Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
815eff8d4e4ff2c5468b5509eeb91c2cdeebbf9c
beef/liveCD/BeEFLive.sh
Wade Alcorn ce01d9fa46 updated copyright year
2015-12-30 08:11:57 +10:00

344 lines
8.6 KiB
Bash
Raw Blame History

#!/bin/bash
#
# Copyright (c) 2006-2016 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'home/beef/doc/COPYING' for copying permission
#
#
# This is the auto startup script for the BeEF Live CD.
# IT SHOULD ONLY BE RUN ON THE LIVE CD
# Download LiveCD here: http://downloads.beefproject.com/BeEFLive1.4.iso
# MD5 (BeEFLive1.4.iso) = 5167450078ef5e9b8d146113cd4ba67c
#
# This script contains a few fixes to make BeEF play nicely with the way
# remastersys creates the live cd distributable as well as generating host keys
# to enable SSH etc. The script also make it easy for the user to update/start
# the BeEF server
#
#
# Create a shortcut in the user's home folder to BeEF, msf and sqlmap
# (if they do not yet exist)
#
f1="beef"
if [[ $EUID -eq 999 ]]; then
sudo chmod -R 777 /opt/beef
fi
if [ -f $f1 ] ; then
echo ""
else
ln -s /opt/beef/ beef
ln -s /opt/metasploit-framework/ msf
ln -s /opt/sqlmap/ sqlmap
fi
#
# function to allow BeEF to run in the background
#
run_beef() {
cd /opt/beef/
ruby beef -x
}
#
# function to start msf and run in the background
#
run_msf() {
# start msf
/opt/metasploit-framework/msfconsole -r /opt/beef/test/thirdparty/msf/unit/BeEF.rc 2> /dev/null
}
#
# functions to enable or disable msf integration
#
enable_msf() {
# enable msf integration in main config file
sed -i '1N;$!N;s/metasploit:\n\s\{1,\}enable:\sfalse/metasploit:\n enable: true/g;P;D' /opt/beef/config.yaml
# enable auto_msfrpcd
sed -i 's/auto_msfrpcd:\sfalse/auto_msfrpcd: true/g' /opt/beef/extensions/metasploit/config.yaml
}
disable_msf() {
# disable msf integration in main config file
sed -i '1N;$!N;s/metasploit:\n\s\{1,\}enable:\strue/metasploit:\n enable: false/g;P;D' /opt/beef/config.yaml
# disable auto_msfrpcd
sed -i 's/auto_msfrpcd:\strue/auto_msfrpcd: false/g' /opt/beef/extensions/metasploit/config.yaml
}
#
# function to copy the BeEF-bind module into metasploit
#
copy_beefbind() {
sudo cp /opt/beef/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-handler.rb /opt/metasploit-framework/lib/msf/core/handler/beef_bind.rb
sudo cp /opt/beef/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-windows-x86.rb /opt/metasploit-framework/modules/payloads/stages/windows/beef_shell.rb
sudo cp /opt/beef/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-windows-x86.rb /opt/metasploit-framework/modules/payloads/stagers/windows/beef_bind.rb
sudo cp /opt/beef/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x86.rb /opt/metasploit-framework/modules/payloads/stages/linux/x86/beef_shell.rb
sudo cp /opt/beef/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x86.rb /opt/metasploit-framework/modules/payloads/stagers/linux/x86/beef_bind.rb
sudo cp /opt/beef/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stage-linux-x64.rb /opt/metasploit-framework/modules/payloads/stages/linux/x64/beef_shell.rb
sudo cp /opt/beef/modules/exploits/beefbind/shellcode_sources/msf/beef_bind-stager-linux-x64.rb /opt/metasploit-framework/modules/payloads/stagers/linux/x64/beef_bind.rb
}
#
# function to exit cleanly
#
# trap ctrl-c and call close_bash()
trap close_bash_t INT
close_bash_t() {
# beef would have quit
back_running="0"
close_bash
}
close_bash() {
echo ""
echo "Are you sure you want to exit the LiveCD? (y/N): "
read var
if [ $var = "y" ] ; then
disable_msf
exit
else
show_menu
fi
}
# set default values
bac="0"
#
# User Menu Loop
#
show_menu() {
while true; do
clear
echo "======================================"
echo " BeEF Live CD "
echo "======================================"
echo ""
echo "Copyright (c) 2006-2016 Wade Alcorn - wade@bindshell.net"
echo "Browser Exploitation Framework (BeEF) - http://beefproject.com"
echo "See the file 'home/beef/doc/COPYING' for copying permission"
echo ""
echo "Welcome to the BeEF Live CD"
echo ""
#
# Check for SSH Host Keys - if they do not exist SSH will be displayed as disabled
# (remastersys has a habit of deleting them during Live CD Creation)
#
f1="/etc/ssh/ssh_host_rsa_key"
if [ -f $f1 ] ; then
echo "[1] Disable SSH [Currently Enabled]"
echo -ne " beef@"
ifconfig | awk -F "[: ]+" '/inet addr:/ { if ($4 != "127.0.0.1") print $4 }'
else
echo "[1] Enable SSH [Currently Disabled]"
fi
echo "[2] Update BeEF"
echo "[3] Update sqlMap (Bundled with LiveCD)"
echo "[4] Update metasploit-framework (Bundled with LiveCD)"
echo ""
if [ "$bac" = "1" ] ; then
echo "[5] Disable BeEF in background mode [Currently Enabled]"
else
echo "[5] Enable BeEF in background mode [Currently Disabled]"
fi
if [ "$sqlm" = "1" ] ; then
echo "[6] Disable sqlMap demo [Currently Enabled]"
else
echo "[6] Enable sqlMap demo [Currently Disabled]"
fi
if [ "$msf" = "1" ] ; then
echo "[7] Disable metasploit-framework integration [Currently Enabled]"
else
echo "[7] Enable metasploit-framework integration [Currently Disabled]"
fi
echo "[8] Copy BeEF-bind module into the metasploit-framework"
echo ""
echo "[q] Quit to terminal"
echo ""
if [ "$back_running" = "1" ] ; then
echo "[k] End BeEF process [BeEF running in background mode]"
else
echo "[b] Run BeEF"
fi
echo ""
echo -n "BeEF Live ~# "
read var
#
# Quit liveCD loop
#
if [ $var = "q" ] ; then
close_bash
fi
#
# Create SSH Keys to enable SSH or Delete the Keys to disable
#
if [ $var = "1" ] ; then
if [ -f $f1 ]
then
sudo rm /etc/ssh/ssh_host_rsa_key
sudo rm /etc/ssh/ssh_host_dsa_key
else
sudo ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
echo ""
echo "Creating beef user..."
sudo useradd -d /home/beef -m beef
sudo adduser beef sudo
sudo chsh -s /bin/bash beef
sudo chown -R beef:beef /opt/beef/
sudo chown -R beef:beef /opt/metasploit-framework/
sudo chown -R beef:beef /opt/sqlmap/
echo ""
echo "Please provide a password for ssh user: beef"
sudo passwd beef
echo "ssh enabled"
fi
fi
#
# Update BeEF from github repository
#
if [ $var = "2" ] ; then
cd /opt/beef
git stash
git pull
msf="0"
# check for new bundle requirements and update
bundle update
fi
#
# Update sqlmap from github repository
#
if [ $var = "3" ] ; then
cd /opt/sqlmap
git stash
git pull
fi
#
# Update msf from github repository
#
if [ $var = "4" ] ; then
cd /opt/metasploit-framework
git stash
git pull
fi
#
# set BeEF to run in the background
#
if [ $var = "5" ] ; then
if [ "$bac" = "1" ] ; then
bac="0"
# check and disable sqlmap (requires beef run in the background)
sqlm="0"
else
bac="1"
fi
fi
#
# enable the sqlmap demo
#
if [ $var = "6" ] ; then
if [ "$sqlm" = "1" ] ; then
sqlm="0"
else
sqlm="1"
# requires BeEF be run in the background
bac="1"
fi
fi
#
# enable the msf integration
#
if [ $var = "7" ] ; then
if [ "$msf" = "1" ] ; then
msf="0"
disable_msf
else
msf="1"
enable_msf
fi
fi
#
# copy BeEF-bind module to Metasploit
#
if [ $var = "8" ] ; then
copy_beefbind
fi
#
# end background beef process
#
if [ $var = "k" ] ; then
pkill -x 'ruby'
back_running="0"
fi
#
# Run BeEF
#
if [ $var = "b" ] ; then
if [ "$msf" = "1" ] ; then
#
# First start msf if it is enabled
#
printf "Starting MSF (wait 45 seconds)..."
run_msf &
sleep 45
fi
if [ "$bac" = "1" ] ; then
#
# run beef in the background
#
run_beef &
sleep 5
echo ""
echo "BeEF is running in the background, returning to the menu or running something else now..."
sleep 15
back_running="1"
#
# If the user has enabled it start sqlmap using beef as proxy
#
if [ $sqlm = "1" ] ; then
echo ""
echo "sqlMAP can now be run using the --proxy command set to the BeEF Proxy: http://127.0.0.1:6789 starting the wizard to demo with:"
echo "python /opt/sqlmap/sqlmap.py --proxy http://127.0.0.1:6789 --wizard"
sleep 5
python /opt/sqlmap/sqlmap.py --proxy http://127.0.0.1:6789 --wizard
fi
else
#
# run beef in the foreground
#
cd /opt/beef/
ruby beef -x
fi
fi
done
}
# show user menu
show_menu
Reference in New Issue View Git Blame Copy Permalink