From 282575f9a647ed8145ac26834261fed499a8a95c Mon Sep 17 00:00:00 2001 From: Haoxi Tan Date: Thu, 16 Jan 2020 11:52:04 +1000 Subject: [PATCH] killing things properly in tests involving beef http server --- spec/beef/api/auth_rate_spec.rb | 4 +- .../autorun_engine/autorun_engine_spec.rb | 77 +++++++++++++++++++ .../handlers/browser_details_handler_spec.rb | 4 +- 3 files changed, 81 insertions(+), 4 deletions(-) create mode 100644 spec/beef/core/main/autorun_engine/autorun_engine_spec.rb diff --git a/spec/beef/api/auth_rate_spec.rb b/spec/beef/api/auth_rate_spec.rb index 288475510..5c01118a9 100644 --- a/spec/beef/api/auth_rate_spec.rb +++ b/spec/beef/api/auth_rate_spec.rb @@ -27,8 +27,8 @@ RSpec.describe 'BeEF API Rate Limit' do after(:all) do - Process.kill("INT",@pid) - Process.kill("INT",@pids) + Process.kill("KILL",@pid) + Process.kill("KILL",@pids) end diff --git a/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb b/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb new file mode 100644 index 000000000..ab4bee67c --- /dev/null +++ b/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb @@ -0,0 +1,77 @@ +RSpec.describe 'AutoRunEngine test' do + + before(:all) do + # Note: rake spec passes --patterns which causes BeEF to pickup this argument via optparse. I can't see a better way at the moment to filter this out. Therefore ARGV=[] for this test. + ARGV = [] + @config = BeEF::Core::Configuration.instance + @config.set('beef.credentials.user', "beef") + @config.set('beef.credentials.passwd', "beef") + + #generate api token + BeEF::Core::Crypto::api_token + + # load up DB + # Connect to DB + ActiveRecord::Base.logger = nil + OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')] + OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:'beef.db') + # Migrate (if required) + context = ActiveRecord::Migration.new.migration_context + if context.needs_migration? + ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate + end + + + + # add AutoRunEngine rule + test_rule = {"name"=>"Display an alert", "author"=>"mgeeky", "browser"=>"ALL", "browser_version"=>"ALL", "os"=>"ALL", "os_version"=>"ALL", "modules"=>[{"name"=>"alert_dialog", "condition"=>nil, "options"=>{"text"=>"You've been BeEFed ;>"}}], "execution_order"=>[0], "execution_delay"=>[0], "chain_mode"=>"sequential"} + + BeEF::Core::AutorunEngine::RuleLoader.instance.load_directory + # are_engine.R + + + http_hook_server = BeEF::Core::Server.instance + http_hook_server.prepare + + + @pids = fork do + BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server) + end + @pid = fork do + http_hook_server.start + end + # wait for server to start + sleep 1 + end + # wait for server to start + + after(:all) do + + Process.kill("KILL",@pid) + Process.kill("KILL",@pids) + + end + + it 'AutoRunEngine is working' do + + api = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, BEEF_PASSWD) + + response = api.auth() + + @token = response[:token] + + puts "authenticated. api token: #{@token}" + + puts 'hooking a new victim, waiting a few seconds...' + + victim = BeefTest.new_victim + sleep 5.0 + + response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}} + + j = JSON.parse(response.body) + expect(j) + + end + +end diff --git a/spec/beef/core/main/handlers/browser_details_handler_spec.rb b/spec/beef/core/main/handlers/browser_details_handler_spec.rb index f509ac681..c89f1ebc2 100644 --- a/spec/beef/core/main/handlers/browser_details_handler_spec.rb +++ b/spec/beef/core/main/handlers/browser_details_handler_spec.rb @@ -37,8 +37,8 @@ RSpec.describe 'Browser details handler' do after(:all) do - Process.kill("INT",@pid) - Process.kill("INT",@pids) + Process.kill("KILL",@pid) + Process.kill("KILL",@pids) end