Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,076 Commits 14 Branches 34 Tags
20e58d74f8ec74ec6ebfe04a33152560831b435a
Commit Graph

3076 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brendan Coles
20e58d74f8 Upgrade jquery-1.12.4 to jquery-3.3.1 for admin UI 2018-03-09 07:50:34 +00:00
Brendan Coles
cb1360d061 rm Gemfile.lock 2018-03-09 06:57:11 +00:00
Brendan Coles
8b55f41286 Merge pull request #1515 from amadeus777za/master 
Minor upgrades and fixes
 2018-03-09 17:43:36 +11:00
Brendan Coles
e44ead9550 Merge branch 'master' into master 2018-03-09 17:42:01 +11:00
Francois van der Hoven
0045fe66c0 Update rack-protection and sinatra 2018-03-09 09:19:45 +10:00
Brendan Coles
b279382768 Merge pull request #1482 from wanton1950/1333_rate_merged 
Fix 1333 rate merged
 2018-03-08 00:29:16 +11:00
Brendan Coles
4e4a0585f4 Merge branch 'master' into 1333_rate_merged 2018-03-08 00:28:52 +11:00
Brendan Coles
f6089c70e8 Update minimum required Ruby version to 2.3.x 2018-03-07 12:51:26 +00:00
Brendan Coles
7718e35109 Update installation instructions 2018-03-07 12:51:11 +00:00
Brendan Coles
2d3010dc0b Update install script 2018-03-07 08:54:39 +00:00
Francois van der Hoven
441620462d Restore original test constants 2018-02-28 11:44:16 +10:00
Francois van der Hoven
a594296fae Restore original username pw 2018-02-28 11:28:11 +10:00
Francois van der Hoven
e9fa3cd75a Delete redundant js files. 2018-02-23 14:11:24 +10:00
Francois van der Hoven
c129fca93a Update selenium reference 2018-02-23 14:07:46 +10:00
Francois van der Hoven
074edec86a Add note on selenium requirement 2018-02-23 13:50:20 +10:00
Francois van der Hoven
9f7136f0ce Add latest versions of js libraries 2018-02-23 10:15:27 +10:00
Francois van der Hoven
bbf59cd8c1 Match first of multiple links 2018-02-22 16:56:58 +10:00
Francois van der Hoven
52cf5ab541 Correct namespace errors in metasploit 2018-02-21 10:04:45 +10:00
Francois van der Hoven
cdc5022a19 Unit and Integration tests pass 2018-02-20 09:04:00 +10:00
Brendan Coles
dfc08595fe mv README.mkd README.md 2018-02-17 09:17:08 +00:00
Brendan Coles
956e216206 Add rake to ext_dns group in Gemfile 2018-02-15 14:16:50 +00:00
Brendan Coles
d1f114d103 Add X-Frame-Options to admin UI 2018-02-10 06:24:24 +00:00
Brendan Coles
67e3605e16 Encourage reading 2018-02-10 05:48:40 +00:00
Brendan Coles
836c0c97e5 Merge pull request #1493 from K07H/patch-2 
Add support for Firefox 58
 2018-01-28 16:14:23 +11:00
K07H
9030a98820 Added test for Firefox last version 
Added test for Firefox 58 ("isFF58").
 2018-01-27 11:34:19 +01:00
Brendan Coles
521e5c3e8e Add REST example to remove all offline browsers 2018-01-20 09:10:15 +00:00
Brendan Coles
cef427f856 Merge pull request #1492 from mcjon3z/master 
add https support to bind_powershell
 2018-01-18 17:32:37 +11:00
Matthew C Jones
870afd617e add https support to bind_powershell 2018-01-17 18:37:16 -05:00
Bucky Wilson
b9eb6b7780 Pruned unnecessary lines from config 
the now removed lines solved a temporary issue, since resolved
 2018-01-10 09:54:17 +10:00
Bucky Wilson
5f278ad843 Merge branch '1333_rate_merged' of github.com-wanton1950:wanton1950/beef into 1333_rate_merged 2018-01-10 09:51:11 +10:00
Bucky Wilson
e0ec2aafda Commit review updates: added test to integration, removed debug 
Added test TC_1333 to integration suite. adjusted requirements.

