diff --git a/core/main/handlers/modules/beefjs.rb b/core/main/handlers/modules/beefjs.rb index f291471c5..7ee67a271 100644 --- a/core/main/handlers/modules/beefjs.rb +++ b/core/main/handlers/modules/beefjs.rb @@ -11,123 +11,16 @@ module BeEF # @note Purpose: avoid rewriting several times the same code. module BeEFJS + include BeEF::Core::Handlers::Modules::legacyBeEFJS + # Builds the default beefjs library (all default components of the library). # @param [Object] req_host The request object def build_beefjs!(req_host) - config = BeEF::Core::Configuration.instance - # @note set up values required to construct beefjs - beef_js = '' - # @note location of sub files - beef_js_path = "#{$root_dir}/core/main/client/" + if config.get("beef.testif.enable") - # @note External libraries (like jQuery) that are not evaluated with Eruby and possibly not obfuscated - ext_js_sub_files = %w(lib/jquery-1.12.4.min.js lib/jquery-migrate-1.4.1.js lib/evercookie.js lib/json2.js lib/mdetect.js lib/platform.js lib/jquery.blockUI.js) - - # @note BeEF libraries: need Eruby evaluation and obfuscation - beef_js_sub_files = %w(beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js geolocation.js net/dns.js net/connection.js net/cors.js net/requester.js net/xssrays.js net/portscanner.js are.js) - # @note Load websocket library only if WS server is enabled in config.yaml - if config.get("beef.http.websocket.enable") == true - beef_js_sub_files << "websocket.js" - end - # @note Load webrtc library only if WebRTC extension is enabled - if config.get("beef.extension.webrtc.enable") == true - beef_js_sub_files << "lib/webrtcadapter.js" - beef_js_sub_files << "webrtc.js" - end - - # @note antisnatchor: leave timeout.js as the last one! - beef_js_sub_files << "timeout.js" - - ext_js_to_obfuscate = '' - ext_js_to_not_obfuscate = '' - - # @note If Evasion is enabled, the final ext_js string will be ext_js_to_obfuscate + ext_js_to_not_obfuscate - # @note If Evasion is disabled, the final ext_js will be just ext_js_to_not_obfuscate - ext_js_sub_files.each { |ext_js_sub_file| - if config.get("beef.extension.evasion.enable") - if config.get("beef.extension.evasion.exclude_core_js").include?(ext_js_sub_file) - print_debug "Excluding #{ext_js_sub_file} from core files obfuscation list" - # do not obfuscate the file - ext_js_sub_file_path = beef_js_path + ext_js_sub_file - ext_js_to_not_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n") - else - ext_js_sub_file_path = beef_js_path + ext_js_sub_file - ext_js_to_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n") - end - else - # Evasion is not enabled, do not obfuscate anything - ext_js_sub_file_path = beef_js_path + ext_js_sub_file - ext_js_to_not_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n") - end - } - - # @note construct the beef_js string from file(s) - beef_js_sub_files.each { |beef_js_sub_file| - beef_js_sub_file_path = beef_js_path + beef_js_sub_file - beef_js << (File.read(beef_js_sub_file_path) + "\n\n") - } - - # @note create the config for the hooked browser session - hook_session_config = BeEF::Core::Server.instance.to_h - - # @note if http_host="0.0.0.0" in config ini, use the host requested by client - unless hook_session_config['beef_public'].nil? - if hook_session_config['beef_host'] != hook_session_config['beef_public'] - hook_session_config['beef_host'] = hook_session_config['beef_public'] - hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_host']}/, hook_session_config['beef_public']) - end - end - if hook_session_config['beef_host'].eql? "0.0.0.0" - hook_session_config['beef_host'] = req_host - hook_session_config['beef_url'].sub!