From 4f5e7ddfb6cea071fb53a64c8de4944155992a9c Mon Sep 17 00:00:00 2001 From: antisnatchor Date: Sat, 2 Apr 2016 12:27:13 +0200 Subject: [PATCH 1/2] Renamed ARE rule. --- ...ff_tux_webrtc-internalip.json => c_osx_webrtc-internalip.json} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename arerules/{ff_tux_webrtc-internalip.json => c_osx_webrtc-internalip.json} (100%) diff --git a/arerules/ff_tux_webrtc-internalip.json b/arerules/c_osx_webrtc-internalip.json similarity index 100% rename from arerules/ff_tux_webrtc-internalip.json rename to arerules/c_osx_webrtc-internalip.json From edb44644fc7610a0a700f9f550d6467b7e1be68f Mon Sep 17 00:00:00 2001 From: antisnatchor Date: Sat, 2 Apr 2016 13:05:58 +0200 Subject: [PATCH 2/2] Now ARE rules are triggered also when using the WebSocket channel. --- core/main/handlers/hookedbrowsers.rb | 2 +- core/main/network_stack/websocket/websocket.rb | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/core/main/handlers/hookedbrowsers.rb b/core/main/handlers/hookedbrowsers.rb index 569179115..ab57ea68f 100644 --- a/core/main/handlers/hookedbrowsers.rb +++ b/core/main/handlers/hookedbrowsers.rb @@ -79,7 +79,7 @@ module Handlers zombie_commands = BeEF::Core::Models::Command.all(:hooked_browser_id => hooked_browser.id, :instructions_sent => false) zombie_commands.each{|command| add_command_instructions(command, hooked_browser)} - # TODO this is not considering WebSocket channel, as data is sent from core/main/handlers/modules/command.rb if WS is enabled + # @note Check if there are any ARE rules to be triggered. If is_sent=false rules are triggered are_executions = BeEF::Core::AutorunEngine::Models::Execution.all(:is_sent => false, :session => hook_session_id) are_executions.each do |are_exec| @body += are_exec.mod_body diff --git a/core/main/network_stack/websocket/websocket.rb b/core/main/network_stack/websocket/websocket.rb index ae6261fa6..a4b4fabcb 100644 --- a/core/main/network_stack/websocket/websocket.rb +++ b/core/main/network_stack/websocket/websocket.rb @@ -69,6 +69,15 @@ module BeEF zombie_commands = BeEF::Core::Models::Command.all(:hooked_browser_id => hooked_browser.id, :instructions_sent => false) zombie_commands.each { |command| add_command_instructions(command, hooked_browser) } + # Check if there are any ARE rules to be triggered. If is_sent=false rules are triggered + are_body = '' + are_executions = BeEF::Core::AutorunEngine::Models::Execution.all(:is_sent => false, :session => hooked_browser.session) + are_executions.each do |are_exec| + are_body += are_exec.mod_body + are_exec.update(:is_sent => true, :exec_time => Time.new.to_i) + end + @@activeSocket[hooked_browser.session].send(are_body) unless are_body.empty? + #@todo antisnatchor: #@todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions #Check if new forged requests need to be sent (Requester/TunnelingProxy)