Commit 10fca470 authored by Sophie Brun's avatar Sophie Brun

Update upstream source from tag 'upstream/0.5.0.0+git20191218'

Update to upstream version '0.5.0.0+git20191218'
with Debian dir f76dcfd3e54eb062c331b3383acf90f328a38396
parents 940c8aac cdede7d0
......@@ -3,7 +3,7 @@ Verify first that your issue/request has not been posted previously:
* https://github.com/beefproject/beef/issues
* https://github.com/beefproject/beef/wiki/FAQ
Ensure you're using the [latest version of BeEF](https://github.com/beefproject/beef/releases/tag/beef-0.4.7.2).
Ensure you're using the [latest version of BeEF](https://github.com/beefproject/beef/releases/tag/beef-0.5.0.0).
#### Environment
......
### BeEF ###
beef.db
beef.log
test/msf-test
extensions/admin_ui/media/javascript-min/
custom-config.yaml
.DS_Store
.gitignore
.rvmrc
beef.log
*.lock
extensions/metasploit/msf-exploits.cache
# ruby debugging
.byebug_history
# The following lines were created by https://www.gitignore.io
### Linux ###
......
--format documentation
--color
--require spec_helper
-I .
......@@ -4,7 +4,7 @@ AllCops:
- 'tmp/**/*'
- 'tools/**/*'
- 'doc/**/*'
TargetRubyVersion: 2.4
TargetRubyVersion: 2.5
Metrics/AbcSize:
Enabled: false
......
language: ruby
rvm:
- 2.4.0
- 2.5.0
- 2.5.3
- 2.6.0
env:
- "BEEF_TEST=true"
- 2.6.5
notifications:
email:
recipients:
......@@ -21,3 +19,4 @@ addons:
- zlib1g-dev
- liblzma-dev
- libcurl4-openssl-dev
......@@ -8,37 +8,23 @@
gem 'eventmachine'
gem 'thin'
gem 'sinatra', '~> 2.0'
gem 'rack', '~> 2.0'
gem 'rack-protection', '~> 2.0'
gem 'sinatra'
gem 'rack'
gem 'rack-protection'
gem 'em-websocket' # WebSocket support
gem 'uglifier'
gem 'mime-types'
gem 'execjs'
gem 'ansi'
gem 'term-ansicolor', :require => 'term/ansicolor'
gem 'dm-core'
gem 'json'
gem 'data_objects'
gem 'rubyzip', '>= 1.2.2'
gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice
gem 'nokogiri', '>= 1.7'
gem 'nokogiri', '>= 1.10.4'
gem 'rake'
# SQLite support
group :sqlite do
gem 'dm-sqlite-adapter'
end
# PostgreSQL support
group :postgres do
#gem dm-postgres-adapter
end
# MySQL support
group :mysql do
#gem dm-mysql-adapter
end
#ruby 2.4 isnt compatible with a higher version of active-record
gem 'otr-activerecord'
gem 'sqlite3'
# Geolocation support
group :geoip do
......@@ -47,7 +33,6 @@ end
gem 'parseconfig'
gem 'erubis'
gem 'dm-migrations'
# Metasploit Integration extension
group :ext_msf do
......@@ -77,7 +62,6 @@ end
# For running unit tests
group :test do
if ENV['BEEF_TEST']
gem 'test-unit'
gem 'test-unit-full'
gem 'rspec'
......@@ -86,16 +70,17 @@ group :test do
# sudo apt-get install libcurl4-openssl-dev
gem 'curb'
# selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
gem 'selenium'
gem 'selenium-webdriver', '~> 2.53.4'
# gem 'selenium' # Requires old version of selenium which is no longer available
gem 'geckodriver-helper'
gem 'selenium-webdriver'
# nokogirl is needed by capybara which may require one of the below commands
# sudo apt-get install libxslt-dev libxml2-dev
# sudo port install libxml2 libxslt
gem 'capybara'
# RESTful API tests/generic command module tests
gem 'rest-client', '>= 2.0.1'
gem 'byebug'
end
gem 'irb'
gem 'pry-byebug'
end
source 'https://rubygems.org'
......@@ -21,9 +21,9 @@ Or cloning the Git repository from Github:
Prerequisites
--------------
BeEF requires Ruby 2.4+.
BeEF requires Ruby 2.5+.
If your operating system package manager does not support Ruby version 2.4,
If your operating system package manager does not support Ruby version 2.5,
you can add the brightbox ppa repository for the latest version of Ruby:
$ sudo apt-add-repository -y ppa:brightbox/ruby-ng
......
......@@ -37,13 +37,19 @@ Requirements
------------
* Operating System: Mac OSX 10.5.0 or higher / modern Linux. Note: Windows is not supported.
* [Ruby](http://ruby-lang.org): 2.4 or newer
* [Ruby](http://ruby-lang.org): 2.5 or newer
* [SQLite](http://sqlite.org): 3.x
* [Node.js](https://nodejs.org): 6 or newer
* The gems listed in the Gemfile: https://github.com/beefproject/beef/blob/master/Gemfile
* Selenium is required on OSX: brew install selenium-server-standalone (See https://github.com/shvets/selenium)
ActiveRecord
-----------
ActiveRecord was used to replace DataMapper, and now ruby 2.4 is no longer supported.
If you're using ruby 2.4 please update your BeEF version, otherwise master-0.4.7.3 has the beef branch before the ActiveRecord Merge.
Quick Start
-----------
......
......@@ -4,62 +4,24 @@
# See the file 'doc/COPYING' for copying permission
#
require 'yaml'
require 'bundler/setup'
load 'tasks/otr-activerecord.rake'
#require 'pry-byebug'
task :default => ["quick"]
desc "Run quick tests"
task :quick do
Rake::Task['unit'].invoke # run unit tests
end
desc "Run all tests"
task :all do
Rake::Task['integration'].invoke # run integration tests
Rake::Task['unit'].invoke # run unit tests
Rake::Task['msf'].invoke # run msf tests
end
desc "Run automated tests (for Jenkins)"
task :automated do
Rake::Task['xserver_start'].invoke
Rake::Task['all'].invoke
Rake::Task['xserver_stop'].invoke
end
desc "Run integration unit tests"
task :integration => ["install"] do
Rake::Task['beef_start'].invoke
sh "export DISPLAY=:0; cd test/integration;ruby -W0 ts_integration.rb"
Rake::Task['beef_stop'].invoke
end
desc "Run integration unit tests"
task :unit => ["install"] do
sh "cd test/unit;ruby -W0 ts_unit.rb"
end
desc "Run MSF unit tests"
task :msf => ["install", "msf_install"] do
Rake::Task['msf_update'].invoke
Rake::Task['msf_start'].invoke
sh "cd test/thirdparty/msf/unit/;ruby -W0 ts_metasploit.rb"
Rake::Task['msf_stop'].invoke
end
task :default => ["spec"]
desc 'Generate API documentation to doc/rdocs/index.html'
task :rdoc do
Rake::Task['rdoc:rerdoc'].invoke
end
desc 'rest test examples'
task :rest_test do
Rake::Task['beef_start'].invoke
## RSPEC
require 'rspec/core/rake_task'
RSpec::Core::RakeTask.new(:spec)
sh 'cd test/api/; ruby -W2 1333_auth_rate.rb'
Rake::Task['beef_stop'].invoke
end
################################
# SSL/TLS certificate
......@@ -276,5 +238,10 @@ task :cde_beef_start => 'beef' do
puts '.'
end
################################
# ActiveRecord
namespace :db do
task :environment do
require_relative "beef"
end
end
......@@ -4,4 +4,4 @@
# See the file 'doc/COPYING' for copying permission
#
0.4.7.3-alpha
0.4.7.4-alpha-pre
......@@ -12,11 +12,11 @@
$VERBOSE = nil
#
# @note Version check to ensure BeEF is running Ruby 2.4+
# @note Version check to ensure BeEF is running Ruby 2.5+
#
if RUBY_VERSION < '2.4'
if RUBY_VERSION < '2.5'
puts
puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version 2.4 or later."
puts "Ruby version #{RUBY_VERSION} is no longer supported. Please upgrade to Ruby version 2.5 or later."
puts
exit 1
end
......@@ -119,14 +119,6 @@ unless config.get('beef.http.public_port').to_s.eql?('') || BeEF::Filters.is_val
exit 1
end
#
# @note Validate database driver
#
unless ['sqlite', 'postgres', 'mysql'].include? config.get('beef.database.driver')
print_error 'No default database selected. Please add one in config.yaml'
exit 1
end
#
# @note After the BeEF core is loaded, bootstrap the rest of the framework internals
#
......@@ -160,43 +152,25 @@ BeEF::Modules.load
Socket.do_not_reverse_lookup = true
#
# @note Database setup - use DataMapper::Logger.new($stdout, :debug) for development debugging
#
case config.get("beef.database.driver")
when "sqlite"
DataMapper.setup(:default, "sqlite3://#{$root_dir}/#{config.get("beef.database.db_file")}")
when "mysql", "postgres"
DataMapper.setup(:default,
:adapter => config.get("beef.database.driver"),
:host => config.get("beef.database.db_host"),
:port => config.get("beef.database.db_port"),
:username => config.get("beef.database.db_user"),
:password => config.get("beef.database.db_passwd"),
:database => config.get("beef.database.db_name"),
:encoding => config.get("beef.database.db_encoding")
)
else
print_error 'No default database selected. Please add one in config.yaml'
exit 1
end
# @note Database setup
#
#
# @note Load the database
#
begin
# @note Resets the database if the -x flag was passed
if BeEF::Core::Console::CommandLine.parse[:resetdb]
print_info 'Resetting the database for BeEF.'
DataMapper.auto_migrate!
else
DataMapper.auto_upgrade!
end
rescue => e
print_error "Could not connect to database: #{e.message}"
if config.get("beef.database.driver") == 'sqlite'
print_error "Ensure the #{$root_dir}/#{config.get("beef.database.db_file")} database file is writable"
end
exit 1
db_file = config.get('beef.database.file')
# @note Resets the database if the -x flag was passed
if BeEF::Core::Console::CommandLine.parse[:resetdb]
print_info 'Resetting the database for BeEF.'
File.delete(db_file) if File.exists?(db_file)
end
# Connect to DB
ActiveRecord::Base.logger = nil
OTR::ActiveRecord.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database:db_file)
# Migrate (if required)
context = ActiveRecord::Migration.new.migration_context
if context.needs_migration?
ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration).migrate
end
#
......
......@@ -6,7 +6,7 @@
# BeEF Configuration file
beef:
version: '0.4.7.3-alpha'
version: '0.4.7.4-alpha-pre'
# More verbose messages (server-side)
debug: false
# More verbose messages (client-side)
......@@ -90,28 +90,7 @@ beef:
cert: "beef_cert.pem"
database:
# For information on using other databases please read the
# README.databases file
# supported DBs: sqlite, mysql, postgres
# NOTE: you must change the Gemfile adding a gem require line like:
# gem "dm-postgres-adapter"
# or
# gem "dm-mysql-adapter"
# if you want to switch drivers from sqlite to postgres (or mysql).
# Finally, run a 'bundle install' command and start BeEF.
driver: "sqlite"
# db_file is only used for sqlite
db_file: "beef.db"
# db connection information is only used for mysql/postgres
db_host: "localhost"
db_port: 3306
db_name: "beef"
db_user: "beef"
db_passwd: "beef"
db_encoding: "UTF-8"
file: "beef.db"
# Autorun Rule Engine
autorun:
......
......@@ -30,8 +30,6 @@ require 'core/main/network_stack/assethandler'
require 'core/main/network_stack/api'
# @note Include the autorun engine
require 'core/main/autorun_engine/models/rule'
require 'core/main/autorun_engine/models/execution'
require 'core/main/autorun_engine/parser'
require 'core/main/autorun_engine/engine'
require 'core/main/autorun_engine/rule_loader'
......
......@@ -10,6 +10,7 @@ end
end
# @note Includes database models - the order must be consistent otherwise DataMapper goes crazy
require 'core/main/model'
require 'core/main/models/commandmodule'
require 'core/main/models/hookedbrowser'
require 'core/main/models/log'
......@@ -17,6 +18,8 @@ require 'core/main/models/command'
require 'core/main/models/result'
require 'core/main/models/optioncache'
require 'core/main/models/browserdetails'
require 'core/main/models/rule'
require 'core/main/models/execution'
# @note Include the constants
require 'core/main/constants/browsers'
......
......@@ -10,14 +10,14 @@ module BeEF
# @param [String] sid hooked browser session id string
# @return [BeEF::Core::Models::HookedBrowser] returns the associated Hooked Browser
def self.get_by_session(sid)
BeEF::Core::Models::HookedBrowser.first(:session => sid)
BeEF::Core::Models::HookedBrowser.where(:session => sid).first
end
# Get hooked browser by id
# @param [Integer] id hooked browser database id
# @return [BeEF::Core::Models::HookedBrowser] returns the associated Hooked Browser
def self.get_by_id(id)
BeEF::Core::Models::HookedBrowser.first(:id => id)
BeEF::Core::Models::HookedBrowser.find(id)
end
end
......
......@@ -31,8 +31,7 @@ require 'execjs'
require 'ansi'
require 'term/ansicolor'
require 'json'
require 'data_objects'
require 'dm-do-adapter'
require 'otr-activerecord'
require 'parseconfig'
require 'erubis'
require 'mime/types'
......@@ -41,7 +40,6 @@ require 'resolv'
require 'digest'
require 'zip'
require 'logger'
# @note Logger
require 'core/logger'
......
class CreateCommandModules < ActiveRecord::Migration[6.0]
def change
create_table :command_modules do |t|
t.text :name
t.text :path
end
end
end
class CreateHookedBrowsers < ActiveRecord::Migration[6.0]
def change
create_table :hooked_browsers do |t|
t.text :session
t.text :ip
t.text :firstseen
t.text :lastseen
t.text :httpheaders
t.text :domain
t.integer :port
t.integer :count
t.boolean :is_proxy
end
end
end
class CreateLogs < ActiveRecord::Migration[6.0]
def change
create_table :logs do |t|
t.text :logtype
t.text :event
t.datetime :date
t.references :hooked_browser
end
end
end
class CreateCommands < ActiveRecord::Migration[6.0]
def change
create_table :commands do |t|
t.references :command_module
t.references :hooked_browser
t.text :data
t.datetime :creationdate
t.text :label
t.boolean :instructions_sent, default: false
end
end
end
class CreateResults < ActiveRecord::Migration[6.0]
def change
create_table :results do |t|
t.references :command
t.references :hooked_browser
t.datetime :date
t.integer :status
t.text :data
end
end
end
class CreateOptionCaches < ActiveRecord::Migration[6.0]
def change
create_table :option_caches do |t|
t.text :name
t.text :value
end
end
end
class CreateBrowserDetails < ActiveRecord::Migration[6.0]
def change
create_table :browser_details do |t|
t.text :session_id
t.text :detail_key
t.text :detail_value
end
end
end
class CreateExecutions < ActiveRecord::Migration[6.0]
def change
create_table :executions do |t|
t.text :session_id
t.integer :mod_count
t.integer :mod_successful
t.text :mod_body
t.text :exec_time
t.text :rule_token
t.boolean :is_sent
end
end
end
class CreateRules < ActiveRecord::Migration[6.0]
def change
create_table :rules do |t|
t.text :name
t.text :author
t.text :browser
t.text :browser_version
t.text :os
t.text :os_version
t.text :modules
t.text :execution_order
t.text :execution_delay
t.text :chain_mode
end
end
end
class CreateInterceptor < ActiveRecord::Migration[6.0]
def change
create_table :interceptors do |t|
t.text :ip
t.text :post_data
end
end
end
class CreateWebCloner < ActiveRecord::Migration[6.0]
def change
create_table :web_cloner do |t|
t.text :uri
t.text :mount
end
end
end
class CreateMassMailer < ActiveRecord::Migration[6.0]
def change
create_table :mass_mailer do |t|
#todo fields
end
end
end
class CreateNetworkHost < ActiveRecord::Migration[6.0]
def change