Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'updated_contributing' of https://github.com/beefproject/beef

Browse Source
This commit is contained in:
Josh
2020-07-26 21:13:11 -07:00
parent 9a7a36a3ce 1aa8a6aec6
commit b9c5ee73fb
4 changed files with 177 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

175
.github/CONTRIBUTING.md vendored
View File

@@ -1,36 +1,169 @@
# Contributing to BeEF
# Contributing
### Anyone is welcome to make BeEF better!
Thank you for wanting to contribute to BeEF. It's effort like yours that helps make BeEF such a great tool.
Anyone is welcome to make BeEF better!
Following these guidelines shows that you respect the time of the developers developing this open source project and helps them help you. In response to this, they should return that respect in addressing your issue, assisting with changes, and helping you finalize your pull requests.
Below are the steps needed to add code to BeEF on Github to the master branch:
### We want any form helpful of contributions!
1. Fork the repository and create a new branch
2. Write and commit your new code to that branch
BeEF is an open source project and we love to receive contributions from the community! There are many ways to contribute, from writing tutorials or blog posts, improving or translating the documentation, answering questions on the project, submitting bug reports and feature requests or writing or reviewing code which can be merged into BeEF itself.
3. Run the existing tests to make sure they pass
# Contributing
### Anyone is welcome to make BeEF better!
Thank you for wanting to contribute to BeEF. It's effort like yours that helps make BeEF such a great tool.
4. Make a pull request from the forked branch to BeEF master
Following these guidelines shows that you respect the time of the developers developing this open source project and helps them help you. In response to this, they should return that respect in addressing your issue, assisting with changes, and helping you finalize your pull requests.
See https://github.com/beefproject/beef/wiki/BeEF-Testing for steps to write tests.
TL;DR:
```
bundle install --with test
bundle exec rake spec
```
### We want any form helpful of contributions!
4. Write tests in RSpec for your new code (module, extension etc.)
BeEF is an open source project and we love to receive contributions from the community! There are many ways to contribute, from writing tutorials or blog posts, improving or translating the documentation, answering questions on the project, submitting bug reports and feature requests or writing or reviewing code which can be merged into BeEF itself.
5. Run all tests again to make sure they all pass
6. Edit existing wiki page / add a new one explaining the new features, including:
# Ground Rules
### Responsibilities
> * When making an issue, ensure the issue template is filled out, failure to do so can and will result in a closed ticket and a delay in support.
> * We now have a two-week of unresponsiveness period before closing a ticket, if this happens, just comment responding and @ whoever closed the ticket.
> * Ensure cross-platform compatibility for every change that's accepted. Mac and Linux are currently supported.
> * Create issues for any major changes and enhancements that you wish to make. Discuss things transparently and get community feedback.
> * Ensure language is as respectful and appropriate as possible.
> * Keep merges as straightforward as possible, only address one issue per commit where possible.
> * Be welcoming to newcomers and try to assist where possible, everyone needs help.
# Where to start
### Looking to make your first contribution
Unsure where to begin contributing to BeEF? You can start by looking through these issues:
* Good First Issue - issues which should only require a few changes, and are good to start with.
* Question - issues which are a question and need a response. A good way to learn more about BeEF is to try to solve a problem.
At this point, you're ready to make your changes! Feel free to ask for help; everyone is a beginner at first.
If a maintainer asks you to "rebase" your PR, they're saying that code has changed, and that you need to update your branch so it's easier to merge.
### Ruby best practise
Do read through: https://rubystyle.guide
Try and follow through with the practices throughout, even going through it once will help keep the codebase consistent.
# Getting started
### How to submit a contribution.
1. Create your own fork of the code
2. Checkout the master branch
> git checkout master
3. Create a new branch for your feature
> git checkout -b my-cool-new-feature
4. Add your new files
> git add modules/my-cool-new-module
5. Modify or write a test case/s in Rspec for your changes
6. Commit your changes with a relevant message
> git commit
7. Push your changes to GitHub
> git push origin my-cool-new-feature
8. Run all tests again to make sure they all pass
9. Edit existing wiki page / add a new one explaining the new features, including:
- sample usage (command snippets, steps and/or screenshots)
- internal working (code snippets & explanation)
7. Submit a Pull Request, explaining:
- what you have added
- where to find help about it (link to wiki page)
10. Now browse to the following URL and create your pull request from your fork to beef master
- Fill out the Pull Request Template
- https://github.com/beefproject/beef/pulls
If you're brand new to contributing to open-source projects, check out Githubs guide:
https://github.com/firstcontributions/first-contributions/blob/master/README.md
# How to report a bug
### Explain security disclosures first!
If you find a security vulnerability, do NOT open an issue. Email security@beefproject.com instead.
When the security team receives a security bug email, they will assign it to a primary handler.
This person will coordinate the fix and release process, involving the following steps:
* Confirm the problem and find the affected versions.
* Audit code to find any potential similar problems.
* Prepare fixes
# Ground Rules
### Responsibilities
> * When making an issue, ensure the issue template is filled out, failure to do so can and will result in a closed ticket and a delay in support.
> * We now have a two-week of unresponsiveness period before closing a ticket, if this happens, just comment responding and @ whoever closed the ticket.
> * Ensure cross-platform compatibility for every change that's accepted. Mac and Linux are currently supported.
> * Create issues for any major changes and enhancements that you wish to make. Discuss things transparently and get community feedback.
> * Ensure language is as respectful and appropriate as possible.
> * Keep merges as straightforward as possible, only address one issue per commit where possible.
> * Be welcoming to newcomers and try to assist where possible, everyone needs help.
# Where to start
### Looking to make your first contribution
Unsure where to begin contributing to BeEF? You can start by looking through these issues:
* Good First Issue - issues which should only require a few changes, and are good to start with.
* Question - issues which are a question and need a response. A good way to learn more about BeEF is to try to solve a problem.
At this point, you're ready to make your changes! Feel free to ask for help; everyone is a beginner at first.
If a maintainer asks you to "rebase" your PR, they're saying that code has changed, and that you need to update your branch so it's easier to merge.
### Ruby best practise
Do read through: https://rubystyle.guide
Try and follow through with the practices throughout, even going through it once will help keep the codebase consistent.
# Getting started
### How to submit a contribution.
1. Create your own fork of the code
2. Checkout the master branch
> git checkout master
3. Create a new branch for your feature
> git checkout -b my-cool-new-feature
4. Add your new files
> git add modules/my-cool-new-module
5. Modify or write a test case/s in Rspec for your changes
6. Commit your changes with a relevant message
> git commit
7. Push your changes to GitHub
> git push origin my-cool-new-feature
8. Run all tests again to make sure they all pass
9. Edit existing wiki page / add a new one explaining the new features, including:
- sample usage (command snippets, steps and/or screenshots)
- internal working (code snippets & explanation)
10. Now browse to the following URL and create your pull request from your fork to beef master
- Fill out the Pull Request Template
- https://github.com/beefproject/beef/pulls
# How to report a bug
### Explain security disclosures first!
If you find a security vulnerability, do NOT open an issue. Email security@beefproject.com instead.
When the security team receives a security bug email, they will assign it to a primary handler.
This person will coordinate the fix and release process, involving the following steps:
* Confirm the problem and find the affected versions.
* Audit code to find any potential similar problems.
* Prepare fixes

15
Gemfile
View File

@@ -8,11 +8,11 @@
#gem 'simplecov', require: false, group: :test
gem 'eventmachine'
gem 'thin'
gem 'sinatra'
gem 'rack'
gem 'rack-protection'
gem 'sinatra', '>= 2.0.2'
gem 'rack', '>= 2.2.3'
gem 'rack-protection', '>= 2.0.0'
gem 'em-websocket' # WebSocket support
gem 'uglifier'
gem 'uglifier', '>= 2.7.2'
gem 'mime-types'
gem 'execjs'
gem 'ansi'
@@ -20,10 +20,9 @@ gem 'term-ansicolor', :require => 'term/ansicolor'
gem 'json'
gem 'rubyzip', '>= 1.2.2'
gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice
gem 'nokogiri', '>= 1.10.4'
gem 'rake'
#ruby 2.4 isnt compatible with a higher version of active-record
gem 'otr-activerecord'
gem 'nokogiri', '>= 1.10.8'
gem 'rake', '>= 12.3.3'
gem 'otr-activerecord'
gem 'sqlite3'
# Geolocation support

12
core/main/handlers/browserdetails.rb
View File

@@ -29,6 +29,7 @@ module BeEF
# validate hook session value
session_id = get_param(@data, 'beefhook')
print_debug "[INIT] Processing Browser Details for session #{session_id}"
(self.err_msg "session id is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(session_id)
hooked_browser = HB.where(:session => session_id).first
return if not hooked_browser.nil? # browser is already registered with framework
@@ -404,6 +405,17 @@ module BeEF
self.err_msg "Invalid value for 'browser.window.size.width' returned from the hook browser's initial connection."
end
# store and log IP details of host
print_debug("Hooked browser [id:#{zombie.id}] has IP [ip: #{zombie.ip}]")
if os_name != nil and os_version != nil
BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host', :os => os_name + "-" + os_version)
elsif os_name != nil
BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host', :os => os_name)
else
BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host')
end
# get and store the yes|no value for browser capabilities
capabilities = [
'browser.capabilities.vbscript',

6
extensions/network/rest/network.rb
View File

@@ -13,6 +13,7 @@ module BeEF
config = BeEF::Core::Configuration.instance
@nh = BeEF::Core::Models::NetworkHost
@ns = BeEF::Core::Models::NetworkService
@hb = BeEF::Core::Models::HookedBrowser
# Require a valid API token from a valid IP address
halt 401 unless params[:token] == config.get('beef.api_token')
@@ -69,7 +70,8 @@ module BeEF
begin
id = params[:id]
hosts = @nh.where(hooked_browser_id: id).distinct.order(:id)
hooked_browser = @hb.where(session: id).distinct
hosts = @nh.where(hooked_browser: hooked_browser).distinct.order(:hooked_browser)
count = hosts.length
result = {}
@@ -121,7 +123,7 @@ module BeEF
host = @nh.find(id)
raise InvalidParamError, 'id' if host.nil?
halt 404 if host.empty?
halt 404 if host.nil?
host.to_h.to_json
rescue InvalidParamError => e