-
Notifications
You must be signed in to change notification settings - Fork 3
/
beef_web_clone
executable file
·173 lines (132 loc) · 3.73 KB
/
beef_web_clone
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
#!/usr/bin/env bash
# BeEF/beef_web_clone
# beef_web_clone
# Clone sites using BeEF
set -euo pipefail
# -e exit if any command returns non-zero status code
# -u prevent using undefined variables
# -o pipefail force pipelines to fail on first non-zero status code
### Define Colours ###
tput sgr0;
# reset colors
readonly RESET=$(tput sgr0);
readonly BOLD=$(tput bold);
readonly RED=$(tput setaf 1);
readonly GREEN=$(tput setaf 64);
readonly BLUE=$(tput setaf 33);
readonly YELLOW=$(tput setaf 136);
### END Colours ###
# Define output messages
FATAL="${RED}[FATAL]${RESET}"
# WARNING="${YELLOW}[WARNING]${RESET}"
PASS="${GREEN}[PASS]${RESET}"
INFO="${BLUE}[INFO]${RESET}"
function usage {
echo -e "\\nClone sites with BeEF\\n"
echo "Usage: ./beef_web_clone [OPTIONS] -P {password} site_to_clone"
echo -e "\\n -P password: BeEF server password"
echo " -u username: BeEF server username (${BOLD}default: beef${RESET})"
echo " -i beef_ip: BeEF server IP address (${BOLD}default: 127.0.0.1${RESET})"
echo " -p beef_port: BeEF server port (${BOLD}default: 3000${RESET})"
echo " -m mount_point: URL to mount page on (${BOLD}default: /${RESET})"
echo -e " -v Debug mode: set -x\\n"
return 1
}
function get_api_token {
echo -e "${INFO} Getting API token"
# shellcheck disable=SC2086
api_token=$(curl -s -H "Content-Type: application/json" \
-d '{"username":"'${username}'", "password":"'${password}'"}' \
-X POST "http://${beef_ip}:${beef_port}/api/admin/login" \
| awk -F '"' '{print $6}')
# HTTP hack
if [ -z "${api_token}" ]; then
echo "${FATAL} Failed to get API token"
echo "${INFO} Check BeEF is running"
echo "${INFO} Check BeEF username/password"
echo "${INFO} Check BeEF ip and port are correct"
return 1
else
echo -e "${PASS} Successfully got API token"
return 0
fi
}
function clone_site {
local api_result
local api_status
echo "${INFO} Attemping to clone http://${site_to_clone}"
# shellcheck disable=SC2086
api_result=$(curl -s -H "Content-Type: application/json; charset=UTF-8" \
-d '{"url":"'http://${site_to_clone}'", "mount":"'${mount_point}'"}' \
-X POST "http://${beef_ip}:${beef_port}/api/seng/clone_page?token=${api_token}")
# HTTP hack
api_status=$(echo "${api_result}" | \
awk -F '"' '{print $2}')
if [[ "${api_status}" == "success" ]]; then
echo "${PASS} Successfully cloned http://${site_to_clone} to http://${beef_ip}:${beef_port}${mount_point}"
# HTTP hack
return 0
else
echo "${FATAL} Failed to clone ${site_to_clone}"
echo "${INFO} Is site_to_clone URL correct?"
echo "${INFO} http(s):// should be omitted e.g -s hacksoc.co.uk"
return 1
fi
}
function main {
local cmd=${1:-""}
api_token=""
site_to_clone=""
password=""
debug="False"
# Set some defaults
username="beef"
beef_ip="127.0.0.1"
beef_port="3000"
mount_point="/"
while getopts hP:u:i:p:m:v option
do
case "${option}"
in
h)
usage
;;
P)
password=${OPTARG}
;;
u)
username=${OPTARG}
;;
i)
beef_ip=${OPTARG}
;;
p)
beef_port=${OPTARG}
;;
m)
mount_point=${OPTARG}
;;
v)
debug="debug"
;;
\?)
usage
;;
esac
done
site_to_clone=${*:$OPTIND:1}
if [ -z "${cmd}" ]; then
usage
elif [ -z "${password}" ]; then
echo "${FATAL} password parameter required"
usage
elif [ -z "${site_to_clone}" ]; then
echo "${FATAL} No site_to_clone specified"
usage
elif [[ "${debug}" == "debug" ]]; then
set -x
fi
get_api_token
clone_site
}
main "$@"