Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b6425e4a908e5ce8a2eb042f59856010e725ee87
beef/core/main/configuration.rb
wheatley b6425e4a90 Release 0.5.2.0 (#2166) 
* fixed offline zombie not deleting

* Bump jsdoc-to-markdown from 6.0.1 to 7.0.1 (#2161)

Bumps [jsdoc-to-markdown](https://github.com/jsdoc2md/jsdoc-to-markdown) from 6.0.1 to 7.0.1.
- [Release notes](https://github.com/jsdoc2md/jsdoc-to-markdown/releases)
- [Commits](https://github.com/jsdoc2md/jsdoc-to-markdown/compare/v6.0.1...v7.0.1)

---
updated-dependencies:
- dependency-name: jsdoc-to-markdown
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bug: Core - 1785 Fixed public hook url configuration settings (#2163)

* added spec file for testing changes

* added local host getter to configuration class

* added default value 0.0.0.0 for local host if it's not set

* added port config getter with default

* added port config getter with default

* fixed spelling errors for port

* added public configuration values and validation

* removed logic from public port as it was not required

* added beef host to configuration class

* added beef port to configuration class and removed default http.port logic from public_port

* fixed rubocop errors and refactored spec tests

* added beef host configuration values used for external resources

* added beef url to configuration

* added spec file for testing changes

* added local host getter to configuration class

* added default value 0.0.0.0 for local host if it's not set

* added port config getter with default

* added port config getter with default

* fixed spelling errors for port

* added public configuration values and validation

* removed logic from public port as it was not required

* added beef host to configuration class

* added beef port to configuration class and removed default http.port logic from public_port

* fixed rubocop errors and refactored spec tests

* added beef host configuration values used for external resources

* added beef url to configuration

* created command spec file

* add before statement to load all enabled modules to test command class

* add spec to check if configuration instance exists by setting and accessing a config variable

* updated http proto for beef host

* reverting changes on this file, dev values set

* removed some unessessary checks

* fixed grammar test now we're only testing one configuration attribute

* added hook url for contextual usage

* refactoring admin_ui with new code usage

* fixed issue with the location of the beef.http.https.public_enabled

* refactored powershell module and extension

* adding the new config setting for public https beign enabled

* refactor qrcode extension

* replace video fake plugin refactor

* social engineering refactoring

* phonegap module refactoring

* exploit refactoing

* network module refactoing

* ipec module refactoring

* host module refactoring

* debug refactoring

* browser refactoring

* social engineering extension refactoring

* core main server refactoring

* core main console banner refactoring

* removing dev test

* fixed area with location of http.https.enabled

* changed the hook url definition to return the hook file path

* updated banners to use new configuration getters

* updated extensions and modules with the hook url change

* added new public.host configuration settings and validations for depicated usage of public

* updated to use public.port configuration

* added validation for old configuration public_port

* updated to use public https configuration setting

* updated config with new settings format

* fixed get to point to new locations

* fixed pointer to hook_file_path

* Update extensions/social_engineering/web_cloner/web_cloner.rb

Co-authored-by: bcoles <bcoles@gmail.com>

* updated enabled to enable

* making sure default configuration file does not have preset values

Co-authored-by: bcoles <bcoles@gmail.com>

* bumped versions to 0.5.2.0

* Usability: #2145. Added user input request for beef update within 'beef' install script (#2162)

* added user input request for beef update

* swaped git pull from system to backticks

* flags added for auto update and timout to input

* updated install.txt to reference the update-beef script (#2160)

Co-authored-by: Andrew Wheatley <a@andrews-mini.home>
Co-authored-by: Isaac Powell <36595182+DeezyE@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: bcoles <bcoles@gmail.com>
2021-09-12 21:33:02 +10:00

