Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,006 Commits 14 Branches 34 Tags
e8f203bd94bab7616ce3d78b3582fb5ea1cde64d
Commit Graph

3006 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bucky Wilson
e8f203bd94 Added assertions for testing, corrected beef tear-down 
Turned the exercise script into a limited test.
Added is password function to rest client
Corrected incorrect tear down in the Rakefile

	modified:   Rakefile
	modified:   test/api/1333_auth_rate.rb
	modified:   test/api/lib/beef_rest_client.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
c13a011cd8 Pre-creation of actual test 
1333_auth_rate - multiple cyles of api auth requests at different
speeds.
Fast auth attempts should block
Solwer attempts, when valid should succeed

	modified:   Rakefile
	renamed:    test/api/beef_rest.rb -> test/api/1333_auth_rate.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
8c8dd6c9c3 Added auth access time checking 
Time set on failure,
Next request fails if inside configured time: beef.restrictions.api_attempt_delay

	modified:   core/main/rest/handlers/admin.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
f9f6dbfab9 /update timeout? definition. 
Only one exit from function.

	modified:   core/main/rest/api.rb
 2018-01-10 09:49:33 +10:00
Bucky Wilson
9dcf516b88 Test,/exercise script to evaluate rate limiting 
Debug details in the script
 2018-01-10 09:49:33 +10:00
Bucky Wilson
894c369ef8 Added speed checking of api auth calls. 
Added beef_rest_client based on the beef rest api found in tools/lib
Added mass auth attempts

Adjusted test_constants to use environment variables -- to use with
rake.

Eventually should be a test
 2018-01-10 09:49:33 +10:00
Bucky Wilson
30e75c7aad Added rest_test entry to the rake file. Updated beef start/stop 
Using 'custom' config rake starting.
 2018-01-10 09:49:33 +10:00
Bucky Wilson
792340f628 Undo 'fix' rate limiting the routing. 
As per comments - <parphrased> rate limiting at this point, rate limites
everything, and can raise suspiscions.
 2018-01-10 09:49:33 +10:00
Bucky Wilson
1879f3155c Gemfile - whitespace, added dev group: pry 2018-01-10 09:44:45 +10:00
Bucky Wilson
21cd5b6778 And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2018-01-10 09:40:00 +10:00
Bucky Wilson
24fd0e912e Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2018-01-10 09:37:40 +10:00
Bucky Wilson
4026e0f06d FIXED #1333 Rate limit calls. 
Clean-up duplicate functionality.
EOL whitespace removed

Changes to be committed:
	modified:   extensions/admin_ui/controllers/authentication/authentication.rb
 2018-01-10 09:35:27 +10:00
Bucky Wilson
7ac24ef754 1333: Rate Limit API - 1 in user defined value 
Allow api connection every api_attempt_delay milliseconds.
Currently 50 mSec

Uses the same process as ui/admin rate limiting.

Changes to be committed:
	modified:   config.yaml
	modified:   core/main/rest/api.rb
	modified:   core/main/router/router.rb
 2018-01-10 09:35:27 +10:00
Bucky Wilson
f5ce6170f7 Gemfile - whitespace, added dev group: pry 2018-01-10 09:35:27 +10:00
Bucky Wilson
e988b602df And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2018-01-10 09:31:52 +10:00
Bucky Wilson
b9d58690b6 Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2018-01-10 09:31:52 +10:00
Brendan Coles
e0c46baea1 Merge pull request #1487 from wanton1950/1343_redundant_null_browser_type 
FIX 1343 browser_type redundant null values
 2018-01-09 16:32:04 +11:00
Brendan Coles
c83d363932 Merge pull request #1483 from wanton1950/1398_detect_epiphany 
FIX #1398 detect epiphany
 2018-01-09 16:28:25 +11:00
Bucky Wilson
ec9591a207 FIX #1343 account for redunctant null values produced iOS checks 
The Old line:
(!window.webkitPerformance &&    // return true
            window.navigator.appVersion.match(/CriOS\/(\d+)\./)) &&
                             returns null ----^
instead of the expected false, and it stops

Removed the null check added here in 34967f61
to catch other errors.

    modified:   core/main/client/browser.js
 2018-01-09 14:42:38 +10:00
Bucky Wilson
1cfaf2da90 Added newer chrome iOS version - 63 
Making visible the current iOS Chrome app [2018-01-07]
 2018-01-09 14:42:25 +10:00
Bucky Wilson
dd93fc2922 Added return values to strigifing type() 
Return undefined instrad of assuming would.
See 'The replacer parameter' on
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify

    modified:   core/main/client/browser.js
 2018-01-09 14:42:09 +10:00
Bucky Wilson
c09e6405e2 Make Webkit fingerprinting more explicit. 
Copied common code from /isS\d\>/ functions into isWebKitBased

    modified:   core/main/client/browser.js
 2018-01-09 09:16:30 +10:00
Bucky Wilson
f92aed46c2 Restore webkit checking. Additional comments. 
Added `isWebKitBased` function.
Due to who knows what version is being used -- this primarily checks for Safari.
Eliminating code duplication and bugs.

