Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Additional fix related to #1210 (removing leading/trailing doubel quotes from the command results if channel is WebSocket)

Browse Source
This commit is contained in:
antisnatchor
2016-03-31 08:03:06 +02:00
parent 39a010fa63
commit 9905756c0a
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
core/main/network_stack/websocket/websocket.rb
View File

@@ -51,7 +51,7 @@ module BeEF
secure ? print_debug("New WebSocketSecure channel open.") : print_debug("New WebSocket channel open.") secure ? print_debug("New WebSocketSecure channel open.") : print_debug("New WebSocket channel open.")
ws.onmessage { |msg| ws.onmessage { |msg|
begin begin
msg_hash = JSON.parse("#{msg}") msg_hash = JSON.parse(msg)
if (msg_hash["cookie"]!= nil) if (msg_hash["cookie"]!= nil)
print_debug("WebSocket - Browser says helo! WebSocket is running") print_debug("WebSocket - Browser says helo! WebSocket is running")
@@ -143,7 +143,11 @@ module BeEF
#@param [Hash] data contains the answer of a command #@param [Hash] data contains the answer of a command
def execute (data) def execute (data)
command_results=Hash.new command_results=Hash.new
command_results["data"] = unescape_stringify Base64.decode64(data['result'])
print_debug Base64.decode64(data['result'])
# the last gsub is to remove leading/trailing double quotes from the result value.
command_results["data"] = unescape_stringify(Base64.decode64(data['result'])).gsub!(/\A"|"\Z/, '')
command_results["data"].force_encoding('UTF-8') command_results["data"].force_encoding('UTF-8')
hooked_browser = data["bh"] hooked_browser = data["bh"]
(print_error "BeEFhook is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(hooked_browser) (print_error "BeEFhook is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(hooked_browser)