295 lines
8.8 KiB
Ruby
Raw Blame History

#
# Copyright (c) 2006-2021 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
class Configuration
attr_accessor :config
# antisnatchor: still a singleton, but implemented by hand because we want to have only one instance
# of the Configuration object while having the possibility to specify a parameter to the constructor.
# This is why we don't use anymore the default Ruby implementation -> include Singleton
def self.instance
@@instance
end
# Loads the default configuration system
# @param [String] configuration_file Configuration file to be loaded,
# by default loads $root_dir/config.yaml
def initialize(config)
raise TypeError, "'config' needs to be a string" unless config.string?
raise TypeError, "Configuration file '#{config}' cannot be found" unless File.exist? config
begin
#open base config
@config = load(config)
# set default value if key? does not exist
@config.default = nil
@@config = config
rescue => e
print_error "Fatal Error: cannot load configuration file '#{config}' : #{e.message}"
print_error e.backtrace
end
@@instance = self
end
# Loads yaml file
# @param [String] file YAML file to be loaded
# @return [Hash] YAML formatted hash
def load(file)
return nil unless File.exist? file
raw = File.read file
YAML.safe_load raw
rescue => e
print_debug "Unable to load configuration file '#{file}' : #{e.message}"
print_error e.backtrace
end
#
# @note balidate the configuration file
#
def validate
if @config.empty?
print_error 'Configuration file is empty'
return
end
if @config['beef'].nil?
print_error "Configuration file is malformed: 'beef' is nil"
return
end
if @config['beef']['credentials'].nil?
print_error "Configuration file is malformed: 'beef.credentials' is nil"
return
end
if @config['beef']['http'].nil?
print_error "Configuration file is malformed: 'beef.http' is nil"
return
end
return unless validate_public_config_variable?(@config)
if @config['beef']['http']['public_port']
print_error 'Config path beef.http.public_port is deprecated.'
print_error 'Please use the new format for public variables found'
print_error 'https://github.com/beefproject/beef/wiki/Configuration#web-server-configuration'
return
end
true
end
#
# Returns the configuration value for the http server host
# If nothing is set it should default to 0.0.0.0 (all interfaces)
def local_host
get('beef.http.host') || '0.0.0.0'
end
#
# Returns the configuration value for the http server port
# If nothing is set it should default to 3000
def local_port
get('beef.http.port') || '3000'
end
#
# Return the local protocol
# if nothing is set default to http
def local_proto
local_https_enabled ? 'https' : 'http'
end
#
# Returns the configuration value for the local https enabled
# If nothing is set it should default to false
def local_https_enabled
get('beef.http.https.enable') || false
end
#
# Returns the configuration value for the http server host
def public_host
get('beef.http.public.host')
end
#
# Returns the beef host which is used by external resources
# e.g. hooked browsers
def beef_host
public_host || local_host
end
#
# Returns the beef port which is used by external resource
# e.g. hooked browsers
def beef_port
public_port || local_port
end
def public_enabled?
!get('beef.http.public.host').nil?
end
#
# Returns the beef protocol that is used by external resources
# e.g. hooked browsers
def beef_proto
if public_enabled? && public_https_enabled? then
return 'https'
elsif public_enabled? && !public_https_enabled?
return 'http'
elsif !public_enabled?
return local_proto
end
end
#
# Returns the beef scheme://host:port for external resources
# e.g. hooked browsers
def beef_url_str
"#{beef_proto}://#{beef_host}:#{beef_port}"
end
# Returns the hool path value stored in the config file
#
# @return [String] hook file path
def hook_file_path
get('beef.http.hook_file') || '/hook.js'
end
# Returns the url to the hook file
#
# @return [String] the url string
def hook_url
"#{beef_url_str}#{hook_file_path}"
end
# Returns the configuration value for the http server port
# If nothing is set it should default to 3000
def public_port
return get('beef.http.public.port') unless get('beef.http.public.port').nil?
return '443' if public_https_enabled?
return '80' unless public_host.nil?
nil
end
#
# Returns the configuration value for the local https enabled
# If nothing is set it should default to false
def public_https_enabled?
get('beef.http.public.https') || false
end
#
# Returns the value of a selected key in the configuration file.
# @param [String] key Key of configuration item
# @return [Hash|String] The resulting value stored against the 'key'
#
def get(key)
subkeys = key.split('.')
lastkey = subkeys.pop
subhash = subkeys.inject(@config) do |hash, k|
hash[k]
end
return nil if subhash.nil?
subhash.key?(lastkey) ? subhash[lastkey] : nil
end
#
# Sets the give key value pair to the config instance
# @param [String] key The configuration key
# @param value The value to be stored against the 'key'
# @return [Boolean] If the store procedure was successful
#
def set(key, value)
subkeys = key.split('.').reverse
return false if subkeys.empty?
hash = { subkeys.shift.to_s => value }
subkeys.each { |v| hash = {v.to_s => hash} }
@config = @config.deep_merge hash
true
end
#
# Clears the given key hash
# @param [String] key Configuration key to be cleared
# @return [Boolean] If the configuration key was cleared
#
def clear(key)
subkeys = key.split('.')
return false if subkeys.empty?
lastkey = subkeys.pop
hash = @config
subkeys.each {|v| hash = hash[v] }
hash.delete(lastkey).nil? ? false : true
end
#
# Load extensions configurations
#
def load_extensions_config
set('beef.extension', {})
Dir.glob("#{$root_dir}/extensions/*/config.yaml") do |cf|
y = load(cf)
if y.nil?
print_error "Unable to load extension configuration '#{cf}'"
next
end
y['beef']['extension'][y['beef']['extension'].keys.first]['path'] = cf.gsub(/config\.yaml/, '').gsub(%r{#{$root_dir}/}, '')
@config = y.deep_merge(@config)
end
end
#
# Load module configurations
#
def load_modules_config
set('beef.module', {})
# support nested sub-categories, like browser/hooked_domain/ajax_fingerprint
module_configs = File.join("#{$root_dir}/modules/**", "config.yaml")
Dir.glob(module_configs) do |cf|
y = load(cf)
if y.nil?
print_error "Unable to load module configuration '#{cf}'"
next
end
y['beef']['module'][y['beef']['module'].keys.first]['path'] = cf.gsub('config.yaml', '').gsub(%r{#{$root_dir}/}, '')
@config = y.deep_merge @config
# API call for post module config load
BeEF::API::Registrar.instance.fire(
BeEF::API::Configuration,
'module_configuration_load',
y['beef']['module'].keys.first
)
end
end
private
def validate_public_config_variable?(config)
return true if (config['beef']['http']['public'].is_a?(Hash) ||
config['beef']['http']['public'].is_a?(NilClass))
print_error 'Config path beef.http.public is deprecated.'
print_error 'Please use the new format for public variables found'
print_error 'https://github.com/beefproject/beef/wiki/Configuration#web-server-configuration'
false
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink