Release 0.5.2.0 (#2166)

* fixed offline zombie not deleting * Bump jsdoc-to-markdown from 6.0.1 to 7.0.1 (#2161) Bumps [jsdoc-to-markdown](https://github.com/jsdoc2md/jsdoc-to-markdown) from 6.0.1 to 7.0.1. - [Release notes](https://github.com/jsdoc2md/jsdoc-to-markdown/releases) - [Commits](https://github.com/jsdoc2md/jsdoc-to-markdown/compare/v6.0.1...v7.0.1) --- updated-dependencies: - dependency-name: jsdoc-to-markdown dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bug: Core - 1785 Fixed public hook url configuration settings (#2163) * added spec file for testing changes * added local host getter to configuration class * added default value 0.0.0.0 for local host if it's not set * added port config getter with default * added port config getter with default * fixed spelling errors for port * added public configuration values and validation * removed logic from public port as it was not required * added beef host to configuration class * added beef port to configuration class and removed default http.port logic from public_port * fixed rubocop errors and refactored spec tests * added beef host configuration values used for external resources * added beef url to configuration * added spec file for testing changes * added local host getter to configuration class * added default value 0.0.0.0 for local host if it's not set * added port config getter with default * added port config getter with default * fixed spelling errors for port * added public configuration values and validation * removed logic from public port as it was not required * added beef host to configuration class * added beef port to configuration class and removed default http.port logic from public_port * fixed rubocop errors and refactored spec tests * added beef host configuration values used for external resources * added beef url to configuration * created command spec file * add before statement to load all enabled modules to test command class * add spec to check if configuration instance exists by setting and accessing a config variable * updated http proto for beef host * reverting changes on this file, dev values set * removed some unessessary checks * fixed grammar test now we're only testing one configuration attribute * added hook url for contextual usage * refactoring admin_ui with new code usage * fixed issue with the location of the beef.http.https.public_enabled * refactored powershell module and extension * adding the new config setting for public https beign enabled * refactor qrcode extension * replace video fake plugin refactor * social engineering refactoring * phonegap module refactoring * exploit refactoing * network module refactoing * ipec module refactoring * host module refactoring * debug refactoring * browser refactoring * social engineering extension refactoring * core main server refactoring * core main console banner refactoring * removing dev test * fixed area with location of http.https.enabled * changed the hook url definition to return the hook file path * updated banners to use new configuration getters * updated extensions and modules with the hook url change * added new public.host configuration settings and validations for depicated usage of public * updated to use public.port configuration * added validation for old configuration public_port * updated to use public https configuration setting * updated config with new settings format * fixed get to point to new locations * fixed pointer to hook_file_path * Update extensions/social_engineering/web_cloner/web_cloner.rb Co-authored-by: bcoles <bcoles@gmail.com> * updated enabled to enable * making sure default configuration file does not have preset values Co-authored-by: bcoles <bcoles@gmail.com> * bumped versions to 0.5.2.0 * Usability: #2145. Added user input request for beef update within 'beef' install script (#2162) * added user input request for beef update * swaped git pull from system to backticks * flags added for auto update and timout to input * updated install.txt to reference the update-beef script (#2160) Co-authored-by: Andrew Wheatley <a@andrews-mini.home> Co-authored-by: Isaac Powell <36595182+DeezyE@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: bcoles <bcoles@gmail.com>
2021-09-12 21:33:02 +10:00
parent c96b5e8968
commit b6425e4a90
59 changed files with 883 additions and 156 deletions
--- a/config.yaml
+++ b/config.yaml
@@ -6,7 +6,7 @@
 # BeEF Configuration file

 beef:
-    version: '0.5.1.0'
+    version: '0.5.2.0'
    # More verbose messages (server-side)
    debug: false
    # More verbose messages (client-side)
@@ -47,8 +47,14 @@ beef:

        # Host Name / Domain Name
        # If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
-        #   set the public hostname below:
-        #public: ""      # public hostname/IP address
+        # These settings will be used to create a public facing URL
+        # This public facing URL will be used for all hook related calls
+        # set the public setting below:
+        # public: ""
+        #     host: "" # public hostname/IP address
+        #     port: "" # public port will default to 80 if no https 443 if https 
+                      # and local if not set but there is a public host
+        #     https: false # true/false

        # Reverse Proxy / NAT
        # If you want BeEF to be accessible behind a reverse proxy or NAT,
@@ -56,8 +62,6 @@ beef:
        # NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
        #   by altering the X-FORWARDED-FOR ip address in the request header.
        allow_reverse_proxy: false
-        #public: ""      # public hostname/IP address
-        #public_port: "" # public port (experimental)

        # Hook
        hook_file: "/hook.js"
@@ -89,6 +93,8 @@ beef:
        # Experimental HTTPS support for the hook / admin / all other Thin managed web services
        https:
            enable: false
+            # Enabled this config setting if you're external facing uri is using https
+            public_enabled: false
            # In production environments, be sure to use a valid certificate signed for the value
            # used in beef.http.public (the domain name of the server where you run BeEF)
            key: "beef_key.pem"