Resolved merge conflicts from prod-beef master

core/main/client/websocket.js

@@ -43,7 +43,7 @@ beef.websocket = {
     },
 
     /**
-     * Send Helo message to the BeEF server and start async polling.
+     * Send Hello message to the BeEF server and start async polling.
      */
     start:function () {
         new beef.websocket.init();

core/main/network_stack/websocket/websocket.rb

@@ -102,7 +102,7 @@ module BeEF
 
                     # new zombie
                     unless msg_hash['cookie'].nil?
-                      print_debug("[WebSocket] Browser says helo! WebSocket is running")
+                      print_debug("[WebSocket] Browser says hello! WebSocket is running")
                       # insert new connection in activesocket
                       @@activeSocket["#{msg_hash["cookie"]}"] = ws
                       print_debug("[WebSocket] activeSocket content [#{@@activeSocket}]")

modules/debug/test_get_variable/config.yaml

@@ -6,7 +6,7 @@
 beef:
     module:
         test_get_variable:
-            enable: enable
+            enable: true
             category: "Debug"
             name: "Test JS variable passing"
             description: "Test for JS variable passing from another BeEF's script via Window object"

modules/network/fetch_port_scanner/config.yaml

@@ -5,29 +5,29 @@
 #
 beef:
     module:
-        sw_port_scanner:
+        fetch_port_scanner:
             enable: true
             category: "Network"
-            name: "SW Port Scanner"
+            name: "Fetch Port Scanner"
-            description: " Uses web workers to port scan"
+            description: " Uses fetch to test the response in order to determine if a port is open or not"
-            authors: ["Crimes by Will", "jcrew99"]
+            authors: ["Crimes by Will", "jcrew99", "salmong1t"]
             # http://caniuse.com/cors
             target:
-                working: ["ALL"]
+                working: ["FF", "C", "E", "EP"]
                 not_working:
-                    # CORS is partially supported on IE 8 & 9
                     IE:
-                        min_ver: 6
+                        min_ver: 1
-                        max_ver: 7
+                        max_ver: 11
+
                     O:
                         min_ver: 1
                         max_ver: 11
                     C:
                         min_ver: 1
-                        max_ver: 3
+                        max_ver: 5
                     S:
-                        min_ver: 1
+                        min_ver: 3
-                        max_ver: 3
+                        max_ver: 5
-                    F:
+                    FF:
-                        min_ver: 1
+                        min_ver: 3
-                        max_ver: 3
+                        max_ver: 60

modules/network/fetch_port_scanner/module.rb

@@ -3,7 +3,7 @@
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
-class Sw_port_scanner < BeEF::Core::Command
+class Fetch_port_scanner < BeEF::Core::Command
   
   # set and return all options for this module
    def self.options

spec/beef/api/auth_rate_spec.rb

@@ -7,31 +7,87 @@
 RSpec.describe 'BeEF API Rate Limit' do
 
 	before(:all) do
-		# Note: rake spec passes --patterns which causes BeEF to pickup this argument via optparse. I can't see a better way at the moment to filter this out. Therefore ARGV=[] for this test.
-		ARGV = []
 		@config = BeEF::Core::Configuration.instance
 		@config.set('beef.credentials.user', "beef")
 		@config.set('beef.credentials.passwd', "beef")
+		@username = @config.get('beef.credentials.user')
+		@password = @config.get('beef.credentials.passwd')
+		
+		# Load BeEF extensions and modules
+		# Always load Extensions, as previous changes to the config from other tests may affect
+		# whether or not this test passes.
+		BeEF::Extensions.load
+		sleep 2
+
+		# Check if modules already loaded. No need to reload.
+		if @config.get('beef.module').nil?
+			print_info "Loading in BeEF::Modules"
+			BeEF::Modules.load
+
+			sleep 2
+		else
+				print_info "Modules already loaded"
+		end
+
+		# Grab DB file and regenerate if requested
+		print_info "Loading database"
+		db_file = @config.get('beef.database.file')
+
+		if BeEF::Core::Console::CommandLine.parse[:resetdb]
+			print_info 'Resetting the database for BeEF.'
+			File.delete(db_file) if File.exists?(db_file)
+		end
+
+		# Load up DB and migrate if necessary
+		ActiveRecord::Base.logger = nil
+		OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
+		OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database: db_file)
+
+		context = ActiveRecord::Migration.new.migration_context
+		if context.needs_migration?
+		  ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate
+		end
+
+		sleep 2
+
+		BeEF::Core::Migration.instance.update_db!
+
+		# add AutoRunEngine rule
+		test_rule =  {"name"=>"Display an alert", "author"=>"mgeeky", "browser"=>"ALL", "browser_version"=>"ALL", "os"=>"ALL", "os_version"=>"ALL", "modules"=>[{"name"=>"alert_dialog", "condition"=>nil, "options"=>{"text"=>"You've been BeEFed ;>"}}], "execution_order"=>[0], "execution_delay"=>[0], "chain_mode"=>"sequential"}
+
+		BeEF::Core::AutorunEngine::RuleLoader.instance.load_directory
+		# are_engine.R
+
+		# Spawn HTTP Server
+		print_info "Starting HTTP Hook Server"
 		http_hook_server = BeEF::Core::Server.instance
 		http_hook_server.prepare
+
+		# Generate a token for the server to respond with
+		BeEF::Core::Crypto::api_token
+
+		# Initiate server start-up
 		@pids = fork do
 			BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
 		end
 		@pid = fork do
 			http_hook_server.start
 		end
-		# wait for server to start
-		sleep 1
-	end
-    # wait for server to start
-  
-  	after(:all) do
-	
-	 Process.kill("KILL",@pid)
-	 Process.kill("KILL",@pids)
-	
- 	end
 
