Merge branch 'master' of https://github.com/beefproject/beef

extensions/admin_ui/controllers/modules/modules.rb

@@ -327,29 +327,11 @@ class Modules < BeEF::Extension::AdminUI::HttpController
     if(dynamic_modules != nil)
          all_modules = BeEF::Core::Models::CommandModule.all(:order => [:id.asc])
          all_modules.each{|dyn_mod|
-         next if !dyn_mod.path.split('/').first.match(/^Dynamic/)
-
-         hook_session_id = @params['zombie_session'] || nil
-         (print_error "hook_session_id is nil";return) if hook_session_id.nil?
-
-          dyn_mod_name = dyn_mod.path.split('/').last
-          dyn_mod_category = nil
-          if(dyn_mod_name == "Msf")
-             dyn_mod_category = "Metasploit"
-          else
-             # future dynamic modules...
-          end
-
-          print_debug ("Loading Dynamic command module: category [#{dyn_mod_category}] - name [#{dyn_mod.name.to_s}]")
-          command_mod = BeEF::Modules::Commands.const_get(dyn_mod_name.capitalize).new
-          command_mod.session_id = hook_session_id
-          command_mod.update_info(dyn_mod.id)
-          command_mod_name = command_mod.info['Name'].downcase
-
-          # create url path and file for the command module icon
-          #command_module_status = set_command_module_status(command_mod)
-          command_module_status = BeEF::Core::Constants::CommandModule::VERIFIED_UNKNOWN
-          command_module_icon_path = set_command_module_icon(command_mod)
+         next if !dyn_mod.path.split('/')[1].match(/^metasploit/)
+         command_mod_name = dyn_mod["name"]
+         dyn_mod_category = "Metasploit"
+         command_module_status = set_command_module_status(command_mod_name)
+         command_module_icon_path = set_command_module_icon(command_module_status)
 
          update_command_module_tree(tree, dyn_mod_category, command_module_icon_path, command_module_status, command_mod_name,dyn_mod.id)
        }

extensions/metasploit/api.rb

@@ -48,6 +48,27 @@ module BeEF
                     #m.split('/')[0...-1].each{|c|
                     #    categories.push(c.capitalize)
                     #}
+
+                    if m_details['description'] =~ /Java|JVM|flash|Adobe/i
+                      target_browser = {BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY => ["ALL"]}
+                    elsif m_details['description'] =~ /IE|Internet\s+Explorer/i
+                      target_browser = {BeEF::Core::Constants::CommandModule::VERIFIED_WORKING => ["IE"]}
+                    elsif m_details['description'] =~ /Firefox/i
+                      target_browser = {BeEF::Core::Constants::CommandModule::VERIFIED_WORKING => ["FF"]}
+                    elsif m_details['description'] =~ /Chrome/i
+                      target_browser = {BeEF::Core::Constants::CommandModule::VERIFIED_WORKING => ["C"]}
+                    elsif m_details['description'] =~ /Safari/i
+                      target_browser = {BeEF::Core::Constants::CommandModule::VERIFIED_WORKING => ["S"]}
+                    elsif m_details['description'] =~ /Opera/i
+                      target_browser = {BeEF::Core::Constants::CommandModule::VERIFIED_WORKING => ["O"]}
+                    end
+                    #TODO:
+                    #  - Add support for detection of target OS
+                    #  - Add support for detection of target services (e.g. java, flash, silverlight, ...etc)
+                    #  - Add support for multiple target browsers as currently only 1 browser will match or all
+
+
+
                     msf_module_config[key] = {
                         'enable'=> true,
                         'msf'=> true,
@@ -57,7 +78,8 @@ module BeEF
                         'description'=> m_details['description'],
                         'authors'=> m_details['references'],
                         'path'=> path,
-                        'class'=> 'Msf_module'
+                        'class'=> 'Msf_module',
+                        'target'=> target_browser
                     }
                     BeEF::API::Registrar.instance.register(BeEF::Extension::Metasploit::API::MetasploitHooks, BeEF::API::Module, 'get_options', [key])
                     BeEF::API::Registrar.instance.register(BeEF::Extension::Metasploit::API::MetasploitHooks, BeEF::API::Module, 'get_payload_options', [key, nil])

modules/social_engineering/firefox_extension_bindshell/config.yaml

@@ -7,7 +7,7 @@ beef:
     module:
         firefox_extension_bindshell:
             enable: true
-            category: ["Exploits", "Local Host"]
+            category: ["Social Engineering"]
             name: "Firefox Extension (Bindshell)"
             description: "Create on the fly a malicious Firefox extension that binds a shell to a specified port.<br/><br/>The extension is based on the original work from Michael Schierl and his Metasploit module, and joev's Firefox payloads for Metasploit."
             authors: ["antisnatchor", "bcoles"]

modules/social_engineering/firefox_extension_bindshell/module.rb

@@ -38,7 +38,7 @@ class Firefox_extension_bindshell < BeEF::Core::Command
        end
     end
 
-    mod_path = "#{$root_dir}/modules/exploits/local_host/firefox_extension_bindshell"
+    mod_path = "#{$root_dir}/modules/social_engineering/firefox_extension_bindshell"
     extension_path = mod_path + "/extension"
 
     # clean the build directory
@@ -65,7 +65,7 @@ class Firefox_extension_bindshell < BeEF::Core::Command
 
     # mount the extension in the BeEF web server, calling a specific nested class (needed because we need a specific content-type/disposition)
     bind_extension = Firefox_extension_bindshell::Bind_extension
-    bind_extension.set :extension_path, "#{$root_dir}/modules/exploits/local_host/firefox_extension_bindshell/extension/#{@xpi_name}.xpi"
+    bind_extension.set :extension_path, "#{$root_dir}/modules/social_engineering/firefox_extension_bindshell/extension/#{@xpi_name}.xpi"
     BeEF::Core::Server.instance.mount("/#{@xpi_name}.xpi", bind_extension.new)
     BeEF::Core::Server.instance.remap
   end

modules/social_engineering/firefox_extension_dropper/config.yaml

@@ -7,7 +7,7 @@ beef:
     module:
         firefox_extension_dropper:
             enable: true
-            category: ["Exploits", "Local Host"]
+            category: ["Social Engineering"]
             name: "Firefox Extension (Dropper)"
             description: "Create on the fly a malicious Firefox extension that embeds a dropper you can specify (add it to the 'dropper' directory). <br/><br/> The extension is based on the original work from Michael Schierl and his Metasploit module."
             authors: ["antisnatchor"]

modules/social_engineering/firefox_extension_dropper/module.rb

@@ -35,7 +35,7 @@ class Firefox_extension_dropper < BeEF::Core::Command
        end
     end
 
-    mod_path = "#{$root_dir}/modules/exploits/local_host/firefox_extension_dropper"
+    mod_path = "#{$root_dir}/modules/social_engineering/firefox_extension_dropper"
     extension_path = mod_path + "/extension"
 
     # clean the build directory
@@ -75,7 +75,7 @@ class Firefox_extension_dropper < BeEF::Core::Command
 
     # mount the extension in the BeEF web server, calling a specific nested class (needed because we need a specifi content-type/disposition)
     bind_extension = Firefox_extension_dropper::Bind_extension
-    bind_extension.set :extension_path, "#{$root_dir}/modules/exploits/local_host/firefox_extension_dropper/extension/#{@xpi_name}.xpi"
+    bind_extension.set :extension_path, "#{$root_dir}/modules/social_engineering/firefox_extension_dropper/extension/#{@xpi_name}.xpi"
     BeEF::Core::Server.instance.mount("/#{@xpi_name}.xpi", bind_extension.new)
     BeEF::Core::Server.instance.remap
   end

modules/social_engineering/firefox_extension_reverse_shell/config.yaml

@@ -7,7 +7,7 @@ beef:
     module:
         firefox_extension_reverse_shell:
             enable: true
-            category: ["Exploits", "Local Host"]
+            category: ["Social Engineering"]
             name: "Firefox Extension (Reverse Shell)"
             description: "Create on the fly a malicious Firefox extension that makes a reverse shell connection to a specified host:port.<br/><br/>The extension is based on the original work from Michael Schierl and his Metasploit module, and joev's Firefox payloads for Metasploit."
             authors: ["antisnatchor", "bcoles"]

modules/social_engineering/firefox_extension_reverse_shell/module.rb

@@ -41,7 +41,7 @@ class Firefox_extension_reverse_shell < BeEF::Core::Command
        end
     end
 
-    mod_path = "#{$root_dir}/modules/exploits/local_host/firefox_extension_reverse_shell"
+    mod_path = "#{$root_dir}/modules/social_engineering/firefox_extension_reverse_shell"
     extension_path = mod_path + "/extension"
 
     # clean the build directory
@@ -68,7 +68,7 @@ class Firefox_extension_reverse_shell < BeEF::Core::Command
 
     # mount the extension in the BeEF web server, calling a specific nested class (needed because we need a specific content-type/disposition)
     bind_extension = Firefox_extension_reverse_shell::Bind_extension
-    bind_extension.set :extension_path, "#{$root_dir}/modules/exploits/local_host/firefox_extension_reverse_shell/extension/#{@xpi_name}.xpi"
+    bind_extension.set :extension_path, "#{$root_dir}/modules/social_engineering/firefox_extension_reverse_shell/extension/#{@xpi_name}.xpi"
     BeEF::Core::Server.instance.mount("/#{@xpi_name}.xpi", bind_extension.new)
     BeEF::Core::Server.instance.remap
   end