Add 'verify_ssl' option to social engineering config

2015-06-28 08:53:23 +00:00
parent 694ec61a02
commit 916828e131
4 changed files with 15 additions and 5 deletions
--- a/extensions/social_engineering/config.yaml
+++ b/extensions/social_engineering/config.yaml
@@ -13,6 +13,7 @@ beef:
                # NOTE: you must have 'wget' in your PATH
                add_beef_hook: true
                user_agent: "Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2"
+                verify_ssl: true
            mass_mailer:
                # NOTE: you must have 'file' in your PATH
                user_agent: "Microsoft-MacOutlook/12.12.0.111556"
@@ -20,6 +21,7 @@ beef:
                port: 587
                use_auth: true
                use_tls: true
+                verify_ssl: true
                helo: "gmail.com" # this is usually the domain name
                auth: "youruser@gmail.com"
                password: "yourpass"
--- a/extensions/social_engineering/mass_mailer/mass_mailer.rb
+++ b/extensions/social_engineering/mass_mailer/mass_mailer.rb
@@ -31,7 +31,9 @@ module BeEF
          # create new SSL context and disable CA chain validation
          if @config.get("#{@config_prefix}.use_tls")
            @ctx = OpenSSL::SSL::SSLContext.new
+            if not @config.get("#{@config_prefix}.verify_ssl")
              @ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE # In case the SMTP server uses a self-signed cert, we proceed anyway
+            end
            @ctx.ssl_version = "TLSv1"
          end

--- a/extensions/social_engineering/web_cloner/web_cloner.rb
+++ b/extensions/social_engineering/web_cloner/web_cloner.rb
@@ -39,7 +39,11 @@ module BeEF
          #
          if use_existing.nil? || use_existing == false
            begin #,"--background"
-              IO.popen(["wget", "#{url}", "-c", "-k", "-O", "#{@cloned_pages_dir + output}", "-U", "#{user_agent}", "--no-check-certificate"], 'r+') do |wget_io|
+              verify_ssl_arg = nil
+              if not @config.get('beef.extension.social_engineering.web_cloner.verify_ssl')
+                verify_ssl_arg = "--no-check-certificate"
+              end
+              IO.popen(["wget", "#{url}", "-c", "-k", "-O", "#{@cloned_pages_dir + output}", "-U", "#{user_agent}", verify_ssl_arg], 'r+') do |wget_io|
              end
              success = true
            rescue Errno::ENOENT => e
@@ -170,8 +174,10 @@ module BeEF
            http = Net::HTTP.new(uri.host, uri.port)
            if uri.scheme == "https"
              http.use_ssl = true
+              if not @config.get('beef.extension.social_engineering.web_cloner.verify_ssl')
                http.verify_mode = OpenSSL::SSL::VERIFY_NONE
              end
+            end
            request = Net::HTTP::Get.new(uri.request_uri)
            response = http.request(request)
            frame_opt = response["X-Frame-Options"]
--- a/test/integration/tc_social_engineering_rest.rb
+++ b/test/integration/tc_social_engineering_rest.rb
@@ -50,7 +50,7 @@ class TC_SocialEngineeringRest < Test::Unit::TestCase

    json = {:url => url, :mount => mount, :dns_spoof => dns_spoof}.to_json

-    domain = url.gsub(%r{^http://}, '')
+    domain = url.gsub(%r{^https?://}, '')

    response = RestClient.post("#{RESTAPI_SENG}/clone_page?token=#{@@token}",
                               json,