Review WebSockets command and control channel

[bcoles]

The WebSockets command and control channel was added more than 10 years ago. Very little maintenance has been performed. There is significant room for improvement and many bugs. It is effectively unusable in its current state.

• [WebSocket] Error: Must be GET request #2768
• Event logger is broken when WebSockets are used for comms #1570
• WebSocket: web socket server should use the same port as the XHR server #2147

There are also many TODOs:

beef/core/main/network_stack/websocket/websocket.rb

Lines 124 to 133 in eb5959a

	# This will happen if you reset BeEF database (./beef -x),
	# and existing zombies try to connect. These zombies will be ignored,
	# as they are unknown and presumed invalid.
	#
	# @todo: consider fixing this. add zombies instead of ignoring them
	# and report "Hooked browser X appears to have come back online"
	if hooked_browser.nil?
	# print_error "Could not find zombie with ID #{msg_hash['alive']}"
	next
	end

beef/core/main/network_stack/websocket/websocket.rb

Lines 152 to 158 in eb5959a

	# @todo antisnatchor:
	# @todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions
	# Check if new forged requests need to be sent (Requester/TunnelingProxy)
	if @@config.get('beef.extension.requester.loaded')
	dhook = BeEF::Extension::Requester::API::Hook.new
	dhook.requester_run(hooked_browser, '')
	end

beef/core/main/client/websocket.js

Lines 81 to 97 in eb5959a

	/**
	* Polling mechanism, to notify the BeEF server that the browser is still hooked,
	* and the WebSocket channel still alive.
	* todo: there is probably a more efficient way to do this. Double-check WebSocket API.
	*/
	alive: function (){
	try {
	if (beef.logger.running) {
	beef.logger.queue();
	}
	} catch(err){}
	beef.net.flush();
	beef.websocket.send('{"alive":"'+beef.session.get_hook_session_id()+'"}');
	setTimeout("beef.websocket.alive()", parseInt(beef.websocket.ws_poll_timeout));
	}