moved and renamed the Yokoso-like module to recon -> InternalNetworkFingerprinting

git-svn-id: https://beef.googlecode.com/svn/trunk@978 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
2011-05-19 12:02:23 +00:00
parent f70bc8d8bd
commit 66a90cac76
5 changed files with 79 additions and 82 deletions
--- a/modules/network/detect_local_settings/config.yaml
+++ b/modules/network/detect_local_settings/config.yaml
@@ -8,13 +8,4 @@ beef:
            authors: ["pdp", "wade", "bm"]
            target:
                working: ["FF", "C"]
-                not_working: ["IE"]
-        fingerprint_local_network:
-            enable: false 
-            category: "Network"
-            name: "Fingerprint local network"
-            description: "Scan common local network IP addresses for embedded devices."
-            authors: ["bcoles@gmail.com", "wade"]
-            target:
-                user_notify: ["FF", "IE"]
-                not_working: ["O"]
+                not_working: ["IE"]
--- a/modules/network/detect_local_settings/fingerprint_local_network.rb
+++ b/modules/network/detect_local_settings/fingerprint_local_network.rb
@@ -1,70 +0,0 @@
-module BeEF
-module Modules
-module Commands
-#
-# Fingerprint local network module
-# This module attempts to fingerprint embedded devices within the zombies'
-# local network. It does this by loading images on common local network
-# IP addresses then matching the image width, height and path to those
-# for a known device.
-#
-# TODO #
-#
-# Add IPv6 support
-# Add HTTPS support
-# -  Devices with invalid certs are blocked by IE and FF by default
-# Improve stealth
-# -  Load images with CSS "background:" CSS to avoid http auth login popups
-# Improve speed
-# -  Make IP addresses a user-configurable option rather than a hard-coded list
-# -  Detect local ip range first - using browser history and/or with java
-#    - History theft via CSS history is patched in modern browsers.
-#    - Local IP theft with Java is slow and may fail
-
-
-class Fingerprint_local_network < BeEF::Core::Command
-  
-  def initialize
-    super({
-      'Name' => 'Fingerprint local network',
-      'Description' => 'Scan common local network IP addresses for embedded devices.',
-      'Category' => 'Network',
-      'Author' => ['bcoles@gmail.com', 'wade'],
-      'File' => __FILE__
-    })
-
-    # Doesn't work in FF4 (but works in 3.x)    
-    set_target({
-        'verified_status' =>  VERIFIED_USER_NOTIFY,
-        'browser_name' =>     FF
-    })
-
-    set_target({
-	'verified_status' =>  VERIFIED_NOT_WORKING,
-	'browser_name' =>     O
-    })
-
-    set_target({
-        'verified_status' =>  VERIFIED_USER_NOTIFY,
-        'browser_name' =>     IE
-    })
-    
-    use_template!
-  end
-  
-  def callback
-	content = {}
-	content['device'] =@datastore['device'] if not @datastore['device'].nil?
-	content['url'] = @datastore['url'] if not @datastore['url'].nil?
-	if content.empty?
-		content['fail'] = 'Did not detect any local network devices'
-	end
-	save content
-  end
-
-end
-  
-end
-end
-end
-
--- a/modules/network/detect_local_settings/fingerprint_local_network.js
+++ b/modules/network/detect_local_settings/fingerprint_local_network.js
@@ -1,6 +1,7 @@
 beef.execute(function() {

 	var dom = document.createElement('b');
+
 	var ips = [
 		'http://192.168.0.1',
 		'http://192.168.0.100',
@@ -15,7 +16,8 @@ beef.execute(function() {
 		'http://192.168.100.1',
 		'http://192.168.100.254',
 		'http://192.168.123.1',
-		'http://192.168.123.254'
+		'http://192.168.123.254',
+        'http://192.168.10.1'
 	];
 	var urls = new Array(
 	new Array("QNAP NAS",":8080","/ajax_obj/img/running.gif",16,16),
@@ -29,8 +31,10 @@ beef.execute(function() {
 	new Array("Cisco IP Phone",":80","/Images/Logo",120,66),
 	new Array("Snom Phone",":80","/img/snom_logo.png",168,62),
 	new Array("Brother Printer",":80","/pbio/brother.gif",144,52),
-	new Array("HP LaserJet",":80","/hp/device/images/logo.gif",42,27)
+	new Array("HP LaserJet",":80","/hp/device/images/logo.gif",42,27),
+    new Array("JBoss Application server",":8080","/images/logo.gif",226,105)
 	);
+    //console.log("Array loaded [" + urls + "]");

 	// for each ip
 	for(var i=0; i < ips.length; i++) {
@@ -38,6 +42,7 @@ beef.execute(function() {
 		// for each url
 		for(var u=0; u < urls.length; u++) {
 			var img = new Image;
+            //console.log("Detecting  [" + urls[u][0] + "] at IP [" + ips[i] + "]");
 			img.id = u;
 			img.src = ips[i]+urls[u][1]+urls[u][2];
 			//img.title = ips[i]+urls[u][1];
--- a/modules/recon/internal_network_fingerprinting/config.yaml
+++ b/modules/recon/internal_network_fingerprinting/config.yaml
@@ -0,0 +1,11 @@
+beef:
+    module:
+        internal_network_fingerprinting:
+            enable: true
+            category: "Recon"
+            name: "Internal Network Fingerprinting"
+            description: "Discover devices and applications in the internal network of the victim using signatures like default logo images/favicons (partially based on the Yokoso idea)"
+            authors: ["bcoles@gmail.com", "wade", "antisnatchor"]
+            target:
+                user_notify: ["FF", "IE"]
+                not_working: ["O"]
--- a/modules/recon/internal_network_fingerprinting/module.rb
+++ b/modules/recon/internal_network_fingerprinting/module.rb
@@ -0,0 +1,60 @@
+#
+# Internal Network Fingerprinting
+# Discover devices and applications in the internal network of the victim using
+# signatures like default logo images/favicons (partially based on the Yokoso idea).
+# It does this by loading images on common/predefined local network
+# IP addresses then matching the image width, height and path to those
+# for a known device.
+#
+# TODO LIST
+# Add IPv6 support
+# Add HTTPS support
+# -  Devices with invalid certs are blocked by IE and FF by default
+# Improve stealth
+# -  Load images with CSS "background:" CSS to avoid http auth login popups
+# Improve speed
+# -  Make IP addresses a user-configurable option rather than a hard-coded list
+# -  Detect local ip range first - using browser history and/or with java
+#    - History theft via CSS history is patched in modern browsers.
+#    - Local IP theft with Java is slow and may fail
+
+
+class Internal_network_fingerprinting < BeEF::Core::Command
+  
+  def initialize
+    super({
+      'Name' => 'Internal Network Fingerprinting',
+      'Description' => 'Discover devices and applications in the internal network of the victim using signatures like default logo images/favicons (partially based on the Yokoso idea)',
+      'Category' => 'Recon',
+      'Author' => ['bcoles@gmail.com', 'wade', 'antisnatchor'],
+      'File' => __FILE__
+    })
+
+    set_target({
+        'verified_status' =>  VERIFIED_USER_NOTIFY,
+        'browser_name' =>     FF  # works also in FF 4.0.1
+    })
+
+    set_target({
+        'verified_status' =>  VERIFIED_NOT_WORKING,
+        'browser_name' =>     O
+    })
+
+    set_target({
+        'verified_status' =>  VERIFIED_USER_NOTIFY,
+        'browser_name' =>     IE
+    })
+    
+    use_template!
+  end
+  
+  def callback
+    content = {}
+    content['device'] =@datastore['device'] if not @datastore['device'].nil?
+    content['url'] = @datastore['url'] if not @datastore['url'].nil?
+    if content.empty?
+      content['fail'] = 'No devices/applications have been discovered.'
+    end
+    save content
+  end
+end