From dd3b635a48dc2387be96b501611eec6c9abbb9c9 Mon Sep 17 00:00:00 2001 From: Jack Walker Date: Tue, 7 Jul 2020 14:47:05 +1000 Subject: [PATCH 1/4] Re-commiting h4sh5's reverted changes. --- core/main/handlers/browserdetails.rb | 12 ++++++++++++ extensions/network/rest/network.rb | 6 ++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/core/main/handlers/browserdetails.rb b/core/main/handlers/browserdetails.rb index f4ad33ca4..df6021068 100644 --- a/core/main/handlers/browserdetails.rb +++ b/core/main/handlers/browserdetails.rb @@ -29,6 +29,7 @@ module BeEF # validate hook session value session_id = get_param(@data, 'beefhook') + print_debug "[INIT] Processing Browser Details for session #{session_id}" (self.err_msg "session id is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(session_id) hooked_browser = HB.where(:session => session_id).first return if not hooked_browser.nil? # browser is already registered with framework @@ -404,6 +405,17 @@ module BeEF self.err_msg "Invalid value for 'browser.window.size.width' returned from the hook browser's initial connection." end + # store and log IP details of host + print_debug("Hooked browser [id:#{zombie.id}] has IP [ip: #{zombie.ip}]") + + if os_name != nil and os_version != nil + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host', :os => os_name + "-" + os_version) + elsif os_name != nil + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host', :os => os_name) + else + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host') + end + # get and store the yes|no value for browser capabilities capabilities = [ 'browser.capabilities.vbscript', diff --git a/extensions/network/rest/network.rb b/extensions/network/rest/network.rb index 1e905c0d6..96270c4e4 100644 --- a/extensions/network/rest/network.rb +++ b/extensions/network/rest/network.rb @@ -13,6 +13,7 @@ module BeEF config = BeEF::Core::Configuration.instance @nh = BeEF::Core::Models::NetworkHost @ns = BeEF::Core::Models::NetworkService + @hb = BeEF::Core::Models::HookedBrowser # Require a valid API token from a valid IP address halt 401 unless params[:token] == config.get('beef.api_token') @@ -69,7 +70,8 @@ module BeEF begin id = params[:id] - hosts = @nh.where(hooked_browser_id: id).distinct.order(:id) + hooked_browser = @hb.where(session: id).distinct + hosts = @nh.where(hooked_browser: hooked_browser).distinct.order(:hooked_browser) count = hosts.length result = {} @@ -121,7 +123,7 @@ module BeEF host = @nh.find(id) raise InvalidParamError, 'id' if host.nil? - halt 404 if host.empty? + halt 404 if host.nil? host.to_h.to_json rescue InvalidParamError => e From b8528e5df586b409d6f5e214bad50403a7ee9e4e Mon Sep 17 00:00:00 2001 From: bcoles Date: Wed, 8 Jul 2020 20:35:06 +1000 Subject: [PATCH 2/4] Update dependencies --- Gemfile | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/Gemfile b/Gemfile index c96f7d0d2..2f4545939 100644 --- a/Gemfile +++ b/Gemfile @@ -8,11 +8,11 @@ #gem 'simplecov', require: false, group: :test gem 'eventmachine' gem 'thin' -gem 'sinatra' -gem 'rack' -gem 'rack-protection' +gem 'sinatra', '>= 2.0.2' +gem 'rack', '>= 2.2.3' +gem 'rack-protection', '>= 2.0.0' gem 'em-websocket' # WebSocket support -gem 'uglifier' +gem 'uglifier', '>= 2.7.2' gem 'mime-types' gem 'execjs' gem 'ansi' @@ -20,10 +20,9 @@ gem 'term-ansicolor', :require => 'term/ansicolor' gem 'json' gem 'rubyzip', '>= 1.2.2' gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice -gem 'nokogiri', '>= 1.10.4' -gem 'rake' -#ruby 2.4 isnt compatible with a higher version of active-record -gem 'otr-activerecord' +gem 'nokogiri', '>= 1.10.8' +gem 'rake', '>= 12.3.3' +gem 'otr-activerecord' gem 'sqlite3' # Geolocation support From 9a8108e0f51076a52182a07df39a9f2140f984b0 Mon Sep 17 00:00:00 2001 From: josh Date: Sat, 25 Jul 2020 22:21:38 +1000 Subject: [PATCH 3/4] updated contribution --- .github/CONTRIBUTING.md | 91 +++++++++++++++++++++++++++++++---------- 1 file changed, 70 insertions(+), 21 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 0c257342f..2035c0c85 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -1,36 +1,85 @@ -# Contributing to BeEF +# Contributing +### Anyone is welcome to make BeEF better! +Thank you for wanting to contribute to BeEF. It's effort like yours that helps make BeEF such a great tool. -Anyone is welcome to make BeEF better! +Following these guidelines shows that you respect the time of the developers developing this open source project and helps them help you. In response to this, they should return that respect in addressing your issue, assisting with changes, and helping you finalize your pull requests. -Below are the steps needed to add code to BeEF on Github to the master branch: -1. Fork the repository and create a new branch +### We want any form helpful of contributions! -2. Write and commit your new code to that branch + BeEF is an open source project and we love to receive contributions from the community! There are