Add ignore_public_ips option to Network extension

2015-12-13 09:26:55 +00:00
parent 852e0b4595
commit 06e9c6024b
3 changed files with 18 additions and 0 deletions
--- a/extensions/network/config.yaml
+++ b/extensions/network/config.yaml
@@ -10,3 +10,5 @@ beef:
            enable: true
            authors: ["bcoles"]
            description: "This extension facilitates interaction with hosts on a zombie browser's local area network(s). It provides a point and click interface for performing a variety of actions including host discovery, fingerprinting and exploitation. Identified network hosts are available in the Network -> Hosts panel. Identified network services are available in the Network -> Services panel. Right-click a host or service for more options."
+            # enable this option to record private network hosts and services only (RFC1918 IPv4, private IPv6, localhost)
+            ignore_public_ips: false
--- a/extensions/network/models/network_host.rb
+++ b/extensions/network/models/network_host.rb
@@ -31,6 +31,14 @@ module BeEF
          (print_error "Invalid hooked browser session"; return) unless BeEF::Filters.is_valid_hook_session_id?(host[:hooked_browser_id])
          (print_error "Invalid IP address"; return) unless BeEF::Filters.is_valid_ip?(host[:ip])

+          # save network hosts with private IP addresses only?
+          unless BeEF::Filters.is_valid_private_ip?(host[:ip])
+            configuration = BeEF::Core::Configuration.instance
+            if configuration.get("beef.extension.network.ignore_public_ips") == true
+              (print_debug "Ignoring network host with public IP address [ip: #{host[:ip]}]"; return)
+            end
+          end
+
          # update lastseen
          BeEF::Core::Models::NetworkHost.all(
            :hooked_browser_id => host[:hooked_browser_id],
--- a/extensions/network/models/network_service.rb
+++ b/extensions/network/models/network_service.rb
@@ -30,6 +30,14 @@ module BeEF
          (print_error "Invalid IP address"; return) if not BeEF::Filters.is_valid_ip?(service[:ip])
          (print_error "Invalid port"; return) if not BeEF::Filters.is_valid_port?(service[:port])

+          # save network services with private IP addresses only?
+          unless BeEF::Filters.is_valid_private_ip?(service[:ip])
+            configuration = BeEF::Core::Configuration.instance
+            if configuration.get("beef.extension.network.ignore_public_ips") == true
+              (print_debug "Ignoring network service with public IP address [ip: #{service[:ip]}]"; return)
+            end
+          end
+
          # store the returned network host details
          BeEF::Core::Models::NetworkHost.add(
            :hooked_browser_id => service[:hooked_browser_id],