Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Plugin for VLC detection #828

Browse Source
This commit is contained in:
Nbblrr
2013-02-21 23:14:28 +01:00
parent 1c252af145
commit 7eec331cf9
9 changed files with 196 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
core/main/client/browser.js
View File

@@ -911,15 +911,15 @@ beef.browser = {
// Internet Explorer // Internet Explorer
} else { } else {
var definedControls = [ var definedControls = [
'RealPlayer', 'RealPlayer',
'rmocx.RealPlayer G2 Control', 'rmocx.RealPlayer G2 Control',
'rmocx.RealPlayer G2 Control.1', 'rmocx.RealPlayer G2 Control.1',
'RealPlayer.RealPlayer(tm) ActiveX Control (32-bit)', 'RealPlayer.RealPlayer(tm) ActiveX Control (32-bit)',
'RealVideo.RealVideo(tm) ActiveX Control (32-bit)' 'RealVideo.RealVideo(tm) ActiveX Control (32-bit)'
]; ];
for (var i = 0; i < definedControls.length; i++) { for (var i = 0; i < definedControls.length; i++) {
try { try {
@@ -939,6 +939,28 @@ beef.browser = {
}, },
/**
* Checks if VLC is installed
* @return: {Boolean} true or false
**/
hasVLC:function() {
var vlc = false ;
if(!this.type().IE) {
for (i = 0; i < navigator.plugins.length; i++) {
if (navigator.plugins[i].name.indexOf("VLC") >= 0) {
vlc = true;
}
}
} else {
try {
control = new ActiveXObject("VideoLAN.VLCPlugin.2");
vlc = true ;
} catch(e) {
}
};
return vlc ;
},
/** /**
* Checks if the zombie has Java enabled. * Checks if the zombie has Java enabled.
* @return: {Boolean} true or false. * @return: {Boolean} true or false.
@@ -2126,8 +2148,9 @@ beef.browser = {
var has_web_socket = (beef.browser.hasWebSocket()) ? "Yes" : "No"; var has_web_socket = (beef.browser.hasWebSocket()) ? "Yes" : "No";
var has_activex = (beef.browser.hasActiveX()) ? "Yes" : "No"; var has_activex = (beef.browser.hasActiveX()) ? "Yes" : "No";
var has_silverlight = (beef.browser.hasSilverlight()) ? "Yes" : "No"; var has_silverlight = (beef.browser.hasSilverlight()) ? "Yes" : "No";
var has_quicktime = (beef.browser.hasQuickTime()) ? "Yes" : "No"; var has_quicktime = (beef.browser.hasQuickTime()) ? "Yes" : "No";
var has_realplayer = (beef.browser.hasRealPlayer()) ? "Yes" : "No"; var has_realplayer = (beef.browser.hasRealPlayer()) ? "Yes" : "No";
var has_vlc = (beef.browser.hasVLC()) ? "Yes" : "No";
try{ try{
var cookies = document.cookie; var cookies = document.cookie;
var has_session_cookies = (beef.browser.cookie.hasSessionCookies("cookie")) ? "Yes" : "No"; var has_session_cookies = (beef.browser.cookie.hasSessionCookies("cookie")) ? "Yes" : "No";
@@ -2169,8 +2192,9 @@ beef.browser = {
if (has_googlegears) details['HasGoogleGears'] = has_googlegears if (has_googlegears) details['HasGoogleGears'] = has_googlegears
if (has_activex) details['HasActiveX'] = has_activex; if (has_activex) details['HasActiveX'] = has_activex;
if (has_silverlight) details['HasSilverlight'] = has_silverlight; if (has_silverlight) details['HasSilverlight'] = has_silverlight;
if (has_quicktime) details['HasQuickTime'] = has_quicktime; if (has_quicktime) details['HasQuickTime'] = has_quicktime;
if (has_realplayer) details['HasRealPlayer'] = has_realplayer; if (has_realplayer) details['HasRealPlayer'] = has_realplayer;
if (has_vlc) details['HasVLC'] = has_vlc ;
return details; return details;
}, },

10
core/main/handlers/browserdetails.rb
View File

@@ -270,7 +270,7 @@ module BeEF
else else
self.err_msg "Invalid value for HasQuickTime returned from the hook browser's initial connection." self.err_msg "Invalid value for HasQuickTime returned from the hook browser's initial connection."
end end
# get and store the yes|no value for HasRealPlayer # get and store the yes|no value for HasRealPlayer
has_realplayer = get_param(@data['results'], 'HasRealPlayer') has_realplayer = get_param(@data['results'], 'HasRealPlayer')
if BeEF::Filters.is_valid_yes_no?(has_realplayer) if BeEF::Filters.is_valid_yes_no?(has_realplayer)
@@ -279,6 +279,14 @@ module BeEF
self.err_msg "Invalid value for HasRealPlayer returned from the hook browser's initial connection." self.err_msg "Invalid value for HasRealPlayer returned from the hook browser's initial connection."
end end
# get and store the yes|no value for HasVLC
has_vlc = get_param(@data['results'], 'HasVLC')
if BeEF::Filters.is_valid_yes_no?(has_vlc)
BD.set(session_id, 'HasVLC', has_vlc)
else
self.err_msg "Invalid value for HasVLC returned from the hook browser's initial connection."
end
# get and store the value for CPU # get and store the value for CPU
cpu_type = get_param(@data['results'], 'CPU') cpu_type = get_param(@data['results'], 'CPU')
if !cpu_type.nil? if !cpu_type.nil?

109
extensions/admin_ui/controllers/modules/modules.rb
View File

@@ -7,14 +7,14 @@ module BeEF
module Extension module Extension
module AdminUI module AdminUI
module Controllers module Controllers
# #
# #
# #
class Modules < BeEF::Extension::AdminUI::HttpController class Modules < BeEF::Extension::AdminUI::HttpController
BD = BeEF::Core::Models::BrowserDetails BD = BeEF::Core::Models::BrowserDetails
def initialize def initialize
super({ super({
'paths' => { 'paths' => {
@@ -31,7 +31,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
'/commandmodule/reexecute' => method(:reexecute_command_module) '/commandmodule/reexecute' => method(:reexecute_command_module)
} }
}) })
@session = BeEF::Extension::AdminUI::Session.instance @session = BeEF::Extension::AdminUI::Session.instance
end end
@@ -45,11 +45,11 @@ class Modules < BeEF::Extension::AdminUI::HttpController
'token' => BeEF::Core::Configuration.instance.get("beef.api_token") 'token' => BeEF::Core::Configuration.instance.get("beef.api_token")
}.to_json }.to_json
end end
# Returns a JSON array containing the summary for a selected zombie. # Returns a JSON array containing the summary for a selected zombie.
def select_zombie_summary def select_zombie_summary
# get the zombie # get the zombie
zombie_session = @params['zombie_session'] || nil zombie_session = @params['zombie_session'] || nil
(print_error "Zombie session is nil";return) if zombie_session.nil? (print_error "Zombie session is nil";return) if zombie_session.nil?
zombie = BeEF::Core::Models::HookedBrowser.first(:session => zombie_session) zombie = BeEF::Core::Models::HookedBrowser.first(:session => zombie_session)
@@ -57,7 +57,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
# init the summary grid # init the summary grid
summary_grid_hash = { summary_grid_hash = {
'success' => 'true', 'success' => 'true',
'results' => [] 'results' => []
} }
@@ -83,6 +83,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
['Browser Components', 'Web Sockets', 'HasWebSocket'], ['Browser Components', 'Web Sockets', 'HasWebSocket'],
['Browser Components', 'QuickTime', 'HasQuickTime'], ['Browser Components', 'QuickTime', 'HasQuickTime'],
['Browser Components', 'RealPlayer', 'HasRealPlayer'], ['Browser Components', 'RealPlayer', 'HasRealPlayer'],
['Browser Components', 'VLC', 'HasVLC'],
['Browser Components', 'ActiveX', 'HasActiveX'], ['Browser Components', 'ActiveX', 'HasActiveX'],
['Browser Components', 'Session Cookies', 'hasSessionCookies'], ['Browser Components', 'Session Cookies', 'hasSessionCookies'],
['Browser Components', 'Persistent Cookies', 'hasPersistentCookies'], ['Browser Components', 'Persistent Cookies', 'hasPersistentCookies'],
@@ -124,7 +125,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
height = window_size_hash['height'] height = window_size_hash['height']
data = "Width: #{width}, Height: #{height}" data = "Width: #{width}, Height: #{height}"
else else
data = BD.get(zombie_session, p[2]) data = BD.get(zombie_session, p[2])
end end
# add property to summary hash # add property to summary hash
@@ -138,7 +139,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
end end
@body = summary_grid_hash.to_json @body = summary_grid_hash.to_json
end end
# Returns the list of all command_modules in a JSON format # Returns the list of all command_modules in a JSON format
@@ -262,10 +263,10 @@ class Modules < BeEF::Extension::AdminUI::HttpController
#Recursive function to sort all the parent's children #Recursive function to sort all the parent's children
def sort_recursive_tree(parent) def sort_recursive_tree(parent)
# sort the children nodes by status and name # sort the children nodes by status and name
parent.each {|x| parent.each {|x|
#print_info "Sorting: " + x['children'].to_s #print_info "Sorting: " + x['children'].to_s
if x.is_a?(Hash) and x.has_key?('children') if x.is_a?(Hash) and x.has_key?('children')
x['children'] = x['children'].sort_by {|a| x['children'] = x['children'].sort_by {|a|
fldr = a['cls'] ? a['cls'] : 'zzzzz' fldr = a['cls'] ? a['cls'] : 'zzzzz'
"#{fldr}#{a['status']}#{a['text']}" "#{fldr}#{a['status']}#{a['text']}"
} }
@@ -349,20 +350,20 @@ class Modules < BeEF::Extension::AdminUI::HttpController
update_command_module_tree(tree, dyn_mod_category, command_module_icon_path, command_module_status, command_mod_name,dyn_mod.id) update_command_module_tree(tree, dyn_mod_category, command_module_icon_path, command_module_status, command_mod_name,dyn_mod.id)
} }
end end
# sort the parent array nodes # sort the parent array nodes
tree.sort! {|a,b| a['text'] <=> b['text']} tree.sort! {|a,b| a['text'] <=> b['text']}
sort_recursive_tree(tree) sort_recursive_tree(tree)
retitle_recursive_tree(tree) retitle_recursive_tree(tree)
# return a JSON array of hashes # return a JSON array of hashes
@body = tree.to_json @body = tree.to_json
end end
# Returns the inputs definition of an command_module. # Returns the inputs definition of an command_module.
def select_command_module def select_command_module
command_module_id = @params['command_module_id'] || nil command_module_id = @params['command_module_id'] || nil