many ways to contribute, from writing tutorials or blog posts, improving or translating the documentation, answering questions on the project, submitting bug reports and feature requests or writing or reviewing code which can be merged into BeEF itself. -3. Run the existing tests to make sure they pass -4. Make a pull request from the forked branch to BeEF master -See https://github.com/beefproject/beef/wiki/BeEF-Testing for steps to write tests. +# Ground Rules -TL;DR: -``` -bundle install --with test -bundle exec rake spec -``` +### Responsibilities +> * When making an issue, ensure the issue template is filled out, failure to do so can and will result in a closed ticket and a delay in support. +> * We now have a two-week of unresponsiveness period before closing a ticket, if this happens, just comment responding and @ whoever closed the ticket. +> * Ensure cross-platform compatibility for every change that's accepted. Mac and Linux are currently supported. +> * Create issues for any major changes and enhancements that you wish to make. Discuss things transparently and get community feedback. +> * Ensure language is as respectful and appropriate as possible. +> * Keep merges as straightforward as possible, only address one issue per commit where possible. +> * Be welcoming to newcomers and try to assist where possible, everyone needs help. -4. Write tests in RSpec for your new code (module, extension etc.) +# Where to start +### Looking to make your first contribution -5. Run all tests again to make sure they all pass + Unsure where to begin contributing to BeEF? You can start by looking through these issues: -6. Edit existing wiki page / add a new one explaining the new features, including: + * Good First Issue - issues which should only require a few changes, and are good to start with. + * Question - issues which are a question and need a response. A good way to learn more about BeEF is to try to solve a problem. + +At this point, you're ready to make your changes! Feel free to ask for help; everyone is a beginner at first. + +If a maintainer asks you to "rebase" your PR, they're saying that code has changed, and that you need to update your branch so it's easier to merge. + +### Ruby best practise +Do read through: https://rubystyle.guide +Try and follow through with the practices throughout, even going through it once will help keep the codebase consistent. + +# Getting started + +### How to submit a contribution. + +1. Create your own fork of the code + +2. Checkout the master branch +> git checkout master + +3. Create a new branch for your feature +> git checkout -b my-cool-new-feature + +4. Add your new files +> git add modules/my-cool-new-module + +5. Modify or write a test case/s in Rspec for your changes + +6. Commit your changes with a relevant message +> git commit + +7. Push your changes to GitHub +> git push origin my-cool-new-feature + +8. Run all tests again to make sure they all pass + +9. Edit existing wiki page / add a new one explaining the new features, including: - sample usage (command snippets, steps and/or screenshots) - internal working (code snippets & explanation) -7. Submit a Pull Request, explaining: - - what you have added - - where to find help about it (link to wiki page) +10. Now browse to the following URL and create your pull request from your fork to beef master + - Fill out the Pull Request Template + - https://github.com/beefproject/beef/pulls -If you're brand new to contributing to open-source projects, check out Githubs guide: -https://github.com/firstcontributions/first-contributions/blob/master/README.md + +# How to report a bug +### Explain security disclosures first! + +If you find a security vulnerability, do NOT open an issue. Email security@beefproject.com instead. + +When the security team receives a security bug email, they will assign it to a primary handler. +This person will coordinate the fix and release process, involving the following steps: + +* Confirm the problem and find the affected versions. +* Audit code to find any potential similar problems. +* Prepare fixes \ No newline at end of file From 381cbec8a9e8761232114f1d21f405a7710025e3 Mon Sep 17 00:00:00 2001 From: Joshua Date: Thu, 2 Jul 2020 13:33:18 +1000 Subject: [PATCH 4/4] updated contributing to further match how to merge --- .github/CONTRIBUTING.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index d6b044819..0c257342f 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -4,12 +4,14 @@ Anyone is welcome to make BeEF better! Below are the steps needed to add code to BeEF on Github to the master branch: -1. Clone the repository and create a new branch +1. Fork the repository and create a new branch 2. Write and commit your new code to that branch 3. Run the existing tests to make sure they pass +4. Make a pull request from the forked branch to BeEF master + See https://github.com/beefproject/beef/wiki/BeEF-Testing for steps to write tests. TL;DR: