BeEF中文文档BeEF RESTful API
介绍
从0.4.3.3版开始,BeEF公开RESTful API。这允许用户通过HTTP / JSON请求编写BeEF脚本。
认证方式
每次BeEF启动时,都会使用生成一个新的伪随机令牌BeEF:: Core:: Crypto::api_token。令牌已添加到BeEF::Configuration对象。
当BeEF启动时,令牌将打印到控制台。它看起来应该像这样:
[16:02:47][*] RESTful API key: 320f3cf4da7bf0df7566a517c5db796e73a23f47
注意:
- 如果您需要访问令牌,并且您正在BeEF中的某个地方编写Ruby代码,则可以使用以下命令调用它:
BeEF::Core::Configuration.instance.get('beef.api_token')
从API请求身份验证令牌
处理程序
终点
- POST /api/admin/login
描述
- 为了使用API,token必须始终将参数添加到请求中,否则将返回401错误(未授权)。该请求提供了该令牌作为响应。
- 在请求正文中发送的凭据是在主config.yaml文件中设置的凭据。
索取组件
- 不适用
查询参数
- 不适用
请求内容
Body
username- 用户名设置password- 密码设置
例
请求
curl -H "Content-Type: application/json" -X POST -d '{"username":"beef", "password":"beef"}' http://127.0.0.1:3000/api/admin/login响应
response: {"success":true,"token":"8dc651e5ee1cb06003878bb26bd0e72800caeea0"}挂钩的浏览器
处理程序
终点
- GET /api/hooks?token={token}
描述
- 提供有关所有挂钩的浏览器(在线和离线)的信息(浏览器和操作系统版本,Cookie,已启用的插件等)。
索取组件
- 不适用
查询参数
- {token}-您的身份验证令牌(请参阅Authentication)
例
请求
curl http://beefserver.com:3000/api/hooks?token=320f3cf4da7bf0df7566a517c5db796e73a23f47
响应
{
"hooked-browsers": {
"online": {
"0": {
"name": "FF",
"version": "10",
"os": "Intel Mac OS X 10.7",
"platform": "MacIntel",
"session": "nBK3BGBILYD0bNMC1IH299oDbZXNNXKfwMEoDwajmItAHhhhe8LLnEPvO3wFjg1rO4PzXsBbUAK1V0gk",
"ip": "127.0.0.1",
"domain": "127.0.0.1",
"port": "3000",
"page_uri": "http://127.0.0.1:3000/demos/basic.html"
}
},
"offline": {
"0": {
"name": "C",
"version": "17",
"os": "Macintosh",
"platform": "MacIntel",
"session": "26bxiMKoFfOeBgcvIV84qeOsEULKQIEYDH4djMbMPeoAZU4yySMIlJJ7GrAMwuMa0eX9wCKk24KOsCoT",
"ip": "127.0.0.1",
"domain": "127.0.0.1",
"port": "3000",
"page_uri": "http://127.0.0.1:3000/demos/basic.html"
}}}}浏览器详细资料
处理程序
终点
- GET /api/hooks/{session}?token={token}
描述
- 提供有关特定挂钩浏览器的信息(浏览器和操作系统版本,Cookie,已启用的插件等)。
索取组件
- {session}-挂钩的浏览器的会话ID。此ID是在session_key对/api/hooks请求的响应中返回的值。
查询参数
- {token}-您的身份验证令牌
例
请求
curl http://beefserver.com:3000/api/hooks/nBK3BGBILYD0bNMC1IH299oDbZXNNXKfwMEoDwajmItAHhhhe8LLnEPvO3wFjg1rO4PzXsBbUAK1V0gk?token=320f3cf4da7bf0df7566a517c5db796e73a23f47响应
{
"BrowserName": "O",
"BrowserPlugins": "Shockwave Flash\nJava Applet Plug-in\nQuickTime Plug-in 7.7.1\nSharePoint Browser Plug-in\nSilverlight Plug-In\nWebEx64 General Plugin Container",
"BrowserReportedName": "Opera/9.80 (Macintosh; Intel Mac OS X 10.7.3; U; en) Presto/2.10.229 Version/11.62",
"BrowserType": "{"O11":true,"O":true}",
"BrowserVersion": "11",
"Cookies": "BEEFHOOK=nBK3BGBILYD0bNMC1IH299oDbZXNNXKfwMEoDwajmItAHhhhe8LLnEPvO3wFjg1rO4PzXsBbUAK1V0gk",
"HasActiveX": "No",
"HasFlash": "Yes",
"HasGoogleGears": "No",
"HasWebSocket": "No",
"HostName": "127.0.0.1",
"JavaEnabled": "Yes",
"OsName": "Macintosh",
"PageReferrer": "No Referrer",
"PageTitle": "BeEF Basic Demo",
"PageURI": "http://127.0.0.1:3000/demos/basic.html",
"ScreenParams": "{"width"=>1680, "height"=>1050, "colordepth"=>32}",
"SystemPlatform": "MacIntel",
"VBScriptEnabled": "No",
"WindowSize": "{"width"=>1000, "height"=>729}",
"hasPersistentCookies": "Yes",
"hasSessionCookies": "Yes"
}日志
处理程序
终点
- GET/api/logs?token={token}
描述
- 该
logs处理程序提供有关所有挂钩的浏览器日志的信息,包括全局日志和相对日志。
请求组件
- 不适用
查询参数
请求
curl http://beefserver.com:3000/api/logs?token=320f3cf4da7bf0df7566a517c5db796e73a23f47`响应
{
"logs_count": 8,
"logs": [
{
"id": 1,
"date": "2012-03-20T16:14:11+01:00",
"event": "127.0.0.1 just joined the horde from the domain: 127.0.0.1:3000",
"type": "Zombie"
},
{
"id": 8,
"date": "2012-03-20T16:18:27+01:00",
"event": "19.092s - [Focus] Browser has regained focus.",
"type": "Event"
}
]
}浏览器日志
处理程序
终点
- GET /api/logs/{session}?token={token}
描述
- 该logs处理器提供了有关信息指定钩浏览器的日志。
请求组件:
请求
curl http://beefserver.com:3000/api/logs/nBK3BGBILYD0bNMC1IH299oDbZXNNXKfwMEoDwajmItAHhhhe8LLnEPvO3wFjg1rO4PzXsBbUAK1V0gk?token=320f3cf4da7bf0df7566a517c5db796e73a23f47`响应
{
"logs_count": 13,
"logs": [
{
"id": 1,
"date": "2012-03-20T16:14:11+01:00",
"event": "127.0.0.1 just joined the horde from the domain: 127.0.0.1:3000",
"type": "Zombie"
},
{
"id": 16,
"date": "2012-03-20T16:40:18+01:00",
"event": "6.071s - [User Typed] "an" > input#imptxt(Important Text)",
"type": "Event"
},
{
"id": 17,
"date": "2012-03-20T16:40:19+01:00",
"event": "7.086s - [User Typed] "tisnatc" > input#imptxt(Important Text)",
"type": "Event"
},
{
"id": 18,
"date": "2012-03-20T16:40:20+01:00",
"event": "8.099s - [User Typed] "hor" > input#imptxt(Important Text)",
"type": "Event"
}
]
}
推荐文章: