Path: blob/master/extensions/evasion/obfuscation/scramble.rb
1154 views
#1# Copyright (c) 2006-2025 Wade Alcorn - [email protected]2# Browser Exploitation Framework (BeEF) - https://beefproject.com3# See the file 'doc/COPYING' for copying permission4#5module BeEF6module Extension7module Evasion8class Scramble9include Singleton1011def need_bootstrap?12false13end1415def execute(input, config)16@output = input1718to_scramble = config.get('beef.extension.evasion.scramble')19to_scramble.each do |var, value|20if var == value21# Variables have not been scrambled yet22mod_var = BeEF::Core::Crypto.random_alphanum_string(3)23@output.gsub!(var, mod_var)24config.set("beef.extension.evasion.scramble.#{var}", mod_var)25print_debug "[OBFUSCATION - SCRAMBLER] string [#{var}] scrambled -> [#{mod_var}]"26else27# Variables already scrambled, re-use the one already created to maintain consistency28@output.gsub!(var, value)29print_debug "[OBFUSCATION - SCRAMBLER] string [#{var}] scrambled -> [#{value}]"30end31@output32end3334if config.get('beef.extension.evasion.scramble_cookies')35# ideally this should not be static, but it's static in JS code, so fine for nowend36mod_cookie = BeEF::Core::Crypto.random_alphanum_string(5)37if config.get('beef.http.hook_session_name') == 'BEEFHOOK'38@output.gsub!('BEEFHOOK', mod_cookie)39config.set('beef.http.hook_session_name', mod_cookie)40print_debug "[OBFUSCATION - SCRAMBLER] cookie [BEEFHOOK] scrambled -> [#{mod_cookie}]"41else42@output.gsub!('BEEFHOOK', config.get('beef.http.hook_session_name'))43print_debug "[OBFUSCATION - SCRAMBLER] cookie [BEEFHOOK] scrambled -> [#{config.get('beef.http.hook_session_name')}]"44end45end4647@output48end49end50end51end52end535455