+		# Give the server time to start-up
+		sleep 1
+
+		# Authenticate to REST API & pull the token from the response
+		@response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json
+		@token = JSON.parse(@response)['token']
+	end
+  
+	after(:all) do
+		print_info "Shutting down server"
+		Process.kill("KILL",@pid)
+		Process.kill("KILL",@pids)
+	end
+	 
 	it 'adheres to auth rate limits' do
 		passwds = (1..9).map { |i| "broken_pass"}
 		passwds.push BEEF_PASSWD

spec/beef/core/main/autorun_engine/autorun_engine_spec.rb

@@ -1,69 +1,108 @@
+#
+# Copyright (c) 2006-2020 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+
+require 'rest-client'
+require 'json'
+require_relative '../../../../support/constants'
+require_relative '../../../../support/beef_test'
+
 RSpec.describe 'AutoRunEngine test' do
 
 	before(:all) do
-		# Note: rake spec passes --patterns which causes BeEF to pickup this argument via optparse. I can't see a better way at the moment to filter this out. Therefore ARGV=[] for this test.
-		ARGV = []
-
-		# Set config
 		@config = BeEF::Core::Configuration.instance
 		@config.set('beef.credentials.user', "beef")
 		@config.set('beef.credentials.passwd', "beef")
+		@username = @config.get('beef.credentials.user')
+		@password = @config.get('beef.credentials.passwd')
 		
-		# Generate API token
+		# Load BeEF extensions and modules
-		BeEF::Core::Crypto::api_token
+		# Always load Extensions, as previous changes to the config from other tests may affect
+		# whether or not this test passes.
+		BeEF::Extensions.load
+		sleep 2
 
-		# Load up and connect to DB
+		# Check if modules already loaded. No need to reload.
+		if @config.get('beef.module').nil?
+			print_info "Loading in BeEF::Modules"
+			BeEF::Modules.load
+
+			sleep 2
+		else
+				print_info "Modules already loaded"
+		end
+
+		# Grab DB file and regenerate if requested
+		print_info "Loading database"
+		db_file = @config.get('beef.database.file')
+
+		if BeEF::Core::Console::CommandLine.parse[:resetdb]
+			print_info 'Resetting the database for BeEF.'
+			File.delete(db_file) if File.exists?(db_file)
+		end
+
+		# Load up DB and migrate if necessary
 		ActiveRecord::Base.logger = nil
 		OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
-		OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:'beef.db')
+		OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database: db_file)
-		
+
-		# Migrate (if required)
 		context = ActiveRecord::Migration.new.migration_context
 		if context.needs_migration?
 		  ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate
 		end
 
-		# Add AutoRunEngine rule
+		sleep 2
+
+		BeEF::Core::Migration.instance.update_db!
+
+		# add AutoRunEngine rule
 		test_rule =  {"name"=>"Display an alert", "author"=>"mgeeky", "browser"=>"ALL", "browser_version"=>"ALL", "os"=>"ALL", "os_version"=>"ALL", "modules"=>[{"name"=>"alert_dialog", "condition"=>nil, "options"=>{"text"=>"You've been BeEFed ;>"}}], "execution_order"=>[0], "execution_delay"=>[0], "chain_mode"=>"sequential"}
 
 		BeEF::Core::AutorunEngine::RuleLoader.instance.load_directory
+		# are_engine.R
 
-		# Prepare hook server
+		# Spawn HTTP Server
+		print_info "Starting HTTP Hook Server"
 		http_hook_server = BeEF::Core::Server.instance
 		http_hook_server.prepare
 
+		# Generate a token for the server to respond with
+		BeEF::Core::Crypto::api_token
+
+		# Initiate server start-up
 		@pids = fork do
 			BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
 		end
 		@pid = fork do
 			http_hook_server.start
 		end
-		
+
-		# Wait for server to start
+		# Give the server time to start-up
 		sleep 1
+
+		# Authenticate to REST API & pull the token from the response
+		@response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json
+		@token = JSON.parse(@response)['token']
 	end
   
 	after(:all) do
+		print_info "Shutting down server"
 		Process.kill("KILL",@pid)
 		Process.kill("KILL",@pids)
  	end
 
-	it 'AutoRunEngine is working', :run_on_browserstack => true do
+	it 'AutoRunEngine is working' do
-		api = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, BEEF_PASSWD)
+		print_info 'Hooking a new victim, waiting a few seconds...'
-		response = api.auth()
-
-		@token = response[:token]
-
-		puts "Successfully authenticated. API token: #{@token}"
-		puts 'Hooking a new victim, waiting a few seconds...'
-
 		victim = BeefTest.new_victim
-		sleep 5.0
 
-		response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}}
+    sleep 3
 
-		j = JSON.parse(response.body)
+		response = RestClient.get "#{RESTAPI_HOOKS}?token=#{@token}"
-		expect(j)
+		result_data = JSON.parse(response)
+
+    expect(result_data['hooked-browsers']['online']).not_to be_empty
 	end
  
 end

spec/beef/core/main/handlers/browser_details_handler_spec.rb

@@ -1,32 +1,76 @@
+#
+# Copyright (c) 2006-2020 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+
+require 'rest-client'
+require 'json'
+require_relative '../../../../support/constants'
+require_relative '../../../../support/beef_test'
+
 RSpec.describe 'Browser details handler' do
-
 	before(:all) do
-		# Note: rake spec passes --patterns which causes BeEF to pickup this argument via optparse. I can't see a better way at the moment to filter this out. Therefore ARGV=[] for this test.
-		ARGV = []
-
-		# Set config
 		@config = BeEF::Core::Configuration.instance
 		@config.set('beef.credentials.user', "beef")
 		@config.set('beef.credentials.passwd', "beef")
+		@username = @config.get('beef.credentials.user')
+		@password = @config.get('beef.credentials.passwd')
 		
-		# Generate API token
+		# Load BeEF extensions and modules
-		BeEF::Core::Crypto::api_token
+		# Always load Extensions, as previous changes to the config from other tests may affect
+		# whether or not this test passes.
+		BeEF::Extensions.load
+		sleep 2
 
-		# Load up and connect to DB
+		# Check if modules already loaded. No need to reload.
+		if @config.get('beef.module').nil?
+			print_info "Loading in BeEF::Modules"
+			BeEF::Modules.load
+
+			sleep 2
+		else
+				print_info "Modules already loaded"
+		end
+
+		# Grab DB file and regenerate if requested
+		print_info "Loading database"
+		db_file = @config.get('beef.database.file')
+
+		if BeEF::Core::Console::CommandLine.parse[:resetdb]
+			print_info 'Resetting the database for BeEF.'
+			File.delete(db_file) if File.exists?(db_file)
+		end
+
+		# Load up DB and migrate if necessary
 		ActiveRecord::Base.logger = nil
 		OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
-		OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:'beef.db')
+		OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database: db_file)
 
-		# Migrate (if required)
 		context = ActiveRecord::Migration.new.migration_context
 		if context.needs_migration?
 		  ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate
 		end
 
-		# Prepare hook server
+		sleep 2
+
+		BeEF::Core::Migration.instance.update_db!
+
+		# add AutoRunEngine rule
+		test_rule =  {"name"=>"Display an alert", "author"=>"mgeeky", "browser"=>"ALL", "browser_version"=>"ALL", "os"=>"ALL", "os_version"=>"ALL", "modules"=>[{"name"=>"alert_dialog", "condition"=>nil, "options"=>{"text"=>"You've been BeEFed ;>"}}], "execution_order"=>[0], "execution_delay"=>[0], "chain_mode"=>"sequential"}
+
+		BeEF::Core::AutorunEngine::RuleLoader.instance.load_directory
+		# are_engine.R
+
+		# Spawn HTTP Server
+		print_info "Starting HTTP Hook Server"
 		http_hook_server = BeEF::Core::Server.instance
 		http_hook_server.prepare
 
+		# Generate a token for the server to respond with
+		BeEF::Core::Crypto::api_token
+
+		# Initiate server start-up
 		@pids = fork do
 			BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
 		end
@@ -34,43 +78,42 @@ RSpec.describe 'Browser details handler' do
 			http_hook_server.start
 		end
 
-		# Wait for server to start
+		# Give the server time to start-up
 		sleep 1
+
+		# Authenticate to REST API & pull the token from the response
+		@response = RestClient.post "#{RESTAPI_ADMIN}/login", { 'username': "#{@username}", 'password': "#{@password}" }.to_json, :content_type => :json
+		@token = JSON.parse(@response)['token']
+
+		# Hook new victim
+		print_info 'Hooking a new victim, waiting a few seconds...'
+		@victim = BeefTest.new_victim
+
+    sleep 3
+
+		# Identify Session ID of victim generated above
+		@hooks = JSON.parse(RestClient.get "#{RESTAPI_HOOKS}?token=#{@token}")
 	end
   
 	after(:all) do
+		print_info "Shutting down server"
 		Process.kill("KILL",@pid)
 		Process.kill("KILL",@pids)
- 	end
+	end
 
-	it 'browser details handler working', :run_on_browserstack => true do
+	it 'can successfully hook a browser' do
-		api = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, BEEF_PASSWD)
+    expect(@hooks['hooked-browsers']['online']).not_to be_empty
-		response = api.auth()
+	end
 
-		@token = response[:token]
+	it 'browser details handler working' do
-
+		session_id = @hooks['hooked-browsers']['online']['0']['session']
-		puts "Successfully authenticated. API token: #{@token}"
+		
-		puts 'Hooking a new victim, waiting a few seconds...'
+		print_info "Getting browser details"
-
+		response = RestClient.get "#{RESTAPI_HOOKS}/#{session_id}?token=#{@token}"
-		victim = BeefTest.new_victim
+		details = JSON.parse(response.body)
-		sleep 3.0
+		
-
+		expect(@victim.driver.browser.browser.to_s.downcase).to eql (details['browser.name.friendly'].downcase)
-		response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}}
-
-		j = JSON.parse(response.body)
-		expect(j)
 	end
 	
-	it 'can successfully hook a browser', :run_on_browserstack => true do
-		@token  = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, BEEF_PASSWD).auth()[:token]
 
-		victim = BeefTest.new_victim
-		sleep 3.0
-
-		response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}}
-
-		x = JSON.parse(response.body)
-		puts x
-		expect(x)
-	end
 end

spec/beef/extensions/websocket_hooked_browser_spec.rb

@@ -0,0 +1,99 @@
+# encoding: UTF-8
+require 'rest-client'
+require 'core/main/network_stack/websocket/websocket'
+require 'websocket-client-simple'
+
+RSpec.describe 'BeEF WebSockets enabled' do
+
+  before(:all) do
+    @config = BeEF::Core::Configuration.instance
+    @cert_key = @config.get('beef.http.https.key')
+    @cert = @config.get('beef.http.https.cert')
+    @port = @config.get('beef.http.websocket.port')
+    @secure_port = @config.get('beef.http.websocket.secure_port')
+    @config.set('beef.http.websocket.secure', true)
+    @config.set('beef.http.websocket.enable', true)
+   #set config parameters
+   @config.set('beef.credentials.user', "beef")
+   @config.set('beef.credentials.passwd', "beef")
+   @username = @config.get('beef.credentials.user')
+   @password = @config.get('beef.credentials.passwd')
+   #load extensions, best practice is to reload as previous tests can potentially cause issues.
+   BeEF::Extensions.load
+   sleep 2
+   if @config.get('beef.module').nil?
+     puts "loading modules"
+     BeEF::Modules.load
+     sleep 2
+   end
+   #generate token for the api to use
+   BeEF::Core::Crypto::api_token
+   # load up DB
+   # Connect to DB
+   ActiveRecord::Base.logger = nil
+   OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
+   OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:'beef.db')
+   
+   # Migrate (if required)
+   context = ActiveRecord::Migration.new.migration_context
+   if context.needs_migration?
+     puts "migrating db"
+     ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate
+   end
+   #start the hook server instance, for it out to track the pids for graceful closure
+   http_hook_server = BeEF::Core::Server.instance
+   http_hook_server.prepare
+   @pids = fork do
+     BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
+   end
+   @pid = fork do
+     http_hook_server.start
+   end
+   # wait for server to start
+   sleep 1
+  end
+
+  it 'can hook a browser with websockets' do
+    #prepare for the HTTP model
+    https = BeEF::Core::Models::Http
+
+    ### hook a new victim, use rest API to send request and get the token and victim
+
+    api = BeefRestClient.new('http', ATTACK_DOMAIN, '3000', BEEF_USER, BEEF_PASSWD)
+    response = api.auth()
+    @token = response[:token]
+    puts 'hooking a new victim, waiting a few seconds...'
+    victim = BeefTest.new_victim
+    sleep 2
+    #Uses the response and hooked browser details to get the response
+    response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}}
+    #test for the response if errors and weirdness there
+    # puts "#{response} from the rest client " 
+    hb_details = JSON.parse(response.body)
+    while hb_details["hooked-browsers"]["online"].empty?
+      # get victim session
+      response = RestClient.get "#{RESTAPI_HOOKS}", {:params => {:token => @token}}
+      hb_details = JSON.parse(response.body)
+      puts "json: #{hb_details}"
+      puts "can hook a browser"
+      puts "online hooked browsers empty: #{hb_details["hooked-browsers"]["online"].empty?}"
+    end
+    #get the hooked browser details
+    hb_session = hb_details["hooked-browsers"]["online"]["0"]["session"]
+    #show the address of what is being hooked
+    #puts "hooked browser: #{hb_session}"
+    expect(hb_session).not_to be_nil  
+    #cannot do it in the after:all
+    https.where(:hooked_browser_id => hb_session).delete_all
+  end
+
+  after(:all) do
+    # cleanup: delete test browser entries and session
+    # kill the server
+    @config.set('beef.http.websocket.enable', false)
+    Process.kill("KILL", @pid)
+    Process.kill("KILL", @pids)
+    puts "waiting for server to die.."
+  end
+
+end

spec/beef/modules/debug/test_beef_debugs_spec.rb

@@ -17,14 +17,24 @@ RSpec.describe 'BeEF Debug Command Modules:' do
         @username = @config.get('beef.credentials.user')
         @password = @config.get('beef.credentials.passwd')
 
-        # Load BeEF extensions and modules
+		# Load BeEF extensions and modules
-        BeEF::Extensions.load
+		# Always load Extensions, as previous changes to the config from other tests may affect
+		# whether or not this test passes.
+		BeEF::Extensions.load
+		sleep 2
 
-        sleep 10
+		# Check if modules already loaded. No need to reload.
+		if @config.get('beef.module').nil?
+			print_info "Loading in BeEF::Modules"
+			BeEF::Modules.load
 
-        BeEF::Modules.load
+			sleep 2
+		else
+				print_info "Modules already loaded"
+		end
 
         # Grab DB file and regenerate if requested
+        print_info "Loading database"
         db_file = @config.get('beef.database.file')
 
         if BeEF::Core::Console::CommandLine.parse[:resetdb]
@@ -42,11 +52,12 @@ RSpec.describe 'BeEF Debug Command Modules:' do
           ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate
         end
 
-        sleep 10
+        sleep 2
 
         BeEF::Core::Migration.instance.update_db!
         
         # Spawn HTTP Server
+        print_info "Starting HTTP Hook Server"
         http_hook_server = BeEF::Core::Server.instance
         http_hook_server.prepare
 
@@ -69,9 +80,10 @@ RSpec.describe 'BeEF Debug Command Modules:' do
         @token = JSON.parse(@response)['token']
 
         # Hook new victim
+		print_info 'Hooking a new victim, waiting a few seconds...'
         @victim = BeefTest.new_victim
 
-        sleep 5
+        sleep 3
 
         # Identify Session ID of victim generated above
         @hooks = RestClient.get "#{RESTAPI_HOOKS}?token=#{@token}"
@@ -87,12 +99,13 @@ RSpec.describe 'BeEF Debug Command Modules:' do
     end
 
     after(:all) do
+        print_info "Shutting down server"
         Process.kill("KILL",@pid)
         Process.kill("KILL",@pids)
     end
 
     it 'The Test_beef.debug() command module successfully executes', :run_on_browserstack => true do
-        cmd_mod_id = debug_mod_names_ids['Test_beef_debug']
+        cmd_mod_id = @debug_mod_names_ids['Test_beef_debug']
         response = RestClient.post "#{RESTAPI_MODULES}/#{@session}/#{cmd_mod_id}?token=#{@token}", 
                                    { "msg": "test" }.to_json, 
                                    :content_type => :json
@@ -101,7 +114,7 @@ RSpec.describe 'BeEF Debug Command Modules:' do
     end
 
     it 'The Return ASCII Characters command module successfully executes', :run_on_browserstack => true do
-        cmd_mod_id = debug_mod_names_ids['Test_return_ascii_chars']
+        cmd_mod_id = @debug_mod_names_ids['Test_return_ascii_chars']
         response = RestClient.post "#{RESTAPI_MODULES}/#{@session}/#{cmd_mod_id}?token=#{@token}",
                                 { }.to_json,
                                 :content_type => :json
@@ -110,7 +123,7 @@ RSpec.describe 'BeEF Debug Command Modules:' do
     end
 
     it 'The Return Image command module successfully executes', :run_on_browserstack => true do
-        cmd_mod_id = debug_mod_names_ids['Test_return_image']
+        cmd_mod_id = @debug_mod_names_ids['Test_return_image']
         response = RestClient.post "#{RESTAPI_MODULES}/#{@session}/#{cmd_mod_id}?token=#{@token}",
                                 { }.to_json,
                                 :content_type => :json
@@ -120,7 +133,7 @@ RSpec.describe 'BeEF Debug Command Modules:' do
 
 
     it 'The Test HTTP Redirect command module successfully executes', :run_on_browserstack => true do
-        cmd_mod_id = debug_mod_names_ids['Test_http_redirect']
+        cmd_mod_id = @debug_mod_names_ids['Test_http_redirect']
         response = RestClient.post "#{RESTAPI_MODULES}/#{@session}/#{cmd_mod_id}?token=#{@token}",
                                 { }.to_json,
                                 :content_type => :json
@@ -129,7 +142,7 @@ RSpec.describe 'BeEF Debug Command Modules:' do
     end
 
     it 'The Test Returning Results/Long String command module successfully executes', :run_on_browserstack => true do
-        cmd_mod_id = debug_mod_names_ids['Test_return_long_string']
+        cmd_mod_id = @debug_mod_names_ids['Test_return_long_string']
         response = RestClient.post "#{RESTAPI_MODULES}/#{@session}/#{cmd_mod_id}?token=#{@token}",
                                 { "repeat": 20,
                                 "repeat_string": "beef" }.to_json,
@@ -139,7 +152,7 @@ RSpec.describe 'BeEF Debug Command Modules:' do
     end
 
     it 'The Test Network Request command module successfully executes', :run_on_browserstack => true do
-        cmd_mod_id = debug_mod_names_ids['Test_network_request']
+        cmd_mod_id = @debug_mod_names_ids['Test_network_request']
         response = RestClient.post "#{RESTAPI_MODULES}/#{@session}/#{cmd_mod_id}?token=#{@token}",
                                 { "scheme": "http",
                                     "method": "GET",
@@ -156,7 +169,7 @@ RSpec.describe 'BeEF Debug Command Modules:' do
     end
 
     it 'The Test DNS Tunnel command module successfully executes', :run_on_browserstack => true do
-        cmd_mod_id = debug_mod_names_ids['Test_dns_tunnel_client']
+        cmd_mod_id = @debug_mod_names_ids['Test_dns_tunnel_client']
         response = RestClient.post "#{RESTAPI_MODULES}/#{@session}/#{cmd_mod_id}?token=#{@token}",
                                 { "domain": "example.com",
                                     "data": "Lorem ipsum" }.to_json,
@@ -166,7 +179,7 @@ RSpec.describe 'BeEF Debug Command Modules:' do
     end
 
     it 'The Test CORS Request command module successfully executes', :run_on_browserstack => true do
-        cmd_mod_id = debug_mod_names_ids['Test_cors_request']
+        cmd_mod_id = @debug_mod_names_ids['Test_cors_request']
         response = RestClient.post "#{RESTAPI_MODULES}/#{@session}/#{cmd_mod_id}?token=#{@token}",
                                 { "method": "GET",
                                     "url": "example.com",