# Author: LMH <lmh@info-pull.com>
# Description: The exploit controller of msfweb v.3. Handles views, listing
# and other actions related to exploit modules. Code and processing goes here.
# Instance variables, final values, etc, go into views.

class ExploitsController < ApplicationController
  layout 'windows'
  
  def list
  end

  def view
    @tmod = get_view_for_module("exploit", params[:refname])
	
	unless @tmod
	 render_text "Unknown module specified."
	end
  end

  def exploit
    # Retrieve object to module with the given refname
    @tmod     = get_view_for_module("exploit", params[:refname])
    unless @tmod
	 render_text "Unknown module specified."
	end
	
	# Get target, using index given in 'target' parameter
    @target   = @tmod.targets[params[:target].to_i]
    unless @target
	 render_text "Unknown target specified."
	end
	
    @cur_step = nil
    if params[:step]
      @cur_step = params[:step]
    end
    
    if @cur_step == "config"
      @payload   = @tmod.compatible_payloads[params[:payload].to_i]
      unless @payload
	   render_text "Unknown payload specified or not supported."
	  end
    elsif @cur_step == "ready"
      @tmod.datastore['TARGET'] = params[:target].to_i
    else
      @payloads = @tmod.compatible_payloads
    end
  end
end