Merge branch 'master' of https://github.com/beefproject/beef

Gemfile

@@ -52,6 +52,7 @@ if ENV['BEEF_TEST']
   gem "test-unit"
   gem "selenium"
   gem "selenium-webdriver"
+  gem "rspec"
   # nokogirl is needed by capybara which may require one of the below commands
   # sudo apt-get install libxslt-dev libxml2-dev
   # sudo port install libxml2 libxslt

Gemfile.lock

@@ -0,0 +1,89 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.3.6)
+    ansi (1.4.3)
+    daemons (1.1.9)
+    data_objects (0.10.14)
+      addressable (~> 2.1)
+    dm-core (1.2.1)
+      addressable (~> 2.3)
+    dm-do-adapter (1.2.0)
+      data_objects (~> 0.10.6)
+      dm-core (~> 1.2.0)
+    dm-migrations (1.2.0)
+      dm-core (~> 1.2.0)
+    dm-sqlite-adapter (1.2.0)
+      dm-do-adapter (~> 1.2.0)
+      do_sqlite3 (~> 0.10.6)
+    do_sqlite3 (0.10.14)
+      data_objects (= 0.10.14)
+    em-websocket (0.3.8)
+      addressable (>= 2.1.1)
+      eventmachine (>= 0.12.9)
+    erubis (2.7.0)
+    eventmachine (1.0.7)
+    execjs (2.0.2)
+    geoip (1.4.0)
+    json (1.8.1)
+    librex (0.0.68)
+    libv8 (3.11.8.17)
+    msfrpc-client (1.0.1)
+      librex (>= 0.0.32)
+      msgpack (>= 0.4.5)
+    msgpack (0.5.8)
+    multi_json (1.9.3)
+    parseconfig (1.0.4)
+    rack (1.5.2)
+    rack-protection (1.5.3)
+      rack
+    rainbow (2.0.0)
+    ref (1.0.5)
+    rexec (1.6.3)
+      rainbow
+    rubydns (0.7.0)
+      eventmachine (~> 1.0.0)
+      rexec (~> 1.6.2)
+    rubyzip (1.1.3)
+    sinatra (1.4.2)
+      rack (~> 1.5, >= 1.5.2)
+      rack-protection (~> 1.4)
+      tilt (~> 1.3, >= 1.3.4)
+    term-ansicolor (1.1.5)
+    therubyracer (0.11.3)
+      libv8 (~> 3.11.8.12)
+      ref
+    thin (1.6.2)
+      daemons (>= 1.0.9)
+      eventmachine (>= 1.0.0)
+      rack (>= 1.0.0)
+    tilt (1.4.1)
+    uglifier (2.2.1)
+      execjs (>= 0.3.0)
+      multi_json (~> 1.0, >= 1.0.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  ansi
+  data_objects
+  dm-core
+  dm-migrations
+  dm-sqlite-adapter
+  em-websocket (~> 0.3.6)
+  erubis
+  eventmachine (= 1.0.3)
+  execjs
+  geoip
+  json
+  msfrpc-client
+  parseconfig
+  rack (= 1.5.2)
+  rubydns (= 0.7.0)
+  rubyzip (>= 1.0.0)
+  sinatra (= 1.4.2)
+  term-ansicolor
+  therubyracer (= 0.11.3)
+  thin
+  uglifier (~> 2.2.1)

core/main/handlers/browserdetails.rb

@@ -180,8 +180,7 @@ module BeEF
               if config.get("beef.extension.network.enable") == true
                 if proxy_server =~ /^([\d\.]+):([\d]+)$/
                   print_debug("Hooked browser [id:#{zombie.id}] is using a proxy [ip: #{$1}]")
-                  r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => $1, :type => 'Proxy', :cid => 'init')
-                  r.save
+                  BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => $1, :type => 'Proxy', :cid => 'init')
                 end
               end
             end
@@ -354,8 +353,7 @@ module BeEF
           # add localhost as network host
           if config.get('beef.extension.network.enable')
             print_debug("Hooked browser has network interface 127.0.0.1")
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => '127.0.0.1', :hostname => 'localhost', :os => BeEF::Core::Models::BrowserDetails.get(session_id, 'OsName'), :cid => 'init')
-            r.save
+            BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => '127.0.0.1', :hostname => 'localhost', :os => BeEF::Core::Models::BrowserDetails.get(session_id, 'OsName'), :cid => 'init')
           end
 
           # Call autorun modules

extensions/network/models/network_host.rb

@@ -24,6 +24,43 @@ module BeEF
         property :mac, String, :lazy => false
         property :cid, String, :lazy => false # command id or 'init'
 
+        #
+        # Stores a network host in the data store
+        #
+        def self.add(host={})
+          (print_error "Invalid hooked browser session"; return) unless BeEF::Filters.is_valid_hook_session_id?(host[:hooked_browser_id])
+          (print_error "Invalid IP address"; return) unless BeEF::Filters.is_valid_ip?(host[:ip])
+
+          # prevent duplicates
+          return unless BeEF::Core::Models::NetworkHost.all(
+            :hooked_browser_id => host[:hooked_browser_id],
+            :ip => host[:ip],
+            :hostname => host[:hostname],
+            :type => host[:type],
+            :os => host[:os],
+            :mac => host[:mac]).empty?
+
+          if host[:hostname].nil? && host[:type].nil? && host[:os].nil? && host[:mac].nil?
+            return unless BeEF::Core::Models::NetworkHost.all(
+              :hooked_browser_id => host[:hooked_browser_id],
+              :ip => host[:ip]).empty?
+          end
+
+          # store the returned network host details
+          network_host = BeEF::Core::Models::NetworkHost.new(
+            :hooked_browser_id => host[:hooked_browser_id],
+            :ip => host[:ip],
+            :hostname => host[:hostname],
+            :type => host[:type],
+            :os => host[:os],
+            :mac => host[:mac],
+            :cid => host[:cid])
+          result = network_host.save
+          (print_error "Failed to save network host"; return) if result.nil?
+
+          network_host
+        end
+
       end
 
     end

extensions/network/models/network_service.rb

@@ -23,6 +23,41 @@ module BeEF
         property :type, String, :lazy => false
         property :cid, String, :lazy => false # command id or 'init'
 
+        #
+        # Stores a network service in the data store
+        #
+        def self.add(service={})
+          (print_error "Invalid hooked browser session"; return) if not BeEF::Filters.is_valid_hook_session_id?(service[:hooked_browser_id])
+          (print_error "Invalid IP address"; return) if not BeEF::Filters.is_valid_ip?(service[:ip])
+
+          # store the returned network host details
+          BeEF::Core::Models::NetworkHost.add(
+            :hooked_browser_id => service[:hooked_browser_id],
+            :ip => service[:ip],
+            :cid => service[:cid])
+
+          # prevent duplicates
+          return unless BeEF::Core::Models::NetworkService.all(
+            :hooked_browser_id => service[:hooked_browser_id],
+            :proto => service[:proto],
+            :ip => service[:ip],
+            :port => service[:port],
+            :type => service[:type]).empty?
+
+          # store the returned network service details
+          network_service = BeEF::Core::Models::NetworkService.new(
+            :hooked_browser_id => service[:hooked_browser_id],
+            :proto => service[:proto],
+            :ip => service[:ip],
+            :port => service[:port],
+            :type => service[:type],
+            :cid => service[:cid])
+          result = network_service.save
+          (print_error "Failed to save network service"; return) if result.nil?
+
+          network_service
+        end
+
       end
 
     end

extensions/network/rest/network.rb

@@ -29,7 +29,7 @@ module BeEF
         # Returns the entire list of network hosts for all zombies
         get '/hosts' do
           begin
-            hosts = @nh.all
+            hosts = @nh.all(:unique => true, :order => [:id.asc])
             count = hosts.length
 
             result = {}
@@ -45,7 +45,7 @@ module BeEF
         # Returns the entire list of network services for all zombies
         get '/services' do
           begin
-            services = @ns.all
+            services = @ns.all(:unique => true, :order => [:id.asc])
             count = services.length
 
             result = {}
@@ -63,7 +63,7 @@ module BeEF
           begin
             id = params[:id]
 
-            hosts = @nh.all(:hooked_browser_id => id)
+            hosts = @nh.all(:hooked_browser_id => id, :unique => true, :order => [:id.asc])
             count = hosts.length
 
             result = {}
@@ -84,7 +84,7 @@ module BeEF
           begin
             id = params[:id]
 
