diff --git a/Gemfile b/Gemfile index cd4bb331e..155418d9b 100644 --- a/Gemfile +++ b/Gemfile @@ -39,6 +39,9 @@ gem "erubis" gem "dm-migrations" gem "msfrpc-client" +# notifications +gem "twitter" + if ENV['BEEF_TEST'] # for running unit tests gem "test-unit" diff --git a/config.yaml b/config.yaml index 80a9bb0d1..7b05f0f76 100644 --- a/config.yaml +++ b/config.yaml @@ -17,7 +17,7 @@ beef: version: '0.4.3.6-alpha' - debug: true + debug: false restrictions: # subnet of browser ip addresses that can hook to the framework @@ -85,6 +85,6 @@ beef: enable: false console: shell: - enable: true + enable: false evasion: enable: false diff --git a/core/main/logger.rb b/core/main/logger.rb index f9e128d77..623b17ba1 100644 --- a/core/main/logger.rb +++ b/core/main/logger.rb @@ -24,6 +24,10 @@ module Core # Constructor def initialize @logs = BeEF::Core::Models::Log + @config = BeEF::Core::Configuration.instance + + # if notifications are enabled create a new instance + @notifications = BeEF::Extension::Notifications::Notifications unless @config.get('beef.extension.notifications.enable') == false end # Registers a new event in the logs @@ -34,6 +38,9 @@ module Core def register(from, event, hb = 0) # type conversion to enforce standards hb = hb.to_i + + # get time now + time_now = Time.now # arguments type checking raise Exception::TypeError, '"from" needs to be a string' if not from.string? @@ -41,7 +48,12 @@ module Core raise Exception::TypeError, '"Hooked Browser ID" needs to be an integer' if not hb.integer? # logging the new event into the database - @logs.new(:type => "#{from}", :event => "#{event}", :date => Time.now, :hooked_browser_id => hb).save + @logs.new(:type => "#{from}", :event => "#{event}", :date => time_now, :hooked_browser_id => hb).save + + # if notifications are enabled send the info there too + if @notifications + @notifications.new(from, event, time_now, hb) + end # return true diff --git a/extensions/notifications/channels/email.rb b/extensions/notifications/channels/email.rb new file mode 100644 index 000000000..fa49f024f --- /dev/null +++ b/extensions/notifications/channels/email.rb @@ -0,0 +1,60 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# +require 'net/smtp' + +module BeEF +module Extension +module Notifications +module Channels + + class Email + + # + # Constructor + # + def initialize(to_address, message) + @config = BeEF::Core::Configuration.instance + @from_address = @config.get('beef.extension.notifications.email.from_address') + @smtp_host = @config.get('beef.extension.notifications.email.smtp_host') + @smtp_port = @config.get('beef.extension.notifications.email.smtp_port') + @smtp_tls_enable = @config.get('beef.extension.notifications.email.smtp_tls_enable') + @password = @config.get('beef.extension.notifications.email.smtp_tls_password') + + # configure the email client + msg = "Subject: BeEF Notification\n\n" + message + smtp = Net::SMTP.new @smtp_host, @smtp_port + #if @smtp_tls_enable? + # smtp.enable_starttls + # smtp.start('beefproject.com', @from_address, @password, :login) do + # smtp.send_message(msg, @from_address, @to_address) + # end + #else + smtp.start do + smtp.send_message(msg, @from_address, to_address) + end + #end + + end + + end + +end +end +end +end + diff --git a/extensions/notifications/channels/tweet.rb b/extensions/notifications/channels/tweet.rb new file mode 100644 index 000000000..37ae928d6 --- /dev/null +++ b/extensions/notifications/channels/tweet.rb @@ -0,0 +1,49 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +# +require 'twitter' + +module BeEF +module Extension +module Notifications +module Channels + + class Tweet + + # + # Constructor + # + def initialize(username, message) + @config = BeEF::Core::Configuration.instance + + # configure the Twitter client + Twitter.configure do |config| + config.consumer_key = @config.get('beef.extension.notifications.twitter.consumer_key') + config.consumer_secret = @config.get('beef.extension.notifications.twitter.consumer_secret') + config.oauth_token = @config.get('beef.extension.notifications.twitter.oauth_token') + config.oauth_token_secret = @config.get('beef.extension.notifications.twitter.oauth_token_secret') + end + + Twitter.direct_message_create(username, message) + end + end + +end +end +end +end + diff --git a/extensions/notifications/config.yaml b/extensions/notifications/config.yaml new file mode 100644 index 000000000..925921522 --- /dev/null +++ b/extensions/notifications/config.yaml @@ -0,0 +1,33 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +beef: + extension: + notifications: + enable: false + name: Notifications + twitter: + enable: false + consumer_key: app_consumer_key + consumer_secret: app_consumer_secret + oauth_token: your_oauth_token_for_this_app + oauth_token_secret: your_oauth_token_secret_for_this_app + target_username: + email: + enable: false + from_address: sender_email_address + to_address: receipient_email_address + smtp_host: 127.0.0.1 + smtp_port: 25 diff --git a/extensions/notifications/extension.rb b/extensions/notifications/extension.rb new file mode 100644 index 000000000..d5c5c04c8 --- /dev/null +++ b/extensions/notifications/extension.rb @@ -0,0 +1,30 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +module BeEF +module Extension +module Notifications + + extend BeEF::API::Extension + + @short_name = 'notifications' + @full_name = 'Notifications' + @description = 'Generates external notifications for events in BeEF' + +end +end +end + +require 'extensions/notifications/notifications' diff --git a/extensions/notifications/notifications.rb b/extensions/notifications/notifications.rb new file mode 100644 index 000000000..b9e5cbb94 --- /dev/null +++ b/extensions/notifications/notifications.rb @@ -0,0 +1,57 @@ +# +# Copyright 2012 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +require 'extensions/notifications/channels/tweet' +require 'extensions/notifications/channels/email' + +module BeEF +module Extension +module Notifications + + # + # Notifications class + # + class Notifications + + def initialize(from, event, time_now, hb) + @config = BeEF::Core::Configuration.instance + if @config.get('beef.extension.notifications.enable') == false + # notifications are not enabled + return nil + else + @from = from + @event = event + @time_now = time_now + @hb = hb + end + + message = "#{from} #{event} #{time_now} #{hb}" + + if @config.get('beef.extension.notifications.twitter.enable') == true + username = @config.get('beef.extension.notifications.twitter.target_username') + BeEF::Extension::Notifications::Channels::Tweet.new(username,message) + end + + if @config.get('beef.extension.notifications.email.enable') == true + to_address = @config.get('beef.extension.notifications.email.to_address') + BeEF::Extension::Notifications::Channels::Email.new(to_address,message) + end + end + + end + +end +end +end