Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,758 Commits 14 Branches 34 Tags
eccbdd6958b5a9c3114e6d7e1d34b83329c41965
Commit Graph

1758 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
soh_cah_toa
eccbdd6958 Added tests for AAAA, CNAME, HINFO, MINFO, and MX RR types. 
Also fixed #format_response to properly format MS records.
 2013-06-07 18:32:29 -04:00
soh_cah_toa
019ec2f6ed Added new test for attempting to add an existing rule. 2013-06-07 00:05:15 -04:00
soh_cah_toa
cfa9177af1 Added 4 new tests for bad POST /api/dns/rule requests. 2013-06-06 23:58:12 -04:00
soh_cah_toa
1f37ceec9f Began first integration tests for DNS RESTful API interface. 
First test is for POST /api/dns/rule handler.
 2013-06-06 23:16:40 -04:00
soh_cah_toa
6901581ae7 Moved #format_response call to before when RR type is evaled. 
Since #format_response throws an exception for unknown RR types,
calling it first will ensure bad Resolv::DNS::Resource names will
never be evaled.
 2013-06-06 22:59:54 -04:00
soh_cah_toa
09ec09601e Changed hash key syntax from previous commit. 
Besides being consistent, Sinatra actually requires the string
syntax.
 2013-06-05 18:33:08 -04:00
soh_cah_toa
fc6f0aface Changed DELETE handler to return JSON "success" key. 
Prior to this, nothing was returned. This will allow users to
determine whether or not a rule was removed as expected.
 2013-06-05 18:29:18 -04:00
soh_cah_toa
89a5d6fdbb Modified #remove_rule to return a boolean value. 
This is will soon allow the DELETE handler to indicate success
or failure.
 2013-06-05 18:20:48 -04:00
soh_cah_toa
6c61b39d81 Changed 401 status to 403 in filter for non-permitted IP's. 
403 Forbidden is more appropriate since 401 Unauthorized only
indicates that authentication is needed. In the case of a bad IP,
authentication will make no difference which is exactly what 403 is
meant for.
 2013-06-05 17:09:09 -04:00
soh_cah_toa
80ab665054 Added new InvalidParamError class for handling bad named parameters. 
Previously, InvalidJsonError was being used mistakenly for this which
is misleading considering no JSON was involved.
 2013-06-05 16:56:05 -04:00
soh_cah_toa
e56494d486 Renamed /rules GET route to /ruleset for the sake of consistency. 
Also added new "count" key to result that lists the number of rules.
 2013-06-05 16:30:24 -04:00
soh_cah_toa
2f5133e11a Changed GET handlers to return recently fixed rule data. 
Also wrapped all handlers in a begin/end block that catches
internal StandardError exceptions.
 2013-06-05 15:56:33 -04:00
soh_cah_toa
fce4c9196d Modified grep test case to allow #eval use in DNS extension. 
Using #eval is necessary for normal functioning and is now used in
a safe manner.
 2013-06-03 21:53:06 -04:00
soh_cah_toa
0af4029915 Added placeholders necessary to start DNS unit tests. 
Currently does nothing but assert(true).
 2013-06-03 21:42:34 -04:00
soh_cah_toa
44622345d0 s/DNS/Dns/g since that is the BeEF style convention. 2013-06-03 17:55:58 -04:00
soh_cah_toa
0f8221918b Improved coding style (a la ruby-style-guide and rubocop). 
Because I'm too tired to start testing and need a little victory. ;)
 2013-06-03 00:11:41 -04:00
soh_cah_toa
c8c9e1e139 Reimplemented POST handler to avoid unsafe use of #eval. 
Now the desired response is passed an array. Each RR type is handled
specially to craft the necessary response.
 2013-06-02 22:40:58 -04:00
soh_cah_toa
998980b566 Fixed case-statement in #match that prevented adding rules locally. 2013-06-02 22:23:27 -04:00
soh_cah_toa
7f4562945a Added new InvalidJsonError class for handling errors in JSON input. 
This is better practice than just (ab)using StandardError.
 2013-05-26 23:46:37 -04:00
soh_cah_toa
38284d5eaa Implemented DELETE handler for removing DNS rules. 2013-05-26 23:26:58 -04:00
soh_cah_toa
27b1b530ef Implemented POST handler for /api/dns/rule which adds a new rule. 
A host of other changes got roped into this as well. #match now
silently handles blocks passed as a String in order to handle
the 'block' JSON parameter. This is because sourcify doesn't
work with eval'd data.

Rule id's are no longer incremental integers. It's now a 7-character
"token" generated from #secure_token and is managed by the RubyDNS
module.
 2013-05-26 22:44:11 -04:00
soh_cah_toa
c6f38324d1 Refactored #get_ruleset to be part of RubyDNS. 
All database logic should be inside RubyDNS since BeEF's DNS class
is mostly just a wrapper around it.
 2013-05-18 21:00:22 -04:00
soh_cah_toa
054767c898 Added RESTful API route for /api/dns/rule/:id. 
This will return a single rule given its unique id.
