Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

New bind_redirect method added to the AssetHandler. See #664

Browse Source
This commit is contained in:
Christian Frichot
2013-01-20 16:59:01 +08:00
parent 63b7d44a5e
commit 3c4a0fad34
5 changed files with 119 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
core/bootstrap.rb
View File

@@ -24,6 +24,7 @@ require 'core/main/handlers/browserdetails'
# @note Include the network stack
require 'core/main/network_stack/handlers/dynamicreconstruction'
require 'core/main/network_stack/handlers/redirector'
require 'core/main/network_stack/assethandler'
require 'core/main/network_stack/api'

9
core/main/network_stack/assethandler.rb
View File

@@ -24,6 +24,15 @@ module Handlers
@root_dir = File.expand_path('../../../../', __FILE__)
end
def bind_redirect(target, path=nil)
url = build_url(path,nil)
@allocations[url] = {'target' => target}
@http_server.mount(url,BeEF::Core::NetworkStack::Handlers::Redirector.new(target))
@http_server.remap
print_info "Redirector to [" + target + "] bound to url [" + url + "]"
url
end
# Binds a file to a mount point
# @param [String] file File path to asset
# @param [String] path URL path to mount the asset to (can be nil for random path)

41
core/main/network_stack/handlers/redirector.rb Normal file
View File

@@ -0,0 +1,41 @@
#
# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
module NetworkStack
module Handlers
# @note Redirector is used as a Rack app for mounting HTTP redirectors, instead of content
class Redirector
@target = ""
def initialize(target)
@target = target
end
def call(env)
@response = Rack::Response.new(
body = ['302 found'],
status = 302,
header = {
'Content-Type' => 'text',
'Location' => @target
}
)
end
private
@request
@response
end
end
end
end
end

66
test/unit/core/main/network_stack/handlers/redirector.rb Normal file
View File

@@ -0,0 +1,66 @@
#
# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
require 'rubygems'
require 'curb'
class TC_Redirector < Test::Unit::TestCase
@@port = 20000 + rand(10000)
def setup
$root_dir="../../"
$:.unshift File.join( %w{ ../../ } )
require 'core/loader'
require 'core/main/network_stack/assethandler.rb'
require 'core/main/network_stack/handlers/redirector.rb'
@@port += 1 # cycle through ports because the tcp teardown process is too slow
@port = @@port
config = {}
config[:BindAddress] = '127.0.0.1'
config[:Port] = @port.to_s
@mounts = {}
@mounts['/test'] = BeEF::Core::NetworkStack::Handlers::Redirector.new('http://www.beefproject.com')
@rackApp = Rack::URLMap.new(@mounts)
Thin::Logging.silent = true
@server = Thin::Server.new('127.0.0.1', @port.to_s, @rackApp)
trap("INT") { @server.stop }
trap("TERM") { @server.stop }
@pid = fork do
@server.start!
end
end
def teardown
Process.kill("INT",@pid)
$root_dir = nil
end
# the server doesn't offer a mutex or callback
def wait_for_server
max_waits = 3
sleep_length = 0.1
count = 0
while (count < max_waits)
break if @server.running?
count += 1
sleep sleep_length
end
end
def test_get
wait_for_server
response = Curl::Easy.http_get("http://127.0.0.1:" + @port.to_s + "/test/")
assert_equal 302, response.response_code
assert_equal "302 found", response.body_str
assert_match /Location: http:\/\/www\.beefproject\.com/, response.header_str
end
end

2
test/unit/ts_unit.rb
View File

@@ -9,6 +9,7 @@ require '../common/ts_common'
require './core/filter/tc_base'
require './core/filter/tc_command'
require './core/main/network_stack/handlers/redirector'
require './core/tc_loader'
require './core/tc_core'
require './core/tc_api'
@@ -53,6 +54,7 @@ class TS_BeefTests
suite << TC_Hackverter.suite
suite << TC_EventLogger.suite
suite << TC_Hooks.suite
suite << TC_Redirector.suite
return suite
end