CORS Scanner Module: ActiveModel::UnknownAttributeError

[zinduolis]

First Steps

1. Confirmed issue not posted previously.
2. Confirmed wiki does not contain answers.
3. Checking FAQ.
4. BeEF Version: Latest
5. Ruby Version: 3.2.3
6. Browser Details: Firefox (Linux)
7. Operating System: Linux

Configuration

1. BeEF configuration changes? No
2. Enabled/disabled extensions? No

Steps to Reproduce

1. Start BeEF server
2. Hook a browser (Firefox)
3. Start a CORS-enabled test server on port 8080:

   python3 -c "
   from http.server import HTTPServer, SimpleHTTPRequestHandler
   class CORSHandler(SimpleHTTPRequestHandler):
       def end_headers(self):
           self.send_header('Access-Control-Allow-Origin', '*')
           super().end_headers()
   HTTPServer(('127.0.0.1', 8080), CORSHandler).serve_forever()
   "

4. Execute Cross-Origin Scanner (CORS) module with:
   • Scan IP range: 127.0.0.1-127.0.0.1
   • Ports: 8080

Error Description

The module crashes the BeEF server thread with an ActiveModel::UnknownAttributeError when attempting to save scan results to the database.

Console Error

ActiveModel::UnknownAttributeError: unknown attribute 'type' for BeEF::Core::Models::NetworkService.

NoMethodError: undefined method `type=' for #<BeEF::Core::Models::NetworkService id: nil, hooked_browser_id: 0, proto: "http", ip: "127.0.0.1", port: "8080", ntype: nil>
Did you mean?  ntype=

Root Cause

The module's post_execute method in module.rb:24 attempts to create a NetworkService record using an attribute called type, but the model only has an attribute called ntype.

[github-actions]

This issue as been marked as stale due to inactivity and will be closed in 7 days