Commit f8287622 authored by Sophie Brun's avatar Sophie Brun

Ask for a new password if config is still Default password

parent c3cdb9fb
......@@ -9,3 +9,4 @@ debian/scripts/beef-xss usr/bin/
debian/scripts/beef-xss-stop usr/bin/
extensions usr/share/beef-xss/
modules usr/share/beef-xss/
debian/set-new-pass.rb usr/share/beef-xss/
beef-xss (0.4.7.3-0kali2) kali-dev; urgency=medium
* Ask for a new password if config is still Default password (see 5441)
instead of displaying an error message.
-- Sophie Brun <sophie@offensive-security.com> Mon, 27 May 2019 16:26:52 +0200
beef-xss (0.4.7.3-0kali1) kali-dev; urgency=medium
[ Raphaël Hertzog ]
......
......@@ -6,6 +6,9 @@ GREEN="\033[01;32m"
YELLOW="\033[01;33m"
RESET="\033[00m"
## Define config_file
config_file='/etc/beef-xss/config.yaml'
## Check if running as root
if [[ $EUID -ne 0 ]]; then
echo -e "${RED}[-]${RESET} This script must be ${RED}run as root${RESET}" 1>&2
......@@ -21,8 +24,13 @@ USER=$(ruby -ryaml -e "print YAML.load_file('/etc/beef-xss/config.yaml')['beef']
PASSWD=$(ruby -ryaml -e "print YAML.load_file('/etc/beef-xss/config.yaml')['beef']['credentials']['passwd']")
if [[ $USER = "beef" ]] && [[ $PASSWD = "beef" ]]; then
echo -e "${RED}[-]${RESET} You are using the ${RED}Default credentials${RESET}"
echo -e "${RED}[-]${RESET} Please change user and/or passwd in /etc/beef-xss/config.yaml"
exit 1
while [ $PASSWD = beef ]; do
echo -e "${RED}[-]${RESET} (Password must be different from \"beef\")"
echo -ne "${RED}[-]${RESET} Please type a new password for the beef user: "
read -s PASSWD
echo ""
ruby /usr/share/beef-xss/set-new-pass.rb $config_file $PASSWD
done
fi
## Check if something is already on the port
......
#!/usr/bin/env ruby
require 'yaml'
config_file = ARGV[0]
password = ARGV[1]
File.open(config_file, 'a+')
yaml_file = YAML.load_file(config_file)
yaml_file['beef']['credentials']['passwd'] = password
File.open(config_file, 'w') { |f| YAML.dump(yaml_file, f) }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment