Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
313fec27b5ac2f773af30fd9fce6afcb0f2996bd
beef/lib/server/modules/common.rb
antisnatchor 313fec27b5 added geolocation detection (first draft) 
git-svn-id: https://beef.googlecode.com/svn/trunk@520 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
2010-11-13 17:08:30 +00:00

127 lines
4.7 KiB
Ruby
Raw Blame History

module BeEF
module Server
module Modules
#
# Purpose: avoid rewriting several times the same code.
#
module Common
#
# Builds the default beefjs library (all default components of the library).
#
# @param: {Object} the hook session id
# @param: {Boolean} if the framework is already loaded in the hooked browser
#
def build_beefjs!(hook_session_id, framework_loaded = false)
# set up values required to construct beefjs
beefjs = '' # init the beefjs string (to be sent as the beefjs file)
beefjs_path = "#{$root_dir}/modules/beefjs/" # location of sub files
js_sub_files = %w(beef.js browser.js browser/cookie.js dom.js net.js updater.js encode/base64.js init.js geolocation.js)
# construct the beefjs string from file(s)
js_sub_files.each {|js_sub_file_name|
js_sub_file_abs_path = beefjs_path + js_sub_file_name # construct absolute path
beefjs << (File.read(js_sub_file_abs_path) + "\n\n") # concat each js sub file
}
# create the config for the hooked browser session
config = BeEF::Configuration.instance
hook_session_name = config.get('hook_session_name')
hook_session_config = BeEF::HttpHookServer.instance.to_h
hook_session_config['beef_hook_session_name'] = hook_session_name
hook_session_config['beef_hook_session_id'] = hook_session_id
# populate place holders in the beefjs string and set the response body
eruby = Erubis::FastEruby.new(beefjs)
@body << eruby.evaluate(hook_session_config)
end
#
# Builds missing beefjs components.
#
# Ex: build_missing_beefjs_components(['beef.net.local', 'beef.net.requester'])
#
def build_missing_beefjs_components(beefjs_components)
# if the component is of type String, we convert it to an array
beefjs_components = [beefjs_components] if beefjs_components.is_a? String
# verifies that @beef_js_cmps is not nil to avoid bugs
@beef_js_cmps = '' if @beef_js_cmps.nil?
beefjs_components.each {|c|
next if @beef_js_cmps.include? c
# we generate the component's file path
component_path = c
component_path.gsub!(/beef./, '')
component_path.gsub!(/\./, '/')
component_path.replace "#{$root_dir}/modules/beefjs/#{component_path}.js"
# exception in case the component cannot be found
raise "Could not build the BeEF JS component: file does not exists" if not File.exists?(component_path)
# we output the component to the hooked browser
@body << File.read(component_path)+"\n\n"
# finally we add the component to the list of components already generated so it does not
# get generated numerous times.
@beef_js_cmps += ",#{component_path}"
}
end
#
# Adds the command module instructions to the http response.
#
def add_command_instructions(command, zombie)
raise WEBrick::HTTPStatus::BadRequest, "zombie is nil" if zombie.nil?
raise WEBrick::HTTPStatus::BadRequest, "zombie.session is nil" if zombie.session.nil?
raise WEBrick::HTTPStatus::BadRequest, "zombie is nil" if command.nil?
raise WEBrick::HTTPStatus::BadRequest, "zombie.session is nil" if command.command_module_id.nil?
# get the command module
command_module = BeEF::Models::CommandModule.first(:id => command.command_module_id)
raise WEBrick::HTTPStatus::BadRequest, "command_module is nil" if command_module.nil?
raise WEBrick::HTTPStatus::BadRequest, "command_module.path is nil" if command_module.path.nil?
klass = File.basename command_module.path, '.rb'
@guard.synchronize {
command_module = BeEF::Modules::Commands.const_get(klass.capitalize).new
command_module.command_id = command.id
command_module.session_id = zombie.session
command_module.build_datastore(command.data)
command_module.pre_send
if not @beef_js_cmps.nil? and not command_module.beefjs_components.empty?
command_module.beefjs_components.keys.each{|component|
next if @beef_js_cmps.include? component
#TODO: code that part so it uses the function build_missing_beefjs_components()
@body << File.read(command_module.beefjs_components[component])+"\n\n"
@beef_js_cmps += ",#{component}"
}
end
@body << command_module.output + "\n\n"
puts "+ Hooked browser #{zombie.ip} sent command module #{klass}" if @cmd_opts[:verbose]
}
end
#
# Executes every plugins in the framework.
#
def execute_plugins!
#TODO
end
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink