Skip to content
Browse files

Fix issue #723. Added amin_ui authenticated endpoints that returns th…

…e RESTful api token. useful when calling the Restful api from ExtJS
  • Loading branch information...
1 parent bfa2e6d commit 6188fe4be9db89c4a43f84e0b4d0bab77ddf0cbf @antisnatchor antisnatchor committed
Showing with 12 additions and 0 deletions.
  1. +12 −0 extensions/admin_ui/controllers/modules/modules.rb
View
12 extensions/admin_ui/controllers/modules/modules.rb
@@ -28,6 +28,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
def initialize
super({
'paths' => {
+ '/getRestfulApiToken.json' => method(:get_restful_api_token),
'/select/commandmodules/all.json' => method(:select_all_command_modules),
'/select/commandmodules/tree.json' => method(:select_command_modules_tree),
'/select/commandmodule.json' => method(:select_command_module),
@@ -43,6 +44,17 @@ def initialize
@session = BeEF::Extension::AdminUI::Session.instance
end
+
+ # @note Returns the RESTful api key. Authenticated call, so callable only
+ # from the admin UI after successful authentication (cookie).
+ # -> http://127.0.0.1:3000/ui/modules/getRestfulApiToken.json
+ # response
+ # <- {"token":"800679edbb59976935d7673924caaa9e99f55c32"}
+ def get_restful_api_token
+ @body = {
+ 'token' => BeEF::Core::Configuration.instance.get("beef.api_token")
+ }.to_json
+ end
# Returns a JSON array containing the summary for a selected zombie.
def select_zombie_summary

0 comments on commit 6188fe4

Please sign in to comment.
Something went wrong with that request. Please try again.