Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,009 Commits 14 Branches 34 Tags
dbb1b7daf4e2b5933bf50c6271e76c1bd0e43a77
Commit Graph

3009 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bucky Wilson
dbb1b7daf4 Renamed tmp config file - corrected tear down 
FIXED Too many rake name to tear things down correctly.

	modified:   Rakefile
 2017-12-12 14:54:17 +10:00
Bucky Wilson
f52b13a6ee Added assertions for testing, corrected beef tear-down 
Turned the exercise script into a limited test.
Added is password function to rest client
Corrected incorrect tear down in the Rakefile

	modified:   Rakefile
	modified:   test/api/1333_auth_rate.rb
	modified:   test/api/lib/beef_rest_client.rb
 2017-12-12 14:35:22 +10:00
Bucky Wilson
5559e34baa Pre-creation of actual test 
1333_auth_rate - multiple cyles of api auth requests at different
speeds.
Fast auth attempts should block
Solwer attempts, when valid should succeed

	modified:   Rakefile
	renamed:    test/api/beef_rest.rb -> test/api/1333_auth_rate.rb
 2017-12-12 12:23:31 +10:00
Bucky Wilson
3b470439fa Added auth access time checking 
Time set on failure,
Next request fails if inside configured time: beef.restrictions.api_attempt_delay

	modified:   core/main/rest/handlers/admin.rb
 2017-12-11 17:48:40 +10:00
Bucky Wilson
f42346fc1a /update timeout? definition. 
Only one exit from function.

	modified:   core/main/rest/api.rb
 2017-12-11 17:38:45 +10:00
Bucky Wilson
a38c0adaf7 Merge branch '1333_rating_limit' of github.com-wanton1950:wanton1950/beef into 1333_rating_limit 2017-12-11 12:11:08 +10:00
Bucky Wilson
8dcac3d50e Test,/exercise script to evaluate rate limiting 
Debug details in the script
 2017-12-11 12:01:29 +10:00
Bucky Wilson
cc3bfc071e Added speed checking of api auth calls. 
Added beef_rest_client based on the beef rest api found in tools/lib
Added mass auth attempts

Adjusted test_constants to use environment variables -- to use with
rake.

Eventually should be a test
 2017-12-11 12:01:29 +10:00
Bucky Wilson
8d226378b7 Added rest_test entry to the rake file. Updated beef start/stop 
Using 'custom' config rake starting.
 2017-12-11 12:00:42 +10:00
Bucky Wilson
580303a150 Undo 'fix' rate limiting the routing. 
As per comments - <parphrased> rate limiting at this point, rate limites
everything, and can raise suspiscions.
 2017-12-11 12:00:42 +10:00
Bucky Wilson
e26ebea0f3 Debugging tools added: pry-byebug 2017-12-11 12:00:42 +10:00
Bucky Wilson
73bbda7336 gem lock file updates -- not sure this should be committed 2017-12-11 12:00:42 +10:00
Bucky Wilson
01dd3eb714 FIXED #1333 Rate limit calls. 
Clean-up duplicate functionality.
EOL whitespace removed

Changes to be committed:
	modified:   extensions/admin_ui/controllers/authentication/authentication.rb
 2017-12-11 11:50:18 +10:00
Bucky Wilson
a538a9ebd5 1333: Rate Limit API - 1 in user defined value 
Allow api connection every api_attempt_delay milliseconds.
Currently 50 mSec

Uses the same process as ui/admin rate limiting.

Changes to be committed:
	modified:   config.yaml
	modified:   core/main/rest/api.rb
	modified:   core/main/router/router.rb
 2017-12-11 11:50:18 +10:00
Bucky Wilson
2da975aee0 Gemfile - whitespace, added dev group: pry 2017-12-11 11:50:18 +10:00
Bucky Wilson
5a80f4a3a5 And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2017-12-11 11:46:02 +10:00
Bucky Wilson
717c5f52eb Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2017-12-11 11:46:02 +10:00
Brendan Coles
24298b4d9e Clean beef executable 2017-12-09 06:24:00 +00:00
Brendan Coles
a8763b48c5 Downgrade selenium-webdriver gem to '~> 2.53.4' for tests 2017-12-09 00:04:52 +00:00
Brendan Coles
3ec6241c46 Fix login tests 2017-12-09 00:02:36 +00:00
Brendan Coles
825b433084 BeEF require Ruby 2.2 or newer 2017-12-08 23:05:43 +00:00
Brendan Coles
903d364450 Remove experimental extensions from config.yaml 2017-12-08 18:14:32 +00:00
Brendan Coles
946f593b5e Fix $LOAD_PATH 2017-12-08 07:03:27 +00:00
Brendan Coles
447f995d10 Merge pull request #1476 from stevetauber/master 
Fixing syntax error in identify_lan_subnets
 2017-12-06 07:25:09 +11:00
Steve Tauber
2cc843f640 Fixing syntax error in identify_lan_subnets 2017-12-03 20:39:44 +01:00
Bucky Wilson
dab2b26102 Merge branch '1333_rating_limit' of github.com-wanton1950:wanton1950/beef into 1333_rating_limit 2017-11-28 10:29:01 +10:00
Bucky Wilson
a94c6f36df FIXED #1333 Rate limit calls. 
Clean-up duplicate functionality.
EOL whitespace removed

