1
#
2
# Copyright (c) 2006-2026 Wade Alcorn - [email protected]
3
# Browser Exploitation Framework (BeEF) - https://beefproject.com
4
# See the file 'doc/COPYING' for copying permission
5
#
6
# Coverage must start before loading application code.
7
require 'simplecov'
8
SimpleCov.start do
9
  add_filter '/spec/'
10
  add_group 'Core', 'core'
11
  add_group 'Extensions', 'extensions'
12
  add_group 'Modules', 'modules'
13
  track_files '{core,extensions,modules}/**/*.rb'
14
end
15

16
# Set external and internal character encodings to UTF-8
17
Encoding.default_external = Encoding::UTF_8
18
Encoding.default_internal = Encoding::UTF_8
19

20
require 'core/loader.rb'
21

22
# @note We need to load variables that 'beef' usually does for us
23

24
# @todo review this config (this isn't used or is shadowed by the monkey patching, needs a further look to fix properly)
25
config = BeEF::Core::Configuration.new('config.yaml')
26
$home_dir = Dir.pwd
27
$root_dir = Dir.pwd
28

29
require 'core/bootstrap.rb'
30
require 'rack/test'
31
require 'curb'
32
require 'rest-client'
33
require 'yaml'
34
require 'selenium-webdriver'
35
require 'browserstack/local'
36
require 'byebug'
37

38
MUTEX ||= Mutex.new
39

40
# Require supports
41
Dir['spec/support/*.rb'].each do |f|
42
  require f
43
end
44

45
ENV['RACK_ENV'] ||= 'test' # Set the environment to test
46
ARGV.clear
47

48
## BrowserStack config
49

50
# Monkey patch to avoid reset sessions
51
class Capybara::Selenium::Driver < Capybara::Driver::Base
52
  def reset!
53
    @browser.navigate.to('about:blank') if @browser
54
  end
55
end
56

57
TASK_ID = (ENV['TASK_ID'] || 0).to_i
58
CONFIG_FILE = ENV['CONFIG_FILE'] || 'windows/win10/win10_chrome_81.config.yml'
59
CONFIG = YAML.safe_load(File.read("./spec/support/browserstack/#{CONFIG_FILE}"))
60
CONFIG['user'] = ENV['BROWSERSTACK_USERNAME'] || ''
61
CONFIG['key'] = ENV['BROWSERSTACK_ACCESS_KEY'] || ''
62

63
## DB config
64
ActiveRecord::Base.logger = nil
65
OTR::ActiveRecord.configure_from_hash!(adapter: 'sqlite3', database: ':memory:')
66

67
# otr-activerecord requires manually establishing the connection with the following line
68
# Also a check to confirm that the correct Gem version is installed to require it, likely easier for old systems.
69
if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2')
70
  OTR::ActiveRecord.establish_connection!
71
end
72
ActiveRecord::Schema.verbose = false
73

74
# Migrate (if required)
75
ActiveRecord::Migration.verbose = false # silence activerecord migration stdout messages
76
ActiveRecord::Migrator.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
77
context = ActiveRecord::MigrationContext.new(ActiveRecord::Migrator.migrations_paths)
78
if context.needs_migration?
79
  ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate
80
end
81

82
# -------------------------------------------------------------------
83
# Console logger shims
84
# Some extensions may call Console.level= or BeEF::Core::Console.level=
85
# Ensure both are safe.
86
# -------------------------------------------------------------------
87
module BeEF
88
  module Core
89
    module Console
90
      class << self
91
        attr_accessor :logger
92
        def level=(val)
93
          (self.logger ||= Logger.new($stdout)).level = val
94
        end
95
        def level
96
          (self.logger ||= Logger.new($stdout)).level
97
        end
98
        # Proxy common logger methods if called directly (info, warn, error, etc.)
99
        def method_missing(m, *args, &blk)
100
          lg = (self.logger ||= Logger.new($stdout))
101
          return lg.public_send(m, *args, &blk) if lg.respond_to?(m)
102
          super
103
        end
104
        def respond_to_missing?(m, include_priv = false)
105
          (self.logger ||= Logger.new($stdout)).respond_to?(m, include_priv) || super
106
        end
107
      end
108
    end
109
  end
110
end
111
BeEF::Core::Console.logger ||= Logger.new($stdout)
112

113
# Some code may reference a top-level ::Console constant (not namespaced)
114
unless defined?(::Console) && ::Console.respond_to?(:level=)
115
  module ::Console
116
    class << self
117
      attr_accessor :logger
118
      def level=(val)
119
        (self.logger ||= Logger.new($stdout)).level = val
120
      end
121
      def level
122
        (self.logger ||= Logger.new($stdout)).level
123
      end
124
      # Proxy to logger for typical logging calls
125
      def method_missing(m, *args, &blk)
126
        lg = (self.logger ||= Logger.new($stdout))
127
        return lg.public_send(m, *args, &blk) if lg.respond_to?(m)
128
        super
129
      end
130
      def respond_to_missing?(m, include_priv = false)
131
        (self.logger ||= Logger.new($stdout)).respond_to?(m, include_priv) || super
132
      end
133
    end
134
  end
135
end
136

