From c69b6412e06a97e82102db9770252d2ca53157b0 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Tue, 3 Feb 2015 17:40:11 +0000 Subject: [PATCH] Add support for localhost at NetworkHost --- core/main/handlers/browserdetails.rb | 6 + .../ui/panel/tabs/ZombieTabNetwork.js | 157 +++++++++++++++++- 2 files changed, 161 insertions(+), 2 deletions(-) diff --git a/core/main/handlers/browserdetails.rb b/core/main/handlers/browserdetails.rb index a91e2c937..3cffc24d9 100644 --- a/core/main/handlers/browserdetails.rb +++ b/core/main/handlers/browserdetails.rb @@ -351,6 +351,12 @@ module BeEF # log a few info of newly hooked zombie in the console print_info "New Hooked Browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}], hooked domain [#{log_zombie_domain}:#{log_zombie_port.to_s}]" + # add localhost as network host + if config.get('beef.extension.network.enable') + print_debug("Hooked browser has network interface 127.0.0.1") + r = BeEF::Core::Models::NetworkHost.new(:hooked_browser_id => session_id, :ip => '127.0.0.1', :hostname => 'localhost', :os => BeEF::Core::Models::BrowserDetails.get(session_id, 'OsName'), :cid => 'init') + r.save + end # Call autorun modules if config.get('beef.autorun.enable') diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabNetwork.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabNetwork.js index dfd9e4bf3..9dd47a21c 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabNetwork.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabNetwork.js @@ -351,7 +351,159 @@ ZombieTab_Network = function(zombie) { var ip = record.get('ip'); var class_c = ip.split(".")[0]+"."+ip.split(".")[1]+"."+ip.split(".")[2]; var ip_range = class_c+'.1-'+class_c+'.255'; - grid.rowCtxMenu = new Ext.menu.Menu({ + // menu options for localhost + if (class_c == '127.0.0') { + grid.rowCtxMenu = new Ext.menu.Menu({ + items: [ + { + text: 'Discover Web Servers', + iconCls: 'network-host-ctxMenu-web', + menu: { + xtype: 'menu', + items: [{ + text: 'Host ('+ip+')', + iconCls: 'network-host-ctxMenu-host', + handler: function() { + var mod_id = get_module_id("get_http_servers"); + commands_statusbar.update_sending('Favicon scanning ' + ip + ' for HTTP servers...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipRange":ip+'-'+ip}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error sending command'); + } + }); + } + }] + } + },{ + text: 'Fingerprint HTTP', + iconCls: 'network-host-ctxMenu-fingerprint', + menu: { + xtype: 'menu', + items: [{ + text: 'Host ('+ip+')', + iconCls: 'network-host-ctxMenu-host', + handler: function() { + var mod_id = get_module_id("internal_network_fingerprinting"); + commands_statusbar.update_sending('Fingerprinting ' + ip + '...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipRange":ip+'-'+ip}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error sending command'); + } + }); + } + }] + } + },{ + text: 'CORS Scan', + iconCls: 'network-host-ctxMenu-cors', + menu: { + xtype: 'menu', + items: [{ + text: 'Host ('+ip+')', + iconCls: 'network-host-ctxMenu-host', + handler: function() { + var mod_id = get_module_id("cross_origin_scanner"); + commands_statusbar.update_sending('CORS scanning ' + ip + '...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipRange":ip+'-'+ip}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error sending command'); + } + }); + } + }] + } + },{ + text: 'Port Scan', + iconCls: 'network-host-ctxMenu-network', + menu: { + xtype: 'menu', + items: [{ + text: 'Common Ports', + iconCls: 'network-host-ctxMenu-host', + handler: function() { + var mod_id = get_module_id("port_scanner"); + var ports = '21,22,23,25,80,81,443,445,1080,8080,8081,8090,8443,3000,3128,3389,3306,5432,6379,10000,10443'; + commands_statusbar.update_sending('Port scanning ' + ip + '...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipHost":ip,"ports":ports}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error sending command'); + } + }); + } + },{ + text: 'Specify Ports', + iconCls: 'network-host-ctxMenu-config', + handler: function() { + var mod_id = get_module_id("port_scanner"); + var ports = prompt("Enter ports to scan:", '1,5,7,9,15,20,21,22,23,25,26,29,33,37,42,43,53,67,68,69,70,76,79,80,88,90,98,101,106,109,110,111,113,114,115,118,119,123,129,132,133,135,136,137,138,139,143,144,156,158,161,162,168,174,177,194,197,209,213,217,219,220,223,264,315,316,346,353,389,413,414,415,416,440,443,444,445,453,454,456,457,458,462,464,465,466,480,486,497,500,501,516,518,522,523,524,525,526,533,535,538,540,541,542,543,544,545,546,547,556,557,560,561,563,564,625,626,631,636,637,660,664,666,683,740,741,742,744,747,748,749,750,751,752,753,754,758,760,761,762,763,764,765,767,771,773,774,775,776,780,781,782,783,786,787,799,800,801,808,871,873,888,898,901,953,989,990,992,993,994,995,996,997,998,999,1000,1002,1008,1023,1024,1080,8080,8443,8050,3306,5432,1521,1433,3389,10088'); + if (!ports) { + commands_statusbar.update_fail('Cancelled'); + return; + } + commands_statusbar.update_sending('Port scanning ' + ip + '...'); + $jwterm.ajax({ + contentType: 'application/json', + data: JSON.stringify({"ipHost":ip,"ports":ports}), + dataType: 'json', + type: 'POST', + url: "/api/modules/" + zombie.session + "/" + mod_id + "?token=" + token, + async: false, + processData: false, + success: function(data){ + commands_statusbar.update_sent("Command [id: " + data.command_id + "] sent successfully"); + }, + error: function(){ + commands_statusbar.update_fail('Error sending command'); + } + }); + } + }] + } + }] + }); + // menu options for all hosts other than 127.0.0.x + } else { + grid.rowCtxMenu = new Ext.menu.Menu({ items: [ { text: 'Discover Web Servers', @@ -564,7 +716,8 @@ ZombieTab_Network = function(zombie) { }] } }] - }); + }); + } grid.rowCtxMenu.showAt(e.getXY()); }, afterrender: function(datagrid) {