Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

config: add comments for public connect-back settings (#2778)

Browse Source
This commit is contained in:
bcoles
2023-04-01 04:21:36 +11:00
committed by GitHub
parent 173d8009a7
commit e1ed67b5d3
2 changed files with 18 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
config.yaml
View File

@@ -45,22 +45,23 @@ beef:
# Enabling WebSockets is generally better (beef.websocket.enable)
xhr_poll_timeout: 1000
# Host Name / Domain Name
# If you want BeEF to be accessible via hostname or domain name (ie, DynDNS),
# These settings will be used to create a public facing URL
# This public facing URL will be used for all hook related calls
# set the public setting below:
# public:
# host: "" # public hostname/IP address
# port: "" # public port will default to 80 if no https 443 if https
# and local if not set but there is a public host
# https: false # true/false
# Public Domain Name / Reverse Proxy / Port Forwarding
#
# In order for the client-side BeEF JavaScript hook to be able to connect to BeEF,
# the hook JavaScript needs to be generated with the correct connect-back details.
#
# If you're using a public domain name, reverse proxy, or port forwarding you must
# configure the public-facing connection details here.
# Reverse Proxy / NAT
# If you want BeEF to be accessible behind a reverse proxy or NAT,
# set both the publicly accessible hostname/IP address and port below:
# NOTE: Allowing the reverse proxy will enable a vulnerability where the ui/panel can be spoofed
# by altering the X-FORWARDED-FOR ip address in the request header.
#public:
# host: "beef.local" # public hostname/IP address
# port: "443" # public port (443 if the public server is using HTTPS)
# https: false # true/false
# If using any reverse proxy you should also set allow_reverse_proxy to true below.
# Note that this causes the BeEF server to trust the X-Forwarded-For HTTP header.
# If the BeEF server is directly accessible, clients can spoof their connecting
# IP address using this header to bypass the IP address permissions/exclusions.
allow_reverse_proxy: false
# Hook
@@ -93,8 +94,6 @@ beef:
# Experimental HTTPS support for the hook / admin / all other Thin managed web services
https:
enable: false
# Enabled this config setting if you're external facing uri is using https
public_enabled: false
# In production environments, be sure to use a valid certificate signed for the value
# used in beef.http.public (the domain name of the server where you run BeEF)
key: "beef_key.pem"

11
core/main/handlers/hookedbrowsers.rb
View File

@@ -22,6 +22,7 @@ module BeEF
def confirm_browser_user_agent(user_agent)
browser_type = user_agent.split(' ').last # selecting just name/version of browser
# does the browser already exist in the legacy database / object? Return true if yes
# browser and therefore which version of the hook file to generate and use
BeEF::Core::Models::LegacyBrowserUserAgents.user_agents.each do |ua_string|
return true if ua_string.include? browser_type
end
@@ -90,7 +91,7 @@ module BeEF
hooked_browser.lastseen = Time.new.to_i
# @note Check for a change in zombie IP and log an event
if config.get('beef.http.use_x_forward_for') == true
if config.get('beef.http.allow_reverse_proxy') == true
if hooked_browser.ip != request.env['HTTP_X_FORWARDED_FOR']
BeEF::Core::Logger.instance.register('Zombie', "IP address has changed from #{hooked_browser.ip} to #{request.env['HTTP_X_FORWARDED_FOR']}", hooked_browser.id.to_s)
hooked_browser.ip = request.env['HTTP_X_FORWARDED_FOR']
@@ -139,14 +140,6 @@ module BeEF
# @note is a known browser so send instructions
end
# check for string within array of strings
def check_for_string(string, array)
array.each do |item|
return true if item.include? string
end
false
end
# @note set response headers and body
headers 'Pragma' => 'no-cache',
'Cache-Control' => 'no-cache',