From 61d0bf2e145e5d0ec3932e721dc967650aa83fd8 Mon Sep 17 00:00:00 2001 From: bcoles Date: Fri, 1 Feb 2013 01:22:45 +1030 Subject: [PATCH] Add beef.browser.hasActiveX() Add modules/browser/detect_activex module Fix issue #832 --- core/main/client/browser.js | 9 ++++++++- modules/browser/detect_activex/command.js | 14 ++++++++++++++ modules/browser/detect_activex/config.yaml | 16 ++++++++++++++++ modules/browser/detect_activex/module.rb | 14 ++++++++++++++ 4 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 modules/browser/detect_activex/command.js create mode 100644 modules/browser/detect_activex/config.yaml create mode 100644 modules/browser/detect_activex/module.rb diff --git a/core/main/client/browser.js b/core/main/client/browser.js index d5ff7c7bb..c82ca82d5 100644 --- a/core/main/client/browser.js +++ b/core/main/client/browser.js @@ -976,7 +976,7 @@ beef.browser = { var has_phonegap = (beef.browser.hasPhonegap())? "Yes" : "No"; var has_googlegears=(beef.browser.hasGoogleGears())? "Yes":"No"; var has_web_socket=(beef.browser.hasWebSocket())? "Yes":"No"; - var has_activex = (typeof(window.ActiveXObject) != "undefined") ? "Yes":"No"; + var has_activex = (beef.browser.hasActiveX())? "Yes":"No"; var has_session_cookies = (beef.browser.cookie.hasSessionCookies("cookie"))? "Yes":"No"; var has_persistent_cookies = (beef.browser.cookie.hasPersistentCookies("cookie"))? "Yes":"No"; @@ -1010,6 +1010,13 @@ beef.browser = { return details; }, + /** + * Returns boolean value depending on whether the browser support ActiveX + */ + hasActiveX: function() { + return (typeof(window.ActiveXObject) != "undefined"); + }, + /** * Returns array of results, whether or not the target zombie has visited the specified URL */ diff --git a/modules/browser/detect_activex/command.js b/modules/browser/detect_activex/command.js new file mode 100644 index 000000000..5db6fc0f1 --- /dev/null +++ b/modules/browser/detect_activex/command.js @@ -0,0 +1,14 @@ +// +// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +// Browser Exploitation Framework (BeEF) - http://beefproject.com +// See the file 'doc/COPYING' for copying permission +// + +beef.execute(function() { + + var result = (beef.browser.hasActiveX())? "Yes" : "No"; + + beef.net.send("<%= @command_url %>", <%= @command_id %>, "activex="+result); + +}); + diff --git a/modules/browser/detect_activex/config.yaml b/modules/browser/detect_activex/config.yaml new file mode 100644 index 000000000..cacbda562 --- /dev/null +++ b/modules/browser/detect_activex/config.yaml @@ -0,0 +1,16 @@ +# +# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +beef: + module: + detect_activex: + enable: true + category: "Browser" + name: "Detect ActiveX" + description: "This module will check if the browser has ActiveX support." + authors: ["bcoles"] + target: + user_notify: ["IE"] + not_working: ["All"] diff --git a/modules/browser/detect_activex/module.rb b/modules/browser/detect_activex/module.rb new file mode 100644 index 000000000..29ffcf708 --- /dev/null +++ b/modules/browser/detect_activex/module.rb @@ -0,0 +1,14 @@ +# +# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +class Detect_activex < BeEF::Core::Command + + def post_execute + content = {} + content['activex'] = @datastore['activex'] + save content + end + +end