Changes to be committed:
	modified:   extensions/admin_ui/controllers/authentication/authentication.rb
 2017-11-28 10:19:44 +10:00
Bucky Wilson
0eb6010898 1333: Rate Limit API - 1 in user defined value 
Allow api connection every api_attempt_delay milliseconds.
Currently 50 mSec

Uses the same process as ui/admin rate limiting.

Changes to be committed:
	modified:   config.yaml
	modified:   core/main/rest/api.rb
	modified:   core/main/router/router.rb
 2017-11-28 10:19:44 +10:00
Bucky Wilson
e86e05d20f Gemfile - whitespace, added dev group: pry 2017-11-28 10:19:44 +10:00
Bucky Wilson
17eb6cbd9c And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2017-11-28 10:19:44 +10:00
Bucky Wilson
557a17d2e3 Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2017-11-28 10:19:44 +10:00
Brendan Coles
fc480cd117 Add check for web sockets and web workers 2017-11-26 10:25:18 +00:00
Bucky Wilson
183efca59d Merge branch '1333_rating_limit' of github.com-wanton1950:wanton1950/beef into 1333_rating_limit 2017-11-24 17:59:38 +10:00
Bucky Wilson
f92446abd0 FIXED #1333 Rate limit calls. 
Clean-up duplicate functionality.
EOL whitespace removed

Changes to be committed:
	modified:   extensions/admin_ui/controllers/authentication/authentication.rb
 2017-11-24 17:56:28 +10:00
Bucky Wilson
422b5d6fc5 1333: Rate Limit API - 1 in user defined value 
Allow api connection every api_attempt_delay milliseconds.
Currently 50 mSec

Uses the same process as ui/admin rate limiting.

Changes to be committed:
	modified:   config.yaml
	modified:   core/main/rest/api.rb
	modified:   core/main/router/router.rb
 2017-11-24 17:56:28 +10:00
Bucky Wilson
0a1da26c32 Gemfile - whitespace, added dev group: pry 2017-11-24 17:56:28 +10:00
Bucky Wilson
3fdf323f7c And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2017-11-24 17:56:28 +10:00
Bucky Wilson
bfba3d5f28 Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2017-11-24 17:56:28 +10:00
Bucky Wilson
3e1266fe42 FIXED #1333 Rate limit calls. 
Clean-up duplicate functionality.
EOL whitespace removed

Changes to be committed:
	modified:   extensions/admin_ui/controllers/authentication/authentication.rb
 2017-11-24 17:05:22 +10:00
Bucky Wilson
2f749b78c9 1333: Rate Limit API - 1 in user defined value 
Allow api connection every api_attempt_delay milliseconds.
Currently 50 mSec

Uses the same process as ui/admin rate limiting.

Changes to be committed:
	modified:   config.yaml
	modified:   core/main/rest/api.rb
	modified:   core/main/router/router.rb
 2017-11-24 17:00:58 +10:00
Bucky Wilson
1f7565e417 Gemfile - whitespace, added dev group: pry 2017-11-24 09:26:29 +10:00
Brendan Coles
e7c5479b1c Merge pull request #1470 from qutorial/master 
Crypto-Loot miner intergration
 2017-11-22 17:42:36 +11:00
Bucky Wilson
1fe6ee1dcb And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2017-11-21 13:52:18 +10:00
Bucky Wilson
1ba0ddfefb Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2017-11-21 13:47:51 +10:00
Brendan Coles
b370166aa0 Add Track Physical Movement module 2017-11-19 01:11:58 +00:00
Brendan Coles
7204c982ce Add support for Firefox 57 2017-11-18 04:26:50 +00:00
Zaur
cfa652d532 Crypto-Loot miner intergration 
This integration provides in the misc modules a
crypto-loot miner. It is similar  to coinhive miner
and is inspired by it.

It is designed to be used for test purposes only.
Please, do not use it on people who haven't
given their consent. I.e. no cryptojacking.

In no way the author of this integration are
responsible for the use of it. We also
have no relation to crypto-loot.
 2017-11-16 20:07:38 +01:00
Brendan Coles
22e7ded355 Merge pull request #1458 from Und3rf10w/pushover 
Add error messages to pushover notification channel
 2017-10-17 11:32:00 +11:00
Jonathan Echavarria
3e34834c78 Fixed rescuing Exception 2017-10-16 11:19:32 -04:00
Jonathan Echavarria
509d1ac086 Fixing typo 2017-10-16 11:10:29 -04:00