From 06e9c6024b66b48b760fc59d1047c7cfb6f91bdd Mon Sep 17 00:00:00 2001
From: Brendan Coles <bcoles@gmail.com>
Date: Sun, 13 Dec 2015 09:26:55 +0000
Subject: [PATCH] Add ignore_public_ips option to Network extension

---
 extensions/network/config.yaml               | 2 ++
 extensions/network/models/network_host.rb    | 8 ++++++++
 extensions/network/models/network_service.rb | 8 ++++++++
 3 files changed, 18 insertions(+)

diff --git a/extensions/network/config.yaml b/extensions/network/config.yaml
index a85fb53f0..ab81396ff 100644
--- a/extensions/network/config.yaml
+++ b/extensions/network/config.yaml
@@ -10,3 +10,5 @@ beef:
             enable: true
             authors: ["bcoles"]
             description: "This extension facilitates interaction with hosts on a zombie browser's local area network(s). It provides a point and click interface for performing a variety of actions including host discovery, fingerprinting and exploitation. Identified network hosts are available in the Network -> Hosts panel. Identified network services are available in the Network -> Services panel. Right-click a host or service for more options."
+            # enable this option to record private network hosts and services only (RFC1918 IPv4, private IPv6, localhost)
+            ignore_public_ips: false
diff --git a/extensions/network/models/network_host.rb b/extensions/network/models/network_host.rb
index bde759cab..b3521ebc0 100644
--- a/extensions/network/models/network_host.rb
+++ b/extensions/network/models/network_host.rb
@@ -31,6 +31,14 @@ module BeEF
           (print_error "Invalid hooked browser session"; return) unless BeEF::Filters.is_valid_hook_session_id?(host[:hooked_browser_id])
           (print_error "Invalid IP address"; return) unless BeEF::Filters.is_valid_ip?(host[:ip])
 
+          # save network hosts with private IP addresses only?
+          unless BeEF::Filters.is_valid_private_ip?(host[:ip])
+            configuration = BeEF::Core::Configuration.instance
+            if configuration.get("beef.extension.network.ignore_public_ips") == true
+              (print_debug "Ignoring network host with public IP address [ip: #{host[:ip]}]"; return)
+            end
+          end
+
           # update lastseen
           BeEF::Core::Models::NetworkHost.all(
             :hooked_browser_id => host[:hooked_browser_id],
diff --git a/extensions/network/models/network_service.rb b/extensions/network/models/network_service.rb
index aa2049dca..0eee18ddf 100644
--- a/extensions/network/models/network_service.rb
+++ b/extensions/network/models/network_service.rb
@@ -30,6 +30,14 @@ module BeEF
           (print_error "Invalid IP address"; return) if not BeEF::Filters.is_valid_ip?(service[:ip])
           (print_error "Invalid port"; return) if not BeEF::Filters.is_valid_port?(service[:port])
 
+          # save network services with private IP addresses only?
+          unless BeEF::Filters.is_valid_private_ip?(service[:ip])
+            configuration = BeEF::Core::Configuration.instance
+            if configuration.get("beef.extension.network.ignore_public_ips") == true
+              (print_debug "Ignoring network service with public IP address [ip: #{service[:ip]}]"; return)
+            end
+          end
+
           # store the returned network host details
           BeEF::Core::Models::NetworkHost.add(
             :hooked_browser_id => service[:hooked_browser_id],