From dd3b635a48dc2387be96b501611eec6c9abbb9c9 Mon Sep 17 00:00:00 2001 From: Jack Walker Date: Tue, 7 Jul 2020 14:47:05 +1000 Subject: [PATCH 1/2] Re-commiting h4sh5's reverted changes. --- core/main/handlers/browserdetails.rb | 12 ++++++++++++ extensions/network/rest/network.rb | 6 ++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/core/main/handlers/browserdetails.rb b/core/main/handlers/browserdetails.rb index f4ad33ca4f..df60210688 100644 --- a/core/main/handlers/browserdetails.rb +++ b/core/main/handlers/browserdetails.rb @@ -29,6 +29,7 @@ def setup() # validate hook session value session_id = get_param(@data, 'beefhook') + print_debug "[INIT] Processing Browser Details for session #{session_id}" (self.err_msg "session id is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(session_id) hooked_browser = HB.where(:session => session_id).first return if not hooked_browser.nil? # browser is already registered with framework @@ -404,6 +405,17 @@ def setup() self.err_msg "Invalid value for 'browser.window.size.width' returned from the hook browser's initial connection." end + # store and log IP details of host + print_debug("Hooked browser [id:#{zombie.id}] has IP [ip: #{zombie.ip}]") + + if os_name != nil and os_version != nil + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host', :os => os_name + "-" + os_version) + elsif os_name != nil + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host', :os => os_name) + else + BeEF::Core::Models::NetworkHost.create(:hooked_browser => zombie, :ip => zombie.ip, :ntype => 'Host') + end + # get and store the yes|no value for browser capabilities capabilities = [ 'browser.capabilities.vbscript', diff --git a/extensions/network/rest/network.rb b/extensions/network/rest/network.rb index 1e905c0d60..96270c4e49 100644 --- a/extensions/network/rest/network.rb +++ b/extensions/network/rest/network.rb @@ -13,6 +13,7 @@ class NetworkRest < BeEF::Core::Router::Router config = BeEF::Core::Configuration.instance @nh = BeEF::Core::Models::NetworkHost @ns = BeEF::Core::Models::NetworkService + @hb = BeEF::Core::Models::HookedBrowser # Require a valid API token from a valid IP address halt 401 unless params[:token] == config.get('beef.api_token') @@ -69,7 +70,8 @@ class NetworkRest < BeEF::Core::Router::Router begin id = params[:id] - hosts = @nh.where(hooked_browser_id: id).distinct.order(:id) + hooked_browser = @hb.where(session: id).distinct + hosts = @nh.where(hooked_browser: hooked_browser).distinct.order(:hooked_browser) count = hosts.length result = {} @@ -121,7 +123,7 @@ class NetworkRest < BeEF::Core::Router::Router host = @nh.find(id) raise InvalidParamError, 'id' if host.nil? - halt 404 if host.empty? + halt 404 if host.nil? host.to_h.to_json rescue InvalidParamError => e From b8528e5df586b409d6f5e214bad50403a7ee9e4e Mon Sep 17 00:00:00 2001 From: bcoles Date: Wed, 8 Jul 2020 20:35:06 +1000 Subject: [PATCH 2/2] Update dependencies --- Gemfile | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/Gemfile b/Gemfile index c96f7d0d21..2f4545939a 100644 --- a/Gemfile +++ b/Gemfile @@ -8,11 +8,11 @@ #gem 'simplecov', require: false, group: :test gem 'eventmachine' gem 'thin' -gem 'sinatra' -gem 'rack' -gem 'rack-protection' +gem 'sinatra', '>= 2.0.2' +gem 'rack', '>= 2.2.3' +gem 'rack-protection', '>= 2.0.0' gem 'em-websocket' # WebSocket support -gem 'uglifier' +gem 'uglifier', '>= 2.7.2' gem 'mime-types' gem 'execjs' gem 'ansi' @@ -20,10 +20,9 @@ gem 'term-ansicolor', :require => 'term/ansicolor' gem 'json' gem 'rubyzip', '>= 1.2.2' gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice -gem 'nokogiri', '>= 1.10.4' -gem 'rake' -#ruby 2.4 isnt compatible with a higher version of active-record -gem 'otr-activerecord' +gem 'nokogiri', '>= 1.10.8' +gem 'rake', '>= 12.3.3' +gem 'otr-activerecord' gem 'sqlite3' # Geolocation support