From 56d6b54d0872f7a0650e08908d6bd80e747bfc6b Mon Sep 17 00:00:00 2001 From: ben-waugh Date: Tue, 22 Jan 2013 09:53:51 +1000 Subject: [PATCH] BeEFLive - New Menu replaces the old tree/Q&A style for a menu presenting all options --- liveCD/BeEFLive.sh | 251 +++++++++++++++++++++++++++++---------------- 1 file changed, 161 insertions(+), 90 deletions(-) diff --git a/liveCD/BeEFLive.sh b/liveCD/BeEFLive.sh index be85fec51..7180fc74c 100644 --- a/liveCD/BeEFLive.sh +++ b/liveCD/BeEFLive.sh @@ -17,70 +17,7 @@ # to enable SSH etc. The script also make it easy for the user to update/start # the BeEF server # -clear -echo "======================================" -echo " BeEF Live CD " -echo "======================================" -echo "" -echo "Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net" -echo "Browser Exploitation Framework (BeEF) - http://beefproject.com" -echo "See the file 'home/beef/doc/COPYING' for copying permission" -echo "" -echo "Welcome to the BeEF Live CD" -echo "" -echo "" - -# -# Check for SSH Host Keys - if they do not exist ask user if they should be -# created (remastersys has a habit of deleting them during Live CD Creation) -# -f1="/etc/ssh/ssh_host_rsa_key" -if [ -f $f1 ] -then - echo "" -else - echo -n "Would you like to enable ssh (y/N)? " - read var - - if [ $var = "y" ] ; then - sudo ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' - sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' - echo "" - echo "Please provide a password for ssh user: beef" - sudo passwd beef - echo "ssh enabled" - fi -fi -echo "" - -# -# Prompt the user if they would like to update BeEF and -# other components installed (such as sqlmap and msf) -# -echo -n "Check and install updates for BeEF (y/N)? " -read var - -if [ $var = "y" ] ; then - cd /opt/beef - git stash - git pull -fi -echo "" - -echo -n "Check and install updates for msf and sqlmap (y/N)? " -read var - -if [ $var = "y" ] ; then - cd /opt/sqlmap - git stash - git pull - cd /opt/metasploit-framework - git stash - git pull -fi - - # # Create a shortcut in the user's home folder to BeEF, msf and sqlmap # (if they do not yet exist) @@ -95,42 +32,176 @@ else fi # -# Prompt the user if they would like start BeEF +# function to allow BeEF to run in the background # -echo -n "Start BeEF (y/N)? " -read var - -# -# function to allow beef to run in the background -# -run_beef() { - echo "" - echo "Starting BeEF.."; - +run_beef() { cd /opt/beef/ ruby beef -x } -if [ $var = "y" ] ; then - run_beef & - sleep 5 -fi +# set default values +bac="0" # -# Prompt the user if they would like start sqlmap using beef as proxy +# User Menu Loop # - -echo "" -echo -n "Start sqlMAP with BeEF Proxy? (y/N)? " -read var - -if [ $var = "y" ] ; then +while true; do + clear + echo "======================================" + echo " BeEF Live CD " + echo "======================================" echo "" - echo "sqlMAP can now be run using the --proxy command set to the BeEF Proxy: http://127.0.0.1:6789 starting the wizard to demo with:" - echo "python /opt/sqlmap/sqlmap.py --proxy http://127.0.0.1:6789 --wizard" - sleep 5 - python /opt/sqlmap/sqlmap.py --proxy http://127.0.0.1:6789 --wizard -fi + echo "Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net" + echo "Browser Exploitation Framework (BeEF) - http://beefproject.com" + echo "See the file 'home/beef/doc/COPYING' for copying permission" + echo "" + + echo "Welcome to the BeEF Live CD" + echo "" + + + # + # Check for SSH Host Keys - if they do not exist SSH will be displayed as disabled + # (remastersys has a habit of deleting them during Live CD Creation) + # + f1="/etc/ssh/ssh_host_rsa_key" + if [ -f $f1 ] ; then + echo "[1] Disable SSH [Currently Enabled]" + else + echo "[1] Enable SSH [Currently Disabled]" + fi + + echo "[2] Update BeEF" + echo "[3] Update sqlMap (Bundled with LiveCD)" + echo "[4] Update metasploit-framework (Bundled with LiveCD)" + echo "" + if [ "$bac" = "1" ] ; then + echo "[5] Disable BeEF in background mode [Currently Enabled]" + else + echo "[5] Enable BeEF in background mode [Currently Disabled]" + fi + + if [ "$bac" = "1" ] ; then + echo "[6] Disable sqlMap demo [Currently Enabled]" + else + echo "[6] Enable sqlMap demo [Currently Disabled]" + fi + + #echo "[7] Enable metasploit-framework integration [Currently Disabled]" + echo "" + echo "[q] Quit to terminal" + echo "" + echo "[b] Run BeEF" + echo "" + echo -n "BeEF Live ~# " + read var + + # + # Quit liveCD loop + # + if [ $var = "q" ] ; then + exit + fi + + # + # Create SSH Keys to enable SSH or Delete the Keys to disable + # + if [ $var = "1" ] ; then + if [ -f $f1 ] + then + sudo rm /etc/ssh/ssh_host_rsa_key + sudo rm /etc/ssh/ssh_host_dsa_key + else + sudo ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' + sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' + echo "" + echo "Please provide a password for ssh user: beef" + sudo passwd beef + echo "ssh enabled" + fi + fi + + # + # Update BeEF from github repository + # + if [ $var = "2" ] ; then + cd /opt/beef + git stash + git pull + fi + + # + # Update sqlmap from github repository + # + if [ $var = "3" ] ; then + cd /opt/sqlmap + git stash + git pull + fi + + # + # Update msf from github repository + # + if [ $var = "4" ] ; then + cd /opt/metasploit-framework + git stash + git pull + fi + + # + # set BeEF to run in the background + # + if [ $var = "5" ] ; then + if [ "$bac" = "1" ] ; then + bac="0" + # check and disable sqlmap (requires beef run in the background) + sqlm="0" + else + bac="1" + fi + fi + + # + # enable the sqlmap demo + # + if [ $var = "6" ] ; then + if [ "$sqlm" = "1" ] ; then + sqlm="0" + else + sqlm="1" + # requires BeEF be run in the background + bac="1" + fi + fi + + # + # Run BeEF + # + if [ $var = "b" ] ; then + if [ "$bac" = "1" ] ; then + run_beef & + sleep 5 + echo "" + echo "BeEF is running in the background, returning to the menu or running something else now..." + sleep 5 + + # + # If the user has enabled it start sqlmap using beef as proxy + # + if [ $sqlm = "1" ] ; then + echo "" + echo "sqlMAP can now be run using the --proxy command set to the BeEF Proxy: http://127.0.0.1:6789 starting the wizard to demo with:" + echo "python /opt/sqlmap/sqlmap.py --proxy http://127.0.0.1:6789 --wizard" + sleep 5 + python /opt/sqlmap/sqlmap.py --proxy http://127.0.0.1:6789 --wizard + fi + else + cd /opt/beef/ + ruby beef -x + fi + fi + +done