log progress on testing modules

2026-01-12 09:29:55 +10:00
parent 1108bf52c2
commit 44b0c0aadc
2 changed files with 217 additions and 18 deletions
--- a/testing/testing_errors.md
+++ b/testing/testing_errors.md
@@ -32,8 +32,8 @@ Did you mean?  ntype=

 ### Stack Trace (Key Lines)
 ```
-from /home/zinduolis/repos/beef/modules/network/cross_origin_scanner_cors/module.rb:24:in `post_execute'
-from /home/zinduolis/repos/beef/core/main/handlers/commands.rb:59:in `setup'
+from /beef/modules/network/cross_origin_scanner_cors/module.rb:24:in `post_execute'
+from /beef/core/main/handlers/commands.rb:59:in `setup'
 ```

 ### Steps to Reproduce
@@ -66,3 +66,162 @@ In `modules/network/cross_origin_scanner_cors/module.rb`, change `type:` to `nty

 ### Related Files
 - Module source: `modules/network/cross_origin_scanner_cors/command.js`
+
+## EXT-001: Detect Extensions Module Failure
+
+**Module**: Detect Extensions
+**Category**: Browser
+**Date**: 2026-01-12
+**Browser**: Firefox / Chrome (Modern)
+**Status**: ❌ Not Passed
+
+### Test Configuration
+- **Browser**: Firefox/Chrome (Latest)
+- **Extensions Installed**: Standard set (e.g. uBlock Origin, "Avast Online Security" from previous test)
+
+### Error Description
+The module executes but returns no results, even when known extensions from its list are installed.
+
+**Root Cause**:
+1.  **Outdated Extension IDs**: The module uses a hardcoded list of extension IDs (e.g., `blpcfgokakmgnkcojhhkbfbldkacnbeo` for YouTube) which may be obsolete.
+2.  **Browser Security**: Modern browsers (Chrome, Firefox) block external access to extension resources (`chrome-extension://...`) unless they are explicitly listed in `web_accessible_resources` in the extension's manifest. This prevents simple enumeration by checking for the existence of files.
+
+### Steps to Reproduce
+1.  Install a known extension.
+2.  Execute "Detect Extensions" module.
+3.  Observe Command Results.
+
+### Expected Result
+List of detected extensions.
+
+### Actual Result
+No output / "No extensions detected".
+
+### Suggested Fix
+- Update the list of Extension IDs.
+- Investigate modern side-channel attacks for extension detection.
+
+## UI-001: Module Search Broad Matching
+
+**Module**: BeEF UI (Module Tree Search)
+**Category**: User Interface
+**Date**: 2026-01-12
+**Status**: ⚠️ Usability Issue
+
+### Error Description
+The module search bar in the "Commands" tab does not perform exact phrase matching or prioritized relevance sorting. Searching for a multi-word module name (e.g., "Detect FireBug") returns all modules matching the first word (e.g., "Detect"), resulting in a cluttered list of irrelevant modules.
+
+### Steps to Reproduce
+1.  Open the BeEF UI (`/ui/panel`).
+2.  Select a hooked browser and navigate to the **Commands** tab.
+3.  In the "Search capability..." input, type `Detect FireBug`.
+
+### Expected Result
+The module tree should filter to show only modules matching "Detect FireBug".
+
+### Actual Result
+The tree shows all modules containing "Detect" (e.g., "Detect Antivirus", "Detect Tor", etc.), making it difficult to find the specific module aimed for.
+
+### Suggested Fix
+- Update the javascript search filter logic to strictly match the full search string or support quoted exact searches.
+- Modify the search to `AND` search terms instead of `OR` or partial matching on the first token.
+
+## FP-001: Fingerprint Browser (PoC) Module Failure
+
+**Module**: Fingerprint Browser (PoC)
+**Category**: Browser
+**Date**: 2026-01-12
+**Browser**: Firefox / Chrome (Modern)
+**Status**: ❌ Not Passed
+
+### Test Configuration
+- **Browser**: Firefox/Chrome (Latest)
+- **Environment**: Local VM
+
+### Error Description
+The module executes successfully but fails to properly identify the browser type and version, returning "unknown" for both fields.
+
+### Steps to Reproduce
+1.  Start BeEF.
+2.  Hook a modern browser (e.g., Firefox).
+3.  Execute "Fingerprint Browser (PoC)" module.
+4.  Check command results.
+
+### Expected Result
+Parsed browser name (e.g., Firefox) and version (e.g., 120.0).
+
+### Actual Result
+`data: browser_type=unknown&browser_version=unknown`
+
+### Suggested Fix
+Update the browser identification logic in `modules/browser/fingerprint_browser_poc/command.js` to support modern User-Agent strings or use a more robust detection library.
+
+## NET-001: Fingerprint Local Network No Feedback
+
+**Module**: Fingerprint Local Network
+**Category**: Network
+**Date**: 2026-01-12
+**Browser**: Firefox (Linux)
+**Status**: ❌ Not Passed / ⚠️ UX Issue
+
+### Test Configuration
+- **Scan IP range**: `common` or specific local IP (e.g., `192.168.x.x`)
+- **Environment**: Local VM
+
+### Error Description
+The module executes (visible via browser DevTools generating network requests), but provides absolutely no feedback in the BeEF UI.
+1.  **No Progress Indicator**: There is no indication that the scan is running, how far along it is, or if it has finished.
+2.  **No Final Status**: Command results remain empty even after the scan (presumably) finishes.
+3.  **No Interruption Feedback**: If the user refreshes the browser to stop the scan, the BeEF UI does not register this change or update the command status; it simply hangs or stays empty.
+
+### Steps to Reproduce
+1.  Open DevTools -> Network tab in the hooked browser.
+2.  Execute "Fingerprint Local Network" (range: `common`).
+3.  Observe network requests in DevTools (module is running).
+4.  Observe BeEF Command module results (remains empty).
+5.  Refresh hooked browser.
+6.  Observe BeEF Command module results (remains empty/no status update).
+
+### Expected Result
+- The module should provide real-time or periodic status updates (e.g., "Scanning 10/20 IPs...").
+- It should report "No devices found" if nothing is detected, rather than staying silent.
+- It should handle browser disconnections/refreshes gracefully.
+
+### Actual Result
+BeEF UI shows command as executing (or just sent), but no data is returned to the results panel. DevTools confirms the activity, but the operator is left blind.
+
+### Suggested Fix
+- Implement `beef.net.send` calls within the JavaScript worker queue to report progress % back to the controller.
+- Ensure a final summary report is sent even if 0 positive matches are found.
+
+## NET-002: Fingerprint Routers Module Error
+
+**Module**: Fingerprint Routers
+**Category**: Network
+**Date**: 2026-01-12
+**Browser**: Firefox (Linux)
+**Status**: ❌ Not Passed
+
+### Test Configuration
+- **Browser**: Firefox
+- **Execution**: Standard execute (click button)
+
+### Error Description
+The module crashes the BeEF server thread with an `ActiveModel::UnknownAttributeError` when attempting to save results to the database.
+
+**Root Cause**: The module's `post_execute` method in `modules/network/jslanscanner/module.rb:29` attempts to create a `NetworkService` record using attribute `type`, but the model expects `ntype`.
+
+### Console Error
+```
+ActiveModel::UnknownAttributeError: unknown attribute 'type' for BeEF::Core::Models::NetworkService.
+...
+from /beef/modules/network/jslanscanner/module.rb:29:in `post_execute'
+```
+
+### Suggested Fix
+In `modules/network/jslanscanner/module.rb`:
+- Change line 29: `type: service` -> `ntype: service`
+- Check line 37: `type: device` -> `ntype: device` (if NetworkHost model also uses ntype).
+
+
+