Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix proxy extension #3220

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fix proxy extension #3220

wants to merge 2 commits into from
+7 −8

Conversation

Phasip
Copy link

@Phasip Phasip commented Nov 15, 2024
edited
Loading

Category

Bug fix

Feature/Issue Description

Issue described here: #3219

Test Cases

Launch beef on 127.0.0.1 port 3000, hook a browser on 127.0.0.1 (tested on firefox linux), right click browser and select "Use as proxy" now run: http_proxy=http://127.0.0.1:6789 curl http://127.0.0.1:3000/

To test https proxying first run:
openssl s_server -key beef_key.pem -cert beef_cert.pem -accept 4433 -www
Then
http_proxy=http://127.0.0.1:6789 curl -k https://127.0.0.1:4433/

(Note if you get Unsupported response code in HTTP response your browser is likely hooked to localhost and you try to access 127.0.0.1 in such cases the proxy returns

HTTP/1.1 -1

ERROR: Cross Domain Request. The request was sent however it is impossible to view the response.

Which we might want to fix to be visible in curl by using proper status codes and error messages.)

Both return expected website data.

Rake results:

bundle exec rake
...
Pending: (Failures listed here are expected and do not affect your suite's status)

  1) BeEF Extension Social Engineering when wget exists clone web page
     # Temporarily skipped with xit
     # ./spec/beef/extensions/social_engineering_spec.rb:22

  2) BeEF Extension WebSockets confirms that a websocket client can connect to the BeEF Websocket Server
     # Temporarily skipped with xit
     # ./spec/beef/extensions/websocket_spec.rb:35

  3) BeEF Extension Requester requester works
     # Temporarily skipped with xit
     # ./spec/beef/extensions/requester_spec.rb:25


Finished in 2.33 seconds (files took 1.11 seconds to load)
131 examples, 0 failures, 3 pending

Technical issue and solution

The previous version relied on the fact that ruby allowed reading raw data from the SSLSocket before the handshake. This was used to initialize the proxy in plain text and then only perform a ssl/tls handshake if a CONNECT method was used by the client. (note socket.accept for a SSLSocket means "perform ssl/tls handshake").

This does not work anymore so instead we use a regular TCP server up until the point where SSLSocket is actually needed.

@Phasip Phasip temporarily deployed to Integrate Pull Request November 15, 2024 04:53 — with GitHub Actions Inactive
@Phasip Phasip temporarily deployed to Integrate Pull Request November 15, 2024 06:12 — with GitHub Actions Inactive
@Phasip
Copy link
Author

Phasip commented Nov 15, 2024

One note after trying this on a larger site, the proxy has multiple other issues such as:

  • causing utf8 encoding errors in request/response
  • infinite loop waiting for a reply
  • sometimes headers is nil causing an exception

So, while this should improve the state of the extension, it is still not really good.

@github-actions GitHub Actions
Copy link
Contributor

Stale pull request message

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
no-pr-activity
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Phasip