Removed debug requirement from main file.

    modified:   beef
    modified:   test/api/1333_auth_rate.rb
    modified:   test/integration/ts_integration.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
ae8c160b8d Moving pry and pry-byebug into tests group. 2018-01-10 09:49:33 +10:00
Bucky Wilson
7d4ef0f7e0 Renamed tmp config file - corrected tear down 
FIXED Too many rake name to tear things down correctly.

	modified:   Rakefile
 2018-01-10 09:49:33 +10:00
Bucky Wilson
e8f203bd94 Added assertions for testing, corrected beef tear-down 
Turned the exercise script into a limited test.
Added is password function to rest client
Corrected incorrect tear down in the Rakefile

	modified:   Rakefile
	modified:   test/api/1333_auth_rate.rb
	modified:   test/api/lib/beef_rest_client.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
c13a011cd8 Pre-creation of actual test 
1333_auth_rate - multiple cyles of api auth requests at different
speeds.
Fast auth attempts should block
Solwer attempts, when valid should succeed

	modified:   Rakefile
	renamed:    test/api/beef_rest.rb -> test/api/1333_auth_rate.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
8c8dd6c9c3 Added auth access time checking 
Time set on failure,
Next request fails if inside configured time: beef.restrictions.api_attempt_delay

	modified:   core/main/rest/handlers/admin.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
f9f6dbfab9 /update timeout? definition. 
Only one exit from function.

	modified:   core/main/rest/api.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
9dcf516b88 Test,/exercise script to evaluate rate limiting 
Debug details in the script
 2018-01-10 09:49:33 +10:00
Bucky Wilson
894c369ef8 Added speed checking of api auth calls. 
Added beef_rest_client based on the beef rest api found in tools/lib
Added mass auth attempts

Adjusted test_constants to use environment variables -- to use with
rake.

Eventually should be a test
 2018-01-10 09:49:33 +10:00
Bucky Wilson
30e75c7aad Added rest_test entry to the rake file. Updated beef start/stop 
Using 'custom' config rake starting.
 2018-01-10 09:49:33 +10:00
Bucky Wilson
792340f628 Undo 'fix' rate limiting the routing. 
As per comments - <parphrased> rate limiting at this point, rate limites
everything, and can raise suspiscions.
 2018-01-10 09:49:33 +10:00
Bucky Wilson
1879f3155c Gemfile - whitespace, added dev group: pry 2018-01-10 09:44:45 +10:00
Bucky Wilson
21cd5b6778 And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2018-01-10 09:40:00 +10:00
Bucky Wilson
24fd0e912e Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2018-01-10 09:37:40 +10:00
Bucky Wilson
4026e0f06d FIXED #1333 Rate limit calls. 
Clean-up duplicate functionality.
EOL whitespace removed

Changes to be committed:
	modified:   extensions/admin_ui/controllers/authentication/authentication.rb
 2018-01-10 09:35:27 +10:00
Bucky Wilson
7ac24ef754 1333: Rate Limit API - 1 in user defined value 
Allow api connection every api_attempt_delay milliseconds.
Currently 50 mSec

Uses the same process as ui/admin rate limiting.

Changes to be committed:
	modified:   config.yaml
	modified:   core/main/rest/api.rb
	modified:   core/main/router/router.rb
 2018-01-10 09:35:27 +10:00
Bucky Wilson
f5ce6170f7 Gemfile - whitespace, added dev group: pry 2018-01-10 09:35:27 +10:00
Bucky Wilson
e988b602df And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2018-01-10 09:31:52 +10:00
Bucky Wilson
b9d58690b6 Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2018-01-10 09:31:52 +10:00
Brendan Coles
e0c46baea1 Merge pull request #1487 from wanton1950/1343_redundant_null_browser_type 
FIX 1343 browser_type redundant null values
 2018-01-09 16:32:04 +11:00