(/0\.0\.0\.0/, req_host) - end - - # @note set the XHR-polling timeout - hook_session_config['xhr_poll_timeout'] = config.get("beef.http.xhr_poll_timeout") - - # @note set the hook file path and BeEF's cookie name - hook_session_config['hook_file'] = config.get("beef.http.hook_file") - hook_session_config['hook_session_name'] = config.get("beef.http.hook_session_name") - - # @note if http_port <> public_port in config ini, use the public_port - unless hook_session_config['beef_public_port'].nil? - if hook_session_config['beef_port'] != hook_session_config['beef_public_port'] - hook_session_config['beef_port'] = hook_session_config['beef_public_port'] - hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_port']}/, hook_session_config['beef_public_port']) - if hook_session_config['beef_public_port'] == '443' - hook_session_config['beef_url'].sub!(/http:/, 'https:') - end - end - end - - # @note Set some WebSocket properties - if config.get("beef.http.websocket.enable") - hook_session_config['websocket_secure'] = config.get("beef.http.websocket.secure") - hook_session_config['websocket_port'] = config.get("beef.http.websocket.port") - hook_session_config['ws_poll_timeout'] = config.get("beef.http.websocket.ws_poll_timeout") - hook_session_config['ws_connect_timeout'] = config.get("beef.http.websocket.ws_connect_timeout") - hook_session_config['websocket_sec_port']= config.get("beef.http.websocket.secure_port") - end - - # @note Set if PhishingFrenzy integration is enabled - if config.get("beef.integration.phishing_frenzy.enable") - hook_session_config['phishing_frenzy_enable'] = config.get("beef.integration.phishing_frenzy.enable") - end - - # @note populate place holders in the beef_js string and set the response body - eruby = Erubis::FastEruby.new(beef_js) - @hook = eruby.evaluate(hook_session_config) - - if config.get("beef.extension.evasion.enable") - evasion = BeEF::Extension::Evasion::Evasion.instance - @final_hook = ext_js_to_not_obfuscate + evasion.add_bootstrapper + evasion.obfuscate(ext_js_to_obfuscate + @hook) else - @final_hook = ext_js_to_not_obfuscate + @hook + legacy_build_beefjs!(req_host) end - - # @note Return the final hook to be sent to the browser - @body << @final_hook - end # Finds the path to js components diff --git a/modules/network/sw_port_scanner/command.js b/modules/network/sw_port_scanner/command.js index 368f2c773..ded9f7043 100644 --- a/modules/network/sw_port_scanner/command.js +++ b/modules/network/sw_port_scanner/command.js @@ -112,27 +112,13 @@ fetch('http://' + ipaddress+":"+port, {mode: 'no-cors'}) .then(function(res){ // If there is a status returned then Mozilla Firefox 68.5.0esr made a successful connection // This includes where it is not http and open -console.log(Number.isInteger(res.status)) + console.log(Number.isInteger(res.status)) } ).catch(function(ex){ // If we caught an error this could be one of two things. It's closed (because there was no service), it's open (because the system does not // respond with http). Therefore we can split on 500 ms response time on a websocket (>500 ms close, <500ms open but not http) -check_socket(ipaddress, port) + start=Date.now();let socket = new WebSocket("ws://192.168.74.155:9999"); socket.onerror = function(error) { end=Date.now(); console.log(end-start);}; }) - -// If we get to this stage -Function check_socket(ipaddress,port){ -let socket = new WebSocket("ws://"); - - -socket.onopen = function(e) { alert("[open] Connection established"); alert("Sending to server"); socket.send("My name is John");}; -socket.onmessage = function(event) { alert(`[message] Data received from server: ${event.data}`);}; -socket.onclose = function(event) { if (event.wasClean) { alert(`[close] Connection closed cleanly, code=${event.code} reason=${event.reason}`); } else { // e.g. server process killed or network down // event.code is usually 1006 in this case alert('[close] Connection died'); }}; -socket.onerror = function(error) { alert(`[error] ${error.message}`);}; -} - - - });