Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proxy extension broken #3219

Open
Phasip opened this issue Nov 15, 2024 · 1 comment
Open

Proxy extension broken #3219

Phasip opened this issue Nov 15, 2024 · 1 comment
Assignees
Labels

Comments

@Phasip
Copy link

Phasip commented Nov 15, 2024

Summary

Beef has a proxy extension which runs a HTTP proxy on port 6789 which is supposed to tunnel traffic through a zombie. (Ref https://github.com/beefproject/beef/wiki/Tunneling )

The proxy extension on port 6789 has been reported broken in multiple issues, however the issues have been closed.

#3029
#2973
#2679
#2567

The issue is related to how the proxy extension attempts to read data from an SSLSocket before a handshake has been made.

How to Reproduce

Launch beef on localhost port 3000, hook a browser on localhost (tested on firefox linux), right click browser and select "Use as proxy" now run: http_proxy=http://localhost:6789 curl http://localhost:3000/

Errror

#<Thread:0x00007cfba10dc180 /beef/extensions/proxy/proxy.rb:53 run> terminated with exception (report_on_exception is true):
/usr/local/lib/ruby/3.2.0/openssl/buffering.rb:80:in `sysread': SSL session is not started yet (OpenSSL::SSL::SSLError)
	from /usr/local/lib/ruby/3.2.0/openssl/buffering.rb:80:in `fill_rbuff'
	from /usr/local/lib/ruby/3.2.0/openssl/buffering.rb:332:in `eof?'
	from /usr/local/lib/ruby/3.2.0/openssl/buffering.rb:285:in `readline'
	from /beef/extensions/proxy/proxy.rb:55:in `handle_request'

@stephenakq
Copy link
Collaborator

Thank you for reporting this issue. The proxy extension has been a recurring topic, and we acknowledge the challenges with its current implementation, especially with SSLSocket handling. However, due to bandwidth constraints, addressing this fix is currently a low priority.

Contributions or pull requests addressing this issue are welcome and appreciated in the meantime.

Thanks for understanding

@stephenakq stephenakq self-assigned this Nov 24, 2024
@stephenakq stephenakq added the Low label Nov 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants