Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'bump-gems' into dependabot/bundler/rdoc-6.6.3.1

Browse Source
This commit is contained in:
Stephen
2024-03-28 03:53:06 +10:00
parent ba7e9b44e5 4841028648
commit 473e4c1f74
31 changed files with 559 additions and 227 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile
View File

@@ -50,7 +50,7 @@ end
# DNS extension
group :ext_dns do
gem 'async-dns', '~> 1.3'
gem 'async', '~> 1.31'
gem 'async', '~> 1.32'
end
# QRcode extension

11
Gemfile.lock
View File

@@ -23,7 +23,7 @@ GEM
archive-zip (0.12.0)
io-like (~> 0.3.0)
ast (2.4.2)
async (1.31.0)
async (1.32.0)
console (~> 1.10)
nio4r (~> 2.3)
timers (~> 4.1)
@@ -47,9 +47,10 @@ GEM
coderay (1.1.3)
concurrent-ruby (1.2.2)
connection_pool (2.4.1)
console (1.23.3)
console (1.23.6)
fiber-annotation
fiber-local
json
curb (1.0.5)
daemons (1.4.1)
diff-lcs (1.5.1)
@@ -101,10 +102,10 @@ GEM
mutex_m (0.2.0)
net-protocol (0.2.2)
timeout
net-smtp (0.4.0.1)
net-smtp (0.5.0)
net-protocol
netrc (0.11.0)
nio4r (2.7.0)
nio4r (2.7.1)
nokogiri (1.16.2-arm64-darwin)
racc (~> 1.4)
nokogiri (1.16.2-x86_64-linux)
@@ -249,7 +250,7 @@ PLATFORMS
DEPENDENCIES
ansi (~> 1.5)
async (~> 1.31)
async (~> 1.32)
async-dns (~> 1.3)
browserstack-local (~> 1.4)
capybara (~> 3.40)

2
beef
View File

@@ -243,6 +243,8 @@ BeEF::Core::Console::Banners.print_loaded_extensions
BeEF::Core::Console::Banners.print_loaded_modules
BeEF::Core::Console::Banners.print_network_interfaces_count
BeEF::Core::Console::Banners.print_network_interfaces_routes
BeEF::Core::Console::Banners.print_http_proxy
BeEF::Core::Console::Banners.print_dns
#
# @note Prints the API key needed to use the RESTful API

3
core/main/configuration.rb
View File

@@ -26,7 +26,6 @@ module BeEF
begin
# open base config
@config = load(config)
# set default value if key? does not exist
@config.default = nil
@@config = config
rescue StandardError => e
@@ -156,7 +155,7 @@ module BeEF
"#{beef_proto}://#{beef_host}:#{beef_port}"
end
# Returns the hool path value stored in the config file
# Returns the hook path value stored in the config file
#
# @return [String] hook file path
def hook_file_path

23
core/main/console/banners.rb
View File

@@ -134,6 +134,29 @@ module BeEF
print_info "Starting WebSocketSecure server on wss://[#{config.beef_host}:#{config.get('beef.http.websocket.secure_port').to_i} [timer: #{ws_poll_timeout}]"
end
end
# Print WebSocket servers
#
def print_http_proxy
config = BeEF::Core::Configuration.instance
print_info "HTTP Proxy: http://#{config.get('beef.extension.proxy.address')}:#{config.get('beef.extension.proxy.port')}"
end
def print_dns
address = nil
port = nil
protocol = nil
# TODO: fix the following reference - extensions/dns/api.rb
# servers, interfaces, address, port, protocol, upstream_servers = get_dns_config # get the DNS configuration
# Print the DNS server information
unless address.nil? || port.nil? || protocol.nil?
print_info "DNS Server: #{address}:#{port} (#{protocol})"
print_more upstream_servers unless upstream_servers.empty?
end
end
end
end
end

22
extensions/dns/api.rb
View File

@@ -24,8 +24,23 @@ module BeEF
#
# @param http_hook_server [BeEF::Core::Server] HTTP server instance
def self.pre_http_start(_http_hook_server)
dns_config = BeEF::Core::Configuration.instance.get('beef.extension.dns')
servers, interfaces, address, port, protocol, upstream_servers = get_dns_config # get the DNS configuration
# Start the DNS server
dns = BeEF::Extension::Dns::Server.instance
dns.run(upstream: servers, listen: interfaces)
end
def self.print_dns_info
servers, interfaces, address, port, protocol, upstream_servers = get_dns_config # get the DNS configuration
# Print the DNS server information
print_info "DNS Server: #{address}:#{port} (#{protocol})"
print_more upstream_servers unless upstream_servers.empty?
end
def self.get_dns_config
dns_config = BeEF::Core::Configuration.instance.get('beef.extension.dns')
protocol = begin
dns_config['protocol'].to_sym
@@ -52,10 +67,7 @@ module BeEF
end
end
dns.run(upstream: servers, listen: interfaces)
print_info "DNS Server: #{address}:#{port} (#{protocol})"
print_more upstream_servers unless upstream_servers.empty?
return servers, interfaces, address, port, protocol, upstream_servers
end
# Mounts the handler for processing DNS RESTful API requests.

12
extensions/dns/dns.rb
View File

@@ -15,9 +15,11 @@ module BeEF
def initialize
super()
logger.level = Logger::ERROR
@lock = Mutex.new
@database = BeEF::Core::Models::Dns::Rule
@data_chunks = {}
@server_started = false
end
# Adds a new DNS rule. If the rule already exists, its current ID is returned.
@@ -118,6 +120,7 @@ module BeEF
@lock.synchronize do
Thread.new do
EventMachine.next_tick do
next if @server_started # Check if the server was already started
upstream = options[:upstream] || nil
listen = options[:listen] || nil
@@ -132,6 +135,7 @@ module BeEF
begin
# super(:listen => listen)
Thread.new { super() }
@server_started = true # Set the server started flag
rescue RuntimeError => e
if e.message =~ /no datagram socket/ || e.message =~ /no acceptor/ # the port is in use
print_error "[DNS] Another process is already listening on port #{options[:listen]}"
@@ -146,6 +150,14 @@ module BeEF
end
end
def stop
return unless @server_started # Check if the server was started
# Logic to stop the Async::DNS server
puts EventMachine.stop if EventMachine.reactor_running?
@server_started = false # Reset the server started flag
end
# Entry point for processing incoming DNS requests. Attempts to find a matching rule and
# sends back its associated response.
#

1
extensions/proxy/api.rb
View File

@@ -18,7 +18,6 @@ module BeEF
BeEF::Extension::Proxy::Proxy.new
end
end
print_info "HTTP Proxy: http://#{config.get('beef.extension.proxy.address')}:#{config.get('beef.extension.proxy.port')}"
end
def self.mount_handler(beef_server)

6
extensions/qrcode/qrcode.rb
View File

@@ -32,11 +32,7 @@ module BeEF
# Retrieve the list of network interfaces from BeEF::Core::Console::Banners
interfaces = BeEF::Core::Console::Banners.interfaces
# Check if the interfaces variable is nil, indicating that network interfaces are not available
if interfaces.nil?
print_error "[QR] Error: Network interfaces information is unavailable."
print_error "[QR] Error: This will be acceptable during testing."
else
if not interfaces.nil? and not interfaces.empty? # If interfaces are available, iterate over each network interface
# If interfaces are available, iterate over each network interface
interfaces.each do |int|
# Skip the loop iteration if the interface address is '0.0.0.0' (which generally represents all IPv4 addresses on the local machine)

194
spec/beef/api/auth_rate_spec.rb
View File

@@ -1,139 +1,71 @@
# #
# # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# # Browser Exploitation Framework (BeEF) - https://beefproject.com
# # See the file 'doc/COPYING' for copying permission
# #
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# RSpec.describe 'BeEF API Rate Limit' do
RSpec.describe 'BeEF API Rate Limit' do
# before(:all) do
# @config = BeEF::Core::Configuration.instance
# @config.set('beef.credentials.user', "beef")
# @config.set('beef.credentials.passwd', "beef")
# @username = @config.get('beef.credentials.user')
# @password = @config.get('beef.credentials.passwd')
# # Load BeEF extensions and modules
# # Always load Extensions, as previous changes to the config from other tests may affect
# # whether or not this test passes.
# print_info "Loading in BeEF::Extensions"
# BeEF::Extensions.load
# sleep 2
before(:each) do
@pid = start_beef_server_and_wait
@username = @config.get('beef.credentials.user')
@password = @config.get('beef.credentials.passwd')
end
# # Check if modules already loaded. No need to reload.
# if @config.get('beef.module').nil?
# print_info "Loading in BeEF::Modules"
# BeEF::Modules.load
after(:each) do
# Shutting down server
Process.kill("KILL", @pid) unless @pid.nil?
Process.wait(@pid) unless @pid.nil? # Ensure the process has exited and the port is released
@pid = nil
end
# sleep 2
# else
# print_info "Modules already loaded"
# end
it 'confirm correct creds are successful' do
test_api = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', @username, @password)
expect(@config.get('beef.credentials.user')).to eq('beef')
expect(@config.get('beef.credentials.passwd')).to eq('beef')
expect(test_api.auth()[:payload]).not_to eql("401 Unauthorized")
expect(test_api.auth()[:payload]["success"]).to be(true) # valid pass should succeed
end
it 'confirm incorrect creds are unsuccessful' do
sleep 0.5
test_api = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', @username, "wrong_passowrd")
expect(test_api.auth()[:payload]).to eql("401 Unauthorized") # all (unless the valid is first 1 in 10 chance)
end
it 'adheres to 9 bad passwords then 1 correct auth rate limits' do
# create api structures with bad passwords and one good
passwds = (1..9).map { |i| "bad_password"} # incorrect password
passwds.push @password # correct password
apis = passwds.map { |pswd| BeefRestClient.new('http', ATTACK_DOMAIN, '3000', @username, pswd) }
# # Grab DB file and regenerate if requested
# print_info "Loading database"
# db_file = @config.get('beef.database.file')
(0..apis.length-1).each do |i|
test_api = apis[i]
expect(test_api.auth()[:payload]).to eql("401 Unauthorized") # all (unless the valid is first 1 in 10 chance)
end
end
it 'adheres to random bad passords and 1 correct auth rate limits' do
# create api structures with bad passwords and one good
passwds = (1..9).map { |i| "bad_password"} # incorrect password
passwds.push @password # correct password
apis = passwds.map { |pswd| BeefRestClient.new('http', ATTACK_DOMAIN, '3000', @username, pswd) }
# if BeEF::Core::Console::CommandLine.parse[:resetdb]
# print_info 'Resetting the database for BeEF.'
# File.delete(db_file) if File.exist?(db_file)
# end
apis.shuffle! # random order for next iteration
apis = apis.reverse if (apis[0].is_pass?(@password)) # prevent the first from having valid passwd
# # Load up DB and migrate if necessary
# ActiveRecord::Base.logger = nil
# OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
# OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database: db_file)
# # otr-activerecord require you to manually establish the connection with the following line
# #Also a check to confirm that the correct Gem version is installed to require it, likely easier for old systems.
# if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2')
# OTR::ActiveRecord.establish_connection!
# end
# # Migrate (if required)
# ActiveRecord::Migration.verbose = false # silence activerecord migration stdout messages
# context = ActiveRecord::Migration.new.migration_context
# if context.needs_migration?
# ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate
# end
# sleep 2
# BeEF::Core::Migration.instance.update_db!
# # Spawn HTTP Server
# print_info "Starting HTTP Hook Server"
# http_hook_server = BeEF::Core::Server.instance
# http_hook_server.prepare
# # Generate a token for the server to respond with
# BeEF::Core::Crypto::api_token
# # Initiate server start-up
# @pids = fork do
# BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
# end
# @pid = fork do
# http_hook_server.start
# end
# # Give the server time to start-up
# sleep 3
# # Try to connect 3 times
# (0..2).each do |again|
# # Authenticate to REST API & pull the token from the response
# if @response.nil?
# print_info "Try to connect: " + again.to_s
# begin
# creds = { 'username': "#{@username}", 'password': "#{@password}" }.to_json
# @response = RestClient.post "#{RESTAPI_ADMIN}/login", creds, :content_type => :json
# rescue RestClient::ServerBrokeConnection, Errno::ECONNREFUSED # likely to be starting up still
# rescue => error
# print_error error.message
# end
# print_info "Rescue: sleep for 10 and try to connect again"
# sleep 10
# end
# end
# expect(@response) .to be_truthy # confirm the test has connected to the server
# print_info "Connection with server was successful"
# @token = JSON.parse(@response)['token']
# end
# after(:all) do
# print_info "Shutting down server"
# Process.kill("KILL",@pid) unless @pid.nil?
# Process.kill("KILL",@pids) unless @pid.nil?
# end
# xit 'adheres to auth rate limits' do
# passwds = (1..9).map { |i| "broken_pass"}
# passwds.push BEEF_PASSWD
# apis = passwds.map { |pswd| BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, pswd) }
# l = apis.length
# (0..2).each do |again| # multiple sets of auth attempts
# # first pass -- apis in order, valid passwd on 9th attempt
# # subsequent passes apis shuffled
# print_info "Starting authentication attempt sequence #{again + 1}. The valid password is placed randomly among failed attempts."
# (0..50).each do |i|
# test_api = apis[i%l]
# expect(test_api.auth()[:payload]).to eql("401 Unauthorized") # all (unless the valid is first 1 in 10 chance)
# end
# # again with more time between calls -- there should be success (1st iteration)
# print_info "Initiating delayed authentication requests to test successful authentication with correct credentials."
# print_info "Delayed requests are made to simulate more realistic login attempts and verify rate limiting."
# (0..(l*2)).each do |i|
# test_api = apis[i%l]
# if (test_api.is_pass?(BEEF_PASSWD))
# expect(test_api.auth()[:payload]["success"]).to be(true) # valid pass should succeed
# else
# expect(test_api.auth()[:payload]).to eql("401 Unauthorized")
# end
# sleep(0.5)
# end
# apis.shuffle! # new order for next iteration
# apis = apis.reverse if (apis[0].is_pass?(BEEF_PASSWD)) # prevent the first from having valid passwd
# end # multiple sets of auth attempts
# end
(0..apis.length-1).each do |i|
test_api = apis[i]
if (test_api.is_pass?(@password))
sleep 0.5
expect(@config.get('beef.credentials.user')).to eq('beef')
expect(@config.get('beef.credentials.passwd')).to eq('beef')
expect(test_api.auth()[:payload]).not_to eql("401 Unauthorized")
expect(test_api.auth()[:payload]["success"]).to be(true) # valid pass should succeed
else
expect(test_api.auth()[:payload]).to eql("401 Unauthorized")
end
end
end
# end
end

10
spec/beef/core/main/command_spec.rb
View File

@@ -1,12 +1,8 @@
RSpec.describe 'BeEF Command class testing' do
before(:each) do
# Reset or re-initialise the configuration to a default state
config = File.expand_path('../../../support/assets/config_old.yaml', __dir__)
@config_instance = BeEF::Core::Configuration.new(config)
end
it 'should return a beef configuration variable' do
BeEF::Modules.load
expect {
BeEF::Modules.load if BeEF::Core::Configuration.instance.get('beef.module').nil?
}.to_not raise_error
command_mock = BeEF::Core::Command.new('test_get_variable')
expect(command_mock.config.beef_host).to eq('0.0.0.0')

32
spec/beef/core/main/configuration_spec.rb
View File

@@ -2,25 +2,29 @@ RSpec.configure do |config|
end
RSpec.describe 'BeEF Configuration' do
before(:context, :type => :old ) do
config = File.expand_path('../../../support/assets/config_old.yaml', __dir__)
@config_instance = BeEF::Core::Configuration.new(config)
end
before(:context) do
@config_instance = BeEF::Core::Configuration.instance
@original_http_host = @config_instance.get('beef.http.host')
@original_http_port = @config_instance.get('beef.http.port')
@original_http_https = @config_instance.get('beef.http.https.enable')
@original_http_public_host = @config_instance.get('beef.http.public.host')
@original_http_public_port = @config_instance.get('beef.http.public.port')
@original_http_public_https = @config_instance.get('beef.http.public.https')
@original_http_hook_file = @config_instance.get('beef.http.hook_file')
end
context 'configuration validation', :type => :old do
it 'should error when using hold public config' do
@config_instance.set('beef.http.public', 'example.com')
expect(@config_instance.validate).to eq(nil)
end
it 'should error when using old public_port config' do
@config_instance.set('beef.http.public_port', 443)
expect(@config_instance.validate).to eq(nil)
end
after(:context) do
# Reset the configuration values
# This is important as the tests may change the configuration values
@config_instance.set('beef.http.host', @original_http_host)
@config_instance.set('beef.http.port', @original_http_port)
@config_instance.set('beef.http.https.enable', @original_http_https)
@config_instance.set('beef.http.public.host', @original_http_public_host)
@config_instance.set('beef.http.public.port', @original_http_public_port)
@config_instance.set('beef.http.public.https', @original_http_public_https)
@config_instance.set('beef.http.hook_file', @original_http_hook_file)
end
context 'http local host configuration values' do

2
spec/beef/core/modules_spec.rb
View File

@@ -2,7 +2,7 @@ RSpec.describe 'BeEF Modules' do
it 'loaded successfully' do
expect {
BeEF::Modules.load
BeEF::Modules.load if BeEF::Core::Configuration.instance.get('beef.module').nil?
}.to_not raise_error
modules = BeEF::Core::Configuration.instance.get('beef.module').select do |k,v|

9
spec/beef/extensions/adminui_spec.rb
View File

@@ -1,7 +1,8 @@
#
# Tests for handling access to the Admin UI
#
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'extensions/admin_ui/classes/httpcontroller'
require 'extensions/admin_ui/classes/session'
require 'extensions/admin_ui/controllers/authentication/authentication'

10
spec/beef/extensions/dns_spec.rb
View File

@@ -1,3 +1,8 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'resolv'
require 'extensions/dns/extension.rb'
@@ -11,6 +16,11 @@ RSpec.describe 'BeEF Extension DNS' do
@dns = BeEF::Extension::Dns::Server.instance
end
after(:all) do
# Stop the DNS server after each test case
BeEF::Extension::Dns::Server.instance.stop # this might not be needed?
end
it 'loaded configuration' do
config = @config.get('beef.extension.dns')
expect(config).to have_key('protocol')

5
spec/beef/extensions/network_spec.rb
View File

@@ -1,3 +1,8 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'extensions/network/models/network_service'
require 'extensions/network/models/network_host'

5
spec/beef/extensions/proxy_spec.rb
View File

@@ -1,3 +1,8 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'extensions/proxy/extension'
RSpec.describe 'BeEF Extension Proxy' do

5
spec/beef/extensions/qrcode_spec.rb
View File

@@ -1,3 +1,8 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'extensions/qrcode/extension'
RSpec.describe 'BeEF Extension QRCode' do

5
spec/beef/extensions/requester_spec.rb
View File

@@ -1,5 +1,10 @@
require 'extensions/requester/extension'
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
RSpec.describe 'BeEF Extension Requester' do
before(:all) do
@config = BeEF::Core::Configuration.instance

5
spec/beef/extensions/social_engineering_spec.rb
View File

@@ -1,3 +1,8 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'extensions/social_engineering/models/web_cloner'
require 'extensions/social_engineering/web_cloner/web_cloner'
require 'extensions/social_engineering/web_cloner/interceptor'

5
spec/beef/extensions/webrtc_spec.rb
View File

@@ -1,5 +1,10 @@
require 'rest-client'
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
RSpec.describe 'BeEF Extension WebRTC' do
before(:all) do
@config = BeEF::Core::Configuration.instance

1
spec/beef/extensions/websocket_hooked_browser_spec.rb
View File

@@ -3,7 +3,6 @@
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'rest-client'
require 'json'
require_relative '../../spec_helper'

5
spec/beef/extensions/websocket_spec.rb
View File

@@ -1,3 +1,8 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'rest-client'
require 'core/main/network_stack/websocket/websocket'
require 'websocket-client-simple'

6
spec/beef/extensions/xssrays_spec.rb
View File

@@ -1,3 +1,9 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'extensions/xssrays/extension'
RSpec.describe 'BeEF Extension XSSRays' do

114
spec/requests/beef_test_spec.rb Normal file
View File

@@ -0,0 +1,114 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'spec_helper'
require 'capybara/rspec'
require_relative '../support/beef_test'
RSpec.describe BeefTest do
before(:each) do
@pid = start_beef_server_and_wait
end
after(:each) do
# Shutting down server
Process.kill("KILL", @pid) unless @pid.nil?
Process.wait(@pid) unless @pid.nil? # Ensure the process has exited and the port is released
@pid = nil
end
describe '.login' do
it 'logs in successfully' do
expect(port_available?) # Check if the tcp port is open
session = BeefTest.login()
expect(session).not_to be_nil
expect(session.has_content?('Hooked Browsers', wait: 10))
end
end
describe '.logout' do
before(:each) do
expect(port_available?) # # Check if the tcp port is open
@session = BeefTest.login() # Ensure login before each '.logout' test
expect(@session.has_content?('Hooked Browsers', wait: 10))
end
it 'logs out successfully' do
expect(port_available?) # # Check if the tcp port is open
expect(@session.has_content?('Hooked Browsers', wait: 10))
# Log out of the session
@sessoin = BeefTest.logout(@session)
expect(@session.has_no_content?('Hooked Browsers', wait: 10))
expect(@session.has_content?('Authentication', wait: 10))
@session.reset_session!
end
end
describe '.save_screenshot' do
it 'saves a screenshot' do
session = Capybara::Session.new(:selenium_headless) if session.nil?
# Ensure the new directory does not exist
outputDir = '/tmp'
directory = "#{outputDir}/#{SecureRandom.hex}/"
expect(File.directory?(directory)).to be false
# Save the screenshot
BeefTest.save_screenshot(session, directory)
# Ensure the screenshot was saved
expect(File.directory?(directory)).to be true
screenshot_files = Dir.glob("#{directory}/*.png")
expect(screenshot_files.empty?).to be false
# Ensure the screenshot file is not empty and clean up
screenshot_files.each do |file|
expect(File.size(file)).to be > 0
File.delete(file)
end
expect(Dir.glob("#{directory}/*.png").empty?).to be true
# Remove the directory
Dir.delete(directory)
expect(File.directory?(directory)).to be false
end
end
let(:session) { Capybara::Session.new(:selenium_headless) }
let(:victim) { Capybara::Session.new(:selenium_headless) }
describe '.new_attacker' do
it 'creates a new attacker session' do
# # Test setup
expect(session).not_to be_nil
result = BeefTest.new_attacker(session)
# Test assertions
expect(result).to eq(session)
expect(session.has_no_content?('Authentication', wait: 10))
expect(session.has_content?('Hooked Browsers', wait: 10))
session.reset_session!
end
end
describe '.new_victim' do
it 'creates a new victim session' do
# Test setup
allow(victim).to receive(:visit)
expect(victim).not_to be_nil
# Test execution
result = BeefTest.new_victim(victim)
# Test assertions
expect(victim).to have_received(:visit).with(VICTIM_URL)
expect(result).to eq(victim)
victim.reset_session!
end
end
end

78
spec/requests/login_spec.rb Normal file
View File

@@ -0,0 +1,78 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'rspec'
require 'spec/support/constants.rb'
# require '../common/beef_test'
RSpec.describe 'Beef Login' do
# let(:session) { Capybara::Session.new(:selenium_headless) }
# before(:each) do
# session.visit(ATTACK_URL)
# sleep 2.0
# end
# after(:each) do
# BeefTest.save_screenshot(session)
# session.driver.browser.close
# end
# it 'logs in successfully' do
# session.fill_in 'user', with: BEEF_USER
# session.fill_in 'pass', with: BEEF_PASSWD
# session.click_button('Login')
# sleep 10.0
# expect(session).to have_content('Logout')
# end
# it 'logs out successfully' do
# session.fill_in 'user', with: BEEF_USER
# session.fill_in 'pass', with: BEEF_PASSWD
# session.click_button('Login')
# sleep 2.0
# session.click_link('Logout')
# sleep 2.0
# expect(session).to have_title('BeEF Authentication')
# end
# it 'displays logs tab' do
# session.fill_in 'user', with: BEEF_USER
# session.fill_in 'pass', with: BEEF_PASSWD
# session.click_button('Login')
# sleep 2.0
# session.click_on('Logs')
# expect(session).to have_content('Logout')
# expect(session).to have_content('Hooked Browsers')
# expect(session).to have_content('Type')
# expect(session).to have_content('Event')
# expect(session).to have_content('Date')
# expect(session).to have_content('Page')
# expect(session).to have_content('User with ip 127.0.0.1 has successfully authenticated in the application')
# end
# it 'hooks a browser successfully' do
# attacker = BeefTest.new_attacker
# victim = BeefTest.new_victim
# sleep 5.0
# expect(attacker).to have_content(VICTIM_DOMAIN)
# expect(attacker).to have_content('127.0.0.1')
# attacker.click_on("127.0.0.1", match: :first)
# sleep 1.0
# expect(attacker).to have_content('Details')
# expect(attacker).to have_content('Commands')
# BeefTest.save_screenshot(attacker)
# BeefTest.save_screenshot(victim)
# BeefTest.logout(attacker)
# attacker.driver.browser.close
# victim.driver.browser.close
# end
end

124
spec/spec_helper.rb
View File

@@ -1,3 +1,8 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'core/loader.rb'
# @note We need to load variables that 'beef' usually does for us
@@ -21,7 +26,7 @@ Dir['spec/support/*.rb'].each do |f|
require f
end
ENV['RACK_ENV'] ||= 'test'
ENV['RACK_ENV'] ||= 'test' # Set the environment to test
ARGV.clear
## BrowserStack config
@@ -34,7 +39,6 @@ class Capybara::Selenium::Driver < Capybara::Driver::Base
end
TASK_ID = (ENV['TASK_ID'] || 0).to_i
print_info ENV['CONFIG_FILE']
CONFIG_FILE = ENV['CONFIG_FILE'] || 'windows/win10/win10_chrome_81.config.yml'
CONFIG = YAML.safe_load(File.read("./spec/support/browserstack/#{CONFIG_FILE}"))
CONFIG['user'] = ENV['BROWSERSTACK_USERNAME'] || ''
@@ -89,4 +93,120 @@ RSpec.configure do |config|
Process.kill('KILL', server_pid)
Process.kill('KILL', server_pids)
end
########################################
require 'socket'
def port_available?
socket = TCPSocket.new(@host, @port)
socket.close
false # If a connection is made, the port is in use, so it's not available.
rescue Errno::ECONNREFUSED
true # If the connection is refused, the port is not in use, so it's available.
rescue Errno::EADDRNOTAVAIL
true # If the connection is refused, the port is not in use, so it's available.
end
def configure_beef
# Reset or re-initialise the configuration to a default state
@config = BeEF::Core::Configuration.instance
@config.set('beef.credentials.user', "beef")
@config.set('beef.credentials.passwd', "beef")
@config.set('beef.http.https.enable', false)
end
# Load the server
def load_beef_extensions_and_modules
# Load BeEF extensions
BeEF::Extensions.load
# Load BeEF modules only if they are not already loaded
BeEF::Modules.load if @config.get('beef.module').nil?
end
def start_beef_server
configure_beef
@port = @config.get('beef.http.port')
@host = @config.get('beef.http.host')
@host = '127.0.0.1'
exit unless port_available?
load_beef_extensions_and_modules
# Grab DB file and regenerate if requested
db_file = @config.get('beef.database.file')
if BeEF::Core::Console::CommandLine.parse[:resetdb]
File.delete(db_file) if File.exist?(db_file)
end
# Load up DB and migrate if necessary
ActiveRecord::Base.logger = nil
OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database: db_file)
# otr-activerecord require you to manually establish the connection with the following line
#Also a check to confirm that the correct Gem version is installed to require it, likely easier for old systems.
if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2')
OTR::ActiveRecord.establish_connection!
end
# Migrate (if required)
ActiveRecord::Migration.verbose = false # silence activerecord migration stdout messages
context = ActiveRecord::Migration.new.migration_context
if context.needs_migration?
ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate
end
BeEF::Core::Migration.instance.update_db!
# Spawn HTTP Server
# print_info "Starting HTTP Hook Server"
http_hook_server = BeEF::Core::Server.instance
http_hook_server.prepare
# Generate a token for the server to respond with
BeEF::Core::Crypto::api_token
# Initiate server start-up
BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
pid = fork do
http_hook_server.start
end
return pid
end
def beef_server_running?(uri_str)
begin
uri = URI.parse(uri_str)
response = Net::HTTP.get_response(uri)
response.is_a?(Net::HTTPSuccess)
rescue Errno::ECONNREFUSED
return false # Connection refused means the server is not running
rescue StandardError => e
return false # Any other error means the server is not running
end
end
def wait_for_beef_server_to_start(uri_str, timeout: 5)
start_time = Time.now # Record the time we started
until beef_server_running?(uri_str) || (Time.now - start_time) > timeout do
sleep 0.1 # Wait a bit before checking again
end
beef_server_running?(uri_str) # Return the result of the check
end
def start_beef_server_and_wait
pid = start_beef_server
if wait_for_beef_server_to_start('http://localhost:3000', timeout: 3)
# print_info "Server started successfully."
else
print_error "Server failed to start within timeout."
end
pid
end
end

58
spec/support/beef_test.rb
View File

@@ -3,45 +3,67 @@
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
require 'selenium-webdriver'
require 'spec_helper'
require 'capybara'
require 'capybara/rspec'
Capybara.run_server = false # we need to run our own BeEF server
require 'selenium-webdriver'
class BeefTest
def self.save_screenshot(session)
Dir.mkdir(BEEF_TEST_DIR) unless File.directory?(BEEF_TEST_DIR)
session.driver.browser.save_screenshot(BEEF_TEST_DIR + Time.now.strftime('%Y-%m-%d--%H-%M-%S-%N') + '.png')
def self.save_screenshot(session, dir = nil)
outputDir = dir || BEEF_TEST_DIR
Dir.mkdir(outputDir) unless File.directory?(outputDir)
filename = outputDir + Time.now.strftime('%Y-%m-%d--%H-%M-%S-%N') + '.png'
session.driver.browser.save_screenshot(filename)
end
def self.login(session = nil)
session = Capybara::Session.new(:selenium_headless) if session.nil?
session.visit(ATTACK_URL)
sleep 2.0
session.has_content?('BeEF Authentication')
session.fill_in 'user', with: BEEF_USER
session.fill_in 'pass', with: BEEF_PASSWD
session.click_button('Login')
sleep 10.0
session.has_content?('Authentication', wait: 10)
# enter the credentials
session.execute_script("document.getElementById('pass').value = '#{CGI.escapeHTML(BEEF_PASSWD)}'\;")
session.execute_script("document.getElementById('user').value = '#{CGI.escapeHTML(BEEF_USER)}'\;")
# due to using JS there seems to be a race condition - this is a workaround
session.has_content?('beef', wait: 10)
# click the login button
login_script = <<-JAVASCRIPT
var loginButton;
var buttons = document.getElementsByTagName('button');
for (var i = 0; i < buttons.length; i++) {
if (buttons[i].textContent === 'Login') {
loginButton = buttons[i];
break;
}
}
if (loginButton) {
loginButton.click();
}
JAVASCRIPT
session.execute_script(login_script)
session.has_content?('Hooked Browsers', wait: 10)
session
end
def self.logout(session)
session.click_link('Logout')
session.click_on('Logout')
session.has_content?('Authentication', wait: 10)
session
end
def self.new_attacker
self.login
def self.new_attacker(session = nil)
self.login(session)
end
def self.new_victim
victim = Capybara::Session.new(:selenium_headless)
def self.new_victim(victim = nil)
victim = Capybara::Session.new(:selenium_headless) if victim.nil?
victim.visit(VICTIM_URL)
victim
end

1
spec/support/simple_rest_client.rb
View File

@@ -28,6 +28,7 @@ class BeefRestClient
rescue StandardError => e
{ success: false, payload: e.message }
end
def version
return { success: false, payload: 'no token' } if @token.nil?

15
test/integration/check_environment.rb
View File

@@ -1,15 +0,0 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_CheckEnvironment < Test::Unit::TestCase
def test_check_env
# Add environment checks here
end
end

15
test/thirdparty/msf/unit/check_environment.rb vendored
View File

@@ -1,15 +0,0 @@
#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
require 'test/unit'
class TC_CheckEnvironment < Test::Unit::TestCase
def test_check_env
# Add environment checks here
end
end