Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Review all command module config file descirptions and authors #2287

Open
bcoles opened this issue Jan 24, 2022 · 1 comment
Open

Review all command module config file descirptions and authors #2287

bcoles opened this issue Jan 24, 2022 · 1 comment

Comments

@bcoles
Copy link
Collaborator

bcoles commented Jan 24, 2022

Command module configuration files define various module properties, including module authors.

Example:

#
# Copyright (c) 2006-2022 Wade Alcorn - [email protected]
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
beef:
module:
alert_dialog:
enable: true
category: ["Browser", "Hooked Domain"]
name: "Create Alert Dialog"
description: "Sends an alert dialog to the hooked browser."
authors: ["wade", "bm"]
target:
user_notify: ["All"]

Historically, the module authors included only those who worked on the module in some way.

However, in instances where we wanted to give credit to other people (such as for discovery of a bug, a proof of concept, or development of a technique), this information was usually shoved into the issue descriptions, sometimes with associated reference URLs (#2286), rather than including the person in the authors key. Example:

#
# Copyright (c) 2006-2022 Wade Alcorn - [email protected]
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
beef:
module:
invisible_htmlfile_activex:
enable: true
category: "Persistence"
name: "Invisible HTMLFile (ActiveX)"
description: "This module uses a <i>HTMLFile</i> ActiveX object to create an invisible HTML document containing a BeEF hook. The hook persists until the tab is closed. Internet Explorer only.<br/><br/> Based on <a href='https://www.brokenbrowser.com/zombie-alert/'>research</a> by <a href='https://twitter.com/magicmac2000'>@MagicMac2000</a>."
authors: ["bcoles", "@MagicMac2000"]
target:
working:
IE:
min_ver: 11
max_ver: latest
not_working: ["All"]

This is an incredibly ham-fisted approach. The YAML file format supports new lines between array elements and supports trailing comments. I suggest we take a page out of Metasploit's book, but attributing all people associated with the module and elaborate in trailing comments. modules/exploits/windows/smb/cve_2020_0796_smbghost.rb example from Metasploit:

        'Author' => [
          'hugeh0ge', # Ricerca Security research, detailed technique description
          'chompie1337', # PoC on which this module is based
          'Spencer McIntyre', # msf module
        ],

Metasploit takes the opposite approach to academia. That is, in academia, the lead author's name is first, and other authors follow. Where as Metasploit is the inverse. Someone who discovers a bug is attributed first, with the Metasploit author attributed next. I could not care less.

Even when someone had nothing to do with developing a module, it is still nice to offer credit.

Additionally, the admin web ui should print the authors when displaying module information.

@bcoles bcoles changed the title Review all command module config file authors Review all command module config file descirptions and authors Jan 24, 2022
@DeezyE
Copy link
Contributor

DeezyE commented Jan 24, 2022

Yeah I love this change. Adding it to the UI is also a great touch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants