diff --git a/core/main/ar-migrations/013_create_network_host.rb b/core/main/ar-migrations/013_create_network_host.rb index 3c977b247..a619df0c3 100644 --- a/core/main/ar-migrations/013_create_network_host.rb +++ b/core/main/ar-migrations/013_create_network_host.rb @@ -3,15 +3,14 @@ class CreateNetworkHost < ActiveRecord::Migration[6.0] def change create_table :network_hosts do |t| - t.references :hooked_browser - t.text :ip - t.text :hostname - t.text :ntype - t.text :os - t.text :mac - t.text :lastseen - end - + t.references :hooked_browser + t.text :ip + t.text :hostname + t.text :ntype + t.text :os + t.text :mac + t.text :lastseen + end end end diff --git a/core/main/handlers/browserdetails.rb b/core/main/handlers/browserdetails.rb index b39ab8f9d..c92c46e19 100644 --- a/core/main/handlers/browserdetails.rb +++ b/core/main/handlers/browserdetails.rb @@ -29,6 +29,7 @@ module BeEF # validate hook session value session_id = get_param(@data, 'beefhook') + print_debug "[INIT] Processing Browser Details for session #{session_id}" (self.err_msg "session id is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(session_id) hooked_browser = HB.where(:session => session_id).first return if not hooked_browser.nil? # browser is already registered with framework @@ -404,6 +405,20 @@ module BeEF self.err_msg "Invalid value for 'browser.window.size.width' returned from the hook browser's initial connection." end + # store and log IP details of host + print_debug("Hooked browser [id:#{zombie.id}] has IP [ip: #{zombie.ip}]") + + if os_name != nil and os_version != nil + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host', :os => os_name + "-" + os_version) + + elsif os_name != nil + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host', :os => os_name) + + else + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host') + + end + # get and store the yes|no value for browser capabilities capabilities = [ 'browser.capabilities.vbscript', diff --git a/extensions/network/rest/network.rb b/extensions/network/rest/network.rb index 1e905c0d6..27ff2a38b 100644 --- a/extensions/network/rest/network.rb +++ b/extensions/network/rest/network.rb @@ -13,6 +13,7 @@ module BeEF config = BeEF::Core::Configuration.instance @nh = BeEF::Core::Models::NetworkHost @ns = BeEF::Core::Models::NetworkService + @hb = BeEF::Core::Models::HookedBrowser # Require a valid API token from a valid IP address halt 401 unless params[:token] == config.get('beef.api_token') @@ -69,7 +70,9 @@ module BeEF begin id = params[:id] - hosts = @nh.where(hooked_browser_id: id).distinct.order(:id) + hooked_browser = @hb.where(session: id).distinct + + hosts = @nh.where(hooked_browser: hooked_browser).distinct.order(:hooked_browser) count = hosts.length result = {} @@ -121,7 +124,7 @@ module BeEF host = @nh.find(id) raise InvalidParamError, 'id' if host.nil? - halt 404 if host.empty? + halt 404 if host == nil? host.to_h.to_json rescue InvalidParamError => e diff --git a/spec/beef/api/auth_rate_spec.rb b/spec/beef/api/auth_rate_spec.rb index 288475510..5c01118a9 100644 --- a/spec/beef/api/auth_rate_spec.rb +++ b/spec/beef/api/auth_rate_spec.rb @@ -27,8 +27,8 @@ RSpec.describe 'BeEF API Rate Limit' do after(:all) do - Process.kill("INT",@pid) - Process.kill("INT",@pids) + Process.kill("KILL",@pid) + Process.kill("KILL",@pids) end diff --git a/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb b/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb new file mode 100644 index 000000000..ab4bee67c --- /dev/null +++ b/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb @@ -0,0 +1,77 @@ +RSpec.describe 'AutoRunEngine test' do + + before(:all) do + # Note: rake spec passes --patterns which causes BeEF to pickup this argument via optparse. I can't see a better way at the moment to filter this out. Therefore ARGV=[] for this test. + ARGV = [] + @config = BeEF::Core::Configuration.instance + @config.set('beef.credentials.user', "beef") + @config.set('beef.credentials.passwd', "beef") + + #generate api token + BeEF::Core::Crypto::api_token + + # load up DB + # Connect to DB + ActiveRecord::Base.logger = nil + OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')] + OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:'beef.db') + # Migrate (if required) + context = ActiveRecord::Migration.new.migration_context + if context.needs_migration? + ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate + end + + + + # add AutoRunEngine rule + test_rule = {"name"=>"Display an alert", "author"=>"mgeeky", "browser"=>"ALL", "browser_version"=>"ALL", "os"=>"ALL", "os_version"=>"ALL", "modules"=>[{"name"=>"alert_dialog", "condition"=>nil, "options"=>{"text"=>"You've been BeEFed ;>"}}], "execution_order"=>[0], "execution_delay"=>[0], "chain_mode"=>"sequential"} + + BeEF::Core::AutorunEngine::RuleLoader.instance.load_directory + # are_engine.R + + + http_hook_server = BeEF::Core::Server.instance + http_hook_server.prepare + + + @pids = fork do + BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server) + end + @pid = fork do + http_hook_server.start + end + # wait for server to start + sleep 1 + end + # wait for server to start + + after(:all) do + + Process.kill("KILL",@pid) + Process.kill("KILL",@pids) + + end + + it 'AutoRunEngine is working' do + + api = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, BEEF_PASSWD) + + response = api.auth() + + @token = response[:token] + + puts "authenticated. api token: #{@token}" + + puts 'hooking a new victim, waiting a few seconds...' + + victim = BeefTest.new_victim + sleep 5.0 + + response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}} + + j = JSON.parse(response.body) + expect(j) + + end + +end diff --git a/spec/beef/core/main/handlers/browser_details_handler_spec.rb b/spec/beef/core/main/handlers/browser_details_handler_spec.rb index f509ac681..c89f1ebc2 100644 --- a/spec/beef/core/main/handlers/browser_details_handler_spec.rb +++ b/spec/beef/core/main/handlers/browser_details_handler_spec.rb @@ -37,8 +37,8 @@ RSpec.describe 'Browser details handler' do after(:all) do - Process.kill("INT",@pid) - Process.kill("INT",@pids) + Process.kill("KILL",@pid) + Process.kill("KILL",@pids) end diff --git a/spec/beef/extensions/network_spec.rb b/spec/beef/extensions/network_spec.rb index a72c5d093..1d5029db3 100644 --- a/spec/beef/extensions/network_spec.rb +++ b/spec/beef/extensions/network_spec.rb @@ -3,13 +3,20 @@ require 'extensions/network/models/network_host' RSpec.describe 'BeEF Extension Network' do - it 'add good host' do + it 'add good local host' do expect { BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => '1234', :ip => '127.0.0.1') }.to_not raise_error expect(BeEF::Core::Models::NetworkHost.where(hooked_browser_id: '1234', ip: '127.0.0.1')).to_not be_empty end + it 'add good not local host' do + expect { + BeEF::Core::Models::NetworkHost.create(:hooked_browser_id => '12', :ip => '192.168.1.2') + }.to_not raise_error + expect(BeEF::Core::Models::NetworkHost.where(hooked_browser_id: '12', ip: '192.168.1.2')).to_not be_empty + end + it 'add good service' do expect { BeEF::Core::Models::NetworkService.create(:hooked_browser_id => '1234', :proto => 'http', :ip => '127.0.0.1', :port => 80, :ntype => 'Apache')