CoCalc -- beef

GitHub Repository: beefproject/beef
Path: blob/master/spec/support/beef_test.rb
¹¹⁵⁴ views
1
#
2
# Copyright (c) 2006-2025 Wade Alcorn - [email protected]
3
# Browser Exploitation Framework (BeEF) - https://beefproject.com
4
# See the file 'doc/COPYING' for copying permission
5
#
6
require 'selenium-webdriver'
7
require 'spec_helper'
8
require 'capybara'
9
require 'capybara/rspec'
10
Capybara.run_server = false # we need to run our own BeEF server
11

12
class BeefTest
13
  def self.save_screenshot(session, dir = nil)
14
    outputDir = dir || BEEF_TEST_DIR
15
    Dir.mkdir(outputDir) unless File.directory?(outputDir)
16
    filename = outputDir + Time.now.strftime('%Y-%m-%d--%H-%M-%S-%N') + '.png'
17
    session.driver.browser.save_screenshot(filename)
18
  end
19

20
  def self.login(session = nil)
21
    session = Capybara::Session.new(:selenium_headless) if session.nil?
22
    session.visit(ATTACK_URL)
23
    
24
    session.has_content?('Authentication', wait: 10)
25

26
    # enter the credentials
27
    session.execute_script("document.getElementById('pass').value = '#{CGI.escapeHTML(BEEF_PASSWD)}'\;")
28
    session.execute_script("document.getElementById('user').value = '#{CGI.escapeHTML(BEEF_USER)}'\;")
29

30
    # due to using JS there seems to be a race condition - this is a workaround
31
    session.has_content?('beef', wait: PAGE_LOAD_TIMEOUT)
32

33
    # click the login button
34
    login_script = <<-JAVASCRIPT
35
      var loginButton;
36
      var buttons = document.getElementsByTagName('button');
37
      for (var i = 0; i < buttons.length; i++) {
38
        if (buttons[i].textContent === 'Login') {
39
          loginButton = buttons[i];
40
          break;
41
        }
42
      }
43
      if (loginButton) {
44
        loginButton.click();
45
      }
46
    JAVASCRIPT
47
    session.execute_script(login_script)
48

49
    session.has_content?('Hooked Browsers', wait: PAGE_LOAD_TIMEOUT)
50

51
    session
52
  end
53

54
  def self.logout(session)
55
    session.click_on('Logout')
56
    session.has_content?('Authentication', wait: PAGE_LOAD_TIMEOUT)
57

58
    session
59
  end
60

61
  def self.new_attacker(session = nil)
62
    self.login(session)
63
  end
64

65
  def self.new_victim(victim = nil)
66
    victim = Capybara::Session.new(:selenium_headless) if victim.nil?
67
    victim.visit(VICTIM_URL)
68
    victim.has_content?('You should be hooked into BeEF.', wait: PAGE_LOAD_TIMEOUT)
69
    # self.save_screenshot(victim, "./")
70
    victim
71
  end
72
end
73

74
Product

Resources

Company
