Modify customhook extension to allow multiple hook points

2014-01-04 14:02:43 +10:30
parent 7c977ef1aa
commit faafa9a196
3 changed files with 32 additions and 12 deletions
--- a/extensions/customhook/api.rb
+++ b/extensions/customhook/api.rb
@@ -14,13 +14,17 @@ module Customhook
    
    def self.mount_handler(beef_server)
      configuration = BeEF::Core::Configuration.instance
-      beef_server.mount(configuration.get("beef.extension.customhook.customhook_path"), BeEF::Extension::Customhook::Handler.new)
+      configuration.get("beef.extension.customhook.hooks").each do |h|
+        beef_server.mount(configuration.get("beef.extension.customhook.hooks.#{h.first}.path"), BeEF::Extension::Customhook::Handler.new)
+      end
    end

    def self.pre_http_start(beef_server)
      configuration = BeEF::Core::Configuration.instance
-      print_success "Successfully mounted a custom hook point"
-      print_more "Mount Point: #{configuration.get('beef.extension.customhook.customhook_path')}\nLoading iFrame: #{configuration.get('beef.extension.customhook.customhook_target')}\n"
+      configuration.get("beef.extension.customhook.hooks").each do |h|
+        print_success "Successfully mounted a custom hook point"
+        print_more "Mount Point: #{configuration.get("beef.extension.customhook.hooks.#{h.first}.path")}\nLoading iFrame: #{configuration.get("beef.extension.customhook.hooks.#{h.first}.target")}\n"
+      end
    end
  end
 end
--- a/extensions/customhook/config.yaml
+++ b/extensions/customhook/config.yaml
@@ -7,8 +7,17 @@ beef:
    extension:
        customhook:
            enable: false
-            name: 'Custom Hook Point with iFrame Impersonation'
-            customhook_path: "/yougotchipmunked"
-            customhook_target: "http://www.chipmunks.com"
-            customhook_title: "Alvin and the Chipmunks.."
-
+            name: 'Custom Hook Points with iFrame Impersonation'
+            hooks:
+                changeme:
+                    path: "/changeme"
+                    target: "http://example.com"
+                    title: "Change Me!"
+                beef:
+                    path: "/beef"
+                    target: "http://beefproject.com"
+                    title: "BeEF - The Browser Exploitation Framework Project"
+                yougotchipmunked:
+                    path: "/yougotchipmunked"
+                    target: "http://www.chipmunks.com"
+                    title: "Alvin and the Chipmunks.."
--- a/extensions/customhook/handler.rb
+++ b/extensions/customhook/handler.rb
@@ -15,12 +15,19 @@ module Customhook
      @params = @request.query_string
      @response = Rack::Response.new(body=[], 200, header={})
      config = BeEF::Core::Configuration.instance
-
      eruby = Erubis::FastEruby.new(File.read(File.dirname(__FILE__)+'/html/index.html'))
+      config.get("beef.extension.customhook.hooks").each do |h|
+        path = config.get("beef.extension.customhook.hooks.#{h.first}.path")
+        if path == "#{env['REQUEST_URI']}"
+          print_info "[Custom Hook] Handling request for custom hook mounted at '#{path}'"
+          @body << eruby.evaluate({
+            'customhook_target' => config.get("beef.extension.customhook.hooks.#{h.first}.target"),
+            'customhook_title'  => config.get("beef.extension.customhook.hooks.#{h.first}.title")
+          })
+          break
+        end
+      end

-      @body << eruby.evaluate({'customhook_target' => config.get("beef.extension.customhook.customhook_target"),
-        'customhook_title' => config.get("beef.extension.customhook.customhook_title")})
-      
      @response = Rack::Response.new(
            body = [@body],
            status = 200,