137
RSpec.configure do |config|
138
  config.disable_monkey_patching!
139
  config.bisect_runner = :shell
140
  config.order = :random
141
  Kernel.srand config.seed
142
  config.include Rack::Test::Methods
143
  config.expect_with :rspec do |c|
144
    c.syntax = :expect
145
  end
146
  config.around do |example|
147
    ActiveRecord::Base.transaction do
148
      # byebug
149
      example.run
150
      raise ActiveRecord::Rollback
151
    end
152
  end
153

154
  def server_teardown(webdriver, server_pid, server_pids)
155
    begin
156
      webdriver&.quit
157
    rescue => e
158
      warn "[server_teardown] webdriver quit failed: #{e.class}: #{e.message}"
159
    end
160

161
    begin
162
      Process.kill('KILL', server_pid) if server_pid
163
    rescue => e
164
      warn "[server_teardown] kill failed: #{e.class}: #{e.message}"
165
    end
166

167
    Array(server_pids).each do |pid|
168
      begin
169
        Process.kill('KILL', pid) if pid
170
      rescue
171
        # ignore
172
      end
173
    end
174
  end
175

176
########################################
177

178
def reset_beef_db
179
  begin
180
      db_file = BeEF::Core::Configuration.instance.get('beef.database.file')
181
      File.delete(db_file) if File.exist?(db_file)
182
  rescue => e
183
      print_error("Could not remove '#{db_file}' database file: #{e.message}")
184
  end
185
end
186

187
require 'socket'
188

189
  def port_available?
190
    socket = TCPSocket.new(@host, @port)
191
    socket.close
192
    false  # If a connection is made, the port is in use, so it's not available.
193
  rescue Errno::ECONNREFUSED
194
    true   # If the connection is refused, the port is not in use, so it's available.
195
  rescue Errno::EADDRNOTAVAIL
196
    true   # If the connection is refused, the port is not in use, so it's available.
197
  end
198

199
  def configure_beef
200
    # Reset or re-initialise the configuration to a default state
201
    @config = BeEF::Core::Configuration.instance
202

203
    @config.set('beef.credentials.user', "beef")
204
    @config.set('beef.credentials.passwd', "beef")
205
    @config.set('beef.http.https.enable', false)
206
  end
207

208
  # Load the server
209
  def load_beef_extensions_and_modules
210
      # Load BeEF extensions
211
      BeEF::Extensions.load
212

213
      # Load BeEF modules only if they are not already loaded
214
      BeEF::Modules.load if @config.get('beef.module').nil?
215
  end
216

217
  # --- HARD fork-safety: disconnect every pool/adapter we can find ---
218
  def disconnect_all_active_record!
219
    # print_info "Entering disconnect_all_active_record!"
220
    if defined?(ActiveRecord::Base)
221
      # print_info "Disconnecting ActiveRecord connections"
222
      handler = ActiveRecord::Base.connection_handler
223
      if handler.respond_to?(:connection_pool_list)
224
        # print_info "Using connection_pool_list"
225
        handler.connection_pool_list.each { |pool| pool.disconnect! }
226
      elsif handler.respond_to?(:connection_pools)
227
        # print_info "Using connection_pools"
228
        handler.connection_pools.each_value { |pool| pool.disconnect! }
229
      end
230
    else
231
      print_info "ActiveRecord::Base not defined"
232
    end
233
  end
234

235
  def start_beef_server
236
    configure_beef
237
    @port = @config.get('beef.http.port')
238
    @host = @config.get('beef.http.host')
239
    @host = '127.0.0.1'
240

241
    unless port_available?
242
      raise "Port #{@port} is already in use. Cannot start BeEF server."
243
    end
244
    load_beef_extensions_and_modules
245
    
246
    # Grab DB file and regenerate if requested
247
    db_file = @config.get('beef.database.file')
248

249
    if BeEF::Core::Console::CommandLine.parse[:resetdb]
250
      File.delete(db_file) if File.exist?(db_file)
251
    end
252

253
    # ***** IMPORTANT: close any and all AR/OTR connections before forking *****
254
    disconnect_all_active_record!
255

256
    # Load up DB and migrate if necessary
257
    ActiveRecord::Base.logger = nil
258
    OTR::ActiveRecord.configure_from_hash!(adapter:'sqlite3', database: db_file)
259
    # otr-activerecord require you to manually establish the connection with the following line
260
    #Also a check to confirm that the correct Gem version is installed to require it, likely easier for old systems.
261
    if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2')
262
      OTR::ActiveRecord.establish_connection!
263
    end
264

265
    # Migrate (if required)
266
    ActiveRecord::Migration.verbose = false # silence activerecord migration stdout messages
267
    ActiveRecord::Migrator.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
268
    context = ActiveRecord::MigrationContext.new(ActiveRecord::Migrator.migrations_paths)
269
    if context.needs_migration?
270
      ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate
271
    end
272

273
    BeEF::Core::Migration.instance.update_db!
274

275
    # Spawn HTTP Server
276
    # print_info "Starting HTTP Hook Server"
277
    http_hook_server = BeEF::Core::Server.instance
278
    http_hook_server.prepare
279

280
    # Generate a token for the server to respond with
281
    BeEF::Core::Crypto::api_token
282

283
    disconnect_all_active_record!
284

285
    # Initiate server start-up
286
    BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
287
    pid = fork do
288
      http_hook_server.start
289
    end
290

291
    return pid
292
  end
293

294
  def beef_server_running?(uri_str)
295
    begin
296
      uri = URI.parse(uri_str)
297
      response = Net::HTTP.get_response(uri)
298
      response.is_a?(Net::HTTPSuccess)
299
      rescue Errno::ECONNREFUSED
300
        return false # Connection refused means the server is not running
301
      rescue StandardError => e
302
        return false # Any other error means the server is not running
303
    end
304
  end
305

306
  def wait_for_beef_server_to_start(uri_str, timeout: 5)
307
    start_time = Time.now # Record the time we started
308
    until beef_server_running?(uri_str) || (Time.now - start_time) > timeout do
309
      sleep 0.1 # Wait a bit before checking again
310
    end
311
    beef_server_running?(uri_str) # Return the result of the check
312
  end
313

314
  def start_beef_server_and_wait
315
    puts "Starting BeEF server"
316
    pid = start_beef_server
317
    puts "BeEF server started with PID: #{pid}"
318

319
    if wait_for_beef_server_to_start('http://localhost:3000', timeout: SERVER_START_TIMEOUT)
320
      # print_info "Server started successfully."
321
    else
322
      print_error "Server failed to start within timeout."
323
    end
324

325
    pid
326
  end
327

328
  def stop_beef_server(pid)
329
    return if pid.nil?
330
    Process.kill("KILL", pid) unless pid.nil?
331
    Process.wait(pid) unless pid.nil? # Ensure the process has exited and the port is released 
332
  end
333

334
end
335

336
# -------------------------------------------------------------------
337
# ActiveRecord connection snapshot/restore helpers (test isolation)
338
# Some specs disconnect ActiveRecord (fork safety), destroying the SQLite in-memory DB.
339
# These helpers restore it for later specs.
340
# -------------------------------------------------------------------
341
module SpecActiveRecordConnection
342
  module_function
343

344
  def snapshot
345
    # Capture the current AR connection configuration hash if possible.
346
    if ActiveRecord::Base.respond_to?(:connection_db_config) && ActiveRecord::Base.connection_db_config
347
      ActiveRecord::Base.connection_db_config.configuration_hash
348
    else
349
      ActiveRecord::Base.connection_config
350
    end
351
  rescue StandardError
352
    nil
353
  end
354

355
  def restore!(config_hash)
356
    # Ensure we don't leave AR disconnected for subsequent specs.
357
    begin
358
      handler = ActiveRecord::Base.connection_handler
359
      if handler.respond_to?(:connection_pool_list)
360
        handler.connection_pool_list.each { |pool| pool.disconnect! }
361
      elsif handler.respond_to?(:connection_pools)
362
        handler.connection_pools.each_value { |pool| pool.disconnect! }
363
      else
364
        ActiveRecord::Base.connection_pool.disconnect!
365
      end
366
    rescue StandardError
367
      # ignore
368
    end
369

370
    if config_hash
371
      OTR::ActiveRecord.configure_from_hash!(config_hash)
372
    else
373
      # Fallback to suite default
374
      OTR::ActiveRecord.configure_from_hash!(adapter: 'sqlite3', database: ':memory:')
375
    end
376

377
    if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2')
378
      OTR::ActiveRecord.establish_connection!
379
    end
380
    ActiveRecord::Schema.verbose = false
381

382
    # Run migrations if the restored DB is empty/outdated
383
    ActiveRecord::Migration.verbose = false
384
    ActiveRecord::Migrator.migrations_paths = [File.join('core', 'main', 'ar-migrations')]
385
    context = ActiveRecord::MigrationContext.new(ActiveRecord::Migrator.migrations_paths)
386
    if context.needs_migration?
387
      ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate
388
    end
389
  end
390
end
391

392