diff --git a/Gemfile b/Gemfile index 618ef7ca6..3a505922b 100644 --- a/Gemfile +++ b/Gemfile @@ -17,6 +17,7 @@ gem "sinatra", "1.4.2" gem "rack", "1.5.2" gem "em-websocket", "~> 0.3.6" gem "jsmin", "~> 1.0.1" +gem "uglifier", "~> 2.2.1" gem "ansi" gem "term-ansicolor", :require => "term/ansicolor" gem "dm-core" diff --git a/config.yaml b/config.yaml index 490ebe0de..42055a5e2 100644 --- a/config.yaml +++ b/config.yaml @@ -30,7 +30,7 @@ beef: # DNS dns_host: "localhost" dns_port: 53 - panel_path: "/ui/panel" + web_ui_basepath: "/ui" hook_file: "/hook.js" hook_session_name: "BEEFHOOK" session_cookie_name: "BEEFSESSION" diff --git a/core/main/client/browser.js b/core/main/client/browser.js index 05409d10c..b783619a5 100644 --- a/core/main/client/browser.js +++ b/core/main/client/browser.js @@ -1325,11 +1325,11 @@ beef.browser = { */ javaEnabled:function () { //Use of deployJava defined in deployJava.js (Oracle java deployment toolkit) - versionJRE = deployJava.getJREs(); + // versionJRE = deployJava.getJREs(); - if(versionJRE != '') - return true; - else + // if(versionJRE != '') + // return true; + // else return false; }, diff --git a/core/main/console/banners.rb b/core/main/console/banners.rb index 71aea366e..c4e1a620f 100644 --- a/core/main/console/banners.rb +++ b/core/main/console/banners.rb @@ -86,7 +86,7 @@ module Banners print_success "running on network interface: #{host}" beef_host = configuration.get("beef.http.public_port") || configuration.get("beef.http.port") data = "Hook URL: #{prototxt}://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.hook_file")}\n" - data += "UI URL: #{prototxt}://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.panel_path")}\n" + data += "UI URL: #{prototxt}://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.web_ui_basepath")}/panel\n" print_more data end diff --git a/core/main/router/router.rb b/core/main/router/router.rb index c6ca5c6e5..e2502b4da 100644 --- a/core/main/router/router.rb +++ b/core/main/router/router.rb @@ -114,6 +114,7 @@ module BeEF # @note Default root page get "/" do if config.get("beef.http.web_server_imitation.enable") + bp = config.get "beef.http.web_ui_basepath" type = config.get("beef.http.web_server_imitation.type") case type when "apache" @@ -209,7 +210,7 @@ module BeEF "

If you are the website administrator:

" + "

You may now add content to the directory /var/www/html/. Note that until you do so, people visiting your website will see this page and not your content. To prevent this page from ever being used, follow the instructions in the file /etc/httpd/conf.d/welcome.conf.

" + "

You are free to use the images below on Apache and CentOS Linux powered HTTP servers. Thanks for using Apache and CentOS!

" + - "

\"[ \"[

" + + "

\"[ \"[

" + "" + "" + "" + @@ -234,7 +235,7 @@ module BeEF "" + "" + "
" + - "" + + "" + "" + "

" + "

Under Construction

" + diff --git a/extensions/admin_ui/api/handler.rb b/extensions/admin_ui/api/handler.rb index 12358426f..446a46845 100644 --- a/extensions/admin_ui/api/handler.rb +++ b/extensions/admin_ui/api/handler.rb @@ -12,40 +12,90 @@ module API # We use this module to register all the http handler for the Administrator UI # module Handler - + require 'uglifier' + BeEF::API::Registrar.instance.register(BeEF::Extension::AdminUI::API::Handler, BeEF::API::Server, 'mount_handler') - + + def self.evaluate_and_minify(content, params, name) + erubis = Erubis::FastEruby.new(content) + evaluated = erubis.evaluate(params) + minified = Uglifier.compile(evaluated) + write_to = File.new("#{File.dirname(__FILE__)}/../media/javascript-min/#{name}.js", "w+") + File.open(write_to, 'w') { |file| file.write(minified) } + + File.path write_to + end + + def self.build_javascript_ui(beef_server) + auth_js_file = File.read(File.dirname(__FILE__)+'/../media/javascript/ui/authentication.js') + "\n\n" + js_files = "" + + #NOTE: order counts! make sure you know what you're doing if you add files + esapi = %w(esapi/Class.create.js esapi/jquery-1.6.4.min.js esapi/jquery-encoder-0.1.0.js) + ux = %w(ui/common/beef_common.js ux/PagingStore.js ux/StatusBar.js ux/TabCloseMenu.js) + panel = %w(ui/panel/common.js ui/panel/DistributedEngine.js ui/panel/PanelStatusBar.js ui/panel/tabs/ZombieTabDetails.js ui/panel/tabs/ZombieTabLogs.js ui/panel/tabs/ZombieTabCommands.js ui/panel/tabs/ZombieTabRider.js ui/panel/tabs/ZombieTabXssRays.js wterm/wterm.jquery.js ui/panel/tabs/ZombieTabIpec.js ui/panel/tabs/ZombieTabAutorun.js ui/panel/PanelViewer.js ui/panel/DataGrid.js ui/panel/MainPanel.js ui/panel/ZombieTab.js ui/panel/ZombieTabs.js ui/panel/zombiesTreeList.js ui/panel/ZombiesMgr.js ui/panel/Logout.js ui/panel/WelcomeTab.js) + + global_js = esapi + ux + panel + + global_js.each do |file| + js_files << File.read(File.dirname(__FILE__)+'/../media/javascript/'+file) + "\n\n" + end + + config = BeEF::Core::Configuration.instance + bp = config.get "beef.http.web_ui_basepath" + + # if more dynamic variables are needed in JavaScript files + # add them here in the following Hash + params = { + 'base_path' => bp + } + + # process all JavaScript files, evaluating them with Erubis + web_ui_all = self.evaluate_and_minify(js_files, params, 'web_ui_all') + web_ui_auth = self.evaluate_and_minify(auth_js_file, params, 'web_ui_auth') + + beef_server.mount("#{bp}/web_ui_all.js", Rack::File.new(web_ui_all)) + beef_server.mount("#{bp}/web_ui_auth.js", Rack::File.new(web_ui_auth)) + + end + # # This function gets called automatically by the server. # def self.mount_handler(beef_server) - # retrieve the configuration class instance - configuration = BeEF::Core::Configuration.instance - + config = BeEF::Core::Configuration.instance + + # Web UI base path, like http://beef_domain//panel + bp = config.get "beef.http.web_ui_basepath" + # registers the http controllers used by BeEF core (authentication, logs, modules and panel) Dir["#{$root_dir}/extensions/admin_ui/controllers/**/*.rb"].each do |http_module| require http_module mod_name = File.basename http_module, '.rb' - beef_server.mount("/ui/#{mod_name}", BeEF::Extension::AdminUI::Handlers::UI.new(mod_name)) + beef_server.mount("#{bp}/#{mod_name}", BeEF::Extension::AdminUI::Handlers::UI.new(mod_name)) end # registers the http controllers used by BeEF extensions (requester, proxy, xssrays, etc..) Dir["#{$root_dir}/extensions/**/controllers/*.rb"].each do |http_module| require http_module mod_name = File.basename http_module, '.rb' - beef_server.mount("/ui/#{mod_name}", BeEF::Extension::AdminUI::Handlers::UI.new(mod_name)) + beef_server.mount("#{bp}/#{mod_name}", BeEF::Extension::AdminUI::Handlers::UI.new(mod_name)) end # mount the folder were we store static files (javascript, css, images) for the admin ui media_dir = File.dirname(__FILE__)+'/../media/' - beef_server.mount('/ui/media', Rack::File.new(media_dir)) + beef_server.mount("#{bp}/media", Rack::File.new(media_dir)) # mount the favicon file, if we're not imitating a web server. - if !configuration.get("beef.http.web_server_imitation.enable") - beef_server.mount('/favicon.ico', Rack::File.new("#{media_dir}#{configuration.get("beef.extension.admin_ui.favicon_dir")}/#{configuration.get("beef.extension.admin_ui.favicon_file_name")}")) + if !config.get("beef.http.web_server_imitation.enable") + beef_server.mount('/favicon.ico', Rack::File.new("#{media_dir}#{config.get("beef.extension.admin_ui.favicon_dir")}/#{config.get("beef.extension.admin_ui.favicon_file_name")}")) end + + self.build_javascript_ui beef_server end + + end diff --git a/extensions/admin_ui/classes/httpcontroller.rb b/extensions/admin_ui/classes/httpcontroller.rb index da9cd9dbf..204fc62e9 100644 --- a/extensions/admin_ui/classes/httpcontroller.rb +++ b/extensions/admin_ui/classes/httpcontroller.rb @@ -40,8 +40,12 @@ module AdminUI def run(request, response) @request = request @params = request.params - @session = BeEF::Extension::AdminUI::Session.instance - auth_url = '/ui/authentication' + @session = BeEF::Extension::AdminUI::Session.instance + config = BeEF::Core::Configuration.instance + + # Web UI base path, like http://beef_domain//panel + @bp = config.get "beef.http.web_ui_basepath" + auth_url = "#{@bp}/authentication" # test if session is unauth'd and whether the auth functionality is requested if not @session.valid_session?(@request) and not self.class.eql?(BeEF::Extension::AdminUI::Controllers::Authentication) @@ -78,14 +82,14 @@ module AdminUI end - # Constructs a redirect script - def script_redirect(location) "" end - - # Constructs a html script tag - def script_tag(filename) "" end - + # Constructs a html script tag (from media/javascript directory) + def script_tag(filename) "" end + + # Constructs a html script tag (from media/javascript-min directory) + def script_tag_min(filename) "" end + # Constructs a html stylesheet tag - def stylesheet_tag(filename) "" end + def stylesheet_tag(filename) "" end # Constructs a hidden html nonce tag def nonce_tag @@ -93,6 +97,10 @@ module AdminUI "" end + def base_path + "#{@bp}" + end + private @eruby diff --git a/extensions/admin_ui/controllers/authentication/index.html b/extensions/admin_ui/controllers/authentication/index.html index 95bba39af..17f9e980c 100644 --- a/extensions/admin_ui/controllers/authentication/index.html +++ b/extensions/admin_ui/controllers/authentication/index.html @@ -9,7 +9,7 @@ <%= script_tag 'ext-base.js' %> <%= script_tag 'ext-all.js' %> - <%= script_tag 'ui/authentication.js' %> + <%= script_tag_min 'web_ui_auth.js' %> <%= stylesheet_tag 'ext-all.css' %> @@ -31,6 +31,6 @@ -
+
diff --git a/extensions/admin_ui/controllers/panel/index.html b/extensions/admin_ui/controllers/panel/index.html index 0e111307b..b2f215a69 100644 --- a/extensions/admin_ui/controllers/panel/index.html +++ b/extensions/admin_ui/controllers/panel/index.html @@ -12,47 +12,8 @@ <%= script_tag 'ext-base.js' %> <%= script_tag 'ext-all.js' %> - <%= script_tag 'ext-beef.js' %> - - - <%= script_tag 'esapi/jquery-1.6.4.min.js' %> - <%= script_tag 'esapi/Class.create.js' %> - <%= script_tag 'esapi/jquery-encoder-0.1.0.js' %> - - - - <%= script_tag 'ui/common/beef_common.js' %> - - <%= script_tag 'ux/TabCloseMenu.js' %> - <%= script_tag 'ux/StatusBar.js' %> - <%= script_tag 'ux/PagingStore.js' %> - - <%= script_tag 'ui/panel/common.js' %> - <%= script_tag 'ui/panel/DistributedEngine.js' %> - <%= script_tag 'ui/panel/PanelStatusBar.js' %> - - <%= script_tag 'ui/panel/tabs/ZombieTabDetails.js' %> - <%= script_tag 'ui/panel/tabs/ZombieTabLogs.js' %> - <%= script_tag 'ui/panel/tabs/ZombieTabCommands.js' %> - <%= script_tag 'ui/panel/tabs/ZombieTabRider.js' %> - <%= script_tag 'ui/panel/tabs/ZombieTabXssRays.js' %> - - <%= script_tag 'wterm/wterm.jquery.js' %> + <%= script_tag_min 'web_ui_all.js' %> <%= stylesheet_tag 'wterm.css' %> - - <%= script_tag 'ui/panel/tabs/ZombieTabIpec.js' %> - <%= script_tag 'ui/panel/tabs/ZombieTabAutorun.js' %> - <%= script_tag 'ui/panel/PanelViewer.js' %> - <%= script_tag 'ui/panel/DataGrid.js' %> - <%= script_tag 'ui/panel/MainPanel.js' %> - <%= script_tag 'ui/panel/ZombieTab.js' %> - <%= script_tag 'ui/panel/ZombieTabs.js' %> - <%= script_tag 'ui/panel/zombiesTreeList.js' %> - <%= script_tag 'ui/panel/ZombiesMgr.js' %> - <%= script_tag 'ui/panel/Logout.js' %> - <%= script_tag 'ui/panel/WelcomeTab.js' %> - - <%= stylesheet_tag 'ext-all.css' %> <%= stylesheet_tag 'base.css' %> @@ -63,7 +24,7 @@
