Update config.yaml

Edit comments for consistency.
2014-04-22 21:05:05 +10:00
parent ed5a11479a
commit d0cdb9ec90
1 changed files with 39 additions and 22 deletions
--- a/config.yaml
+++ b/config.yaml
@@ -11,29 +11,44 @@ beef:
    debug: false
    # More verbose messages (client-side)
    client_debug: false
+    # Used for generating secure tokens
+    crypto_default_value_length: 80

+    # Interface / IP restrictions
    restrictions:
-        # subnet of browser ip addresses that can hook to the framework
+        # subnet of IP addresses that can hook to the framework
        permitted_hooking_subnet: "0.0.0.0/0"
-        # subnet of browser ip addresses that can connect to the UI
+        # subnet of IP addresses that can connect to the admin UI
        #permitted_ui_subnet: "127.0.0.1/32"
        permitted_ui_subnet: "0.0.0.0/0"

+    # HTTP server
    http:
        debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
        host: "0.0.0.0"
        port: "3000"
-        # Decrease this setting up to 1000 if you want more responsiveness when sending modules and retrieving results.
-        # It's not advised to decrease it with tons of hooked browsers (more than 50),
-        # because it might impact performance. Also, enable WebSockets is generally better.
+
+        # Decrease this setting to 1,000 (ms) if you want more responsiveness
+        #  when sending modules and retrieving results.
+        # NOTE: A poll timeout of less than 5,000 (ms) might impact performance
+        #  when hooking lots of browsers (50+).
+        # Enabling WebSockets is generally better (beef.websocket.enable)
        xhr_poll_timeout: 5000
-        # if running behind a nat set the public ip address here
-        #public: ""
-        #public_port: "" # port setting is experimental
+
+        # Reverse Proxy / NAT
+        # If BeEF is running behind a reverse proxy or NAT
+        #  set the public hostname and port here
+        #public: ""      # public hostname/IP address
+        #public_port: "" # experimental
+
        # DNS
        dns_host: "localhost"
        dns_port: 53
+
+        # Web Admin user interface URI
        web_ui_basepath: "/ui"
+
+        # Hook
        hook_file: "/hook.js"
        hook_session_name: "BEEFHOOK"
        session_cookie_name: "BEEFSESSION"
@@ -47,8 +62,10 @@ beef:
        # Prefer WebSockets over XHR-polling when possible.
        websocket:
            enable: false
-          secure: true # use 'WebSocketSecure' works only on HTTPS domains and with HTTPS support enabled in BeEF
            port: 61985 # WS: good success rate through proxies
+            # Use encrypted 'WebSocketSecure'
+            # NOTE: works only on HTTPS domains and with HTTPS support enabled in BeEF
+            secure: true
            secure_port: 61986 # WSSecure
            ws_poll_timeout: 1000 # poll BeEF every second

@@ -89,7 +106,8 @@ beef:
        db_passwd: "beef123"
        db_encoding: "UTF-8"

-    # Credentials to authenticate in BeEF. Used by both the RESTful API and the Admin_UI extension
+    # Credentials to authenticate in BeEF.
+    # Used by both the RESTful API and the Admin_UI extension
    credentials:
        user:   "beef"
        passwd: "beef"
@@ -98,14 +116,13 @@ beef:
    # NOTE: only modules with target type 'working' or 'user_notify' can be run automatically.
    autorun:
        enable: true
-        # set this to FALSE if you don't want to allow auto-run execution for modules with target->user_notify
+        # set this to TRUE if you want to allow auto-run execution for modules with target->user_notify
        allow_user_notify: true

-    crypto_default_value_length: 80
-
    # IP Geolocation
-    # Requires MaxMind database
+    # NOTE: requires MaxMind database:
    #   curl -O http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
+    #   gunzip GeoLiteCity.dat.gz && mkdir /opt/GeoIP && mv GeoLiteCity.dat /opt/GeoIP
    geoip:
        enable: false
        database: '/opt/GeoIP/GeoLiteCity.dat'