 2013-05-17 23:02:40 -04:00
soh_cah_toa
702595c04c Improved a lot of documentation for BeEF::Extension::DNS::DNS. 2013-05-17 19:12:05 -04:00
soh_cah_toa
c70037f9f4 Began adding support for RESTful API beginning with /api/dns/rules. 2013-05-17 18:25:22 -04:00
soh_cah_toa
13001b9642 Updated README.mkd to mention rubydns and sourcify dependencies. 
This was forgettin in commit 872ce2e.
 2013-05-16 23:24:23 -04:00
soh_cah_toa
18a78b57b2 Fixed load_rules() to rebuild 'pattern' and 'type' as an array. 
This was forgotten in the previous commit.
 2013-05-16 23:20:04 -04:00
soh_cah_toa
24f7e5b6cd Separated 'pattern' and 'type' properties in DNS model. 
This will expose the resource type to the RESTful API (coming soon).
 2013-05-16 23:14:29 -04:00
soh_cah_toa
6d2a771084 Changed model name to BeEF::Core::Models::DNS::Rule. 
This is more descriptive and follows the singular name convention.
 2013-05-15 22:29:42 -04:00
soh_cah_toa
271b2b8e85 Removed RubyDNS::Server#rules attribute accessor since it's unused. 2013-05-15 22:19:58 -04:00
soh_cah_toa
35f25bbeb9 Removed load_rules() and parse_type() since they're unused. 2013-05-15 22:18:16 -04:00
soh_cah_toa
872ce2e92f Updated README to mention rubydns and sourcify dependencies. 2013-05-15 22:15:50 -04:00
soh_cah_toa
992e95f0d7 Added database support when adding/removing rules. 
Needed to add 'sourcify' as a dependency in order to store code blocks
in the database.
 2013-05-15 22:12:37 -04:00
soh_cah_toa
1f7e748afc Removed parse_response() since it's no longer needed. 2013-05-14 19:23:08 -04:00
soh_cah_toa
ddcb040c40 Marked add_rule() and remove_rule() as critical sections. 
Mutual exclusion is imperative here since other modules/extenions may
be simultaneously adding/removing rules, thus putting the value of
@next_id at risk of becoming inconsistent.
 2013-05-14 19:12:23 -04:00
soh_cah_toa
e563a8946b Began implementing new method of adding rules without periodic timer. 
Also added improved documentation for add_rule() and remove_rule().
 2013-05-14 18:47:51 -04:00
soh_cah_toa
86e01b1327 Documented run_server() and add_rule(). 2013-05-10 23:19:58 -04:00
soh_cah_toa
d622bf3e5e New DNS entries can now be added dynamically without a server restart. 
Database is checked every five seconds and adds new rules if there
were any changes.
 2013-05-10 23:01:10 -04:00
soh_cah_toa
c7eb1c7fc9 Added DNS database model to load resource records from. 
Now modules/extensions can dynamically add new RR's. However, changes
don't take effect until BeEF restarts (fix incoming).
 2013-05-08 00:03:08 -04:00
soh_cah_toa
d24a00a639 Overrode RubyDNS::Transaction.respond! to use debug logger instead. 
Now all RubyDNS output is properly disabled unless --verbose is given.
 2013-05-07 23:59:27 -04:00
soh_cah_toa
c7981f3c0d Demoted UPSTREAM from constant to local variable. Minimizes scope. 2013-05-07 22:40:26 -04:00
soh_cah_toa
281cde1cbb Added new definition for Logger#warn. 2013-05-07 22:06:13 -04:00
soh_cah_toa
493ed5182b Made BeEF::Extension::DNS::DNS into a singleton object. 
This ensures that all modules/extensions that add new RR's
refer to a single server instance.
 2013-05-07 21:56:11 -04:00
soh_cah_toa
ceb55ef3df Resolved DNS thread issue using EM::next_tick() instead of sleep(). 2013-05-06 13:09:44 -04:00
soh_cah_toa
cbd815c519 Changed output format for RubyDNS to be "BeEF-compliant". 
RubyDNS's logger now uses BeEF's print-related functions. Debug
messages regarding queries can be enabled using --verbose.
 2013-05-05 22:19:54 -04:00
soh_cah_toa
d22373d828 Fixed thread issue that occasionally caused BeEF to stop immediately. 
While using sleep() to fix thread complications is never a great
solution, it gets the job done for now.
 2013-05-05 21:14:30 -04:00
soh_cah_toa
fdd1048f1a Implemented basic nameserver and configured it to run on BeEF startup. 
It's worth noting that RubyDNS currently displays a lot of messy
output. This needs to be addressed before moving any further.
 2013-05-03 22:37:42 -04:00
soh_cah_toa
cc4b34ed8d Started basic DNS extension. Currently does nothing. 2013-05-03 21:25:53 -04:00
soh_cah_toa
9f7d326f6f Added RubyDNS to Gemfile and core/loader.rb. 2013-05-03 17:34:41 -04:00
antisnatchor
c5d5b99472 Issue #886: The preflight OPTIONS request now allow also the content-type header, required to use a json conten-type with POST requests. 2013-05-02 10:55:16 +01:00