Evasion: added support to scramble cookies as well.

2012-05-25 12:02:28 +01:00
parent 0d2598e0b8
commit b3f8504a2e
2 changed files with 17 additions and 0 deletions
--- a/extensions/evasion/config.yaml
+++ b/extensions/evasion/config.yaml
@@ -20,7 +20,9 @@ beef:
            name: 'Evasion'
            authors: ["antisnatchor"]
            scramble_variables: true
+            scramble_cookies: true
            scramble:
              beef: "beef"
              Beef: "Beef"
+              evercookie: "evercookie"
            chain: ["scramble","minify","base_64"]
--- a/extensions/evasion/obfuscation/scramble.rb
+++ b/extensions/evasion/obfuscation/scramble.rb
@@ -25,6 +25,7 @@ module BeEF

        def execute(input, config)
          @output = input
+
          to_scramble = config.get('beef.extension.evasion.scramble')
          to_scramble.each do |var, value|
             if var == value
@@ -40,6 +41,20 @@ module BeEF
             end
             @output
          end
+
+          if config.get('beef.extension.evasion.scramble_cookies')
+            # ideally this should not be static, but it's static in JS code, so fine for nowend
+            mod_cookie = BeEF::Extension::Evasion::Helper::random_string(5)
+            if config.get('beef.http.hook_session_name') == "BEEFHOOK"
+              @output.gsub!("BEEFHOOK",mod_cookie)
+              config.set('beef.http.hook_session_name',mod_cookie)
+              print_debug "[OBFUSCATION - SCRAMBLER] cookie [BEEFHOOK] scrambled -> [#{mod_cookie}]"
+            else
+              @output.gsub!("BEEFHOOK",config.get('beef.http.hook_session_name'))
+              print_debug "[OBFUSCATION - SCRAMBLER] cookie [BEEFHOOK] scrambled -> [#{config.get('beef.http.hook_session_name')}]"
+            end
+          end
+
          @output
        end
      end