Allow DNS lookups on zombie IP addresses

config.yaml

@@ -119,6 +119,9 @@ beef:
         # set this to TRUE if you want to allow auto-run execution for modules with target->user_notify
         allow_user_notify: true
 
+    # Enables DNS lookups on zombie IP addresses
+    dns_hostname_lookup: false
+
     # IP Geolocation
     # NOTE: requires MaxMind database:
     #   curl -O http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz

core/main/handlers/browserdetails.rb

@@ -86,6 +86,21 @@ module BeEF
             self.err_msg "Invalid browser name returned from the hook browser's initial connection."
           end
 
+          # lookup zombie host name
+          ip_str = zombie.ip
+          if config.get('beef.dns_hostname_lookup')
+            begin
+              require 'resolv'
+              host_name = Resolv.getname(zombie.ip).to_s
+              if BeEF::Filters.is_valid_hostname?(host_name)
+                ip_str += " [#{host_name}]"
+              end
+            rescue
+              print_debug "[INIT] Reverse lookup failed - No results for IP address '#{zombie.ip}'"
+            end
+          end
+          BD.set(session_id, 'IP', ip_str)
+
           # geolocation
           if config.get('beef.geoip.enable')
             require 'geoip'

extensions/admin_ui/controllers/modules/modules.rb

@@ -117,6 +117,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
         ['Hooked Page', 'Cookies',       'Cookies'],
 
         # Host
+        ['Host', 'Host Name/IP',     'IP'],
         ['Host', 'Date',             'DateStamp'],
         ['Host', 'Operating System', 'OsName'],
         ['Host', 'Hardware',         'Hardware'],