Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into measure-test-coverage

Browse Source
This commit is contained in:
zinduolis
2026-01-29 19:55:59 +10:00
committed by GitHub
parent 2056e83050 2eab4e51bd
commit 60b30fe849
6 changed files with 62 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Dockerfile
View File

@@ -78,9 +78,20 @@ RUN adduser --home /beef --gecos beef --disabled-password beef \
zlib1g \ zlib1g \
bison \ bison \
nodejs \ nodejs \
firefox-esr \
&& apt-get -y clean \ && apt-get -y clean \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Install geckodriver for Selenium tests
# Pin version and verify checksum to mitigate supply chain attacks
ENV GECKODRIVER_VERSION=v0.36.0
ENV GECKODRIVER_SHA256=0bde38707eb0a686a20c6bd50f4adcc7d60d4f73c60eb83ee9e0db8f65823e04
RUN wget -q "https://github.com/mozilla/geckodriver/releases/download/${GECKODRIVER_VERSION}/geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" \
&& echo "${GECKODRIVER_SHA256} geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" | sha256sum -c - \
&& tar -xzf "geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz" -C /usr/local/bin \
&& chmod +x /usr/local/bin/geckodriver \
&& rm "geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz"
# Use gemset created by the builder above # Use gemset created by the builder above
COPY --chown=beef:beef . /beef COPY --chown=beef:beef . /beef
COPY --from=builder /usr/local/bundle /usr/local/bundle COPY --from=builder /usr/local/bundle /usr/local/bundle

8
Gemfile
View File

@@ -24,7 +24,7 @@ gem 'rake', '~> 13.3'
gem 'activerecord', '~> 8.1' gem 'activerecord', '~> 8.1'
gem 'otr-activerecord', '~> 2.6.0' gem 'otr-activerecord', '~> 2.6.0'
gem 'sqlite3', '~> 2.9' gem 'sqlite3', '~> 2.9'
gem 'rubocop', '~> 1.82.1', require: false gem 'rubocop', '~> 1.84.0', require: false
# Geolocation support # Geolocation support
group :geoip do group :geoip do
@@ -64,11 +64,11 @@ group :test do
gem 'simplecov', '~> 0.22' gem 'simplecov', '~> 0.22'
gem 'test-unit-full', '~> 0.0.5' gem 'test-unit-full', '~> 0.0.5'
gem 'rspec', '~> 3.13' gem 'rspec', '~> 3.13'
gem 'rdoc', '~> 7.0' gem 'rdoc', '~> 7.1'
gem 'browserstack-local', '~> 1.4' gem 'browserstack-local', '~> 1.4'
gem 'irb', '~> 1.16' gem 'irb', '~> 1.16'
gem 'pry-byebug', '~> 3.11' gem 'pry-byebug', '~> 3.12'
gem 'rest-client', '~> 2.1.0' gem 'rest-client', '~> 2.1.0'
gem 'websocket-client-simple', '~> 0.6.1' gem 'websocket-client-simple', '~> 0.6.1'
@@ -80,7 +80,7 @@ group :test do
# Note: selenium-webdriver 3.x is incompatible with Firefox version 48 and prior # Note: selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
# gem 'selenium' # Requires old version of selenium which is no longer available # gem 'selenium' # Requires old version of selenium which is no longer available
gem 'geckodriver-helper', '~> 0.24.0' gem 'geckodriver-helper', '~> 0.24.0'
gem 'selenium-webdriver', '~> 4.39' gem 'selenium-webdriver', '~> 4.40'
# Note: nokogiri is needed by capybara which may require one of the below commands # Note: nokogiri is needed by capybara which may require one of the below commands
# sudo apt-get install libxslt-dev libxml2-dev # sudo apt-get install libxslt-dev libxml2-dev

36
Gemfile.lock
View File

@@ -36,7 +36,8 @@ GEM
base64 (0.3.0) base64 (0.3.0)
bigdecimal (4.0.1) bigdecimal (4.0.1)
browserstack-local (1.4.3) browserstack-local (1.4.3)
byebug (12.0.0) byebug (13.0.0)
reline (>= 0.6.0)
capybara (3.40.0) capybara (3.40.0)
addressable addressable
matrix matrix
@@ -133,20 +134,21 @@ GEM
activerecord (>= 6.0, < 9.0) activerecord (>= 6.0, < 9.0)
parallel (1.27.0) parallel (1.27.0)
parseconfig (1.1.2) parseconfig (1.1.2)
parser (3.3.10.0) parser (3.3.10.1)
ast (~> 2.4.1) ast (~> 2.4.1)
racc racc
power_assert (2.0.5) power_assert (2.0.5)
pp (0.6.3) pp (0.6.3)
prettyprint prettyprint
prettyprint (0.2.0) prettyprint (0.2.0)
prism (1.7.0) prism (1.8.0)
pry (0.15.2) pry (0.16.0)
coderay (~> 1.1) coderay (~> 1.1)
method_source (~> 1.0) method_source (~> 1.0)
pry-byebug (3.11.0) reline (>= 0.6.0)
byebug (~> 12.0) pry-byebug (3.12.0)
pry (>= 0.13, < 0.16) byebug (~> 13.0)
pry (>= 0.13, < 0.17)
psych (5.3.1) psych (5.3.1)
date date
stringio stringio
@@ -167,7 +169,7 @@ GEM
rack (>= 1.3) rack (>= 1.3)
rainbow (3.1.1) rainbow (3.1.1)
rake (13.3.1) rake (13.3.1)
rdoc (7.0.3) rdoc (7.1.0)
erb erb
psych (>= 4.0.0) psych (>= 4.0.0)
tsort tsort
@@ -195,7 +197,7 @@ GEM
diff-lcs (>= 1.2.0, < 2.0) diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0) rspec-support (~> 3.13.0)
rspec-support (3.13.6) rspec-support (3.13.6)
rubocop (1.82.1) rubocop (1.84.0)
json (~> 2.3) json (~> 2.3)
language_server-protocol (~> 3.17.0.2) language_server-protocol (~> 3.17.0.2)
lint_roller (~> 1.1.0) lint_roller (~> 1.1.0)
@@ -203,12 +205,12 @@ GEM
parser (>= 3.3.0.2) parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0) rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 2.9.3, < 3.0) regexp_parser (>= 2.9.3, < 3.0)
rubocop-ast (>= 1.48.0, < 2.0) rubocop-ast (>= 1.49.0, < 2.0)
ruby-progressbar (~> 1.7) ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 4.0) unicode-display_width (>= 2.4.0, < 4.0)
rubocop-ast (1.48.0) rubocop-ast (1.49.0)
parser (>= 3.3.7.2) parser (>= 3.3.7.2)
prism (~> 1.4) prism (~> 1.7)
ruby-progressbar (1.13.0) ruby-progressbar (1.13.0)
ruby2_keywords (0.0.5) ruby2_keywords (0.0.5)
rubyzip (3.2.2) rubyzip (3.2.2)
@@ -216,7 +218,7 @@ GEM
json json
rest-client rest-client
securerandom (0.4.1) securerandom (0.4.1)
selenium-webdriver (4.39.0) selenium-webdriver (4.40.0)
base64 (~> 0.2) base64 (~> 0.2)
logger (~> 1.4) logger (~> 1.4)
rexml (~> 3.2, >= 3.2.5) rexml (~> 3.2, >= 3.2.5)
@@ -321,18 +323,18 @@ DEPENDENCIES
net-smtp net-smtp
otr-activerecord (~> 2.6.0) otr-activerecord (~> 2.6.0)
parseconfig (~> 1.1, >= 1.1.2) parseconfig (~> 1.1, >= 1.1.2)
pry-byebug (~> 3.11) pry-byebug (~> 3.12)
qr4r (~> 0.6.1) qr4r (~> 0.6.1)
rack (~> 3.2) rack (~> 3.2)
rack-protection (~> 4.2.1) rack-protection (~> 4.2.1)
rake (~> 13.3) rake (~> 13.3)
rdoc (~> 7.0) rdoc (~> 7.1)
rest-client (~> 2.1.0) rest-client (~> 2.1.0)
rspec (~> 3.13) rspec (~> 3.13)
rubocop (~> 1.82.1) rubocop (~> 1.84.0)
rubyzip (~> 3.2) rubyzip (~> 3.2)
rushover (~> 0.3.0) rushover (~> 0.3.0)
selenium-webdriver (~> 4.39) selenium-webdriver (~> 4.40)
sinatra (~> 4.1) sinatra (~> 4.1)
slack-notifier (~> 2.4) slack-notifier (~> 2.4)
sqlite3 (~> 2.9) sqlite3 (~> 2.9)

9
package-lock.json generated
View File

@@ -666,10 +666,11 @@
} }
}, },
"node_modules/lodash": { "node_modules/lodash": {
"version": "4.17.21", "version": "4.17.23",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
"dev": true "dev": true,
"license": "MIT"
}, },
"node_modules/lodash.camelcase": { "node_modules/lodash.camelcase": {
"version": "4.3.0", "version": "4.3.0",

7
spec/spec_helper.rb
View File

@@ -239,8 +239,7 @@ require 'socket'
@host = '127.0.0.1' @host = '127.0.0.1'
unless port_available? unless port_available?
print_error "Port #{@port} is already in use. Exiting." raise "Port #{@port} is already in use. Cannot start BeEF server."
exit
end end
load_beef_extensions_and_modules load_beef_extensions_and_modules
@@ -327,11 +326,9 @@ require 'socket'
end end
def stop_beef_server(pid) def stop_beef_server(pid)
exit if pid.nil? return if pid.nil?
# Shutting down server
Process.kill("KILL", pid) unless pid.nil? Process.kill("KILL", pid) unless pid.nil?
Process.wait(pid) unless pid.nil? # Ensure the process has exited and the port is released Process.wait(pid) unless pid.nil? # Ensure the process has exited and the port is released
pid = nil
end end
end end

11
spec/support/ui_support.rb
View File

@@ -10,6 +10,8 @@ require 'spec/support/constants.rb'
def start_beef_and_hook_browser() def start_beef_and_hook_browser()
reset_beef_db reset_beef_db
pid = start_beef_server_and_wait pid = start_beef_server_and_wait
begin
beef_session = BeefTest.login beef_session = BeefTest.login
hooked_browser = BeefTest.new_victim hooked_browser = BeefTest.new_victim
@@ -27,12 +29,17 @@ def start_beef_and_hook_browser()
beef_session.click_on('Commands') beef_session.click_on('Commands')
return pid, beef_session, hooked_browser return pid, beef_session, hooked_browser
rescue => e
# If setup fails, cleanup the server before re-raising
stop_beef_server(pid)
raise e
end
end end
def stop_beef_and_unhook_browser(pid, beef_session, hooked_browser) def stop_beef_and_unhook_browser(pid, beef_session, hooked_browser)
stop_beef_server(pid) stop_beef_server(pid)
beef_session.driver.browser.close beef_session.driver.browser.close if beef_session
hooked_browser.driver.browser.close hooked_browser.driver.browser.close if hooked_browser
end end
def navigate_to_hooked_browser(session, hooked_browser_text = nil) def navigate_to_hooked_browser(session, hooked_browser_text = nil)