From 6ade1469bbb84f03d79bfc4d89c55317fbfd99b2 Mon Sep 17 00:00:00 2001 From: Marc Wickenden Date: Thu, 19 Jul 2012 22:51:39 +0100 Subject: [PATCH] initial commit of notifications extension --- Gemfile | 3 + Gemfile.lock | 76 +++++++++++++++++++ config.yaml | 2 +- core/main/logger.rb | 9 ++- core/main/notifications.rb | 55 ++++++++++++++ extensions/metasploit/.rpcclient.rb.swp | Bin 0 -> 16384 bytes extensions/notifications/config.yaml | 28 +++++++ extensions/notifications/extension.rb | 30 ++++++++ extensions/notifications/handler.rb | 43 +++++++++++ extensions/notifications/handlers/twitter.rb | 43 +++++++++++ 10 files changed, 287 insertions(+), 2 deletions(-) create mode 100644 Gemfile.lock create mode 100644 core/main/notifications.rb create mode 100644 extensions/metasploit/.rpcclient.rb.swp create mode 100644 extensions/notifications/config.yaml create mode 100644 extensions/notifications/extension.rb create mode 100644 extensions/notifications/handler.rb create mode 100644 extensions/notifications/handlers/twitter.rb diff --git a/Gemfile b/Gemfile index cd4bb331e..155418d9b 100644 --- a/Gemfile +++ b/Gemfile @@ -39,6 +39,9 @@ gem "erubis" gem "dm-migrations" gem "msfrpc-client" +# notifications +gem "twitter" + if ENV['BEEF_TEST'] # for running unit tests gem "test-unit" diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 000000000..cddca4f41 --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,76 @@ +GEM + remote: http://rubygems.org/ + specs: + addressable (2.2.8) + ansi (1.4.2) + daemons (1.1.8) + data_objects (0.10.8) + addressable (~> 2.1) + dm-core (1.2.0) + addressable (~> 2.2.6) + dm-do-adapter (1.2.0) + data_objects (~> 0.10.6) + dm-core (~> 1.2.0) + dm-migrations (1.2.0) + dm-core (~> 1.2.0) + dm-sqlite-adapter (1.2.0) + dm-do-adapter (~> 1.2.0) + do_sqlite3 (~> 0.10.6) + do_sqlite3 (0.10.8) + data_objects (= 0.10.8) + em-websocket (0.3.6) + addressable (>= 2.1.1) + eventmachine (>= 0.12.9) + erubis (2.7.0) + eventmachine (0.12.10) + faraday (0.8.1) + multipart-post (~> 1.1) + jsmin (1.0.1) + json (1.7.3) + librex (0.0.65) + msfrpc-client (1.0.1) + librex (>= 0.0.32) + msgpack (>= 0.4.5) + msgpack (0.4.7) + multi_json (1.3.6) + multipart-post (1.1.5) + parseconfig (1.0.2) + rack (1.4.1) + rack-protection (1.2.0) + rack + simple_oauth (0.1.8) + sinatra (1.3.2) + rack (~> 1.3, >= 1.3.6) + rack-protection (~> 1.2) + tilt (~> 1.3, >= 1.3.3) + term-ansicolor (1.0.7) + thin (1.3.1) + daemons (>= 1.0.9) + eventmachine (>= 0.12.6) + rack (>= 1.0.0) + tilt (1.3.3) + twitter (3.3.1) + faraday (~> 0.8) + multi_json (~> 1.3) + simple_oauth (~> 0.1.6) + +PLATFORMS + ruby + +DEPENDENCIES + ansi + data_objects + dm-core + dm-migrations + dm-sqlite-adapter + em-websocket (~> 0.3.6) + erubis + eventmachine (= 0.12.10) + jsmin (~> 1.0.1) + json + msfrpc-client + parseconfig + sinatra (= 1.3.2) + term-ansicolor + thin + twitter diff --git a/config.yaml b/config.yaml index b9d4f8f08..d1c2f12ae 100644 --- a/config.yaml +++ b/config.yaml @@ -17,7 +17,7 @@ beef: version: '0.4.3.6-alpha' - debug: false + debug: true restrictions: # subnet of browser ip addresses that can hook to the framework diff --git a/core/main/logger.rb b/core/main/logger.rb index f9e128d77..558ec5600 100644 --- a/core/main/logger.rb +++ b/core/main/logger.rb @@ -24,6 +24,7 @@ module Core # Constructor def initialize @logs = BeEF::Core::Models::Log + @notifications = BeEF::Extensions::Notifications end # Registers a new event in the logs @@ -34,6 +35,9 @@ module Core def register(from, event, hb = 0) # type conversion to enforce standards hb = hb.to_i + + # get time now + time_now = Time.now # arguments type checking raise Exception::TypeError, '"from" needs to be a string' if not from.string? @@ -41,7 +45,10 @@ module Core raise Exception::TypeError, '"Hooked Browser ID" needs to be an integer' if not hb.integer? # logging the new event into the database - @logs.new(:type => "#{from}", :event => "#{event}", :date => Time.now, :hooked_browser_id => hb).save + @logs.new(:type => "#{from}", :event => "#{event}", :date => time_now, :hooked_browser_id => hb).save + + # if notifications are enabled send the info there too + @notifications.new(from, event, time_now, hb) # return true diff --git a/core/main/notifications.rb b/core/main/notifications.rb new file mode 100644 index 000000000..6a99c2d19 --- /dev/null +++ b/core/main/notifications.rb @@ -0,0 +1,55 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +module BeEF +module Core + + class Notifications + + include Singleton + + # Constructor + def initialize + @notifications = BeEF::Core::Models::Notifications + end + + # Registers a new event in the logs + # @param [String] from The origin of the event (i.e. Authentication, Hooked Browser) + # @param [String] event The event description + # @param [Integer] hb The id of the hooked browser affected (default = 0 if no HB) + # @return [Boolean] True if the register was successful + def register(from, event, hb = 0) + # type conversion to enforce standards + hb = hb.to_i + + # arguments type checking + raise Exception::TypeError, '"from" needs to be a string' if not from.string? + raise Exception::TypeError, '"event" needs to be a string' if not event.string? + raise Exception::TypeError, '"Hooked Browser ID" needs to be an integer' if not hb.integer? + + # logging the new event into the database + @logs.new(:type => "#{from}", :event => "#{event}", :date => Time.now, :hooked_browser_id => hb).save + + # return + true + end + + private + @logs + + end +end +end diff --git a/extensions/metasploit/.rpcclient.rb.swp b/extensions/metasploit/.rpcclient.rb.swp new file mode 100644 index 0000000000000000000000000000000000000000..9449db26428d79cdb0291e65f50f3058ef0c022c GIT binary patch literal 16384 zcmeI2ON<;x8OI9;hzBrnFmFrnc{X;>#^av#hQzS;+Fq~M@e+I2+8KLsHmg-nPt8o@ zp6;d}9xt}V;{Y+XkRVcmIB*ItZ^Z!{dL#ZT^~C)dzucI;{w}uA@*&3WB%sOd&S9;5TWnKTztFj zz|6kWR%qX@ny4I?7p3b59qGjtzuA;t zVB4;PW6ZFA+dlFNxdOQYn<=nOJTSh0Y^1o0cD(QGW|i{tT!CDHT!CDHT!CDHT!CDH zT!CDH|5F9xV2k({#FgOSdum{`&e(@e5ehxkXUU|0=7r<8Vy>|(59b5(%!K2_|upjIO ze=7*_8}NN_4J?6&!4wz=qu@TU4ZOZph~I)2!1Lg{;5zsMXoJT<4SWjh0z1Gqa5vZj z{&BYue*v$7SHO?J)8INd56*%UU^n>PJB4@=JP&>bnxGCo4W_{!@GxDRXxufrE!1y6%-f*ar(=m7SU&w$%*q_#q#(30_r>)RJf zqoPn~$R-8Ws_R>g6+ejiRgaQqbtLb@f9W;ww-Cx`$>{iv#Fde;oR-8%=+Wh?u96}_W3Gdoh_7_ybFT!Cf% zL+`v}ErC%sz2yBb!%+D6IiiRcjZb?kvp;{tG)45zIB5fuj#*8 zZM2Xpe5|%d6o`7B6`PSC#2L1N64tuL%$p0y(PE| zs>4?!Q(AVL8a`d=T;Vc?51*tZ<-%MCKi2rRuEoy1w0wK#R&8$V#CqVHIdSSy{lDm# zPewhCmF#GEH`l>lEkPV6QWbGAZ#=4@6Duv|fgE+MD7KQgjd9kTjx;^L%jHZEI$o@1 zg^X%q+cJupiA%QcdD7-UKwSq1p69m%N1YTn-Q<-`tffXUjWuYhSWrMKk`Yp%nnKDA^H$haN`Y+1~ ztwvuaOof_4HQPP$FcD6A5@bifRbhAkG+`+{$3+>2VJDJiF4_^tf%wk`aSZ82k#xw2!Wb+;h^wqdfhI7=G2UThfp9%Y%c96# zxhO+^tC7olvp!JH?$EEjw${MjBy@)M;y3o<>SI)_z^NEnD*+eJXp-fWwvw3xzZWp(t(qoXPouQHr_ipp%9Biwv#{C&K#G) zy)q}{pM%>mIdfuSV%iTS|K$@a3327}J%ngPAkUU&B;%67ZZI0|q2wxj*CahZX|;zAM%x?L9uer4a!xl+@M@V z%+XPyoG}#&zIg{zhLidhPSLylBjO0avN%c??nqzzsp@zwSH?bvH&L+R^bsut_OyCK znGVs!#ObIxF|lxF8m_4d1$;fdnH|tKE1Ah&dCm%W6k6ByRC247@DpiS#R=<$o6zX>rNZV;THo2D9O01TomJb*5U_9Y+)Nvy9nl)L7yWG{{ zZ0+Ry*%~cQEi6pU)n;d^G`~R8^K-{%YqRrn_;rG&=FZb2vvbGGBypvNHMnPh+o}6- zrxReTjnt@y6UCuZPh#0vZ#TQ*U-kTySCz))FTCp3xfv|~1h1|*D~z(Cv@lB2 z!+N!clX)8+F_a)Fp0KcnQmZ@HN<3uOk*xKDuJ@Q%OpVwiF$q&P%aKbP%Thd3u#!s- zmSf>6z9S=xwQ-ixU(uZyc3m$|1Uqq=bJ%=|*lSiV{*(q2wIp)ec7vT81yKizCmFQS$BlC$hQ zz`>mnme^`9(n7kI>M0}?xgyt_q+(Hso{(!iCN1Z>S;yMV-n8S)q)*e3+*1z3S&@;; z`Vq%f`Y*VTZp$d^FL&lE1M{knE3G{qqhCAE>z{mXtRM@wnd4(J_*pBQT|cYK9yI