-            services = @ns.all(:hooked_browser_id => id)
+            services = @ns.all(:hooked_browser_id => id, :unique => true, :order => [:id.asc])
             count = services.length
 
             result = {}

extensions/social_engineering/config.yaml

@@ -13,6 +13,7 @@ beef:
                 # NOTE: you must have 'wget' in your PATH
                 add_beef_hook: true
                 user_agent: "Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2"
+                verify_ssl: true
             mass_mailer:
                 # NOTE: you must have 'file' in your PATH
                 user_agent: "Microsoft-MacOutlook/12.12.0.111556"
@@ -20,6 +21,7 @@ beef:
                 port: 587
                 use_auth: true
                 use_tls: true
+                verify_ssl: true
                 helo: "gmail.com" # this is usually the domain name
                 auth: "youruser@gmail.com"
                 password: "yourpass"
@@ -50,4 +52,4 @@ beef:
                 # the default payload being used is windows/meterpreter/reverse_https
                 msf_reverse_handler_host: "127.0.0.1"
                 msf_reverse_handler_port: "443"
-                powershell_handler_url: "/ps"
+                powershell_handler_url: "/ps"

extensions/social_engineering/mass_mailer/mass_mailer.rb

@@ -31,7 +31,9 @@ module BeEF
           # create new SSL context and disable CA chain validation
           if @config.get("#{@config_prefix}.use_tls")
             @ctx = OpenSSL::SSL::SSLContext.new
-            @ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE # In case the SMTP server uses a self-signed cert, we proceed anyway
+            if not @config.get("#{@config_prefix}.verify_ssl")
+              @ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE # In case the SMTP server uses a self-signed cert, we proceed anyway
+            end
             @ctx.ssl_version = "TLSv1"
           end
 

extensions/social_engineering/web_cloner/web_cloner.rb

@@ -39,7 +39,11 @@ module BeEF
           #
           if use_existing.nil? || use_existing == false
             begin #,"--background"
-              IO.popen(["wget", "#{url}", "-c", "-k", "-O", "#{@cloned_pages_dir + output}", "-U", "#{user_agent}", "--no-check-certificate"], 'r+') do |wget_io|
+              verify_ssl_arg = nil
+              if not @config.get('beef.extension.social_engineering.web_cloner.verify_ssl')
+                verify_ssl_arg = "--no-check-certificate"
+              end
+              IO.popen(["wget", "#{url}", "-c", "-k", "-O", "#{@cloned_pages_dir + output}", "-U", "#{user_agent}", verify_ssl_arg], 'r+') do |wget_io|
               end
               success = true
             rescue Errno::ENOENT => e
@@ -170,7 +174,9 @@ module BeEF
             http = Net::HTTP.new(uri.host, uri.port)
             if uri.scheme == "https"
               http.use_ssl = true
-              http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+              if not @config.get('beef.extension.social_engineering.web_cloner.verify_ssl')
+                http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+              end
             end
             request = Net::HTTP::Get.new(uri.request_uri)
             response = http.request(request)

modules/browser/spyder_eye/html2canvas.js

@@ -3,6 +3,7 @@
   Copyright (c) 2013 Niklas von Hertzen (@niklasvh)
 
   Released under MIT License
+  Modified for BeEF <http://beefproject.com>
 */
 (function(window, document, undefined){
 
@@ -15,7 +16,7 @@ html2canvas;
 
 function h2clog(a) {
   if (_html2canvas.logging && window.console && window.console.log) {
-    window.console.log(a);
+    beef.debug(a);
   }
 }
 
@@ -2801,7 +2802,7 @@ _html2canvas.Renderer.Canvas = function(options) {
         if (storageContext.clip){
           ctx.save();
           ctx.beginPath();
-          // console.log(storageContext);
+          // beef.debug(storageContext);
           ctx.rect(storageContext.clip.left, storageContext.clip.top, storageContext.clip.width, storageContext.clip.height);
           ctx.clip();
         }
@@ -2838,4 +2839,4 @@ _html2canvas.Renderer.Canvas = function(options) {
     return canvas;
   };
 };
-})(window,document);
+})(window,document);

modules/exploits/router/asus_rt_series_get_info/module.rb

@@ -31,10 +31,8 @@ class Asus_rt_series_get_info < BeEF::Core::Command
 
         if !ip.nil? && BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found Asus RT series router [ip: #{ip}]")
-          r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :type => 'Asus Router', :cid => cid)
-          r.save
-          r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => 80, :type => 'HTTP Server', :cid => cid)
-          r.save
+          BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :type => 'Asus Router', :cid => cid)
+          BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => 80, :type => 'HTTP Server', :cid => cid)
         end
         clients.scan(/([\d\.]+,[:\dA-F]{17})/).flatten.each do |client|
           next if client.nil?
@@ -43,22 +41,19 @@ class Asus_rt_series_get_info < BeEF::Core::Command
             mac = $2
             if BeEF::Filters.is_valid_ip?(ip)
               print_debug("Hooked browser found router client [ip: #{ip}, mac: #{mac}]")
-              r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :mac => mac, :cid => cid)
-              r.save
+              BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :mac => mac, :cid => cid)
             end
           end
         end
         if !gateway.nil? && BeEF::Filters.is_valid_ip?(gateway)
           print_debug("Hooked browser found WAN gateway server [ip: #{gateway}]")
-          r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => gateway, :type => 'WAN Gateway', :cid => cid)
-          r.save
+          BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => gateway, :type => 'WAN Gateway', :cid => cid)
         end
         if !dns_servers.nil? && dns_servers =~ /^([\d\. ]+)$/
           dns_servers.split(/ /).uniq.each do |dns|
             if BeEF::Filters.is_valid_ip?(dns)
               print_debug("Hooked browser found DNS server [ip: #{dns}]")
-              r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => dns, :type => 'DNS Server', :cid => cid)
-              r.save
+              BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => dns, :type => 'DNS Server', :cid => cid)
             end
           end
         end

modules/host/detect_cups/module.rb

@@ -25,14 +25,9 @@ class Detect_cups < BeEF::Core::Command
         session_id = @datastore['beefhook']
         type = 'CUPS'
         cid = @datastore['cid'].to_i
-        if BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkService.all(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type).empty?
+        if BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found 'CUPS' [proto: #{proto}, ip: #{ip}, port: #{port}]")
-          r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type, :cid => cid)
-          r.save
-          if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty?
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-            r.save
-          end
+          BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type, :cid => cid)
         end
       end
     end

modules/host/get_internal_ip/module.rb

@@ -30,10 +30,9 @@ class Get_internal_ip < BeEF::Core::Command
       # save the network host
       if @datastore['results'] =~ /^([\d\.]+)$/
         ip = $1
-        if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? # prevent duplicates
+        if BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser has network interface #{ip}")
-          r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-          r.save
+          BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
         end
       end
     end

modules/host/get_internal_ip_webrtc/module.rb

@@ -12,10 +12,8 @@ class Get_internal_ip_webrtc < BeEF::Core::Command
 
     configuration = BeEF::Core::Configuration.instance
     if configuration.get("beef.extension.network.enable") == true
-
       session_id = @datastore['beefhook']
       cid = @datastore['cid'].to_i
-
       # save the network host
       if @datastore['results'] =~ /IP is ([\d\.,]+)/
         ips = $1.to_s.split(/,/)
@@ -25,16 +23,12 @@ class Get_internal_ip_webrtc < BeEF::Core::Command
             next unless ip =~ /^[\d\.]+$/
             next if ip =~ /^0\.0\.0\.0$/
             next unless BeEF::Filters.is_valid_ip?(ip)
-            if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? # prevent duplicates
-              print_debug("Hooked browser has network interface #{ip}")
-              r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :os => os, :cid => cid)
-              r.save
-            end
+            print_debug("Hooked browser has network interface #{ip}")
+            BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :os => os, :cid => cid)
           end
         end
       end
     end
-
   end
 
 end

modules/network/cross_origin_scanner/module.rb

@@ -22,14 +22,9 @@ class Cross_origin_scanner < BeEF::Core::Command
         port = $2
         proto = 'http'
         type = 'HTTP Server (CORS)'
-        print_debug("Hooked browser found HTTP server #{ip}:#{port}")
-        if !ip.nil? && !port.nil? && BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkService.all(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type).empty?
-          r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type, :cid => cid)
-          r.save
-          if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty?
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-            r.save
-          end
+        if BeEF::Filters.is_valid_ip?(ip)
+          print_debug("Hooked browser found HTTP server #{ip}:#{port}")
+          BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type, :cid => cid)
         end
       end
     end

modules/network/get_http_servers/module.rb

@@ -35,12 +35,7 @@ class Get_http_servers < BeEF::Core::Command
         cid = @datastore['cid'].to_i
         if !ip.nil? && BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found HTTP Server [proto: #{proto}, ip: #{ip}, port: #{port}]")
-          r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => "HTTP Server", :cid => cid)
-          r.save
-          if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty?
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-            r.save
-          end
+          BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => "HTTP Server", :cid => cid)
         end
       end
 

modules/network/identify_lan_subnets/module.rb

@@ -37,11 +37,8 @@ class Identify_lan_subnets < BeEF::Core::Command
           next if ip.nil?
           next unless ip.to_s =~ /^([\d\.]+)$/
           next unless BeEF::Filters.is_valid_ip?(ip)
-          if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? # prevent duplicates
-            print_debug("Hooked browser found host #{ip}")
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-            r.save
-          end
+          print_debug("Hooked browser found host #{ip}")
+          BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
         end
       end
     end

modules/network/internal_network_fingerprinting/module.rb

@@ -35,14 +35,9 @@ class Internal_network_fingerprinting < BeEF::Core::Command
         url = $5
         session_id = @datastore['beefhook']
         cid = @datastore['cid'].to_i
-        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip)
+        if BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found '#{discovered}' [ip: #{ip}]")
-          r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => discovered, :cid => cid)
-          r.save
-          if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty?
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-            r.save
-          end
+          BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => discovered, :cid => cid)
         end
       end
 

modules/network/jslanscanner/module.rb

@@ -25,20 +25,18 @@ class Fingerprint_routers < BeEF::Core::Command
         service = $4
         session_id = @datastore['beefhook']
         cid = @datastore['cid'].to_i
-        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkService.all(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service).empty?
+        if BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found network service " + service + " [proto: #{proto}, ip: #{ip}, port: #{port}]")
-          r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service, :cid => cid)
-          r.save
+          BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service, :cid => cid)
         end
       elsif @datastore['results'] =~ /^ip=(.+)&device=(.+)/
         ip = $1
         device = $2
         session_id = @datastore['beefhook']
         cid = @datastore['cid'].to_i
-        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip, :type => device).empty?
+        if BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found network device " + device + " [ip: #{ip}]")
-          r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :type => device, :cid => cid)
-          r.save
+          BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :type => device, :cid => cid)
         end
       end
     end

modules/network/ping_sweep/module.rb

@@ -37,11 +37,8 @@ class Ping_sweep < BeEF::Core::Command
       if @datastore['results'] =~ /host=([\d\.]+) is alive/
         ip = $1
         if BeEF::Filters.is_valid_ip?(ip)
-          if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? # prevent duplicates
-            print_debug("Hooked browser has network interface #{ip}")
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-            r.save
-          end
+          print_debug("Hooked browser has network interface #{ip}")
+          BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
         end
       end
     end

modules/network/port_scanner/module.rb

@@ -39,14 +39,9 @@ class Port_scanner < BeEF::Core::Command
         session_id = @datastore['beefhook']
         proto = 'http'
         cid = @datastore['cid'].to_i
-        if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkService.all(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service).empty?
+        if BeEF::Filters.is_valid_ip?(ip)
           print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]")
-          r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service, :cid => cid)
-          r.save
-          if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty?
-            r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid)
-            r.save
-          end
+          BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service, :cid => cid)
         end
       end
 

test/common/beef_test.rb

@@ -25,7 +25,7 @@ class BeefTest
     session.fill_in 'user', :with => 'beef'
     session.fill_in 'pass', :with => 'beef'
     session.click_button('Login')
-    sleep 20.0
+    sleep 10.0
 
     session
   end
@@ -46,4 +46,4 @@ class BeefTest
     victim
   end
 
-end
+end

test/integration/tc_login.rb

@@ -6,28 +6,30 @@
 require 'test/unit'
 require '../common/test_constants'
 require '../common/beef_test'
+require 'rspec/expectations'
 
 class TC_Login < Test::Unit::TestCase
+  include RSpec::Matchers
 
   def test_log_in
     session = Capybara::Session.new(:selenium)
     session.visit(ATTACK_URL)
     sleep 2.0
     BeefTest.save_screenshot(session)
-    session.has_content?('BeEF Authentication')
+    session.should have_title('BeEF Authentication')
     session.fill_in 'user', :with => 'beef'
     session.fill_in 'pass', :with => 'beef'
     BeefTest.save_screenshot(session)
     session.click_button('Login')
-    sleep 20.0
-    session.has_content?('logout')
+    sleep 10.0
+    session.should have_content('Logout')
     BeefTest.save_screenshot(session)
     session.driver.browser.close
   end
 
   def test_beef_test_login_function
     session = BeefTest.login
-    session.has_content?('logout')
+    session.should have_content('Logout')
     BeefTest.save_screenshot(session)
     session.driver.browser.close
   end
@@ -35,7 +37,8 @@ class TC_Login < Test::Unit::TestCase
   def test_log_out
     session = BeefTest.login
     session.click_link('Logout')
-    session.has_content?('BeEF Authentication')
+    sleep 2.0
+    session.should have_title('BeEF Authentication')
     BeefTest.save_screenshot(session)
     session.driver.browser.close
   end
@@ -43,7 +46,8 @@ class TC_Login < Test::Unit::TestCase
   def test_beef_test_logout_function
     session = BeefTest.login
     session = BeefTest.logout(session)
-    session.has_content?('BeEF Authentication')
+    sleep 2.0
+    session.should have_title('BeEF Authentication')
     BeefTest.save_screenshot(session)
     session.driver.browser.close
   end
@@ -51,13 +55,13 @@ class TC_Login < Test::Unit::TestCase
   def test_logs_tab
     session = BeefTest.login
     session.click_on('Logs')
-    session.has_content?('logout')
-    session.has_content?('Hooked Browsers')
-    session.has_content?('Type')
-    session.has_content?('Event')
-    session.has_content?('Date')
-    session.has_content?('No logs to display')
-    session.has_content?('Page')
+    session.should have_content('Logout')
+    session.should have_content('Hooked Browsers')
+    session.should have_content('Type')
+    session.should have_content('Event')
+    session.should have_content('Date')
+    session.should have_content('Page')
+    session.should have_content('User with ip 127.0.0.1 has successfuly authenticated in the application')
 
     BeefTest.save_screenshot(session)
     BeefTest.logout(session)
@@ -70,15 +74,15 @@ class TC_Login < Test::Unit::TestCase
 
     sleep 5.0
 
-    attacker.has_content?(VICTIM_DOMAIN)
-    attacker.has_content?('127.0.0.1')
+    attacker.should have_content(VICTIM_DOMAIN)
+    attacker.should have_content('127.0.0.1')
     attacker.click_on('127.0.0.1')
 
     sleep 1.0
 
-    attacker.has_content?('Details')
-    attacker.has_content?('Commands')
-    attacker.has_content?('Rider')
+    attacker.should have_content('Details')
+    attacker.should have_content('Commands')
+    attacker.should have_content('Rider')
 
     BeefTest.save_screenshot(attacker)
     BeefTest.save_screenshot(victim)

test/integration/tc_social_engineering_rest.rb

@@ -50,7 +50,7 @@ class TC_SocialEngineeringRest < Test::Unit::TestCase
 
     json = {:url => url, :mount => mount, :dns_spoof => dns_spoof}.to_json
 
-    domain = url.gsub(%r{^http://}, '')
+    domain = url.gsub(%r{^https?://}, '')
 
     response = RestClient.post("#{RESTAPI_SENG}/clone_page?token=#{@@token}",
                                json,

test/unit/core/tc_modules.rb

@@ -48,4 +48,14 @@ class TC_Modules < Test::Unit::TestCase
     
   end
 
+  def test_safe_client_debug_log
+    Dir['../../modules/**/*.js'].each do |path|
+      File.open(path) do |f|
+        f.grep(/\W*console\.log\W*\(/im) do |line|
+          assert(false, "Function 'console.log' used instead of 'beef.debug' in command module: " + path + ':' + line)
+        end
+      end
+    end
+  end
+
 end

test/unit/extensions/tc_network.rb

@@ -28,8 +28,7 @@ class TC_Network < Test::Unit::TestCase
   # Tests procedure for properly adding new host
   def test_02_add_host_good
     assert_nothing_raised do
-      r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => '1234', :ip => '127.0.0.1')
-      r.save
+      BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => '1234', :ip => '127.0.0.1')
       raise "Adding network host failed" if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => '1234', :ip => '127.0.0.1').empty?
     end
   end
@@ -37,8 +36,7 @@ class TC_Network < Test::Unit::TestCase
   # Tests procedure for properly adding new service
   def test_03_add_service_good
     assert_nothing_raised do
-      r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :type => 'Apache', :cid => 1)
-      r.save
+      BeEF::Core::Models::NetworkService.add(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :type => 'Apache', :cid => 1)
       raise "Adding network service failed" if BeEF::Core::Models::NetworkService.all(:hooked_browser_id => '1234', :ip => '127.0.0.1').empty?
     end
   end