@@ -377,7 +378,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
@body = command_modules2json([key]) @body = command_modules2json([key])
end end
end end
# Returns the list of commands for an command_module # Returns the list of commands for an command_module
def select_command_module_commands def select_command_module_commands
commands = [] commands = []
@@ -392,32 +393,32 @@ class Modules < BeEF::Extension::AdminUI::HttpController
nonce = @params['nonce'] || nil nonce = @params['nonce'] || nil
(print_error "nonce is nil";return) if nonce.nil? (print_error "nonce is nil";return) if nonce.nil?
(print_error "nonce incorrect";return) if @session.get_nonce != nonce (print_error "nonce incorrect";return) if @session.get_nonce != nonce
# get the browser id # get the browser id
zombie = Z.first(:session => zombie_session) zombie = Z.first(:session => zombie_session)
(print_error "Zombie is nil";return) if zombie.nil? (print_error "Zombie is nil";return) if zombie.nil?
zombie_id = zombie.id zombie_id = zombie.id
(print_error "Zombie id is nil";return) if zombie_id.nil? (print_error "Zombie id is nil";return) if zombie_id.nil?
C.all(:command_module_id => command_module_id, :hooked_browser_id => zombie_id).each do |command| C.all(:command_module_id => command_module_id, :hooked_browser_id => zombie_id).each do |command|
commands.push({ commands.push({
'id' => i, 'id' => i,
'object_id' => command.id, 'object_id' => command.id,
'creationdate' => Time.at(command.creationdate.to_i).strftime("%Y-%m-%d %H:%M").to_s, 'creationdate' => Time.at(command.creationdate.to_i).strftime("%Y-%m-%d %H:%M").to_s,
'label' => command.label 'label' => command.label
}) })
i+=1 i+=1
end end
@body = { @body = {
'success' => 'true', 'success' => 'true',
'commands' => commands}.to_json 'commands' => commands}.to_json
end end
# Attaches an command_module to a zombie. # Attaches an command_module to a zombie.
def attach_command_module def attach_command_module
definition = {} definition = {}
# get params # get params
@@ -429,8 +430,8 @@ class Modules < BeEF::Extension::AdminUI::HttpController
nonce = @params['nonce'] || nil nonce = @params['nonce'] || nil
(print_error "nonce is nil";return) if nonce.nil? (print_error "nonce is nil";return) if nonce.nil?
(print_error "nonce incorrect";return) if @session.get_nonce != nonce (print_error "nonce incorrect";return) if @session.get_nonce != nonce
@params.keys.each {|param| @params.keys.each {|param|
(print_error "invalid key param string";return) if not BeEF::Filters.has_valid_param_chars?(param) (print_error "invalid key param string";return) if not BeEF::Filters.has_valid_param_chars?(param)
(print_error "first char is num";return) if BeEF::Filters.first_char_is_num?(param) (print_error "first char is num";return) if BeEF::Filters.first_char_is_num?(param)
definition[param[4..-1]] = params[param] definition[param[4..-1]] = params[param]
@@ -449,10 +450,10 @@ class Modules < BeEF::Extension::AdminUI::HttpController
exec_results = BeEF::Module.execute(mod_key, zombie_session, def2) exec_results = BeEF::Module.execute(mod_key, zombie_session, def2)
@body = (exec_results != nil) ? '{success: true}' : '{success: false}' @body = (exec_results != nil) ? '{success: true}' : '{success: false}'
end end
# Re-execute an command_module to a zombie. # Re-execute an command_module to a zombie.
def reexecute_command_module def reexecute_command_module
# get params # get params
command_id = @params['command_id'] || nil command_id = @params['command_id'] || nil
(print_error "Command id is nil";return) if command_id.nil? (print_error "Command id is nil";return) if command_id.nil?
@@ -462,15 +463,15 @@ class Modules < BeEF::Extension::AdminUI::HttpController
nonce = @params['nonce'] || nil nonce = @params['nonce'] || nil
(print_error "nonce is nil";return) if nonce.nil? (print_error "nonce is nil";return) if nonce.nil?
(print_error "nonce incorrect";return) if @session.get_nonce != nonce (print_error "nonce incorrect";return) if @session.get_nonce != nonce
command.instructions_sent = false command.instructions_sent = false
command.save command.save
@body = '{success : true}' @body = '{success : true}'
end end
def attach_dynamic_command_module def attach_dynamic_command_module
definition = {} definition = {}
# get params # get params
@@ -482,8 +483,8 @@ class Modules < BeEF::Extension::AdminUI::HttpController
nonce = @params['nonce'] || nil nonce = @params['nonce'] || nil
(print_error "nonce is nil";return) if nonce.nil? (print_error "nonce is nil";return) if nonce.nil?
(print_error "nonce incorrect";return) if @session.get_nonce != nonce (print_error "nonce incorrect";return) if @session.get_nonce != nonce
@params.keys.each {|param| @params.keys.each {|param|
(print_error "invalid key param string";return) if not BeEF::Filters.has_valid_param_chars?(param) (print_error "invalid key param string";return) if not BeEF::Filters.has_valid_param_chars?(param)
(print_error "first char is num";return) if BeEF::Filters.first_char_is_num?(param) (print_error "first char is num";return) if BeEF::Filters.first_char_is_num?(param)
definition[param[4..-1]] = params[param] definition[param[4..-1]] = params[param]
@@ -525,11 +526,11 @@ class Modules < BeEF::Extension::AdminUI::HttpController
end end
# Returns the results of a command # Returns the results of a command
def select_command_results def select_command_results
results = [] results = []
# get params # get params
command_id = @params['command_id']|| nil command_id = @params['command_id']|| nil
(print_error "Command id is nil";return) if command_id.nil? (print_error "Command id is nil";return) if command_id.nil?
@@ -539,24 +540,24 @@ class Modules < BeEF::Extension::AdminUI::HttpController
# get command_module # get command_module
command_module = BeEF::Core::Models::CommandModule.first(:id => command.command_module_id) command_module = BeEF::Core::Models::CommandModule.first(:id => command.command_module_id)
(print_error "command_module is nil";return) if command_module.nil? (print_error "command_module is nil";return) if command_module.nil?
resultsdb = BeEF::Core::Models::Result.all(:command_id => command_id) resultsdb = BeEF::Core::Models::Result.all(:command_id => command_id)
(print_error "Command id result is nil";return) if resultsdb.nil? (print_error "Command id result is nil";return) if resultsdb.nil?
resultsdb.each{ |result| results.push({'date' => result.date, 'data' => JSON.parse(result.data)}) } resultsdb.each{ |result| results.push({'date' => result.date, 'data' => JSON.parse(result.data)}) }
@body = { @body = {
'success' => 'true', 'success' => 'true',
'command_module_name' => command_module.name, 'command_module_name' => command_module.name,
'command_module_id' => command_module.id, 'command_module_id' => command_module.id,
'results' => results}.to_json 'results' => results}.to_json
end end
# Returns the definition of a command. # Returns the definition of a command.
# In other words it returns the command that was used to command_module a zombie. # In other words it returns the command that was used to command_module a zombie.
def select_command def select_command
# get params # get params
command_id = @params['command_id'] || nil command_id = @params['command_id'] || nil
(print_error "Command id is nil";return) if command_id.nil? (print_error "Command id is nil";return) if command_id.nil?
@@ -573,9 +574,9 @@ class Modules < BeEF::Extension::AdminUI::HttpController
command_module_name = command_module.name command_module_name = command_module.name
e = BeEF::Core::Command.const_get(command_module_name.capitalize).new(command_module_name) e = BeEF::Core::Command.const_get(command_module_name.capitalize).new(command_module_name)
end end
@body = { @body = {
'success' => 'true', 'success' => 'true',
'command_module_name' => command_module_name, 'command_module_name' => command_module_name,
'command_module_id' => command_module.id, 'command_module_id' => command_module.id,
'data' => BeEF::Module.get_options(command_module_name), 'data' => BeEF::Module.get_options(command_module_name),
@@ -583,9 +584,9 @@ class Modules < BeEF::Extension::AdminUI::HttpController
}.to_json }.to_json
end end
private private
# Takes a list of command_modules and returns them as a JSON array # Takes a list of command_modules and returns them as a JSON array
def command_modules2json(command_modules) def command_modules2json(command_modules)
command_modules_json = {} command_modules_json = {}
@@ -601,7 +602,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
command_modules_json[i] = h command_modules_json[i] = h
i += 1 i += 1
end end
if not command_modules_json.empty? if not command_modules_json.empty?
return {'success' => 'true', 'command_modules' => command_modules_json}.to_json return {'success' => 'true', 'command_modules' => command_modules_json}.to_json
else else
@@ -612,15 +613,15 @@ class Modules < BeEF::Extension::AdminUI::HttpController
# return the input requred for the module in JSON format # return the input requred for the module in JSON format
def dynamic_modules2json(id) def dynamic_modules2json(id)
command_modules_json = {} command_modules_json = {}
mod = BeEF::Core::Models::CommandModule.first(:id => id) mod = BeEF::Core::Models::CommandModule.first(:id => id)
# if the module id is not in the database return false # if the module id is not in the database return false
return {'success' => 'false'}.to_json if(not mod) return {'success' => 'false'}.to_json if(not mod)
# the path will equal Dynamic/<type> and this will get just the type # the path will equal Dynamic/<type> and this will get just the type
dynamic_type = mod.path.split("/").last dynamic_type = mod.path.split("/").last
e = BeEF::Modules::Commands.const_get(dynamic_type.capitalize).new e = BeEF::Modules::Commands.const_get(dynamic_type.capitalize).new
e.update_info(mod.id) e.update_info(mod.id)
e.update_data() e.update_data()
@@ -647,7 +648,7 @@ class Modules < BeEF::Extension::AdminUI::HttpController
return {'success' => 'true', 'command_modules' => payload_options_json}.to_json return {'success' => 'true', 'command_modules' => payload_options_json}.to_json
end end
end end
end end

5
extensions/admin_ui/controllers/panel/panel.rb
View File

@@ -90,8 +90,9 @@ module BeEF
has_java = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'JavaEnabled') has_java = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'JavaEnabled')
has_activex = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasActiveX') has_activex = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasActiveX')
has_silverlight = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasSilverlight') has_silverlight = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasSilverlight')
has_quicktime = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasQuickTime') has_quicktime = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasQuickTime')
has_realplayer = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasRealPlayer') has_realplayer = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasRealPlayer')
has_vlc = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'HasVLC')
date_stamp = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'DateStamp') date_stamp = BeEF::Core::Models::BrowserDetails.get(hooked_browser.session, 'DateStamp')
return { return {

32
extensions/admin_ui/media/javascript/ui/panel/ZombiesMgr.js
View File

@@ -5,10 +5,10 @@
// //
var ZombiesMgr = function(zombies_tree_lists) { var ZombiesMgr = function(zombies_tree_lists) {
//save the list of trees in the object //save the list of trees in the object
this.zombies_tree_lists = zombies_tree_lists; this.zombies_tree_lists = zombies_tree_lists;
// this is a helper class to create a zombie object from a JSON hash index // this is a helper class to create a zombie object from a JSON hash index
this.zombieFactory = function(index, zombie_array){ this.zombieFactory = function(index, zombie_array){
@@ -26,8 +26,9 @@ var ZombiesMgr = function(zombies_tree_lists) {
var has_flash = zombie_array[index]["has_flash"]; var has_flash = zombie_array[index]["has_flash"];
var has_web_sockets = zombie_array[index]["has_web_sockets"]; var has_web_sockets = zombie_array[index]["has_web_sockets"];
var has_googlegears = zombie_array[index]["has_googlegears"]; var has_googlegears = zombie_array[index]["has_googlegears"];
var has_java = zombie_array[index]["has_java"]; var has_java = zombie_array[index]["has_java"];
var has_activex = zombie_array[index]["has_activex"]; var has_activex = zombie_array[index]["has_activex"];
var has_vlc = zombie_array[index]["has_vlc"];
var has_silverlight = zombie_array[index]["has_silverlight"]; var has_silverlight = zombie_array[index]["has_silverlight"];
var has_quicktime = zombie_array[index]["has_quicktime"]; var has_quicktime = zombie_array[index]["has_quicktime"];
var has_realplayer = zombie_array[index]["has_realplayer"]; var has_realplayer = zombie_array[index]["has_realplayer"];
@@ -44,15 +45,16 @@ var ZombiesMgr = function(zombies_tree_lists) {
balloon_text+= "<br/>Hardware: " + hw_name; balloon_text+= "<br/>Hardware: " + hw_name;
balloon_text+= "<br/>Domain: " + domain + ":" + port; balloon_text+= "<br/>Domain: " + domain + ":" + port;
balloon_text+= "<br/>Flash: " + has_flash; balloon_text+= "<br/>Flash: " + has_flash;
balloon_text+= "<br/>Java: " + has_java; balloon_text+= "<br/>Java: " + has_java;
balloon_text+= "<br/>Web Sockets: " + has_web_sockets; balloon_text+= "<br/>Web Sockets: " + has_web_sockets;
balloon_text+= "<br/>ActiveX: " + has_activex; balloon_text+= "<br/>ActiveX: " + has_activex;
balloon_text+= "<br/>Silverlight: " + has_silverlight; balloon_text+= "<br/>Silverlight: " + has_silverlight;
balloon_text+= "<br/>QuickTime: " + has_quicktime; balloon_text+= "<br/>QuickTime: " + has_quicktime;
balloon_text+= "<br/>VLC: " + has_vlc;
balloon_text+= "<br/>RealPlayer: " + has_realplayer; balloon_text+= "<br/>RealPlayer: " + has_realplayer;
balloon_text+= "<br/>Google Gears: " + has_googlegears; balloon_text+= "<br/>Google Gears: " + has_googlegears;
balloon_text+= "<br/>Date: " + date_stamp; balloon_text+= "<br/>Date: " + date_stamp;
var new_zombie = { var new_zombie = {
'id' : index, 'id' : index,
'ip' : ip, 'ip' : ip,
@@ -63,10 +65,10 @@ var ZombiesMgr = function(zombies_tree_lists) {
'domain' : domain, 'domain' : domain,
'port' : port 'port' : port
}; };
return new_zombie; return new_zombie;
} }
/* /*
* Update the hooked browser trees * Update the hooked browser trees
* @param: {Literal Object} an object containing the list of offline and online hooked browsers. * @param: {Literal Object} an object containing the list of offline and online hooked browsers.
@@ -75,33 +77,33 @@ var ZombiesMgr = function(zombies_tree_lists) {
this.updateZombies = function(zombies, rules){ this.updateZombies = function(zombies, rules){
var offline_hooked_browsers = zombies["offline"]; var offline_hooked_browsers = zombies["offline"];
var online_hooked_browsers = zombies["online"]; var online_hooked_browsers = zombies["online"];
for(tree_type in this.zombies_tree_lists) { for(tree_type in this.zombies_tree_lists) {
hooked_browsers_tree = this.zombies_tree_lists[tree_type]; hooked_browsers_tree = this.zombies_tree_lists[tree_type];
//we compare and remove the hooked browsers from online and offline branches for each tree. //we compare and remove the hooked browsers from online and offline branches for each tree.
hooked_browsers_tree.compareAndRemove(zombies); hooked_browsers_tree.compareAndRemove(zombies);
//add an offline browser to the tree //add an offline browser to the tree
for(var i in offline_hooked_browsers) { for(var i in offline_hooked_browsers) {
var offline_hooked_browser = this.zombieFactory(i, offline_hooked_browsers); var offline_hooked_browser = this.zombieFactory(i, offline_hooked_browsers);
hooked_browsers_tree.addZombie(offline_hooked_browser, false, ((tree_type != 'basic') ? true : false)); hooked_browsers_tree.addZombie(offline_hooked_browser, false, ((tree_type != 'basic') ? true : false));
} }
//add an online browser to the tree //add an online browser to the tree
for(var i in online_hooked_browsers) { for(var i in online_hooked_browsers) {
var online_hooked_browser = this.zombieFactory(i, online_hooked_browsers); var online_hooked_browser = this.zombieFactory(i, online_hooked_browsers);
hooked_browsers_tree.addZombie(online_hooked_browser, true, ((tree_type != 'basic') ? true : false)); hooked_browsers_tree.addZombie(online_hooked_browser, true, ((tree_type != 'basic') ? true : false));
} }
//apply the rules to the tree //apply the rules to the tree
hooked_browsers_tree.applyRules(rules); hooked_browsers_tree.applyRules(rules);
//expand the online hooked browser tree lists //expand the online hooked browser tree lists
if(hooked_browsers_tree.online_hooked_browsers_treenode.childNodes.length > 0) { if(hooked_browsers_tree.online_hooked_browsers_treenode.childNodes.length > 0) {
hooked_browsers_tree.online_hooked_browsers_treenode.expand(true); hooked_browsers_tree.online_hooked_browsers_treenode.expand(true);
} }
//expand the offline hooked browser tree lists //expand the offline hooked browser tree lists
if(hooked_browsers_tree.offline_hooked_browsers_treenode.childNodes.length > 0) { if(hooked_browsers_tree.offline_hooked_browsers_treenode.childNodes.length > 0) {
hooked_browsers_tree.offline_hooked_browsers_treenode.expand(true); hooked_browsers_tree.offline_hooked_browsers_treenode.expand(true);

75
extensions/console/lib/shellinterface.rb
View File

@@ -8,14 +8,14 @@ module Extension
module Console module Console
class ShellInterface class ShellInterface
BD = BeEF::Core::Models::BrowserDetails BD = BeEF::Core::Models::BrowserDetails
def initialize(config) def initialize(config)
self.config = config self.config = config
self.cmd = {} self.cmd = {}
end end
def settarget(id) def settarget(id)
begin begin
self.targetsession = BeEF::Core::Models::HookedBrowser.first(:id => id).session self.targetsession = BeEF::Core::Models::HookedBrowser.first(:id => id).session
@@ -25,7 +25,7 @@ class ShellInterface
return nil return nil
end end
end end
def setofflinetarget(id) def setofflinetarget(id)
begin begin
self.targetsession = BeEF::Core::Models::HookedBrowser.first(:id => id).session self.targetsession = BeEF::Core::Models::HookedBrowser.first(:id => id).session
@@ -35,7 +35,7 @@ class ShellInterface
return nil return nil
end end
end end
def cleartarget def cleartarget
self.targetsession = nil self.targetsession = nil
self.targetip = nil self.targetip = nil
@@ -45,9 +45,9 @@ class ShellInterface
# @note Get commands. This is a *modified* replica of select_command_modules_tree from extensions/admin_ui/controllers/modules/modules.rb # @note Get commands. This is a *modified* replica of select_command_modules_tree from extensions/admin_ui/controllers/modules/modules.rb
def getcommands def getcommands
return if self.targetid.nil? return if self.targetid.nil?
tree = [] tree = []
BeEF::Modules.get_categories.each { |c| BeEF::Modules.get_categories.each { |c|
if c[-1,1] != "/" if c[-1,1] != "/"
@@ -104,39 +104,39 @@ class ShellInterface
update_command_module_tree(tree, dyn_mod_category, "Verified Unknown", command_mod_name,dyn_mod.id) update_command_module_tree(tree, dyn_mod_category, "Verified Unknown", command_mod_name,dyn_mod.id)
} }
end end
# sort the parent array nodes # sort the parent array nodes
tree.sort! {|a,b| a['text'] <=> b['text']} tree.sort! {|a,b| a['text'] <=> b['text']}
# sort the children nodes by status # sort the children nodes by status
tree.each {|x| x['children'] = tree.each {|x| x['children'] =
x['children'].sort_by {|a| a['status']} x['children'].sort_by {|a| a['status']}
} }
# append the number of command modules so the branch name results in: "<category name> (num)" # append the number of command modules so the branch name results in: "<category name> (num)"
#tree.each {|command_module_branch| #tree.each {|command_module_branch|
# num_of_command_modules = command_module_branch['children'].length # num_of_command_modules = command_module_branch['children'].length
# command_module_branch['text'] = command_module_branch['text'] + " (" + num_of_command_modules.to_s() + ")" # command_module_branch['text'] = command_module_branch['text'] + " (" + num_of_command_modules.to_s() + ")"
#} #}
# return a JSON array of hashes # return a JSON array of hashes
tree tree
end end
def setcommand(id) def setcommand(id)
key = BeEF::Module.get_key_by_database_id(id.to_i) key = BeEF::Module.get_key_by_database_id(id.to_i)
self.cmd['id'] = id self.cmd['id'] = id
self.cmd['Name'] = self.config.get("beef.module.#{key}.name") self.cmd['Name'] = self.config.get("beef.module.#{key}.name")
self.cmd['Description'] = self.config.get("beef.module.#{key}.description") self.cmd['Description'] = self.config.get("beef.module.#{key}.description")
self.cmd['Category'] = self.config.get("beef.module.#{key}.category") self.cmd['Category'] = self.config.get("beef.module.#{key}.category")
self.cmd['Data'] = BeEF::Module.get_options(key) self.cmd['Data'] = BeEF::Module.get_options(key)
end end
def clearcommand def clearcommand
self.cmd = {} self.cmd = {}
end end
def setparam(param,value) def setparam(param,value)
self.cmd['Data'].each do |data| self.cmd['Data'].each do |data|
if data['name'] == param if data['name'] == param
@@ -145,12 +145,12 @@ class ShellInterface
end end
end end
end end
def getcommandresponses(cmdid = self.cmd['id']) def getcommandresponses(cmdid = self.cmd['id'])
commands = [] commands = []
i = 0 i = 0
BeEF::Core::Models::Command.all(:command_module_id => cmdid, :hooked_browser_id => self.targetid).each do |command| BeEF::Core::Models::Command.all(:command_module_id => cmdid, :hooked_browser_id => self.targetid).each do |command|
commands.push({ commands.push({
'id' => i, 'id' => i,
@@ -160,10 +160,10 @@ class ShellInterface
}) })
i+=1 i+=1
end end
commands commands
end end
def getindividualresponse(cmdid) def getindividualresponse(cmdid)
results = [] results = []
begin begin
@@ -175,26 +175,26 @@ class ShellInterface
end end
results results
end end
def executecommand def executecommand
definition = {} definition = {}
options = {} options = {}
options.store("zombie_session", self.targetsession.to_s) options.store("zombie_session", self.targetsession.to_s)
options.store("command_module_id", self.cmd['id']) options.store("command_module_id", self.cmd['id'])
if not self.cmd['Data'].nil? if not self.cmd['Data'].nil?
self.cmd['Data'].each do |key| self.cmd['Data'].each do |key|
options.store("txt_"+key['name'].to_s,key['value']) options.store("txt_"+key['name'].to_s,key['value'])
end end
end end
options.keys.each {|param| options.keys.each {|param|
definition[param[4..-1]] = options[param] definition[param[4..-1]] = options[param]
oc = BeEF::Core::Models::OptionCache.first_or_create(:name => param[4..-1]) oc = BeEF::Core::Models::OptionCache.first_or_create(:name => param[4..-1])
oc.value = options[param] oc.value = options[param]
oc.save oc.save
} }
mod_key = BeEF::Module.get_key_by_database_id(self.cmd['id']) mod_key = BeEF::Module.get_key_by_database_id(self.cmd['id'])
# Hack to rework the old option system into the new option system # Hack to rework the old option system into the new option system
def2 = [] def2 = []
@@ -207,7 +207,7 @@ class ShellInterface
else else
return false return false
end end
#Old method #Old method
#begin #begin
# BeEF::Core::Models::Command.new( :data => definition.to_json, # BeEF::Core::Models::Command.new( :data => definition.to_json,
@@ -218,10 +218,10 @@ class ShellInterface
#rescue #rescue
# return false # return false
#end #end
#return true #return true
end end
def update_command_module_tree(tree, cmd_category, cmd_status, cmd_name, cmd_id) def update_command_module_tree(tree, cmd_category, cmd_status, cmd_name, cmd_id)
# construct leaf node for the command module tree # construct leaf node for the command module tree
@@ -240,7 +240,7 @@ class ShellInterface
end end
} }
end end
def get_command_module_status(mod) def get_command_module_status(mod)
hook_session_id = self.targetsession hook_session_id = self.targetsession
if hook_session_id == nil if hook_session_id == nil
@@ -250,7 +250,7 @@ class ShellInterface
'browser' => BD.get(hook_session_id, 'BrowserName'), 'browser' => BD.get(hook_session_id, 'BrowserName'),
'ver' => BD.get(hook_session_id, 'BrowserVersion'), 'ver' => BD.get(hook_session_id, 'BrowserVersion'),
'os' => [BD.get(hook_session_id, 'OsName')]}) 'os' => [BD.get(hook_session_id, 'OsName')]})
when BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING when BeEF::Core::Constants::CommandModule::VERIFIED_NOT_WORKING
return "Verified Not Working" return "Verified Not Working"
when BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY when BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY
@@ -268,12 +268,12 @@ class ShellInterface
# Yoinked from the UI panel - # Yoinked from the UI panel -
# we really need to centralise all this stuff and encapsulate it away. # we really need to centralise all this stuff and encapsulate it away.
def select_zombie_summary def select_zombie_summary
return if self.targetsession.nil? return if self.targetsession.nil?
# init the summary grid # init the summary grid
summary_grid_hash = { summary_grid_hash = {
'success' => 'true', 'success' => 'true',
'results' => [] 'results' => []
} }
@@ -299,6 +299,7 @@ class ShellInterface
['Browser Components', 'Web Sockets', 'HasWebSocket'], ['Browser Components', 'Web Sockets', 'HasWebSocket'],
['Browser Components', 'QuickTime', 'HasQuickTime'], ['Browser Components', 'QuickTime', 'HasQuickTime'],
['Browser Components', 'RealPlayer', 'HasRealPlayer'], ['Browser Components', 'RealPlayer', 'HasRealPlayer'],
['Browser Components', 'VLC', 'HasVLC'],
['Browser Components', 'ActiveX', 'HasActiveX'], ['Browser Components', 'ActiveX', 'HasActiveX'],
['Browser Components', 'Session Cookies', 'hasSessionCookies'], ['Browser Components', 'Session Cookies', 'hasSessionCookies'],
['Browser Components', 'Persistent Cookies', 'hasPersistentCookies'], ['Browser Components', 'Persistent Cookies', 'hasPersistentCookies'],
@@ -340,7 +341,7 @@ class ShellInterface
height = window_size_hash['height'] height = window_size_hash['height']
data = "Width: #{width}, Height: #{height}" data = "Width: #{width}, Height: #{height}"
else else
data = BD.get(zombie_session, p[2]) data = BD.get(zombie_session, p[2])
end end
# add property to summary hash # add property to summary hash
@@ -356,14 +357,14 @@ class ShellInterface
summary_grid_hash summary_grid_hash
end end
attr_reader :targetsession attr_reader :targetsession
attr_reader :targetid attr_reader :targetid
attr_reader :targetip attr_reader :targetip
attr_reader :cmd attr_reader :cmd
protected protected
attr_writer :targetsession attr_writer :targetsession
attr_writer :targetid attr_writer :targetid
attr_writer :targetip attr_writer :targetip

14
modules/browser/detect_vlc/command.js Normal file
View File

@@ -0,0 +1,14 @@
//
// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.execute(function() {
var result = ( beef.browser.hasVLC() )? "Yes" : "No";
beef.net.send("<%= @command_url %>", <%= @command_id %>, "vlc="+result);
});

15
modules/browser/detect_vlc/config.yaml Normal file
View File

@@ -0,0 +1,15 @@
#
# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
beef:
module:
detect_vlc:
enable: true
category: "Browser"
name: "Detect VLC"
description: "This module will check if the browser has VLC plugin."
authors: ["nbblrr"]
target:
working: ["IE", "FF", "C"]

14
modules/browser/detect_vlc/module.rb Normal file
View File

@@ -0,0 +1,14 @@
#
# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Detect_vlc < BeEF::Core::Command
def post_execute
content = {}
content['vlc'] = @datastore['vlc']
save content
end
end