Added new RESTful API method to bind a local file to a url. Also added "dropper" directory into Social Engineering extension.

2013-10-08 14:08:52 +01:00
parent 638e037e56
commit 71a67defd4
4 changed files with 58 additions and 0 deletions
--- a/core/bootstrap.rb
+++ b/core/bootstrap.rb
@@ -45,6 +45,7 @@ require 'core/main/rest/handlers/modules'
 require 'core/main/rest/handlers/categories'
 require 'core/main/rest/handlers/logs'
 require 'core/main/rest/handlers/admin'
+require 'core/main/rest/handlers/server'
 require 'core/main/rest/api'

 ## @note Include Websocket
--- a/core/main/rest/api.rb
+++ b/core/main/rest/api.rb
@@ -37,12 +37,19 @@ module BeEF
        end
      end

+      module RegisterServerHandler
+        def self.mount_handler(server)
+          server.mount('/api/server', BeEF::Core::Rest::Server.new)
+        end
+      end
+
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterHooksHandler, BeEF::API::Server, 'mount_handler')
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterModulesHandler, BeEF::API::Server, 'mount_handler')
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterCategoriesHandler, BeEF::API::Server, 'mount_handler')

      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterLogsHandler, BeEF::API::Server, 'mount_handler')
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterAdminHandler, BeEF::API::Server, 'mount_handler')
+      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterServerHandler, BeEF::API::Server, 'mount_handler')

      #
      # Check the source IP is within the permitted subnet
--- a/core/main/rest/handlers/server.rb
+++ b/core/main/rest/handlers/server.rb
@@ -0,0 +1,41 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+
+module BeEF
+  module Core
+    module Rest
+      class Server < BeEF::Core::Router::Router
+
+        config = BeEF::Core::Configuration.instance
+        http_server = BeEF::Core::Server.instance
+
+        before do
+          error 401 unless params[:token] == config.get('beef.api_token')
+          halt 401 if not BeEF::Core::Rest.permitted_source?(request.ip)
+          headers 'Content-Type' => 'application/json; charset=UTF-8',
+                  'Pragma' => 'no-cache',
+                  'Cache-Control' => 'no-cache',
+                  'Expires' => '0'
+        end
+
+
+        # @note Binds a local file to a specified path in BeEF's web server
+        post '/bind' do
+          request.body.rewind
+          begin
+            data = JSON.parse request.body.read
+            mount = data['mount']
+            local_file = data['local_file']
+            BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind(local_file, mount)
+            status 200
+          rescue Exception => e
+            error 400
+          end
+        end
+      end
+    end
+  end
+end
--- a/extensions/social_engineering/droppers/readme.txt
+++ b/extensions/social_engineering/droppers/readme.txt
@@ -0,0 +1,9 @@
+This directory will contain the droppers (executables, JARs, browser extensions, etc..)
+that you want to have available on the BeEF server.
+
+For example, if you want to have bin.exe available at http://beefserver/bin.exe,
+use the following RESTful API call:
+
+curl -H "Content-Type: application/json; charset=UTF-8" -d
+'{"mount":"/bin.exe", "local_file":"/extensions/social_engineering/droppers/bin.exe"}'
+ -X POST http://beefserver/api/server/bind?token=<token>