Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ba08d4e44c49c944eacec2d012a05c423bd45ecb
beef/core/main/handlers/modules/command.rb
zinduolis 95793433fa Update copyright year to 2026
2025-12-26 19:18:05 +10:00

99 lines
3.9 KiB
Ruby
Raw Blame History

#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
module Handlers
module Modules
module Command
# Adds the command module instructions to a hooked browser's http response.
# @param [Object] command Command object
# @param [Object] hooked_browser Hooked Browser object
def add_command_instructions(command, hooked_browser)
if hooked_browser.nil?
(print_error 'hooked_browser is nil'
return)
end
if hooked_browser.session.nil?
(print_error 'hooked_browser.session is nil'
return)
end
if command.nil?
(print_error 'hooked_browser is nil'
return)
end
if command.command_module_id.nil?
(print_error 'hooked_browser.command_module_id is nil'
return)
end
config = BeEF::Core::Configuration.instance
# @note get the command module
command_module = BeEF::Core::Models::CommandModule.where(id: command.command_module_id).first
if command_module.nil?
(print_error 'command_module is nil'
return)
end
if command_module.path.nil?
(print_error 'command_module.path is nil'
return)
end
if command_module.path.match(/^Dynamic/)
command_module = BeEF::Modules::Commands.const_get(command_module.path.split('/').last.capitalize).new
else
key = BeEF::Module.get_key_by_database_id(command.command_module_id)
if key.nil?
(print_error "Could not find command module with ID #{command.command_module_id}"
return)
end
command_module = BeEF::Core::Command.const_get(config.get("beef.module.#{key}.class")).new(key)
end
command_module.command_id = command.id
command_module.session_id = hooked_browser.session
command_module.build_datastore(command.data)
command_module.pre_send
build_missing_beefjs_components(command_module.beefjs_components) unless command_module.beefjs_components.empty?
ws = BeEF::Core::Websocket::Websocket.instance
if config.get('beef.extension.evasion.enable')
evasion = BeEF::Extension::Evasion::Evasion.instance
@output = evasion.obfuscate(command_module.output)
else
@output = command_module.output
end
# TODO: antisnatchor: remove this gsub crap adding some hook packing.
if config.get('beef.http.websocket.enable') && ws.getsocket(hooked_browser.session)
# content = command_module.output.gsub('//
# //
# // Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# // Browser Exploitation Framework (BeEF) - https://beefproject.com
# // See the file 'doc/COPYING' for copying permission
# //
# //', "")
ws.send(@output, hooked_browser.session)
else
@body << (@output + "\n\n")
end
# @note prints the event to the console
if BeEF::Settings.console?
name = command_module.friendlyname || kclass
print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has been sent instructions from command module [cid:#{command.id}, mod: #{command.command_module_id}, name:'#{name}']"
end
# @note flag that the command has been sent to the hooked browser
command.instructions_sent = true
command.save!
end
end
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink