From 7b234c9b984680390603ecc41220e2b187b148f1 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sat, 27 Jun 2015 17:40:43 +0000 Subject: [PATCH 01/10] Add rspec to Gemfile --- Gemfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Gemfile b/Gemfile index 8a3d151b5..fb726e14a 100644 --- a/Gemfile +++ b/Gemfile @@ -52,6 +52,7 @@ if ENV['BEEF_TEST'] gem "test-unit" gem "selenium" gem "selenium-webdriver" + gem "rspec" # nokogirl is needed by capybara which may require one of the below commands # sudo apt-get install libxslt-dev libxml2-dev # sudo port install libxml2 libxslt From 96dcba967b17629cfc76548f210c8297f3552428 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sat, 27 Jun 2015 17:48:25 +0000 Subject: [PATCH 02/10] Update eventmachine from 1.0.3 to 1.0.7 in Gemfile.lock Required by Ruby 2.2 --- Gemfile.lock | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 Gemfile.lock diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 000000000..70ac34a5f --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,89 @@ +GEM + remote: http://rubygems.org/ + specs: + addressable (2.3.6) + ansi (1.4.3) + daemons (1.1.9) + data_objects (0.10.14) + addressable (~> 2.1) + dm-core (1.2.1) + addressable (~> 2.3) + dm-do-adapter (1.2.0) + data_objects (~> 0.10.6) + dm-core (~> 1.2.0) + dm-migrations (1.2.0) + dm-core (~> 1.2.0) + dm-sqlite-adapter (1.2.0) + dm-do-adapter (~> 1.2.0) + do_sqlite3 (~> 0.10.6) + do_sqlite3 (0.10.14) + data_objects (= 0.10.14) + em-websocket (0.3.8) + addressable (>= 2.1.1) + eventmachine (>= 0.12.9) + erubis (2.7.0) + eventmachine (1.0.7) + execjs (2.0.2) + geoip (1.4.0) + json (1.8.1) + librex (0.0.68) + libv8 (3.11.8.17) + msfrpc-client (1.0.1) + librex (>= 0.0.32) + msgpack (>= 0.4.5) + msgpack (0.5.8) + multi_json (1.9.3) + parseconfig (1.0.4) + rack (1.5.2) + rack-protection (1.5.3) + rack + rainbow (2.0.0) + ref (1.0.5) + rexec (1.6.3) + rainbow + rubydns (0.7.0) + eventmachine (~> 1.0.0) + rexec (~> 1.6.2) + rubyzip (1.1.3) + sinatra (1.4.2) + rack (~> 1.5, >= 1.5.2) + rack-protection (~> 1.4) + tilt (~> 1.3, >= 1.3.4) + term-ansicolor (1.1.5) + therubyracer (0.11.3) + libv8 (~> 3.11.8.12) + ref + thin (1.6.2) + daemons (>= 1.0.9) + eventmachine (>= 1.0.0) + rack (>= 1.0.0) + tilt (1.4.1) + uglifier (2.2.1) + execjs (>= 0.3.0) + multi_json (~> 1.0, >= 1.0.2) + +PLATFORMS + ruby + +DEPENDENCIES + ansi + data_objects + dm-core + dm-migrations + dm-sqlite-adapter + em-websocket (~> 0.3.6) + erubis + eventmachine (= 1.0.3) + execjs + geoip + json + msfrpc-client + parseconfig + rack (= 1.5.2) + rubydns (= 0.7.0) + rubyzip (>= 1.0.0) + sinatra (= 1.4.2) + term-ansicolor + therubyracer (= 0.11.3) + thin + uglifier (~> 2.2.1) From c9c9bfa6eee0e909b5951abcb4b3c142463e6159 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sat, 27 Jun 2015 17:51:54 +0000 Subject: [PATCH 03/10] Decrease BeefTest.login sleep to 10 seconds --- test/common/beef_test.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/common/beef_test.rb b/test/common/beef_test.rb index 529fc5861..65de00c06 100644 --- a/test/common/beef_test.rb +++ b/test/common/beef_test.rb @@ -25,7 +25,7 @@ class BeefTest session.fill_in 'user', :with => 'beef' session.fill_in 'pass', :with => 'beef' session.click_button('Login') - sleep 20.0 + sleep 10.0 session end @@ -46,4 +46,4 @@ class BeefTest victim end -end \ No newline at end of file +end From 1f409873554b6ad92a938fbf1134c9bd9be5ff9d Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sat, 27 Jun 2015 18:10:56 +0000 Subject: [PATCH 04/10] Use RSpec::Matchers in TC_Login --- test/integration/tc_login.rb | 40 ++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/test/integration/tc_login.rb b/test/integration/tc_login.rb index 1a7cc0c40..4ca92c805 100644 --- a/test/integration/tc_login.rb +++ b/test/integration/tc_login.rb @@ -6,28 +6,30 @@ require 'test/unit' require '../common/test_constants' require '../common/beef_test' +require 'rspec/expectations' class TC_Login < Test::Unit::TestCase + include RSpec::Matchers def test_log_in session = Capybara::Session.new(:selenium) session.visit(ATTACK_URL) sleep 2.0 BeefTest.save_screenshot(session) - session.has_content?('BeEF Authentication') + session.should have_title('BeEF Authentication') session.fill_in 'user', :with => 'beef' session.fill_in 'pass', :with => 'beef' BeefTest.save_screenshot(session) session.click_button('Login') - sleep 20.0 - session.has_content?('logout') + sleep 10.0 + session.should have_content('Logout') BeefTest.save_screenshot(session) session.driver.browser.close end def test_beef_test_login_function session = BeefTest.login - session.has_content?('logout') + session.should have_content('Logout') BeefTest.save_screenshot(session) session.driver.browser.close end @@ -35,7 +37,8 @@ class TC_Login < Test::Unit::TestCase def test_log_out session = BeefTest.login session.click_link('Logout') - session.has_content?('BeEF Authentication') + sleep 2.0 + session.should have_title('BeEF Authentication') BeefTest.save_screenshot(session) session.driver.browser.close end @@ -43,7 +46,8 @@ class TC_Login < Test::Unit::TestCase def test_beef_test_logout_function session = BeefTest.login session = BeefTest.logout(session) - session.has_content?('BeEF Authentication') + sleep 2.0 + session.should have_title('BeEF Authentication') BeefTest.save_screenshot(session) session.driver.browser.close end @@ -51,13 +55,13 @@ class TC_Login < Test::Unit::TestCase def test_logs_tab session = BeefTest.login session.click_on('Logs') - session.has_content?('logout') - session.has_content?('Hooked Browsers') - session.has_content?('Type') - session.has_content?('Event') - session.has_content?('Date') - session.has_content?('No logs to display') - session.has_content?('Page') + session.should have_content('Logout') + session.should have_content('Hooked Browsers') + session.should have_content('Type') + session.should have_content('Event') + session.should have_content('Date') + session.should have_content('Page') + session.should have_content('User with ip 127.0.0.1 has successfuly authenticated in the application') BeefTest.save_screenshot(session) BeefTest.logout(session) @@ -70,15 +74,15 @@ class TC_Login < Test::Unit::TestCase sleep 5.0 - attacker.has_content?(VICTIM_DOMAIN) - attacker.has_content?('127.0.0.1') + attacker.should have_content(VICTIM_DOMAIN) + attacker.should have_content('127.0.0.1') attacker.click_on('127.0.0.1') sleep 1.0 - attacker.has_content?('Details') - attacker.has_content?('Commands') - attacker.has_content?('Rider') + attacker.should have_content('Details') + attacker.should have_content('Commands') + attacker.should have_content('Rider') BeefTest.save_screenshot(attacker) BeefTest.save_screenshot(victim) From 8b4ad518995607d67731312515c33cd1bb7c9464 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sat, 27 Jun 2015 18:56:06 +0000 Subject: [PATCH 05/10] Replace console.log with beef.debug --- modules/browser/spyder_eye/html2canvas.js | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/modules/browser/spyder_eye/html2canvas.js b/modules/browser/spyder_eye/html2canvas.js index 4689971cd..87df63cc2 100644 --- a/modules/browser/spyder_eye/html2canvas.js +++ b/modules/browser/spyder_eye/html2canvas.js @@ -3,6 +3,7 @@ Copyright (c) 2013 Niklas von Hertzen (@niklasvh) Released under MIT License + Modified for BeEF */ (function(window, document, undefined){ @@ -15,7 +16,7 @@ html2canvas; function h2clog(a) { if (_html2canvas.logging && window.console && window.console.log) { - window.console.log(a); + beef.debug(a); } } @@ -2801,7 +2802,7 @@ _html2canvas.Renderer.Canvas = function(options) { if (storageContext.clip){ ctx.save(); ctx.beginPath(); - // console.log(storageContext); + // beef.debug(storageContext); ctx.rect(storageContext.clip.left, storageContext.clip.top, storageContext.clip.width, storageContext.clip.height); ctx.clip(); } @@ -2838,4 +2839,4 @@ _html2canvas.Renderer.Canvas = function(options) { return canvas; }; }; -})(window,document); \ No newline at end of file +})(window,document); From 694ec61a029b17bccf17d51f4e7635e32a5e3fc3 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sat, 27 Jun 2015 18:57:47 +0000 Subject: [PATCH 06/10] Add TC_Modules test_safe_client_debug_log --- test/unit/core/tc_modules.rb | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/test/unit/core/tc_modules.rb b/test/unit/core/tc_modules.rb index e7f1f1958..956003935 100644 --- a/test/unit/core/tc_modules.rb +++ b/test/unit/core/tc_modules.rb @@ -48,4 +48,14 @@ class TC_Modules < Test::Unit::TestCase end + def test_safe_client_debug_log + Dir['../../modules/**/*.js'].each do |path| + File.open(path) do |f| + f.grep(/\W*console\.log\W*\(/im) do |line| + assert(false, "Function 'console.log' used instead of 'beef.debug' in command module: " + path + ':' + line) + end + end + end + end + end From 916828e131db409748ed6efa75e32dca9010c67a Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sun, 28 Jun 2015 08:53:23 +0000 Subject: [PATCH 07/10] Add 'verify_ssl' option to social engineering config --- extensions/social_engineering/config.yaml | 4 +++- .../social_engineering/mass_mailer/mass_mailer.rb | 4 +++- extensions/social_engineering/web_cloner/web_cloner.rb | 10 ++++++++-- test/integration/tc_social_engineering_rest.rb | 2 +- 4 files changed, 15 insertions(+), 5 deletions(-) diff --git a/extensions/social_engineering/config.yaml b/extensions/social_engineering/config.yaml index 892a2ccb9..62a98288f 100644 --- a/extensions/social_engineering/config.yaml +++ b/extensions/social_engineering/config.yaml @@ -13,6 +13,7 @@ beef: # NOTE: you must have 'wget' in your PATH add_beef_hook: true user_agent: "Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2" + verify_ssl: true mass_mailer: # NOTE: you must have 'file' in your PATH user_agent: "Microsoft-MacOutlook/12.12.0.111556" @@ -20,6 +21,7 @@ beef: port: 587 use_auth: true use_tls: true + verify_ssl: true helo: "gmail.com" # this is usually the domain name auth: "youruser@gmail.com" password: "yourpass" @@ -50,4 +52,4 @@ beef: # the default payload being used is windows/meterpreter/reverse_https msf_reverse_handler_host: "127.0.0.1" msf_reverse_handler_port: "443" - powershell_handler_url: "/ps" \ No newline at end of file + powershell_handler_url: "/ps" diff --git a/extensions/social_engineering/mass_mailer/mass_mailer.rb b/extensions/social_engineering/mass_mailer/mass_mailer.rb index 973232594..300023836 100644 --- a/extensions/social_engineering/mass_mailer/mass_mailer.rb +++ b/extensions/social_engineering/mass_mailer/mass_mailer.rb @@ -31,7 +31,9 @@ module BeEF # create new SSL context and disable CA chain validation if @config.get("#{@config_prefix}.use_tls") @ctx = OpenSSL::SSL::SSLContext.new - @ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE # In case the SMTP server uses a self-signed cert, we proceed anyway + if not @config.get("#{@config_prefix}.verify_ssl") + @ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE # In case the SMTP server uses a self-signed cert, we proceed anyway + end @ctx.ssl_version = "TLSv1" end diff --git a/extensions/social_engineering/web_cloner/web_cloner.rb b/extensions/social_engineering/web_cloner/web_cloner.rb index 7fd7f234a..e56798820 100644 --- a/extensions/social_engineering/web_cloner/web_cloner.rb +++ b/extensions/social_engineering/web_cloner/web_cloner.rb @@ -39,7 +39,11 @@ module BeEF # if use_existing.nil? || use_existing == false begin #,"--background" - IO.popen(["wget", "#{url}", "-c", "-k", "-O", "#{@cloned_pages_dir + output}", "-U", "#{user_agent}", "--no-check-certificate"], 'r+') do |wget_io| + verify_ssl_arg = nil + if not @config.get('beef.extension.social_engineering.web_cloner.verify_ssl') + verify_ssl_arg = "--no-check-certificate" + end + IO.popen(["wget", "#{url}", "-c", "-k", "-O", "#{@cloned_pages_dir + output}", "-U", "#{user_agent}", verify_ssl_arg], 'r+') do |wget_io| end success = true rescue Errno::ENOENT => e @@ -170,7 +174,9 @@ module BeEF http = Net::HTTP.new(uri.host, uri.port) if uri.scheme == "https" http.use_ssl = true - http.verify_mode = OpenSSL::SSL::VERIFY_NONE + if not @config.get('beef.extension.social_engineering.web_cloner.verify_ssl') + http.verify_mode = OpenSSL::SSL::VERIFY_NONE + end end request = Net::HTTP::Get.new(uri.request_uri) response = http.request(request) diff --git a/test/integration/tc_social_engineering_rest.rb b/test/integration/tc_social_engineering_rest.rb index 4a92933f0..824dbd32f 100644 --- a/test/integration/tc_social_engineering_rest.rb +++ b/test/integration/tc_social_engineering_rest.rb @@ -50,7 +50,7 @@ class TC_SocialEngineeringRest < Test::Unit::TestCase json = {:url => url, :mount => mount, :dns_spoof => dns_spoof}.to_json - domain = url.gsub(%r{^http://}, '') + domain = url.gsub(%r{^https?://}, '') response = RestClient.post("#{RESTAPI_SENG}/clone_page?token=#{@@token}", json, From 12d64d11658047993ad0eb5540d519221ee3ce9c Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sun, 28 Jun 2015 08:56:13 +0000 Subject: [PATCH 08/10] Return unique results sorted by id --- extensions/network/rest/network.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/extensions/network/rest/network.rb b/extensions/network/rest/network.rb index 07096aaca..c08f6a22b 100644 --- a/extensions/network/rest/network.rb +++ b/extensions/network/rest/network.rb @@ -29,7 +29,7 @@ module BeEF # Returns the entire list of network hosts for all zombies get '/hosts' do begin - hosts = @nh.all + hosts = @nh.all(:unique => true, :order => [:id.asc]) count = hosts.length result = {} @@ -45,7 +45,7 @@ module BeEF # Returns the entire list of network services for all zombies get '/services' do begin - services = @ns.all + services = @ns.all(:unique => true, :order => [:id.asc]) count = services.length result = {} @@ -63,7 +63,7 @@ module BeEF begin id = params[:id] - hosts = @nh.all(:hooked_browser_id => id) + hosts = @nh.all(:hooked_browser_id => id, :unique => true, :order => [:id.asc]) count = hosts.length result = {} @@ -84,7 +84,7 @@ module BeEF begin id = params[:id] - services = @ns.all(:hooked_browser_id => id) + services = @ns.all(:hooked_browser_id => id, :unique => true, :order => [:id.asc]) count = services.length result = {} From d05397e0a9926251ad94a08f2e7b42efa9c8d764 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sun, 28 Jun 2015 17:22:16 +0000 Subject: [PATCH 09/10] Add NetworkService.add and NetworkHost.add --- extensions/network/models/network_host.rb | 37 ++++++++++++++++++++ extensions/network/models/network_service.rb | 35 ++++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/extensions/network/models/network_host.rb b/extensions/network/models/network_host.rb index 0de5ce0d4..3ac0dd7e6 100644 --- a/extensions/network/models/network_host.rb +++ b/extensions/network/models/network_host.rb @@ -24,6 +24,43 @@ module BeEF property :mac, String, :lazy => false property :cid, String, :lazy => false # command id or 'init' + # + # Stores a network host in the data store + # + def self.add(host={}) + (print_error "Invalid hooked browser session"; return) unless BeEF::Filters.is_valid_hook_session_id?(host[:hooked_browser_id]) + (print_error "Invalid IP address"; return) unless BeEF::Filters.is_valid_ip?(host[:ip]) + + # prevent duplicates + return unless BeEF::Core::Models::NetworkHost.all( + :hooked_browser_id => host[:hooked_browser_id], + :ip => host[:ip], + :hostname => host[:hostname], + :type => host[:type], + :os => host[:os], + :mac => host[:mac]).empty? + + if host[:hostname].nil? && host[:type].nil? && host[:os].nil? && host[:mac].nil? + return unless BeEF::Core::Models::NetworkHost.all( + :hooked_browser_id => host[:hooked_browser_id], + :ip => host[:ip]).empty? + end + + # store the returned network host details + network_host = BeEF::Core::Models::NetworkHost.new( + :hooked_browser_id => host[:hooked_browser_id], + :ip => host[:ip], + :hostname => host[:hostname], + :type => host[:type], + :os => host[:os], + :mac => host[:mac], + :cid => host[:cid]) + result = network_host.save + (print_error "Failed to save network host"; return) if result.nil? + + network_host + end + end end diff --git a/extensions/network/models/network_service.rb b/extensions/network/models/network_service.rb index c806b2aa1..724c4e5f7 100644 --- a/extensions/network/models/network_service.rb +++ b/extensions/network/models/network_service.rb @@ -23,6 +23,41 @@ module BeEF property :type, String, :lazy => false property :cid, String, :lazy => false # command id or 'init' + # + # Stores a network service in the data store + # + def self.add(service={}) + (print_error "Invalid hooked browser session"; return) if not BeEF::Filters.is_valid_hook_session_id?(service[:hooked_browser_id]) + (print_error "Invalid IP address"; return) if not BeEF::Filters.is_valid_ip?(service[:ip]) + + # store the returned network host details + BeEF::Core::Models::NetworkHost.add( + :hooked_browser_id => service[:hooked_browser_id], + :ip => service[:ip], + :cid => service[:cid]) + + # prevent duplicates + return unless BeEF::Core::Models::NetworkService.all( + :hooked_browser_id => service[:hooked_browser_id], + :proto => service[:proto], + :ip => service[:ip], + :port => service[:port], + :type => service[:type]).empty? + + # store the returned network service details + network_service = BeEF::Core::Models::NetworkService.new( + :hooked_browser_id => service[:hooked_browser_id], + :proto => service[:proto], + :ip => service[:ip], + :port => service[:port], + :type => service[:type], + :cid => service[:cid]) + result = network_service.save + (print_error "Failed to save network service"; return) if result.nil? + + network_service + end + end end From 0d3c123e261d63b16d475bb9144067c353ccf45c Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sun, 28 Jun 2015 17:30:14 +0000 Subject: [PATCH 10/10] Use NetworkService.add and NetworkHost.add --- core/main/handlers/browserdetails.rb | 6 ++---- .../router/asus_rt_series_get_info/module.rb | 15 +++++---------- modules/host/detect_cups/module.rb | 9 ++------- modules/host/get_internal_ip/module.rb | 5 ++--- modules/host/get_internal_ip_webrtc/module.rb | 10 ++-------- modules/network/cross_origin_scanner/module.rb | 11 +++-------- modules/network/get_http_servers/module.rb | 7 +------ modules/network/identify_lan_subnets/module.rb | 7 ++----- .../internal_network_fingerprinting/module.rb | 9 ++------- modules/network/jslanscanner/module.rb | 10 ++++------ modules/network/ping_sweep/module.rb | 7 ++----- modules/network/port_scanner/module.rb | 9 ++------- test/unit/extensions/tc_network.rb | 6 ++---- 13 files changed, 31 insertions(+), 80 deletions(-) diff --git a/core/main/handlers/browserdetails.rb b/core/main/handlers/browserdetails.rb index fab4d2ea2..a74ddbc45 100644 --- a/core/main/handlers/browserdetails.rb +++ b/core/main/handlers/browserdetails.rb @@ -180,8 +180,7 @@ module BeEF if config.get("beef.extension.network.enable") == true if proxy_server =~ /^([\d\.]+):([\d]+)$/ print_debug("Hooked browser [id:#{zombie.id}] is using a proxy [ip: #{$1}]") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => $1, :type => 'Proxy', :cid => 'init') - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => $1, :type => 'Proxy', :cid => 'init') end end end @@ -354,8 +353,7 @@ module BeEF # add localhost as network host if config.get('beef.extension.network.enable') print_debug("Hooked browser has network interface 127.0.0.1") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => '127.0.0.1', :hostname => 'localhost', :os => BeEF::Core::Models::BrowserDetails.get(session_id, 'OsName'), :cid => 'init') - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => '127.0.0.1', :hostname => 'localhost', :os => BeEF::Core::Models::BrowserDetails.get(session_id, 'OsName'), :cid => 'init') end # Call autorun modules diff --git a/modules/exploits/router/asus_rt_series_get_info/module.rb b/modules/exploits/router/asus_rt_series_get_info/module.rb index 5b729ce06..69c7b97c2 100644 --- a/modules/exploits/router/asus_rt_series_get_info/module.rb +++ b/modules/exploits/router/asus_rt_series_get_info/module.rb @@ -31,10 +31,8 @@ class Asus_rt_series_get_info < BeEF::Core::Command if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser found Asus RT series router [ip: #{ip}]") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :type => 'Asus Router', :cid => cid) - r.save - r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => 80, :type => 'HTTP Server', :cid => cid) - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :type => 'Asus Router', :cid => cid) + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => 'http', :ip => ip, :port => 80, :type => 'HTTP Server', :cid => cid) end clients.scan(/([\d\.]+,[:\dA-F]{17})/).flatten.each do |client| next if client.nil? @@ -43,22 +41,19 @@ class Asus_rt_series_get_info < BeEF::Core::Command mac = $2 if BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser found router client [ip: #{ip}, mac: #{mac}]") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :mac => mac, :cid => cid) - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :mac => mac, :cid => cid) end end end if !gateway.nil? && BeEF::Filters.is_valid_ip?(gateway) print_debug("Hooked browser found WAN gateway server [ip: #{gateway}]") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => gateway, :type => 'WAN Gateway', :cid => cid) - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => gateway, :type => 'WAN Gateway', :cid => cid) end if !dns_servers.nil? && dns_servers =~ /^([\d\. ]+)$/ dns_servers.split(/ /).uniq.each do |dns| if BeEF::Filters.is_valid_ip?(dns) print_debug("Hooked browser found DNS server [ip: #{dns}]") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => dns, :type => 'DNS Server', :cid => cid) - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => dns, :type => 'DNS Server', :cid => cid) end end end diff --git a/modules/host/detect_cups/module.rb b/modules/host/detect_cups/module.rb index 1a0398a43..6aa6f6d54 100644 --- a/modules/host/detect_cups/module.rb +++ b/modules/host/detect_cups/module.rb @@ -25,14 +25,9 @@ class Detect_cups < BeEF::Core::Command session_id = @datastore['beefhook'] type = 'CUPS' cid = @datastore['cid'].to_i - if BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkService.all(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type).empty? + if BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser found 'CUPS' [proto: #{proto}, ip: #{ip}, port: #{port}]") - r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type, :cid => cid) - r.save - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid) - r.save - end + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type, :cid => cid) end end end diff --git a/modules/host/get_internal_ip/module.rb b/modules/host/get_internal_ip/module.rb index 85462c247..928e22e4f 100755 --- a/modules/host/get_internal_ip/module.rb +++ b/modules/host/get_internal_ip/module.rb @@ -30,10 +30,9 @@ class Get_internal_ip < BeEF::Core::Command # save the network host if @datastore['results'] =~ /^([\d\.]+)$/ ip = $1 - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? # prevent duplicates + if BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser has network interface #{ip}") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid) - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :cid => cid) end end end diff --git a/modules/host/get_internal_ip_webrtc/module.rb b/modules/host/get_internal_ip_webrtc/module.rb index cf6e7f009..a9fe64659 100755 --- a/modules/host/get_internal_ip_webrtc/module.rb +++ b/modules/host/get_internal_ip_webrtc/module.rb @@ -12,10 +12,8 @@ class Get_internal_ip_webrtc < BeEF::Core::Command configuration = BeEF::Core::Configuration.instance if configuration.get("beef.extension.network.enable") == true - session_id = @datastore['beefhook'] cid = @datastore['cid'].to_i - # save the network host if @datastore['results'] =~ /IP is ([\d\.,]+)/ ips = $1.to_s.split(/,/) @@ -25,16 +23,12 @@ class Get_internal_ip_webrtc < BeEF::Core::Command next unless ip =~ /^[\d\.]+$/ next if ip =~ /^0\.0\.0\.0$/ next unless BeEF::Filters.is_valid_ip?(ip) - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? # prevent duplicates - print_debug("Hooked browser has network interface #{ip}") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :os => os, :cid => cid) - r.save - end + print_debug("Hooked browser has network interface #{ip}") + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :os => os, :cid => cid) end end end end - end end diff --git a/modules/network/cross_origin_scanner/module.rb b/modules/network/cross_origin_scanner/module.rb index e9c6216eb..91992ec2d 100644 --- a/modules/network/cross_origin_scanner/module.rb +++ b/modules/network/cross_origin_scanner/module.rb @@ -22,14 +22,9 @@ class Cross_origin_scanner < BeEF::Core::Command port = $2 proto = 'http' type = 'HTTP Server (CORS)' - print_debug("Hooked browser found HTTP server #{ip}:#{port}") - if !ip.nil? && !port.nil? && BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkService.all(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type).empty? - r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type, :cid => cid) - r.save - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid) - r.save - end + if BeEF::Filters.is_valid_ip?(ip) + print_debug("Hooked browser found HTTP server #{ip}:#{port}") + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => type, :cid => cid) end end end diff --git a/modules/network/get_http_servers/module.rb b/modules/network/get_http_servers/module.rb index 2b0a6fd2d..ff0cb4b69 100644 --- a/modules/network/get_http_servers/module.rb +++ b/modules/network/get_http_servers/module.rb @@ -35,12 +35,7 @@ class Get_http_servers < BeEF::Core::Command cid = @datastore['cid'].to_i if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser found HTTP Server [proto: #{proto}, ip: #{ip}, port: #{port}]") - r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => "HTTP Server", :cid => cid) - r.save - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid) - r.save - end + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => "HTTP Server", :cid => cid) end end diff --git a/modules/network/identify_lan_subnets/module.rb b/modules/network/identify_lan_subnets/module.rb index 95e1994bc..a089d668c 100644 --- a/modules/network/identify_lan_subnets/module.rb +++ b/modules/network/identify_lan_subnets/module.rb @@ -37,11 +37,8 @@ class Identify_lan_subnets < BeEF::Core::Command next if ip.nil? next unless ip.to_s =~ /^([\d\.]+)$/ next unless BeEF::Filters.is_valid_ip?(ip) - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? # prevent duplicates - print_debug("Hooked browser found host #{ip}") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid) - r.save - end + print_debug("Hooked browser found host #{ip}") + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :cid => cid) end end end diff --git a/modules/network/internal_network_fingerprinting/module.rb b/modules/network/internal_network_fingerprinting/module.rb index ff1d2fb3d..acd9e5aa1 100644 --- a/modules/network/internal_network_fingerprinting/module.rb +++ b/modules/network/internal_network_fingerprinting/module.rb @@ -35,14 +35,9 @@ class Internal_network_fingerprinting < BeEF::Core::Command url = $5 session_id = @datastore['beefhook'] cid = @datastore['cid'].to_i - if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) + if BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser found '#{discovered}' [ip: #{ip}]") - r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => discovered, :cid => cid) - r.save - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid) - r.save - end + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => discovered, :cid => cid) end end diff --git a/modules/network/jslanscanner/module.rb b/modules/network/jslanscanner/module.rb index 7b1c5dd28..42c424d2f 100644 --- a/modules/network/jslanscanner/module.rb +++ b/modules/network/jslanscanner/module.rb @@ -25,20 +25,18 @@ class Fingerprint_routers < BeEF::Core::Command service = $4 session_id = @datastore['beefhook'] cid = @datastore['cid'].to_i - if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkService.all(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service).empty? + if BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser found network service " + service + " [proto: #{proto}, ip: #{ip}, port: #{port}]") - r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service, :cid => cid) - r.save + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service, :cid => cid) end elsif @datastore['results'] =~ /^ip=(.+)&device=(.+)/ ip = $1 device = $2 session_id = @datastore['beefhook'] cid = @datastore['cid'].to_i - if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip, :type => device).empty? + if BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser found network device " + device + " [ip: #{ip}]") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :type => device, :cid => cid) - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :type => device, :cid => cid) end end end diff --git a/modules/network/ping_sweep/module.rb b/modules/network/ping_sweep/module.rb index 3754e5fb2..1879df51d 100644 --- a/modules/network/ping_sweep/module.rb +++ b/modules/network/ping_sweep/module.rb @@ -37,11 +37,8 @@ class Ping_sweep < BeEF::Core::Command if @datastore['results'] =~ /host=([\d\.]+) is alive/ ip = $1 if BeEF::Filters.is_valid_ip?(ip) - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? # prevent duplicates - print_debug("Hooked browser has network interface #{ip}") - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid) - r.save - end + print_debug("Hooked browser has network interface #{ip}") + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => session_id, :ip => ip, :cid => cid) end end end diff --git a/modules/network/port_scanner/module.rb b/modules/network/port_scanner/module.rb index 654b532e6..c3817109c 100644 --- a/modules/network/port_scanner/module.rb +++ b/modules/network/port_scanner/module.rb @@ -39,14 +39,9 @@ class Port_scanner < BeEF::Core::Command session_id = @datastore['beefhook'] proto = 'http' cid = @datastore['cid'].to_i - if !ip.nil? && BeEF::Filters.is_valid_ip?(ip) && BeEF::Core::Models::NetworkService.all(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service).empty? + if BeEF::Filters.is_valid_ip?(ip) print_debug("Hooked browser found network service [ip: #{ip}, port: #{port}]") - r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service, :cid => cid) - r.save - if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => session_id, :ip => ip).empty? - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => ip, :cid => cid) - r.save - end + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => session_id, :proto => proto, :ip => ip, :port => port, :type => service, :cid => cid) end end diff --git a/test/unit/extensions/tc_network.rb b/test/unit/extensions/tc_network.rb index 0416bb518..21473722f 100644 --- a/test/unit/extensions/tc_network.rb +++ b/test/unit/extensions/tc_network.rb @@ -28,8 +28,7 @@ class TC_Network < Test::Unit::TestCase # Tests procedure for properly adding new host def test_02_add_host_good assert_nothing_raised do - r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => '1234', :ip => '127.0.0.1') - r.save + BeEF::Core::Models::NetworkHost.add(:hooked_browser_id => '1234', :ip => '127.0.0.1') raise "Adding network host failed" if BeEF::Core::Models::NetworkHost.all(:hooked_browser_id => '1234', :ip => '127.0.0.1').empty? end end @@ -37,8 +36,7 @@ class TC_Network < Test::Unit::TestCase # Tests procedure for properly adding new service def test_03_add_service_good assert_nothing_raised do - r = BeEF::Core::Models::NetworkService.new(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :type => 'Apache', :cid => 1) - r.save + BeEF::Core::Models::NetworkService.add(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :type => 'Apache', :cid => 1) raise "Adding network service failed" if BeEF::Core::Models::NetworkService.all(:hooked_browser_id => '1234', :ip => '127.0.0.1').empty? end end