From 316dd5f30b19c212b435b0cda94b5af8b4826db2 Mon Sep 17 00:00:00 2001
From: Pasi Saarinen <phasip@gmail.com>
Date: Fri, 15 Nov 2024 05:33:21 +0100
Subject: [PATCH 1/2] Fix proxy extension

---
 extensions/proxy/proxy.rb | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/extensions/proxy/proxy.rb b/extensions/proxy/proxy.rb
index 3da8cadc9d..7d397ccb6d 100644
--- a/extensions/proxy/proxy.rb
+++ b/extensions/proxy/proxy.rb
@@ -12,6 +12,7 @@ class Proxy
         HB = BeEF::Core::Models::HookedBrowser
         H = BeEF::Core::Models::Http
         @response = nil
+        @ssl_context = nil
 
         # Multi-threaded Tunneling Proxy: listens on host:port configured in extensions/proxy/config.yaml
         # and forwards requests to the hooked browser using the Requester component.
@@ -20,14 +21,14 @@ def initialize
           @proxy_server = TCPServer.new(@conf.get('beef.extension.proxy.address'), @conf.get('beef.extension.proxy.port'))
 
           # setup proxy for SSL/TLS
-          ssl_context = OpenSSL::SSL::SSLContext.new
+          @ssl_context = OpenSSL::SSL::SSLContext.new
           # ssl_context.ssl_version = :TLSv1_2
 
           # load certificate
           begin
             cert_file = @conf.get('beef.extension.proxy.cert')
             cert = File.read(cert_file)
-            ssl_context.cert = OpenSSL::X509::Certificate.new(cert)
+            @ssl_context.cert = OpenSSL::X509::Certificate.new(cert)
           rescue StandardError
             print_error "[Proxy] Could not load SSL certificate '#{cert_file}'"
           end
@@ -36,17 +37,14 @@ def initialize
           begin
             key_file = @conf.get('beef.extension.proxy.key')
             key = File.read(key_file)
-            ssl_context.key = OpenSSL::PKey::RSA.new(key)
+            @ssl_context.key = OpenSSL::PKey::RSA.new(key)
           rescue StandardError
             print_error "[Proxy] Could not load SSL key '#{key_file}'"
           end
 
-          ssl_server = OpenSSL::SSL::SSLServer.new(@proxy_server, ssl_context)
-          ssl_server.start_immediately = false
-
           loop do
-            ssl_socket = ssl_server.accept
-            Thread.new ssl_socket, &method(:handle_request)
+            socket = @proxy_server.accept
+            Thread.new socket, &method(:handle_request)
           end
         end
 
@@ -69,6 +67,7 @@ def handle_request(socket)
               break if line.strip.empty?
             end
             socket.puts("HTTP/1.0 200 Connection established\r\n\r\n")
+            socket = OpenSSL::SSL::SSLSocket(socket, @ssl_context)
             socket.accept
             print_debug("[PROXY] Handled CONNECT to #{host_port}")
             request_line = socket.readline

From befa4fefc25651f0eaf6ebe30bad222024956544 Mon Sep 17 00:00:00 2001
From: Pasi Saarinen <phasip@gmail.com>
Date: Fri, 15 Nov 2024 07:10:15 +0100
Subject: [PATCH 2/2] Update proxy.rb

---
 extensions/proxy/proxy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/extensions/proxy/proxy.rb b/extensions/proxy/proxy.rb
index 7d397ccb6d..85c353e635 100644
--- a/extensions/proxy/proxy.rb
+++ b/extensions/proxy/proxy.rb
@@ -67,7 +67,7 @@ def handle_request(socket)
               break if line.strip.empty?
             end
             socket.puts("HTTP/1.0 200 Connection established\r\n\r\n")
-            socket = OpenSSL::SSL::SSLSocket(socket, @ssl_context)
+            socket = OpenSSL::SSL::SSLSocket.new(socket, @ssl_context)
             socket.accept
             print_debug("[PROXY] Handled CONNECT to #{host_port}")
             request_line = socket.readline