From 07037587e82e2d6557261053790c9e5e34bca163 Mon Sep 17 00:00:00 2001 From: Jack Walker Date: Thu, 23 Apr 2020 12:10:17 +1000 Subject: [PATCH] Took an easier route of acquiring the Auth token --- .../core/main/autorun_engine/autorun_engine_spec.rb | 6 +++--- .../core/main/handlers/browser_details_handler_spec.rb | 6 +++--- spec/beef/extensions/websocket_hooked_browser_spec.rb | 10 +++------- spec/beef/modules/debug/test_beef_debugs_spec.rb | 6 +++--- 4 files changed, 12 insertions(+), 16 deletions(-) diff --git a/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb b/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb index 2a71e59a7..f1d653b5f 100644 --- a/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb +++ b/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb @@ -70,7 +70,7 @@ RSpec.describe 'AutoRunEngine test', :run_on_browserstack => true do http_hook_server.prepare # Generate a token for the server to respond with - BeEF::Core::Crypto::api_token + @token = BeEF::Core::Crypto::api_token # Initiate server start-up @pids = fork do @@ -81,8 +81,8 @@ RSpec.describe 'AutoRunEngine test', :run_on_browserstack => true do end # Authenticate to REST API & pull the token from the response - @response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json - @token = JSON.parse(@response)['token'] + # @response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json + # @token = JSON.parse(@response)['token'] @caps = CONFIG['common_caps'].merge(CONFIG['browser_caps'][TASK_ID]) @caps["name"] = @caps['name'] || ENV['name'] || 'no-name' diff --git a/spec/beef/core/main/handlers/browser_details_handler_spec.rb b/spec/beef/core/main/handlers/browser_details_handler_spec.rb index 5ff9c93eb..a2baee7f2 100644 --- a/spec/beef/core/main/handlers/browser_details_handler_spec.rb +++ b/spec/beef/core/main/handlers/browser_details_handler_spec.rb @@ -63,7 +63,7 @@ RSpec.describe 'Browser details handler', :run_on_browserstack => true do http_hook_server.prepare # Generate a token for the server to respond with - BeEF::Core::Crypto::api_token + @token = BeEF::Core::Crypto::api_token # Initiate server start-up @pids = fork do @@ -77,8 +77,8 @@ RSpec.describe 'Browser details handler', :run_on_browserstack => true do sleep 1 # Authenticate to REST API & pull the token from the response - @response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json - @token = JSON.parse(@response)['token'] + # @response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json + # @token = JSON.parse(@response)['token'] @caps = CONFIG['common_caps'].merge(CONFIG['browser_caps'][TASK_ID]) @caps["name"] = @caps['name'] || ENV['name'] || 'no-name' diff --git a/spec/beef/extensions/websocket_hooked_browser_spec.rb b/spec/beef/extensions/websocket_hooked_browser_spec.rb index 988687905..2c75149b8 100644 --- a/spec/beef/extensions/websocket_hooked_browser_spec.rb +++ b/spec/beef/extensions/websocket_hooked_browser_spec.rb @@ -28,7 +28,7 @@ RSpec.describe 'BeEF WebSockets enabled', :run_on_browserstack => true do sleep 2 end #generate token for the api to use - BeEF::Core::Crypto::api_token + @token= BeEF::Core::Crypto::api_token # load up DB # Connect to DB ActiveRecord::Base.logger = nil @@ -55,8 +55,8 @@ RSpec.describe 'BeEF WebSockets enabled', :run_on_browserstack => true do # Authenticate to REST API & pull the token from the response - @response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json - @token = JSON.parse(@response)['token'] + # @response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json + # @token = JSON.parse(@response)['token'] @caps = CONFIG['common_caps'].merge(CONFIG['browser_caps'][TASK_ID]) @caps["name"] = @caps['name'] || ENV['name'] || 'no-name' @@ -104,10 +104,6 @@ RSpec.describe 'BeEF WebSockets enabled', :run_on_browserstack => true do ### hook a new victim, use rest API to send request and get the token and victim - api = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, BEEF_PASSWD) - response = api.auth() - @token = response[:token] - #Uses the response and hooked browser details to get the response response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}} #test for the response if errors and weirdness there diff --git a/spec/beef/modules/debug/test_beef_debugs_spec.rb b/spec/beef/modules/debug/test_beef_debugs_spec.rb index 73565999e..1d4308ee5 100644 --- a/spec/beef/modules/debug/test_beef_debugs_spec.rb +++ b/spec/beef/modules/debug/test_beef_debugs_spec.rb @@ -63,7 +63,7 @@ RSpec.describe 'BeEF Debug Command Modules:', :run_on_browserstack => true do http_hook_server.prepare # Generate a token for the server to respond with - BeEF::Core::Crypto::api_token + @token = BeEF::Core::Crypto::api_token # Initiate server start-up @pids = fork do @@ -77,8 +77,8 @@ RSpec.describe 'BeEF Debug Command Modules:', :run_on_browserstack => true do sleep 1 # Authenticate to REST API & pull the token from the response - @response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json - @token = JSON.parse(@response)['token'] + # @response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json + # @token = JSON.parse(@response)['token'] @caps = CONFIG['common_caps'].merge(CONFIG['browser_caps'][TASK_ID]) @caps["name"] = @caps['name'] || ENV['name'] || 'no-name'