payload_name
78
-		@exploit.datastore['TARGET']  = params[:target].to_i
79
-
80
-		# Configure the selected options
81
-		params.each_key do |k|
82
-			eopt = k.to_s.match(/^eopt_/) ? true : false
83
-			popt = k.to_s.match(/^popt_/) ? true : false
84
-			name = k.to_s.gsub(/^.opt_/, '')
85
-
86
-			if (eopt or popt)
87
-				if (params[k] and params[k].to_s.length > 0)
88
-					@exploit.datastore[name] = params[k].to_s
89
-				end
90
-			end
91
-		end
92
-
93
-		# Validate the exploit and payload options
94
-		@payload_inst.share_datastore(@exploit.datastore)
95
-		
96
-		begin
97
-			@exploit.options.validate(@exploit.datastore)
98
-			@payload_inst.options.validate(@payload_inst.datastore)
99
-			@con.write("exploit\n")
100
-			@exploit_console = @cid
101
-		rescue ::Exception => e
102
-			$msfweb.destroy_console(@cid)
103
-			@exploit_error = e.to_s
104
-		end	
105
-	end
106
-	
107
-	
108
-	if @cur_step == "config"
109
-		
110
-		unless @payload_ref
111
-			render_text "Unknown payload specified or not supported."
112
-		end
113
-		
114
-		@payload_name, @payload_class = @payload_ref
115
-		@payload_inst = @payload_class.new 
116
-		
117
-	else
118
-		@payloads = @tmod.compatible_payloads
119
-	end
120
-	
121
-end
122
-
123
-
124
-end

+ 0
- 49
data/msfweb/app/controllers/ide_controller.rb View File

@@ -1,49 +0,0 @@
1
-# Author: LMH <lmh@info-pull.com>
2
-# Description: The IDE controller of msfweb v.3. Handles views, processing,
3
-# help and all actions related to the msfweb IDE for exploit development.
4
-# Now Metasploit has a multi-platform IDE. Find bug. Click. Profit. (tm)
5
-
6
-class IdeController < ApplicationController
7
-  layout 'msfide'
8
-
9
-  def index
10
-    redirect_to :action => "start"
11
-  end
12
-
13
-  def start
14
-  end
15
-
16
-  def advanced
17
-  end
18
-  
19
-  def wizard
20
-    if params[:exploit]
21
-      @the_exploit = session[:exploit] = params[:exploit]
22
-      @step = @the_exploit["step"].to_i
23
-    elsif @step.nil?
24
-      redirect_to :action => start
25
-    end
26
-    
27
-    flash[:error] = ""
28
-  end
29
-
30
-  def dump_current()
31
-    unless params[:format]
32
-      render_text "Missing format parameter."
33
-      return false
34
-    end
35
-
36
-    unless session[:exploit]
37
-      render_text "Missing exploit data."
38
-      return false
39
-    end
40
-
41
-    case params[:format]
42
-      when "yaml"
43
-        send_data YAML.dump(session[:exploit]), :type => "text/plain"
44
-      else
45
-        render_text "Missing format parameter."
46
-        return false
47
-    end
48
-  end
49
-end

+ 0
- 10
data/msfweb/app/controllers/jobs_controller.rb View File

@@ -1,10 +0,0 @@
1
-class JobsController < ApplicationController
2
-  layout 'windows'
3
-  
4
-  def list
5
-    @jobs = Job.find_all()
6
-  end
7
-
8
-  def stop
9
-  end
10
-end

+ 0
- 47
data/msfweb/app/controllers/msf_controller.rb View File

@@ -1,47 +0,0 @@
1
-#
2
-# Original version is Copyright (c) 2006 LMH <lmh[at]info-pull.com>
3
-# Added to Metasploit under the terms of the Metasploit Framework License v1.2
4
-# Additions Copyright (C) 2006-2007 Metasploit LLC
5
-#
6
-# Description: The main controller of msfweb v.3
7
-#
8
-
9
-class MsfController < ApplicationController
10
-  layout 'msfweb', :except => 'search'
11
-  
12
-  def index
13
-  end
14
-  
15
-  # Generic search function as suggested by HDM
16
-  def search
17
-    if params[:module_type]
18
-      @module_type = params[:module_type]
19
-      if params[:clean_list] and params[:clean_list].to_i == 1
20
-        @clean_list = true
21
-      else
22
-        @clean_list = false
23
-      end
24
-      if params[:terms]
25
-        case @module_type
26
-          when 'exploits'
27
-	       @results = search_modules(Exploit.find_all(), params[:terms])
28
-	      when 'auxiliaries'
29
-	       @results = search_modules(Auxiliary.find_all(), params[:terms])
30
-	      when 'payloads'
31
-	       @results = search_modules(Payload.find_all(), params[:terms])
32
-	      when 'nops'
33
-	       @results = search_modules(Nop.find_all(), params[:terms])
34
-	      when 'encoders'
35
-	       @results = search_modules(Encoder.find_all(), params[:terms])
36
-	      else
37
-	       render_text "Module type unknown."
38
-	    end
39
-	  else
40
-	   render_text "No search terms provided."
41
-	  end
42
-	else
43
-	 render_text "Module type not specified."
44
-	end
45
-  end
46
-
47
-end

+ 0
- 22
data/msfweb/app/controllers/nops_controller.rb View File

@@ -1,22 +0,0 @@
1
-# Author: LMH <lmh@info-pull.com>
2
-# Description: The nop controller of msfweb v.3. Handles views, listing
3
-# and other actions related to nop modules. Code and processing goes here.
4
-# Instance variables, final values, etc, go into views.
5
-
6
-class NopsController < ApplicationController
7
-  layout 'windows'
8
-
9
-  def list
10
-  end
11
-
12
-  def view
13
-    @tmod = get_view_for_module("nop", params[:refname])
14
-	
15
-	unless @tmod
16
-	 render_text "Unknown module specified."
17
-	end
18
-  end
19
-
20
-  def generate
21
-  end
22
-end

+ 0
- 23
data/msfweb/app/controllers/options_controller.rb View File

@@ -1,23 +0,0 @@
1
-#
2
-# Original version is Copyright (c) 2007 Mike Whitehead <mwhite22[at]caledonian.ac.uk>
3
-# Added to Metasploit under the terms of the Metasploit Framework License v1.2
4
-#
5
-# Description: MSFWeb Options controller (Skinning, etc)
6
-#
7
-
8
-class OptionsController < ApplicationController
9
-	layout 'windows'
10
-
11
-	def index
12
-		@force_reload = false
13
-		
14
-		p params
15
-		p cookies
16
-		
17
-		if (params[:style])
18
-			cookies[:style] = params[:style]
19
-			@force_reload = true
20
-		end
21
-	end
22
-end
23
-

+ 0
- 72
data/msfweb/app/controllers/payloads_controller.rb View File

@@ -1,72 +0,0 @@
1
-# Author: LMH <lmh@info-pull.com>
2
-# Description: The payload controller of msfweb v.3. Handles views, listing
3
-# and other actions related to payload modules. Code and processing goes here.
4
-# Instance variables, final values, etc, go into views.
5
-
6
-class PayloadsController < ApplicationController
7
-  layout 'windows'
8
-      
9
-  def list
10
-  end
11
-
12
-  def view
13
-    @tmod = get_view_for_module("payload", params[:refname])
14
-	
15
-	unless @tmod
16
-		render_text "Unknown module specified."
17
-	end
18
-
19
-	# Catch non-standard payloads
20
-	begin
21
-		@tmod.generate
22
-	rescue => e
23
-		render_text "This interface does not support generic payloads."
24
-	end
25
-
26
-    @module_step = (params[:step] || 0).to_i
27
-	
28
-	if @module_step == 1
29
-	  modinst = Payload.create(@tmod.refname)
30
-      badchars = params[:badchars]
31
-      pencoder = params[:encoder]
32
-      pformat  = params[:format]
33
-      max_size = (params[:max_size] || 0).to_i
34
-      payload_opts = ''
35
-      
36
-      params.each_pair { |k, v|
37
-        next if (v == nil or v.length == 0)
38
-        if (k =~ /^opt_(.*)$/)
39
-          payload_opts += "#{$1}=#{v} "
40
-        end
41
-      }
42
-	  
43
-	  
44
-	  badchars_buff = ""
45
-	  badchars.split(/,|\s+/).each do |c|
46
-		c.strip!
47
-		next if c.length == 0
48
-		if(c =~ /^0x/)
49
-			badchars_buff << c.hex.chr
50
-		else
51
-			badchars_buff << c.to_i.chr
52
-		end
53
-	  end
54
-	  
55
-      begin
56
-        @generation = modinst.generate_simple(
57
-          'Encoder'   => (pencoder == '__default') ? nil : pencoder,
58
-          'BadChars'  => badchars_buff,
59
-          'Format'    => pformat || 'c',
60
-          'OptionStr' => payload_opts,
61
-          'MaxSize'   => (max_size == 0) ? nil : max_size)
62
-      rescue
63
-        @generation = $!
64
-      end
65
-	end
66
-  # end of view method
67
-  end
68
-
69
-  def generate
70
-  end
71
-  
72
-end

+ 0
- 13
data/msfweb/app/controllers/sessions_controller.rb View File

@@ -1,13 +0,0 @@
1
-#
2
-# Author: Metasploit LLC
3
-# Description: The AJAX console controller of msfweb
4
-#
5
-
6
-class SessionsController < ApplicationController
7
-	layout 'windows'
8
-
9
-	def list
10
-		@sessions = Session.find_all()
11
-	end
12
-end
13
-

+ 0
- 80
data/msfweb/app/helpers/application_helper.rb View File

@@ -1,80 +0,0 @@
1
-# Copyright (c) 2006 L.M.H <lmh@info-pull.com>
2
-# All Rights Reserved.
3
-
4
-# Methods added to this helper will be available to all templates in the application.
5
-module ApplicationHelper
6
-
7
-  # Returns a hash with ruby version, platform and Metasploit version.
8
-  def return_env_info()
9
-    ret = {}
10
-    ret[:platform] = RUBY_PLATFORM
11
-    ret[:rubyver]  = RUBY_VERSION
12
-    ret[:msfver]   = Msf::Framework::Version
13
-    return ret
14
-  end
15
-  
16
-  # Return the JavaScript code necessary for "supporting" :hover pseudo-class
17
-  # in MSIE (ex. used in the top menu bar).
18
-  def msie_hover_fix(css_class_name)
19
-    return "onmouseover=\"this.className='#{css_class_name}'\" onmouseout=\"this.className=''\""
20
-  end
21
-  
22
-  # Adapted from old msfweb code, returns HTML necessary for displaying icons
23
-  # associated with a specific module.
24
-  # Added missing platform icons (HPUX, Irix, etc).
25
-  def module_platform_icons(platform)
26
-    return "" if (platform.nil?)
27
-    
28
-    # If this module has no platforms, then we don't show any icons...
29
-    return "" if (platform.empty?)
30
-
31
-    # Otherwise, get the platform specific information...
32
-    html = ""
33
-    [
34
-      [ Msf::Module::Platform::Windows, "windows.png", "win32"   ],
35
-      [ Msf::Module::Platform::Linux,   "linux.png",   "linux"   ],
36
-      [ Msf::Module::Platform::Solaris, "sun.png",     "solaris" ],
37
-      [ Msf::Module::Platform::OSX,     "apple.png",   "osx"     ],
38
-      [ Msf::Module::Platform::BSD,     "bsd.gif",     "bsd"     ],
39
-      [ Msf::Module::Platform::BSDi,    "bsd.gif",     "bsdi"    ],
40
-      [ Msf::Module::Platform::HPUX,    "hp.png",      "hpux"    ],
41
-      [ Msf::Module::Platform::Irix,    "sgi.png",     "irix"    ],
42
-      [ Msf::Module::Platform::Unix,    "unix.png",    "unix"    ]
43
-    ].each do |plat|
44
-      if (platform.supports?(Msf::Module::PlatformList.new(plat[0])) == true)
45
-        html += "<img src=\"/images/platform-icons/#{plat[1]}\" alt=\"#{plat[2]}\"/>"
46
-      end
47
-    end
48
-    
49
-    return html
50
-  end
51
-  
52
-  # Returns a hash suitable for use with select method (FormHelper stuff) of
53
-  # the available platforms.
54
-  def return_selectable_platforms()
55
-    all_platforms = Msf::Module::Platform::find_children
56
-    select_list   = {}
57
-    all_platforms.each do |p|
58
-      select_list[p.realname] = p
59
-    end
60
-    return select_list
61
-  end
62
-  
63
-  # Returns an array suitable for use with select method (FormHelper stuff) of
64
-  # the supported architectures.
65
-  def return_selectable_architectures()
66
-    return ARCH_ALL
67
-  end
68
-
69
-  # Returns an array suitable for the select form option helper,
70
-  # of the available exploit mixins. thanks skape for the new method.
71
-  def return_selectable_exploit_mixins()
72
-    Msf::Exploit::mixins
73
-  end
74
-
75
-  # Returns an array suitable for the select form option helper,
76
-  # of the available module licenses.
77
-  def return_selectable_licenses()
78
-    LICENSES
79
-  end
80
-end

+ 0
- 2
data/msfweb/app/helpers/auxiliaries_helper.rb View File

@@ -1,2 +0,0 @@
1
-module AuxiliariesHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/encoders_helper.rb View File

@@ -1,2 +0,0 @@
1
-module EncodersHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/exploits_helper.rb View File

@@ -1,2 +0,0 @@
1
-module ExploitsHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/ide_helper.rb View File

@@ -1,2 +0,0 @@
1
-module IdeHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/jobs_helper.rb View File

@@ -1,2 +0,0 @@
1
-module JobsHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/msf_helper.rb View File

@@ -1,2 +0,0 @@
1
-module MsfHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/msfconsole_helper.rb View File

@@ -1,2 +0,0 @@
1
-module MsfconsoleHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/nops_helper.rb View File

@@ -1,2 +0,0 @@
1
-module NopsHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/payloads_helper.rb View File

@@ -1,2 +0,0 @@
1
-module PayloadsHelper
2
-end

+ 0
- 2
data/msfweb/app/helpers/sessions_helper.rb View File

@@ -1,2 +0,0 @@
1
-module SessionsHelper
2
-end

+ 0
- 7
data/msfweb/app/models/auxiliary.rb View File

@@ -1,7 +0,0 @@
1
-class Auxiliary
2
-	def self.find_all()
3
-		mods = []
4
-		$msframework.auxiliary.each_module { |n,m| mods << m.new }
5
-		mods
6
-	end
7
-end

+ 0
- 7
data/msfweb/app/models/encoder.rb View File

@@ -1,7 +0,0 @@
1
-class Encoder
2
-	def self.find_all()
3
-		mods = []
4
-		$msframework.encoders.each_module { |n,m| mods << m.new }
5
-		mods
6
-	end
7
-end

+ 0
- 7
data/msfweb/app/models/exploit.rb View File

@@ -1,7 +0,0 @@
1
-class Exploit
2
-	def self.find_all()
3
-		mods = []
4
-		$msframework.exploits.each_module { |n,m| mods << $msframework.exploits.create(n) }
5
-		mods
6
-	end
7
-end

+ 0
- 5
data/msfweb/app/models/job.rb View File

@@ -1,5 +0,0 @@
1
-class Job
2
-  	def self.find_all()
3
-		$msframework.jobs
4
-	end
5
-end

+ 0
- 7
data/msfweb/app/models/nop.rb View File

@@ -1,7 +0,0 @@
1
-class Nop
2
-	def self.find_all()
3
-		mods = []
4
-		$msframework.nops.each_module { |n,m| mods << m.new }
5
-		mods
6
-	end
7
-end

+ 0
- 12
data/msfweb/app/models/payload.rb View File

@@ -1,12 +0,0 @@
1
-class Payload
2
-	def self.find_all()
3
-		mods = []
4
-		$msframework.payloads.each_module { |n,m| mods << m.new }
5
-		mods
6
-	end
7
-	
8
-	def self.create(refname)
9
-	    modinst = $msframework.payloads.create(refname)
10
-        modinst
11
-	end
12
-end

+ 0
- 5
data/msfweb/app/models/session.rb View File

@@ -1,5 +0,0 @@
1
-class Session
2
-  	def self.find_all()
3
-		$msframework.sessions
4
-	end
5
-end

+ 0
- 160
data/msfweb/app/views/auxiliaries/config.rhtml View File

@@ -1,160 +0,0 @@
1
-<%
2
-	def draw_option(name, opt)
3
-
4
-		defval =  h(opt.default || '') 
5
-		
6
-		if (params[name.to_sym])
7
-			defval = params[name.to_sym].to_s
8
-		end
9
-		
10
-		case opt.class.to_s
11
-		when 'Msf::OptEnum'
12
-			ret = '<select name="' + name + '">' + "\n"
13
-
14
-			opt.enums.sort.each do |val|
15
-				sel = (val == defval) ? 'SELECTED' : ''
16
-				ret << '<option value="' + val + '"' + " #{sel}>" + h(val) + "</option>\n"
17
-			end
18
-			
19
-			ret << "</select>\n"
20
-			
21
-			ret
22
-		else
23
-			'<input type="text" name="' + name + '" value="' + defval + '" />'
24
-		end
25
-	end
26
-
27
-
28
-%>
29
- 
30
-<table width="100%" align="center" cellspacing="0" cellpadding="3" border="0">
31
-    <tr>
32
-        <td width="100%" class="EAconf_moduleName" colspan="2">
33
-            <%= h(@tmod.name) %> <br />
34
-	</td>
35
-    </tr>
36
-    <tr>
37
-        <td height="10">
38
-        </td>
39
-    </tr>
40
-
41
-<% if @aux_error %>
42
-
43
-    <tr>
44
-        <td width="100%" class="moduleError" colspan="2">
45
-            Validation Error: <%= h(@aux_error) %><br />
46
-        </td>
47
-    </tr>
48
-
49
-<% end %>
50
-
51
-
52
-<% if @aux_console %>
53
-
54
-    <tr>
55
-        <td width="100%" class="moduleError" colspan="2">
56
-            Auxiliary launched. If the auxiliary console window does not appear, please click
57
-			<a href="#" onclick="window.parent.openConsoleWindowExploit(<%= @aux_console %>);">here</a>.
58
-        </td>
59
-    </tr>
60
-
61
-<% end %>
62
-    <p>Please enter all of the required options and press 'Launch Auxiliary' to continue.</p>
63
-    
64
-    <tr>
65
-        <th colspan="2" class="moduleOptionsHeader">
66
-            CURRENT CONFIGURATION -
67
-            <%= link_to "change action", :action => "view", :refname => h(params[:refname]) %>
68
-        </th>
69
-    </tr>
70
-	<tr>
71
-        <td class="opt_name">AUXILIARY</td>
72
-        <td><%= @tmod.refname %></td>
73
-    </tr>
74
-	
75
-    <tr>
76
-        <td class="opt_name">ACTION</td>
77
-        <td><%= h(@act ? @act.name : 'Default Action') %></td>
78
-    </tr>
79
-	
80
-    <tr>
81
-        <th colspan="2" class="moduleOptionsHeader">STANDARD OPTIONS</th>
82
-    </tr>
83
-    
84
-    <form action="/auxiliaries/config" method="post">
85
-        <%= hidden_field_tag "refname", h(params[:refname]) %>
86
-        <%= hidden_field_tag "step", "run" %>
87
-        <%= hidden_field_tag "act", h(params[:act]) %>
88
-    
89
-    <% @tmod.options.sort.each { |name, option|
90
-        next if (option.advanced?)
91
-        next if (option.evasion?) %>
92
-        <tr>
93
-            <td class="opt_name"><%= name %></td>
94
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
95
-        </tr>
96
-        <tr>
97
-            <td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
98
-            <td>
99
-				<%= draw_option('aopt_'+h(name), option) %>
100
-            </td>
101
-        </tr>
102
-    <% } %>
103
- 
104
-    <tr>
105
-        <th colspan="2"><br/><%= submit_tag "Launch Auxiliary" %><br/></th>
106
-    </tr>
107
-
108
-    <tr>
109
-        <th colspan="2" class="moduleOptionsHeader">ADVANCED OPTIONS</th>
110
-    </tr> 
111
-	
112
-    <% @tmod.options.sort.each { |name, option|
113
-        next if not option.advanced? %>
114
-        <tr>
115
-            <td class="opt_name"><%= name %></td>
116
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
117
-        </tr>
118
-        <tr>
119
-            <td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
120
-            <td>
121
-                <%= draw_option('aopt_'+h(name), option) %>
122
-            </td>
123
-        </tr>
124
-    <% } %>
125
-
126
-    <tr>
127
-        <th colspan="2"><br/><%= submit_tag "Launch Auxiliary" %><br/></th>
128
-    </tr>
129
-
130
-    <tr>
131
-        <th colspan="2" class="moduleOptionsHeader">EVASION OPTIONS</th>
132
-    </tr>
133
-	
134
-    <% @tmod.options.sort.each { |name, option|
135
-        next if not option.evasion? %>
136
-        <tr>
137
-            <td class="opt_name"><%= name %></td>
138
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
139
-        </tr>
140
-        <tr>
141
-            <td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
142
-            <td>
143
-                <%= draw_option('aopt_'+h(name), option) %>
144
-            </td>
145
-        </tr>
146
-    <% } %>
147
-    
148
-	<tr>
149
-        <th colspan="2"><br/><%= submit_tag "Launch Auxiliary" %><br/></th>
150
-    </tr>
151
-				  
152
-    </form>
153
-
154
-	<% if @aux_console %>
155
-	<script>
156
-		window.parent.openConsoleWindowExploit(<%= @aux_console %>);
157
-	</script>
158
-	<% end %>
159
-
160
-</table>

+ 0
- 13
data/msfweb/app/views/auxiliaries/list.rhtml View File

@@ -1,13 +0,0 @@
1
-    <div id="module-search-box">
2
-		
3
-        <span>Search</span>
4
-        <input id="module_search" name="terms" type="text" size="55" value=""/>
5
-		<img alt="Spinner" id="search_spinner" src="/images/spinner.gif" style="display: none;" />
6
-    </div>
7
-    <div id="search_results">
8
-    </div>
9
-    
10
-    <script type="text/javascript">
11
-		document.getElementById('module_search').focus();
12
-        generic_live_search('module_search', 'auxiliaries', 'search_spinner', 0);
13
-    </script>

+ 0
- 2
data/msfweb/app/views/auxiliaries/run.rhtml View File

@@ -1,2 +0,0 @@
1
-<h1>Auxiliaries#run</h1>
2
-<p>Find me in app/views/auxiliaries/run.rhtml</p>

+ 0
- 75
data/msfweb/app/views/auxiliaries/view.rhtml View File

@@ -1,75 +0,0 @@
1
-<table align="center" cellspacing="0" cellpadding="0" border="0" class="EAview_moduleFull">
2
-    <tr>
3
-        <td width="100%" class="EAview_moduleName">
4
-            <%= h(@tmod.name) %> <br />
5
-	</td>
6
-    </tr>
7
-    <tr>
8
-        <td height="10">
9
-        </td>
10
-    </tr>
11
-    <tr>
12
-        <td width="100%" class="EAview_moduleDescription">
13
-            <%= @tmod.description.split("\n\n").map{ |t| h(t) }.join("<br/><br/>") %>
14
-        </td>
15
-    </tr>
16
-    <tr>
17
-        <td height="10">
18
-        </td>
19
-    </tr>
20
-    <tr>
21
-        <td width="100%" class="EAview_moduleAuthor">
22
-            This module (v<%= h @tmod.version.gsub(/\$Revision:\s+|\s+\$/, '') %>) was
23
-            provided by <%= h @tmod.author.map{ |a| a.to_s.gsub(/\<.*/, '') }.join(' and ').strip %>,
24
-            under the <%= @tmod.license %>. 
25
-        </td>  
26
-    </tr>
27
-    <tr>
28
-        <td height="10">
29
-        </td>
30
-    </tr>
31
-    <tr>
32
-        <td width="100%" class="EAview_moduleTargets_Title">
33
-            Select a target to continue:
34
-        </td>
35
-    </tr>
36
-    <tr>
37
-        <td width="100%" class="EAview_moduleTargets">
38
-            <ul>
39
-		<% if  @tmod.actions.length > 0 %>
40
-			<% p @tmod.actions %>
41
-			<% @tmod.actions.each_with_index { |act, idx| %>
42
-				<li><%= link_to h(act.name), :action => "config", :refname => @tmod.refname.gsub('/', ':'), :act => idx %></a></li>
43
-			<% } %>
44
-		<% else %>
45
-			      <li><%= link_to 'Default Action', :action => "config", :refname => @tmod.refname.gsub('/', ':')%></a></li>
46
-		<% end %>
47
-		</ul>
48
-        </td>
49
-    </tr>	
50
-	    
51
-    <% if (@tmod.references.length > 0) %>
52
-        <tr>
53
-            <td height="10">
54
-            </td>
55
-        </tr>
56
-        <tr>
57
-            <td width="100%" class="EAview_moduleReferences_Title">
58
-                External references:
59
-            </td>
60
-        </tr>
61
-        <tr>
62
-            <td width="100%" class="EAview_moduleReferences">
63
-                <ul>
64
-                    <% @tmod.references.each { |ref| %>
65
-                        <% if (ref.kind_of?(Msf::Module::SiteReference)) %>
66
-                            <li><a href="<%= ref.site %>" target="_blank"><%= h(ref.to_s) %></a></li>
67
-                        <% else %>
68
-                            <li><%= h(ref.to_s) %></li>
69
-                        <% end %>
70
-                    <% } %>
71
-                </ul>
72
-            </td>
73
-        </tr>
74
-    <% end %>
75
-</table>

+ 0
- 51
data/msfweb/app/views/console/index.rhtml View File

@@ -1,51 +0,0 @@
1
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="eng">
4
-
5
-    <head>
6
-        <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
7
-        <meta name="Author" content="LMH (lmh@info-pull.com)" />
8
-        <meta name="Copyright" content="(c) 2006, LMH (lmh@info-pull.com)" />
9
-        <title>Metasploit Console</title>
10
-        <% ["prototype","effects","controls","window","application","console","cookiecheck"].each do |js| %>
11
-        <%= javascript_include_tag js %><% end %>
12
-        <script>document.writeln('<link rel="stylesheet" type="text/css" href="' + consoleStyle +'">');</script>
13
-    </head>
14
-
15
-    <body onload="console_init(<%=params[:id]%>)">
16
-
17
-        <div id="console_window">
18
-
19
-            <div id="console_output">
20
-				Welcome to the Metasploit Web Console!
21
-				<br/><br/>
22
-            </div>
23
-
24
-			<table id="console_command_bar" border=0 padding=4 cellspacing=0 width='100%'>
25
-			<tr>
26
-			<td 
27
-				nowrap='true'
28
-				valign='top'
29
-				id="console_prompt"
30
-			>
31
-				<%=h @console.prompt %>
32
-			</td>
33
-			<td nowrap='true' width='100%'>
34
-            
35
-			<textarea 
36
-				id="console_input" 
37
-				class="input" 
38
-				wrap="off" 
39
-				onkeydown="return console_keydown(event)"
40
-				onkeypress="return console_keypress(event)"
41
-				rows="1"
42
-			></textarea>
43
-			
44
-			</td>
45
-			</tr>
46
-			</table>
47
-        </div>
48
-		
49
-    </body>
50
-</html>
51
-

+ 0
- 2
data/msfweb/app/views/encoders/encode.rhtml View File

@@ -1,2 +0,0 @@
1
-<h1>Encoders#encode</h1>
2
-<p>Find me in app/views/encoders/encode.rhtml</p>

+ 0
- 12
data/msfweb/app/views/encoders/list.rhtml View File

@@ -1,12 +0,0 @@
1
-    <div id="module-search-box">
2
-		
3
-        <span>Search</span>
4
-        <input id="module_search" name="terms" type="text" size="55" value=""/>
5
-		<img alt="Spinner" id="search_spinner" src="/images/spinner.gif" style="display: none;" />
6
-        <div id="search_results"></div>
7
-    </div>
8
-    
9
-    <script type="text/javascript">
10
-		document.getElementById('module_search').focus();
11
-        generic_live_search('module_search', 'encoders', 'search_spinner', 0);
12
-    </script>

+ 0
- 46
data/msfweb/app/views/encoders/view.rhtml View File

@@ -1,46 +0,0 @@
1
-<table align="center" width="100%" cellspacing="0" cellpadding="15" border="0">
2
-    
3
-	<tr width="100%" align="center">
4
-        <p class="moduleName">
5
-            <%= h(@tmod.name) %> <br />
6
-        </p>
7
-    </tr>
8
-	
9
-    <tr width="100%" align="center">
10
-		<blockquote>
11
-		  <p class="moduleDescription">
12
-		      <%= h(@tmod.description) %>
13
-		  </p>
14
-		</blockquote>   
15
-    </tr>
16
-
17
-	
18
-    <tr width="100%" align="center">
19
-		<blockquote>
20
-		  <p class="moduleDescription">
21
-		      This module (revision <%= h @tmod.version.gsub(/\$Revision:\s+|\s+\$/, '') %>) was provided by <%= h @tmod.author.map{ |a| a.to_s.gsub(/\<.*/, '') }.join(' and ').strip %>, under the <%= @tmod.license %>.
22
-		  </p>
23
-		</blockquote>   
24
-    </tr>
25
-    
26
-	<% if (@tmod.references.length > 0) %>
27
-    <tr width="100%" align="center">
28
-		<blockquote>
29
-		<p class="moduleDescription">
30
-		External references:
31
-		<ul class="moduleReferences">
32
-			<% @tmod.references.each { |ref| %>
33
-					<% if (ref.kind_of?(Msf::Module::SiteReference)) %>
34
-					<li><a href="<%= ref.site %>" target="_blank">
35
-					<%= h(ref.to_s) %></a></li>
36
-			<% 	else %>
37
-					<li><%= h(ref.to_s) %></li>
38
-			<% 	end %>
39
-			<% } %>
40
-		</ul>
41
-		</p>
42
-		</blockquote>   
43
-    </tr>
44
-	<% end %>
45
-
46
-</table>

+ 0
- 264
data/msfweb/app/views/exploits/config.rhtml View File

@@ -1,264 +0,0 @@
1
-<%
2
-	def draw_option(name, opt)
3
-
4
-		defval =  h(opt.default || '') 
5
-		
6
-		if (params[name.to_sym])
7
-			defval = params[name.to_sym].to_s
8
-		end
9
-		
10
-		case opt.class.to_s
11
-		when 'Msf::OptEnum'
12
-			ret = '<select name="' + h(name) + '">' + "\n"
13
-
14
-			opt.enums.sort.each do |val|
15
-				sel = (val == defval) ? 'SELECTED' : ''
16
-				ret << '<option value="' + h(val) + '"' + " #{sel}>" + h(val) + "</option>\n"
17
-			end
18
-			
19
-			ret << "</select>\n"
20
-			
21
-			ret
22
-		else
23
-			'<input type="text" name="' + h(name) + '" value="' + defval + '" />'
24
-		end
25
-	end
26
-
27
-
28
-%>
29
-
30
-<table align="center" cellspacing="0" cellpadding="3" width="100%" class="EAconf_moduleFull">
31
-    <tr>
32
-        <td width="100%" class="EAconf_moduleName" colspan="2">
33
-            <%= h(@tmod.name) %> <br />
34
-	</td>
35
-    </tr>
36
-    <tr>
37
-        <td height="10" colspan="2">
38
-        </td>
39
-    </tr>
40
-    <tr>
41
-        <td width="100%" colspan="2">
42
-            <p>Select payload for target <strong><%= h(@target.name) %></strong>:</p>
43
-        </td>
44
-    </tr>
45
-    <tr>
46
-        <td height="10" colspan="2">
47
-        </td>
48
-    </tr>
49
-
50
-<% if @exploit_error %>
51
-
52
-    <tr>
53
-        <td width="100%" class="moduleError" colspan="2">
54
-            Validation Error: <%= h(@exploit_error) %><br />
55
-        </td>
56
-    </tr>
57
-
58
-
59
-<% end %>
60
-
61
-
62
-<% if @exploit_console %>
63
-
64
-    <tr>
65
-        <td width="100%" class="moduleError" colspan="2">
66
-            Exploit launched. If the exploit console window does not appear, please click
67
-			<a href="#" onclick="javascript:window.parent.openConsoleWindowExploit(<%= @exploit_console %>);">here</a>.
68
-        </td>
69
-    </tr>
70
-
71
-<% end %>
72
-
73
-<% if @cur_step == nil %>
74
-
75
-    <tr>
76
-        <th colspan="2" class="moduleOptionsHeader">
77
-            CURRENT CONFIGURATION - <%= link_to "change target", :action => "view", :refname => h(params[:refname]) %>
78
-        </th>
79
-    </tr>
80
-
81
-    <tr>
82
-        <td class="opt_name">EXPLOIT</td>
83
-        <td><%= @tmod.refname %></td>
84
-    </tr>
85
-
86
-    <tr>
87
-        <td class="opt_name">TARGET</td>
88
-        <td><%= @target.name %></td>
89
-    </tr>
90
-
91
-    <tr>
92
-        <th class="moduleOptionsHeader">Name</th>
93
-        <th class="moduleOptionsHeader">Description</th>
94
-    </tr>
95
-
96
-	<% 
97
-		rcol_a = 'item_row_col_a' 
98
-		rcol_b = 'item_row_col_b'
99
-		rcol   = rcol_b
100
-	%>
101
-	
102
-    <% @payloads.each_with_index do |p, idx| %>
103
-    <tr class='<%=h rcol = (rcol == rcol_a) ? rcol_b : rcol_a %>'>
104
-        <% o = p[1].new %>
105
-        <td><%= link_to h(p[0]), :refname => @tmod.refname.gsub('/', ':'), :step => "config",
106
-        :target => h(params[:target].to_i), :payload => idx %></td>
107
-        <td><%= h(o.description) %></td>
108
-    </tr>
109
-    <% end %>
110
-    
111
-<% elsif @cur_step == "config" %>
112
-
113
-    <p>Please enter all of the required options and press 'Launch Exploit' to continue.</p>
114
-    
115
-    <tr>
116
-        <th colspan="2" class="moduleOptionsHeader">
117
-            CURRENT CONFIGURATION -
118
-            <%= link_to "change payload", :action => "config", :refname => h(params[:refname]) %>
119
-        </th>
120
-    </tr>
121
-    <tr>
122
-        <td class="opt_name">EXPLOIT</td>
123
-        <td><%= h @tmod.refname %></td>
124
-    </tr>
125
-
126
-    <tr>
127
-        <td class="opt_name">TARGET</td>
128
-        <td><%= h @target.name %></td>
129
-    </tr>
130
-	    
131
-	<tr>
132
-        <td class="opt_name">PAYLOAD</td>
133
-        <td><%= h @payload_name %></td>
134
-    </tr>
135
-	
136
-    <tr>
137
-        <th colspan="2" class="moduleOptionsHeader">STANDARD OPTIONS</th>
138
-    </tr>
139
-    
140
-    <form action="/exploits/config" method="post">
141
-        <%= hidden_field_tag "refname", h(params[:refname]) %>
142
-        <%= hidden_field_tag "step", "exploit" %>
143
-        <%= hidden_field_tag "target", h(params[:target]) %>
144
-        <%= hidden_field_tag "payload", h(params[:payload]) %>
145
-    
146
-    <% @tmod.options.sort.each { |name, option|
147
-        next if (option.advanced?)
148
-        next if (option.evasion?) %>
149
-        <tr>
150
-            <td class="opt_name"><%= h name %></td>
151
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
152
-        </tr>
153
-        <tr>
154
-            <td><%= h option.desc %> (type: <%= h option.type %>)</td>
155
-            <td>
156
-				<%= draw_option('eopt_'+h(name), option) %>
157
-            </td>
158
-        </tr>
159
-    <% } %>
160
-    <% @payload_inst.options.sort.each { |name, option|
161
-        next if (option.advanced?)
162
-        next if (option.evasion?) %>
163
-        <tr>
164
-            <td class="opt_name"><%= h name %></td>
165
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
166
-        </tr>
167
-        <tr>
168
-            <td><%= h option.desc %> (type: <%= h option.type %>)</td>
169
-            <td>
170
-                <%= draw_option('popt_'+h(name), option) %>
171
-            </td>
172
-        </tr>
173
-    <% } %>
174
- 
175
-    <tr>
176
-        <th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
177
-    </tr>
178
-
179
-    <tr>
180
-        <th colspan="2" class="moduleOptionsHeader">ADVANCED OPTIONS</th>
181
-    </tr> 
182
-	
183
-    <% @tmod.options.sort.each { |name, option|
184
-        next if not option.advanced? %>
185
-        <tr>
186
-            <td class="opt_name"><%= h name %></td>
187
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
188
-        </tr>
189
-        <tr>
190
-            <td><%= h option.desc %> (type: <%= h option.type %>)</td>
191
-            <td>
192
-                <%= draw_option('eopt_'+h(name), option) %>
193
-            </td>
194
-        </tr>
195
-    <% } %>
196
-    <% @payload_inst.options.sort.each { |name, option|
197
-        next if not option.advanced? %>
198
-        <tr>
199
-            <td class="opt_name"><%= h name %></td>
200
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
201
-        </tr>
202
-        <tr>
203
-            <td><%= h option.desc %> (type: <%= h option.type %>)</td>
204
-            <td>
205
-                <%= draw_option('popt_'+h(name), option) %>
206
-            </td>
207
-        </tr>
208
-    <% } %> 
209
-
210
-    <tr>
211
-        <th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
212
-    </tr>
213
-
214
-    <tr>
215
-        <th colspan="2" class="moduleOptionsHeader">EVASION OPTIONS</th>
216
-    </tr>
217
-	
218
-    <% @tmod.options.sort.each { |name, option|
219
-        next if not option.evasion? %>
220
-        <tr>
221
-            <td class="opt_name"><%= name %></td>
222
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
223
-        </tr>
224
-        <tr>
225
-            <td><%= h option.desc %> (type: <%= h option.type %>)</td>
226
-            <td>
227
-                <%= draw_option('eopt_'+h(name), option) %>
228
-            </td>
229
-        </tr>
230
-    <% } %>
231
-    <% @payload_inst.options.sort.each { |name, option|
232
-        next if not option.evasion? %>
233
-        <tr>
234
-            <td class="opt_name"><%= h name %></td>
235
-            <td class="opt_required"><%= (option.required?) ? "Required" : "" %></td>
236
-        </tr>
237
-        <tr>
238
-            <td><%= html_escape(option.desc) %> (type: <%= option.type %>)</td>
239
-            <td>
240
-                <%= draw_option('popt_'+h(name), option) %>
241
-            </td>
242
-        </tr>
243
-    <% } %> 
244
-    
245
-	<tr>
246
-        <th colspan="2"><br/><%= submit_tag "Launch Exploit" %><br/></th>
247
-    </tr>
248
-				  
249
-    </form>
250
-
251
-	<% if @exploit_console %>
252
-	<script>
253
- 		<% if params[:consoleOpen] and params[:consoleOpen] == "direct" %>
254
- 			window.location="/console/index/<%= @exploit_console %>"
255
- 		<% else %>
256
- 			window.parent.openConsoleWindowExploit(<%= @exploit_console %>);
257
- 		<% end %>
258
-	</script>
259
-	<% end %>
260
-
261
-<% end %>
262
-
263
-</table>
264
-

+ 0
- 13
data/msfweb/app/views/exploits/list.rhtml View File

@@ -1,13 +0,0 @@
1
-    <div id="module-search-box">
2
-        <span>Search</span>
3
-        <input id="module_search" name="terms" type="text" size="50" value=""/>
4
-		<img alt="Spinner" id="search_spinner" src="/images/spinner.gif" style="display: none;" />
5
-        
6
-    </div>
7
-    <div id="search_results">
8
-    </div>
9
-    
10
-    <script type="text/javascript">
11
-		document.getElementById('module_search').focus();
12
-        generic_live_search('module_search', 'exploits', 'search_spinner', 0);
13
-    </script>

+ 0
- 70
data/msfweb/app/views/exploits/view.rhtml View File

@@ -1,70 +0,0 @@
1
-<table align="center" cellspacing="0" cellpadding="0" border="0" class="EAview_moduleFull">
2
-    <tr>
3
-        <td width="100%" class="EAview_moduleName">
4
-            <%= h(@tmod.name) %> <br />
5
-	</td>
6
-    </tr>
7
-    <tr>
8
-        <td height="10">
9
-        </td>
10
-    </tr>
11
-    <tr>
12
-        <td width="100%" class="EAview_moduleDescription">
13
-            <%= @tmod.description.split("\n\n").map{ |t| h(t) }.join("<br/><br/>") %>
14
-        </td>
15
-    </tr>
16
-    <tr>
17
-        <td height="10">
18
-        </td>
19
-    </tr>
20
-    <tr>
21
-        <td width="100%" class="EAview_moduleAuthor">
22
-            This module (v<%= h @tmod.version.gsub(/\$Revision:\s+|\s+\$/, '') %>) was
23
-            provided by <%= h @tmod.author.map{ |a| a.to_s.gsub(/\<.*/, '') }.join(' and ').strip %>,
24
-            under the <%= @tmod.license %>. 
25
-        </td>  
26
-    </tr>
27
-    <tr>
28
-        <td height="10">
29
-        </td>
30
-    </tr>
31
-    <tr>
32
-        <td width="100%" class="EAview_moduleTargets_Title">
33
-            Select a target to continue:
34
-        </td>
35
-    </tr>
36
-    <tr>
37
-        <td width="100%" class="EAview_moduleTargets">
38
-            <ul>
39
-                <% @tmod.targets.each_with_index { |tgt, idx| %>
40
-                    <li><%= link_to h(tgt.name), :action =>  "config", :refname => @tmod.refname.gsub('/', ':'), :target => idx %></a></li>
41
-                <% } %>
42
-            </ul>
43
-        </td>
44
-    </tr>
45
-
46
-    <% if (@tmod.references.length > 0) %>
47
-        <tr>
48
-            <td height="10">
49
-            </td>
50
-        </tr>
51
-        <tr>
52
-            <td width="100%" class="EAview_moduleReferences_Title">
53
-                External references:
54
-            </td>
55
-        </tr>
56
-        <tr>
57
-            <td width="100%">
58
-                <ul class="EAview_moduleReferences">
59
-                    <% @tmod.references.each { |ref| %>
60
-                        <% if (ref.kind_of?(Msf::Module::SiteReference)) %>
61
-                            <li><a href="<%= ref.site %>" target="_blank"><%= h(ref.to_s) %></a></li>
62
-                        <% else %>
63
-                            <li><%= h(ref.to_s) %></li>
64
-                        <% end %>
65
-                    <% } %>
66
-                </ul>
67
-            </td>
68
-        </tr>
69
-    <% end %>
70
-</table>

+ 0
- 0
data/msfweb/app/views/ide/advanced.rhtml View File


+ 0
- 47
data/msfweb/app/views/ide/start.rhtml View File

@@ -1,47 +0,0 @@
1
-<div id="ide-start" class="wizard_page">
2
-    <p class="motto">Find bug. Click. Profit.</p>
3
-
4
-    <table width="100%" align="center">
5
-        <tr width="100%" align="center">
6
-            <td>
7
-                <a href="#"
8
-                   onclick="new Effect.Appear('edit_new'); new Effect.Fade('create_new');"
9
-                   onmouseout="document.getElementById('devil').src = '/images/ide/devil.png';"
10
-                   onmouseover="document.getElementById('devil').src = '/images/ide/devil_ne.png';">
11
-                    <img src="/images/ide/devil.png" alt="" id="devil" /> <br />
12
-                    <strong>edit existent<s/trong>
13
-                </a>
14
-            </td>
15
-            <td>
16
-                <a href="#"
17
-                   onclick="new Effect.Appear('create_new'); new Effect.Fade('edit_new');"
18
-                   onmouseout="document.getElementById('doomed').src = '/images/ide/doomed.png';"
19
-                   onmouseover="document.getElementById('doomed').src = '/images/ide/doomed_ne.png';">
20
-                    <img src="/images/ide/doomed.png" alt="" id="doomed" /> <br />
21
-                    <strong>new exploit</strong>
22
-                </a>
23
-            </td>
24
-        </tr>
25
-    </table>
26
-
27
-    <div id="edit_new" style="display: none;">
28
-        <p>Editing an existing exploit...</p>
29
-        <div id="module_search_box">
30
-            Type in name or keyword:&nbsp;
31
-            <input id="exploit_search" name="terms" type="text" size="40" value="Edit me"/>
32
-            <div id="search_results"></div>
33
-        </div>
34
-        <a href="#" onclick="new Effect.Fade('edit_new')"><strong>hide</strong></a>
35
-        <script type="text/javascript">
36
-            generic_live_search('exploit_search', 'exploits', 'spinner', 1);
37
-        </script>
38
-    </div>
39
-    <div id="create_new" style="display: none;">
40
-        <p>Select the exploit type from the options below:</p>
41
-        <%= start_form_tag :action => "wizard" %>
42
-            <%= hidden_field "exploit", "step", :value => 1 %>
43
-            <%= select ("exploit", "mixin", return_selectable_exploit_mixins()) %>
44
-            <%= submit_tag "Next" %>
45
-        <%= end_form_tag %>
46
-    </div>
47
-</div>

+ 0
- 98
data/msfweb/app/views/ide/wizard.rhtml View File

@@ -1,98 +0,0 @@
1
-<div class="wizard_page">
2
-    <% if flash[:error] and flash[:error].length > 0 %>
3
-    <p class="error">
4
-    <%= flash[:error] %>
5
-    </p>
6
-    <% end %>
7
-
8
-<% if @step == 1 %>
9
-    <h3>Step 1: Generic information</h3>
10
-    <p>
11
-    </p>
12
-    <table width="100%">
13
-    <%= start_form_tag %>
14
-        <%= hidden_field "exploit", "step", :value => 2 %>
15
-        <tr>
16
-            <td>Name:</td>
17
-            <td><%= text_field "exploit", "name" %></td>
18
-        </tr>
19
-        <tr>
20
-            <td>Title:</td>
21
-            <td><%= text_field "exploit", "title" %></td>
22
-        </tr>
23
-        <tr>
24
-            <td>Description:</td>
25
-            <td><%= text_area "exploit", "description", :cols => 40, :rows => 5 %></td>
26
-        </tr>
27
-        <tr>
28
-            <td>Authors:</td>
29
-            <td><%= text_area "exploit", "authors", :cols => 40, :rows => 5 %></td>
30
-        </tr>
31
-        <tr>
32
-            <td>References:</td>
33
-            <td><%= text_area "exploit", "references", :cols => 40, :rows => 5 %></td>
34
-        </tr>
35
-        <tr>
36
-            <td>License:</td>
37
-            <td><%= select ("exploit", "license", return_selectable_licenses()) %></td>
38
-        </tr>
39
-        <tr>
40
-            <td colspan="2"><%= submit_tag "Next" %></td>
41
-        </tr>
42
-    <%= end_form_tag %>
43
-    </table>
44
-<% elsif @step == 2 %>
45
-    <h3>Step 2: Configure payload</h3>
46
-    <p>
47
-    </p>
48
-    <table width="100%">
49
-    <%= start_form_tag %>
50
-        <%= hidden_field "exploit", "step", :value => 3 %>
51
-        <tr>
52
-            <td>Space for payload:</td>
53
-            <td><%= text_field "exploit", "payload_space" %></td>
54
-        </tr>
55
-        <tr>
56
-            <td>Bad characters:</td>
57
-            <td><%= text_field "exploit", "payload_badchars" %></td>
58
-        </tr>
59
-        <tr>
60
-            <td>Prepend:</td>
61
-            <td><%= text_field "exploit", "payload_prepend" %></td>
62
-        </tr>
63
-        <tr>
64
-            <td>Append:</td>
65
-            <td><%= text_field "exploit", "payload_append" %></td>
66
-        </tr>
67
-        <tr>
68
-            <td>SaveRegisters:</td>
69
-            <td><%= text_field "exploit", "payload_saveregs" %></td>
70
-        </tr>
71
-        <tr>
72
-            <td>Previous</td>
73
-            <td><%= submit_tag "Next" %></td>
74
-        </tr>
75
-    <%= end_form_tag %>
76
-    </table>
77
-<% elsif @step == 3 %>
78
-    <h3>Step 2: Configure targets</h3>
79
-    <p>
80
-    </p>
81
-    <table width="100%">
82
-    <%= start_form_tag %>
83
-        <%= hidden_field "exploit", "step", :value => 4 %>
84
-        <tr>
85
-            <td>SaveRegisters:</td>
86
-            <td><%= text_field "exploit", "payload_saveregs" %></td>
87
-        </tr>
88
-        <tr>
89
-            <td>Previous</td>
90
-            <td><%= submit_tag "Next" %></td>
91
-        </tr>
92
-    <%= end_form_tag %>
93
-    </table>
94
-<% end %>
95
-    <span class="wizard_subs">
96
-        <%= link_to "Dump current exploit in YAML", :action => "dump_current", :format => "yaml" %>
97
-    </span>
98
-</div>

+ 0
- 13
data/msfweb/app/views/jobs/list.rhtml View File

@@ -1,13 +0,0 @@
1
-<table cellpadding="0" cellspacing="0" border="0">
2
-	<thead>
3
-		<tr>
4
-			<th>ID</th>
5
-			<th>Description</th>
6
-		</tr>
7
-	</thead>
8
-	<tbody>
9
-	    <% @jobs.each_pair do |n,m| %>
10
-		<tr><td><%= n %></td><td><%= m %></td></tr>
11
-		<% end %>
12
-	</tbody>
13
-</table>

+ 0
- 2
data/msfweb/app/views/jobs/stop.rhtml View File

@@ -1,2 +0,0 @@
1
-<h1>Jobs#stop</h1>
2
-<p>Find me in app/views/jobs/stop.rhtml</p>

+ 0
- 23
data/msfweb/app/views/layouts/_menu_bar.rhtml View File

@@ -1,23 +0,0 @@
1
-   <ul>
2
-      <li class="menuButton" onclick="openExploitsWindow()">
3
-         <img src="/images/bug.png" alt="" />Exploits
4
-      </li>
5
-      <li class="menuButton" onclick="openAuxiliariesWindow()">
6
-         <img src="/images/zoom.png" alt="" />Auxiliaries
7
-      </li>
8
-      <li class="menuButton" onclick="openPayloadsWindow()">
9
-         <img src="/images/bomb.png" alt="" />Payloads
10
-      </li>
11
-      <li class="menuButton" onclick="openConsoleWindow()">
12
-         <img src="/images/terminal.png" alt="" />Console
13
-      </li>
14
-      <li class="menuButton" onclick="openSessionsWindow()">
15
-         <img src="/images/star.png" alt="" />Sessions
16
-      </li>
17
-      <li class="menuButton" onclick="openOptionsWindow()">
18
-         <img src="/images/wrench.png" alt="" />Options
19
-      </li>
20
-      <li class="menuButton" onclick="openAboutDialog()">
21
-         <img src="/images/help.png" alt="" />About
22
-      </li>
23
-   </ul>

+ 0
- 27
data/msfweb/app/views/layouts/msfide.rhtml View File

@@ -1,27 +0,0 @@
1
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="eng">
4
-
5
-    <head>
6
-        <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
7
-        <meta name="Author" content="LMH (lmh@info-pull.com)" />
8
-        <meta name="Copyright" content="(c) 2006, LMH (lmh@info-pull.com)" />
9
-        <title>Metasploit Framework Web IDE</title>
10
-        <%= stylesheet_link_tag "msfide" %>
11
-        <%= javascript_include_tag :defaults %>
12
-    </head>
13
-
14
-    <body>
15
-        <div id="logo">
16
-            <img src="/images/ide-logo.png" alt="Metasploit Framework Web IDE" />
17
-        </div>
18
-        <div id="spinner" style="display: none;">
19
-            <img src="/images/spinner_alt.gif" alt="Loading" />
20
-        </div>
21
-        <%= @content_for_layout %>
22
-        <div id="dyn_content"></div>
23
-        <div id="footer">
24
-            &copy; Copyright 2006 LMH &lt;lmh@info-pull.com&gt;.
25
-        </div>
26
-    </body>
27
-</html>

+ 0
- 30
data/msfweb/app/views/layouts/msfweb.rhtml View File

@@ -1,30 +0,0 @@
1
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> 
3
-   <head>
4
-      <title>Metasploit Framework Web Console <%=h ::Msf::Framework::Version %></title>
5
-      <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
6
-      <meta name="Author" content="Mike Whitehead (mwhite22[at]caledonian.ac.uk), Metasploit LLC" />
7
-      <meta name="Copyright" content="(c) 2007, Mike Whitehead (mwhite22[at]caledonian.ac.uk), (c) 2006-2007 Metasploit LLC" />
8
-      <% ["prototype","effects","controls","window","application","cookiecheck"].each do |js| %>
9
-      <%= javascript_include_tag js %><% end %>
10
-      <script>
11
-         document.writeln('<link rel="stylesheet" type="text/css" href="' + mainStyle + '">'); // MSFWeb main stylesheet
12
-         document.writeln('<link rel="stylesheet" type="text/css" href="' + windowStyle + '">'); // Window frame stylesheet
13
-      </script>
14
-  </head>
15
-
16
-<body>
17
-<div id="menuBar">
18
-    <%= render :partial => 'layouts/menu_bar' %>
19
-</div>
20
-
21
-<div id="maincontent">
22
-   <%= @content_for_layout %>
23
-</div>
24
-    
25
-<script type="text/javascript">
26
-   run_tasks();
27
-</script>
28
-
29
-</body>
30
-</html>

+ 0
- 22
data/msfweb/app/views/layouts/windows.rhtml View File

@@ -1,22 +0,0 @@
1
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="eng">
4
-
5
-    <head>
6
-        <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
7
-        <meta name="Author" content="LMH (lmh@info-pull.com)" />
8
-        <meta name="Copyright" content="(c) 2006, LMH (lmh@info-pull.com)" />
9
-        <% ["prototype","effects","dragdrop","controls","application","cookiecheck"].each do |js| %>
10
-        <%= javascript_include_tag js %><% end %>
11
-
12
-      <script>
13
-         document.writeln('<link rel="stylesheet" type="text/css" href="' + contentStyle +'">'); // Window content stylesheet
14
-      </script>
15
-
16
-    </head>
17
-
18
-    <body>
19
-        <%= @content_for_layout %>
20
-    </body>
21
- 
22
-</html>

+ 0
- 0
data/msfweb/app/views/msf/index.rhtml View File


+ 0
- 56
data/msfweb/app/views/msf/search.rhtml View File

@@ -1,56 +0,0 @@
1
-<% if @results %>
2
-<% unless @clean_list %>
3
-<table width="100%" class="EAconf_moduleFull">
4
-    <tr>
5
-        <td>
6
-            <% if (params[:terms].strip.length > 0) %>
7
-                <% if (@results.size > 0) %>
8
-                    Matched <%= @results.size %> modules for term <em><%=h params[:terms] %>
9
-                <% else %>
10
-                    No matching modules for term <em><%=h params[:terms] %>
11
-                <% end %>
12
-            <% else %>
13
-                Showing all <%= @results.size %> modules
14
-            <% end %>
15
-        </td>
16
-    </tr>
17
-    <tr>
18
-        <td>
19
-<% else %>
20
-    <ul>
21
-<% end %>
22
-<% @results.each do |m| %>
23
-<% unless @clean_list %>
24
-    <tr>
25
-        <td class="EAconf_moduleName">
26
-            <span style="cursor:pointer;" onClick="window.parent.openModuleWindow('<%= @module_type %>', '<%= m.refname.gsub('/', ':') %>', '<%= m.name.gsub('"','').gsub("'","") %>')"><%= h(m.name) %></span>
27
-
28
-            <% if m.platform and @module_type =~ /(payloads|exploits)/ %>
29
-                <%= module_platform_icons(m.platform) %>
30
-            <% else %>
31
-                <% if (m.arch.length > 0) %>
32
-                    (<%= h m.arch.join(', ') %>)
33
-                <% end %>
34
-            <% end %>
35
-        </td>
36
-    </tr>
37
-    <tr>
38
-        <td class="EAconf_moduleDescription" colspan="2">
39
-            <%= m.description %>
40
-        </td>
41
-    </tr>
42
-<% else %>
43
-    <li><%= h(m.name) %></li>
44
-<% end %>
45
-<% end %>
46
-<% unless @clean_list %>
47
-</table>
48
-<% else %>
49
-</ul>
50
-<% end %>
51
-<% else %>
52
-<p>
53
-    No results for terms <em><%= h(params[:terms]) %></em>.
54
-</p>
55
-<% end %>
56
-

+ 0
- 2
data/msfweb/app/views/nops/generate.rhtml View File

@@ -1,2 +0,0 @@
1
-<h1>Nops#generate</h1>
2
-<p>Find me in app/views/nops/generate.rhtml</p>

+ 0
- 12
data/msfweb/app/views/nops/list.rhtml View File

@@ -1,12 +0,0 @@
1
-    <div id="module-search-box">
2
-		
3
-        <span>Search</span>
4
-        <input id="module_search" name="terms" type="text" size="55" value=""/>
5
-		<img alt="Spinner" id="search_spinner" src="/images/spinner.gif" style="display: none;" />
6
-        <div id="search_results"></div>
7
-    </div>
8
-    
9
-    <script type="text/javascript">
10
-		document.getElementById('module_search').focus();
11
-        generic_live_search('module_search', 'nops', 'search_spinner', 0);
12
-    </script>

+ 0
- 46
data/msfweb/app/views/nops/view.rhtml View File

@@ -1,46 +0,0 @@
1
-<table align="center" width="100%" cellspacing="0" cellpadding="15" border="0">
2
-    
3
-	<tr width="100%" align="center">
4
-        <p class="moduleName">
5
-            <%= h(@tmod.name) %> <br />
6
-        </p>
7
-    </tr>
8
-	
9
-    <tr width="100%" align="center">
10
-		<blockquote>
11
-		  <p class="moduleDescription">
12
-		      <%= h(@tmod.description) %>
13
-		  </p>
14
-		</blockquote>   
15
-    </tr>
16
-
17
-	
18
-    <tr width="100%" align="center">
19
-		<blockquote>
20
-		  <p class="moduleDescription">
21
-		      This module (revision <%= h @tmod.version.gsub(/\$Revision:\s+|\s+\$/, '') %>) was provided by <%= h @tmod.author.map{ |a| a.to_s.gsub(/\<.*/, '') }.join(' and ').strip %>, under the <%= @tmod.license %>.
22
-		  </p>
23
-		</blockquote>   
24
-    </tr>
25
-    
26
-	<% if (@tmod.references.length > 0) %>
27
-    <tr width="100%" align="center">
28
-		<blockquote>
29
-		<p class="moduleDescription">
30
-		External references:
31
-		<ul class="moduleReferences">
32
-			<% @tmod.references.each { |ref| %>
33
-					<% if (ref.kind_of?(Msf::Module::SiteReference)) %>
34
-					<li><a href="<%= ref.site %>" target="_blank">
35
-					<%= h(ref.to_s) %></a></li>
36
-			<% 	else %>
37
-					<li><%= h(ref.to_s) %></li>
38
-			<% 	end %>
39
-			<% } %>
40
-		</ul>
41
-		</p>
42
-		</blockquote>   
43
-    </tr>
44
-	<% end %>
45
-
46
-</table>

+ 0
- 45
data/msfweb/app/views/options/index.rhtml View File

@@ -1,45 +0,0 @@
1
-<%
2
-	if (@force_reload)
3
-		%>
4
-		<script language="javascript">
5
-			window.parent.location.reload();
6
-		</script>
7
-		<%
8
-	end
9
-%>
10
-<form method="POST">
11
-<table cellpadding="0" border="0" width="100%" class="EAConf_moduleFull">
12
-   <tr colspan="2">
13
-      <th align="center" class="moduleOptionsHeader">Style Name</td>
14
-   </tr>
15
-   <tr>
16
-      <td class="EAconf_moduleDescription">
17
-          Use the drop-down menu to select the desired theme for the Metasploit Framework Web Console<br /><br />
18
-          Current style: <strong><em><script language="javascript">document.writeln(styleName);</script></em></strong>
19
-      </td>
20
-   </tr>
21
-   <tr>
22
-      <td>
23
-         <select name="style">
24
-            <option value="empty">Choose a skin</option>
25
-			<%
26
-				sbase = File.join(Msf::Config::InstallRoot, "data", "msfweb", "public", "stylesheets", "skins")
27
-				sdirs = Dir.new(sbase).grep(/^[a-z0-9]+/i)
28
-				sdirs.each do |style|
29
-					next if not File.directory?(File.join(sbase, style))
30
-					sname = style.capitalize + " Style"
31
-				%>
32
-					<option value="<%=h style%>"><%=h sname%></option>
33
-				<%
34
-				end
35
-			%>
36
-         </select>
37
-      </td>
38
-   </tr>
39
-   <tr>
40
-      <td>
41
-         <input type="submit" value="Save Skin" name="save">
42
-      </td>
43
-   </tr>
44
-</table>
45
-</form>

+ 0
- 2
data/msfweb/app/views/payloads/generate.rhtml View File

@@ -1,2 +0,0 @@
1
-<h1>Payloads#generate</h1>
2
-<p>Find me in app/views/payloads/generate.rhtml</p>

+ 0
- 13
data/msfweb/app/views/payloads/list.rhtml View File

@@ -1,13 +0,0 @@
1
-    <div id="module-search-box">
2
-		
3
-        <span>Search</span>
4
-        <input id="module_search" name="terms" type="text" size="55" value=""/>
5
-		<img alt="Spinner" id="search_spinner" src="/images/spinner.gif" style="display: none;" />
6
-    </div>
7
-    <div id="search_results">
8
-    </div>
9
-    
10
-    <script type="text/javascript">
11
-		document.getElementById('module_search').focus();
12
-        generic_live_search('module_search', 'payloads', 'search_spinner', 0);
13
-    </script>

+ 0
- 154
data/msfweb/app/views/payloads/view.rhtml View File

@@ -1,154 +0,0 @@
1
-<table align="center" cellspacing="0" cellpadding="0" border="0" class="Pview_moduleFull">
2
-    <tr>
3
-        <td width="100%" class="Pview_moduleName" colspan="2">
4
-            <%= h(@tmod.name) %> <br />
5
-	</td>
6
-    </tr>
7
-    <tr>
8
-        <td height="10" colspan="2">
9
-        </td>
10
-    </tr>
11
-    <tr>
12
-        <td width="100%" class="Pview_moduleDescription" colspan="2">
13
-            <%= @tmod.description.split("\n\n").map{ |t| h(t) }.join("<br/><br/>") %>
14
-        </td>
15
-    </tr>
16
-    <tr>
17
-        <td height="10" colspan="2">
18
-        </td>
19
-    </tr>
20
-    <tr>
21
-        <td width="100%" class="Pview_moduleAuthor" colspan="2">
22
-            This module (v<%= h @tmod.version.gsub(/\$Revision:\s+|\s+\$/, '') %>) was
23
-            provided by <%= h @tmod.author.map{ |a| a.to_s.gsub(/\<.*/, '') }.join(' and ').strip %>,
24
-            under the <%= @tmod.license %>. 
25
-        </td>  
26
-    </tr>
27
-    <tr>
28
-        <td height="10" colspan="2">
29
-        </td>
30
-    </tr>
31
-	<% if (@tmod.references.length > 0) %>
32
-
33
-        <tr>
34
-            <td width="100%" class="Pview_moduleReferences_Title" colspan="2">
35
-                External references:
36
-            </td>
37
-        </tr>
38
-        <tr>
39
-            <td width="100%" class="Pview_moduleReferences" colspan="2">
40
-                <ul>
41
-                    <% @tmod.references.each { |ref| %>
42
-                        <% if (ref.kind_of?(Msf::Module::SiteReference)) %>
43
-                            <li><a href="<%= ref.site %>" target="_blank"><%= h(ref.to_s) %></a></li>
44
-                        <% else %>
45
-                            <li><%= h(ref.to_s) %></li>
46
-                        <% end %>
47
-                    <% } %>
48
-                </ul>
49
-            </td>
50
-        </tr>
51
-
52
-	<% end %>
53
-	
54
-    <tr>
55
-		<td>Size:</td>
56
-		<td><%= @tmod.generate.length %></td>
57
-    </tr>
58
-