Corrected getBrowserVersion comment.

    modified:   core/main/client/browser.js
 2018-01-08 09:44:59 +10:00
Bucky Wilson
a2c097a47f Code review updates, speeling, and removed reliance on isS 
modified:   core/main/client/browser.js
 2018-01-07 15:22:21 +10:00
Bucky Wilson
190b425a30 Update epiphany browser icon, and let it be seen 
New epiphany icon from : https://wiki.gnome.org/Apps/Web
Resized to 10% for space.

Added discovery details, to constants and models.

    modified:   core/main/models/browserdetails.rb
    modified:   extensions/admin_ui/constants/agents.rb
    modified:   extensions/admin_ui/media/images/icons/epiphany.png
 2018-01-06 13:12:46 +10:00
Bucky Wilson
628ddb8dc2 Epiphany version returned. 
Basing the Epiphany version of UserAgant name - for want of a better
way of determining this at this stage.

    modified:   core/main/client/browser.js
 2018-01-06 12:37:52 +10:00
Bucky Wilson
86c3212e2e Whitespace changes - indentation consistency 
Clearing the noise from the commit diff -
editor imposed whitespace style changes.

    modified:   core/main/client/browser.js
 2018-01-06 12:36:03 +10:00
Bucky Wilson
4595f0d2ed Minor corrections to comments and return value for browser type 
Make the hooked browser name and browser types consistent.

    modified:   core/main/client/browser.js
 2018-01-06 12:31:54 +10:00
Bucky Wilson
5a35b1cde2 Recognising Epiphany as an indendant browser 
Added 'EP' as a browser name, to be recognised on response.
 2018-01-06 10:22:03 +10:00
Bucky Wilson
bc709db733 Breif checking for Epiphany browser 
Only recognises the browser -- not yet looking for a version.
 2018-01-04 19:00:07 +10:00
Wade Alcorn
fca5279f17 Updated Copyright dates 2018-01-04 09:12:47 +10:00
Brendan Coles
24298b4d9e Clean beef executable 2017-12-09 06:24:00 +00:00
Brendan Coles
a8763b48c5 Downgrade selenium-webdriver gem to '~> 2.53.4' for tests 2017-12-09 00:04:52 +00:00
Brendan Coles
3ec6241c46 Fix login tests 2017-12-09 00:02:36 +00:00
Brendan Coles
825b433084 BeEF require Ruby 2.2 or newer 2017-12-08 23:05:43 +00:00
Brendan Coles
903d364450 Remove experimental extensions from config.yaml 2017-12-08 18:14:32 +00:00
Brendan Coles
946f593b5e Fix $LOAD_PATH 2017-12-08 07:03:27 +00:00
Brendan Coles
447f995d10 Merge pull request #1476 from stevetauber/master 
Fixing syntax error in identify_lan_subnets
 2017-12-06 07:25:09 +11:00
Steve Tauber
2cc843f640 Fixing syntax error in identify_lan_subnets 2017-12-03 20:39:44 +01:00
Brendan Coles
fc480cd117 Add check for web sockets and web workers 2017-11-26 10:25:18 +00:00
Brendan Coles
e7c5479b1c Merge pull request #1470 from qutorial/master 
Crypto-Loot miner intergration
 2017-11-22 17:42:36 +11:00
Brendan Coles
b370166aa0 Add Track Physical Movement module 2017-11-19 01:11:58 +00:00
Brendan Coles
7204c982ce Add support for Firefox 57 2017-11-18 04:26:50 +00:00
Zaur
cfa652d532 Crypto-Loot miner intergration 
This integration provides in the misc modules a
crypto-loot miner. It is similar  to coinhive miner
and is inspired by it.

It is designed to be used for test purposes only.
Please, do not use it on people who haven't
given their consent. I.e. no cryptojacking.

In no way the author of this integration are
responsible for the use of it. We also
have no relation to crypto-loot.
 2017-11-16 20:07:38 +01:00
Brendan Coles
22e7ded355 Merge pull request #1458 from Und3rf10w/pushover 
Add error messages to pushover notification channel
 2017-10-17 11:32:00 +11:00
Jonathan Echavarria
3e34834c78 Fixed rescuing Exception 2017-10-16 11:19:32 -04:00
Jonathan Echavarria
509d1ac086 Fixing typo 2017-10-16 11:10:29 -04:00
Jonathan Echavarria
7099238f15 added error notifications to pushover notification channel 2017-10-16 11:04:13 -04:00
Brendan Coles
45fd6abade Merge pull request #1457 from bcoles/slack_notifications 
Add Slack notifications to Notifications extension
 2017-10-15 22:21:03 +11:00
Brendan Coles
c62050249d Add Slack notifications to Notifications extension 2017-10-15 11:18:40 +00:00