Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Legacy beef not working :(

Browse Source
This commit is contained in:
aaron
2020-04-03 13:52:08 +10:00
parent f836748718
commit 3f59aa2d9c
4 changed files with 31 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
config.yaml
View File

@@ -14,6 +14,9 @@ beef:
# Used for generating secure tokens
crypto_default_value_length: 80
# Testif variable
testif: false
# Credentials to authenticate in BeEF.
# Used by both the RESTful API and the Admin interface
credentials:

24
core/main/handlers/hookedbrowsers.rb
View File

@@ -6,11 +6,11 @@
module BeEF
module Core
module Handlers
# @note This class handles connections from hooked browsers to the framework.
class HookedBrowsers < BeEF::Core::Router::Router
include BeEF::Core::Handlers::Modules::BeEFJS
include BeEF::Core::Handlers::Modules::Command
@@ -18,7 +18,7 @@ module Handlers
configure do
disable :protection
end
# Process HTTP requests sent by a hooked browser to the framework.
# It will update the database to add or update the current hooked browser
# and deploy some command modules or extensions to the hooked browser.
@@ -27,7 +27,7 @@ module Handlers
params = request.query_string
#@response = Rack::Response.new(body=[], 200, header={})
config = BeEF::Core::Configuration.instance
# @note check source ip address of browser
permitted_hooking_subnet = config.get('beef.restrictions.permitted_hooking_subnet')
if permitted_hooking_subnet.nil? || permitted_hooking_subnet.empty?
@@ -56,15 +56,15 @@ module Handlers
end
# @note is a new browser so return instructions to set up the hook
if not hooked_browser
if not hooked_browser
# @note generate the instructions to hook the browser
host_name = request.host
(print_error "Invalid host name";return) if not BeEF::Filters.is_valid_hostname?(host_name)
build_beefjs!(host_name)
# @note is a known browser so send instructions
else
# @note is a known browser so send instructions
else
# @note Check if we haven't seen this browser for a while, log an event if we haven't
if (Time.new.to_i - hooked_browser.lastseen.to_i) > 60
BeEF::Core::Logger.instance.register('Zombie',"#{hooked_browser.ip} appears to have come back online","#{hooked_browser.id}")
@@ -72,7 +72,7 @@ module Handlers
# @note record the last poll from the browser
hooked_browser.lastseen = Time.new.to_i
# @note Check for a change in zombie IP and log an event
if config.get('beef.http.use_x_forward_for') == true
if hooked_browser.ip != request.env["HTTP_X_FORWARDED_FOR"]
@@ -85,10 +85,10 @@ module Handlers
hooked_browser.ip = request.ip
end
end
hooked_browser.count!
hooked_browser.save!
# @note add all available command module instructions to the response
zombie_commands = BeEF::Core::Models::Command.where(:hooked_browser_id => hooked_browser.id, :instructions_sent => false)
zombie_commands.each{|command| add_command_instructions(command, hooked_browser)}
@@ -114,7 +114,7 @@ module Handlers
@body
end
end
end
end
end

19
core/main/handlers/modules/beefjs.rb
View File

@@ -11,15 +11,16 @@ module BeEF
# @note Purpose: avoid rewriting several times the same code.
module BeEFJS
include BeEF::Core::Handlers::Modules::legacyBeEFJS
# Builds the default beefjs library (all default components of the library).
# @param [Object] req_host The request object
def build_beefjs!(req_host)
if config.get("beef.testif.enable")
config = BeEF::Core::Configuration.instance
if config.get("beef.testif")
print("beefnew")
else
legacy_build_beefjs!(req_host)
legacy = BeEF::Core::Handlers::Modules::LegacyBeEFJS
legacy.legacy_build_beefjs!(req_host)
end
end
@@ -27,20 +28,24 @@ module BeEF
# @param [String] component Name of component
# @return [String|Boolean] Returns false if path was not found, otherwise returns component path
def find_beefjs_component_path(component)
if config.get("beef.testif.enable")
config = BeEF::Core::Configuration.instance
if config.get("beef.testif")
print("beefnew")
else
legacy_find_beefjs_component_path(component)
legacy = BeEF::Core::Handlers::Modules::LegacyBeEFJS
legacy.legacy_find_beefjs_component_path(component)
end
end
# Builds missing beefjs components.
# @param [Array] beefjs_components An array of component names
def build_missing_beefjs_components(beefjs_components)
if config.get("beef.testif.enable")
config = BeEF::Core::Configuration.instance
if config.get("beef.testif")
print("beefnew")
else
build_missing_beefjs_components(beefjs_components)
legacy = BeEF::Core::Handlers::Modules::LegacyBeEFJS
legacy.legacy_build_missing_beefjs_components(beefjs_components)
end
end
end

8
core/main/handlers/modules/legacybeefjs.rb
View File

@@ -9,11 +9,11 @@ module BeEF
module Modules
# @note Purpose: avoid rewriting several times the same code.
module BeEFJS
module LegacyBeEFJS
# Builds the default beefjs library (all default components of the library).
# @param [Object] req_host The request object
def build_beefjs!(req_host)
def legacy_build_beefjs!(req_host)
config = BeEF::Core::Configuration.instance
# @note set up values required to construct beefjs
beef_js = ''
@@ -133,7 +133,7 @@ module BeEF
# Finds the path to js components
# @param [String] component Name of component
# @return [String|Boolean] Returns false if path was not found, otherwise returns component path
def find_beefjs_component_path(component)
def legacy_find_beefjs_component_path(component)
component_path = component
component_path.gsub!(/beef./, '')
component_path.gsub!(/\./, '/')
@@ -146,7 +146,7 @@ module BeEF
# Builds missing beefjs components.
# @param [Array] beefjs_components An array of component names
def build_missing_beefjs_components(beefjs_components)
def legacy_build_missing_beefjs_components(beefjs_components)
# @note verifies that @beef_js_cmps is not nil to avoid bugs
@beef_js_cmps = '' if @beef_js_cmps.nil?