- BeEF + BeEF BeEF <%= BeEF::Core::Configuration.instance.get('beef.version') %> | Submit Bug | Logout diff --git a/extensions/admin_ui/media/javascript-min/readme b/extensions/admin_ui/media/javascript-min/readme new file mode 100644 index 000000000..0fc3a7ba6 --- /dev/null +++ b/extensions/admin_ui/media/javascript-min/readme @@ -0,0 +1,2 @@ +This directory will contain minified JavaScript files used by the Web UI. +Those files are excluded from the GIT report through the .gitignore file. \ No newline at end of file diff --git a/extensions/admin_ui/media/javascript/esapi/jquery-encoder-0.1.0.js b/extensions/admin_ui/media/javascript/esapi/jquery-encoder-0.1.0.js index d05281662..7c091b55e 100644 --- a/extensions/admin_ui/media/javascript/esapi/jquery-encoder-0.1.0.js +++ b/extensions/admin_ui/media/javascript/esapi/jquery-encoder-0.1.0.js @@ -79,4 +79,7 @@ return Trie.Entry.newInstanceIfNeeded(key,pos,this._value);}});Trie.Entry.newIns if(value==null||key==null){return null;} if(key.length>keyLength){key=key.substr(0,keyLength);} return new Trie.Entry(key,value);};Trie.Node.newNodeMap=function(){return{};};var isValidCodePoint=function(codepoint){return codepoint>=0x0000&&codepoint<=0x10FFFF;};var isWhiteSpace=function(input){return input.match(/[\s]/);};var MAP_ENTITY_TO_CHAR=[];var MAP_CHAR_TO_ENTITY=[];var ENTITY_TO_CHAR_TRIE=new Trie();(function(){MAP_ENTITY_TO_CHAR["""]="34";MAP_ENTITY_TO_CHAR["&"]="38";MAP_ENTITY_TO_CHAR["<"]="60";MAP_ENTITY_TO_CHAR[">"]="62";MAP_ENTITY_TO_CHAR[" "]="160";MAP_ENTITY_TO_CHAR["¡"]="161";MAP_ENTITY_TO_CHAR["¢"]="162";MAP_ENTITY_TO_CHAR["£"]="163";MAP_ENTITY_TO_CHAR["¤"]="164";MAP_ENTITY_TO_CHAR["¥"]="165";MAP_ENTITY_TO_CHAR["¦"]="166";MAP_ENTITY_TO_CHAR["§"]="167";MAP_ENTITY_TO_CHAR["¨"]="168";MAP_ENTITY_TO_CHAR["©"]="169";MAP_ENTITY_TO_CHAR["ª"]="170";MAP_ENTITY_TO_CHAR["«"]="171";MAP_ENTITY_TO_CHAR["¬"]="172";MAP_ENTITY_TO_CHAR["­"]="173";MAP_ENTITY_TO_CHAR["®"]="174";MAP_ENTITY_TO_CHAR["¯"]="175";MAP_ENTITY_TO_CHAR["°"]="176";MAP_ENTITY_TO_CHAR["±"]="177";MAP_ENTITY_TO_CHAR["²"]="178";MAP_ENTITY_TO_CHAR["³"]="179";MAP_ENTITY_TO_CHAR["´"]="180";MAP_ENTITY_TO_CHAR["µ"]="181";MAP_ENTITY_TO_CHAR["¶"]="182";MAP_ENTITY_TO_CHAR["·"]="183";MAP_ENTITY_TO_CHAR["¸"]="184";MAP_ENTITY_TO_CHAR["¹"]="185";MAP_ENTITY_TO_CHAR["º"]="186";MAP_ENTITY_TO_CHAR["»"]="187";MAP_ENTITY_TO_CHAR["¼"]="188";MAP_ENTITY_TO_CHAR["½"]="189";MAP_ENTITY_TO_CHAR["¾"]="190";MAP_ENTITY_TO_CHAR["¿"]="191";MAP_ENTITY_TO_CHAR["À"]="192";MAP_ENTITY_TO_CHAR["Á"]="193";MAP_ENTITY_TO_CHAR["Â"]="194";MAP_ENTITY_TO_CHAR["Ã"]="195";MAP_ENTITY_TO_CHAR["Ä"]="196";MAP_ENTITY_TO_CHAR["Å"]="197";MAP_ENTITY_TO_CHAR["Æ"]="198";MAP_ENTITY_TO_CHAR["Ç"]="199";MAP_ENTITY_TO_CHAR["È"]="200";MAP_ENTITY_TO_CHAR["É"]="201";MAP_ENTITY_TO_CHAR["Ê"]="202";MAP_ENTITY_TO_CHAR["Ë"]="203";MAP_ENTITY_TO_CHAR["Ì"]="204";MAP_ENTITY_TO_CHAR["Í"]="205";MAP_ENTITY_TO_CHAR["Î"]="206";MAP_ENTITY_TO_CHAR["Ï"]="207";MAP_ENTITY_TO_CHAR["Ð"]="208";MAP_ENTITY_TO_CHAR["Ñ"]="209";MAP_ENTITY_TO_CHAR["Ò"]="210";MAP_ENTITY_TO_CHAR["Ó"]="211";MAP_ENTITY_TO_CHAR["Ô"]="212";MAP_ENTITY_TO_CHAR["Õ"]="213";MAP_ENTITY_TO_CHAR["Ö"]="214";MAP_ENTITY_TO_CHAR["×"]="215";MAP_ENTITY_TO_CHAR["Ø"]="216";MAP_ENTITY_TO_CHAR["Ù"]="217";MAP_ENTITY_TO_CHAR["Ú"]="218";MAP_ENTITY_TO_CHAR["Û"]="219";MAP_ENTITY_TO_CHAR["Ü"]="220";MAP_ENTITY_TO_CHAR["Ý"]="221";MAP_ENTITY_TO_CHAR["Þ"]="222";MAP_ENTITY_TO_CHAR["ß"]="223";MAP_ENTITY_TO_CHAR["à"]="224";MAP_ENTITY_TO_CHAR["á"]="225";MAP_ENTITY_TO_CHAR["â"]="226";MAP_ENTITY_TO_CHAR["ã"]="227";MAP_ENTITY_TO_CHAR["ä"]="228";MAP_ENTITY_TO_CHAR["å"]="229";MAP_ENTITY_TO_CHAR["æ"]="230";MAP_ENTITY_TO_CHAR["ç"]="231";MAP_ENTITY_TO_CHAR["è"]="232";MAP_ENTITY_TO_CHAR["é"]="233";MAP_ENTITY_TO_CHAR["ê"]="234";MAP_ENTITY_TO_CHAR["ë"]="235";MAP_ENTITY_TO_CHAR["ì"]="236";MAP_ENTITY_TO_CHAR["í"]="237";MAP_ENTITY_TO_CHAR["î"]="238";MAP_ENTITY_TO_CHAR["ï"]="239";MAP_ENTITY_TO_CHAR["ð"]="240";MAP_ENTITY_TO_CHAR["ñ"]="241";MAP_ENTITY_TO_CHAR["ò"]="242";MAP_ENTITY_TO_CHAR["ó"]="243";MAP_ENTITY_TO_CHAR["ô"]="244";MAP_ENTITY_TO_CHAR["õ"]="245";MAP_ENTITY_TO_CHAR["ö"]="246";MAP_ENTITY_TO_CHAR["÷"]="247";MAP_ENTITY_TO_CHAR["ø"]="248";MAP_ENTITY_TO_CHAR["ù"]="249";MAP_ENTITY_TO_CHAR["ú"]="250";MAP_ENTITY_TO_CHAR["û"]="251";MAP_ENTITY_TO_CHAR["ü"]="252";MAP_ENTITY_TO_CHAR["ý"]="253";MAP_ENTITY_TO_CHAR["þ"]="254";MAP_ENTITY_TO_CHAR["ÿ"]="255";MAP_ENTITY_TO_CHAR["&OElig"]="338";MAP_ENTITY_TO_CHAR["&oelig"]="339";MAP_ENTITY_TO_CHAR["&Scaron"]="352";MAP_ENTITY_TO_CHAR["&scaron"]="353";MAP_ENTITY_TO_CHAR["&Yuml"]="376";MAP_ENTITY_TO_CHAR["&fnof"]="402";MAP_ENTITY_TO_CHAR["&circ"]="710";MAP_ENTITY_TO_CHAR["&tilde"]="732";MAP_ENTITY_TO_CHAR["&Alpha"]="913";MAP_ENTITY_TO_CHAR["&Beta"]="914";MAP_ENTITY_TO_CHAR["&Gamma"]="915";MAP_ENTITY_TO_CHAR["&Delta"]="916";MAP_ENTITY_TO_CHAR["&Epsilon"]="917";MAP_ENTITY_TO_CHAR["&Zeta"]="918";MAP_ENTITY_TO_CHAR["&Eta"]="919";MAP_ENTITY_TO_CHAR["&Theta"]="920";MAP_ENTITY_TO_CHAR["&Iota"]="921";MAP_ENTITY_TO_CHAR["&Kappa"]="922";MAP_ENTITY_TO_CHAR["&Lambda"]="923";MAP_ENTITY_TO_CHAR["&Mu"]="924";MAP_ENTITY_TO_CHAR["&Nu"]="925";MAP_ENTITY_TO_CHAR["&Xi"]="926";MAP_ENTITY_TO_CHAR["&Omicron"]="927";MAP_ENTITY_TO_CHAR["&Pi"]="928";MAP_ENTITY_TO_CHAR["&Rho"]="929";MAP_ENTITY_TO_CHAR["&Sigma"]="931";MAP_ENTITY_TO_CHAR["&Tau"]="932";MAP_ENTITY_TO_CHAR["&Upsilon"]="933";MAP_ENTITY_TO_CHAR["&Phi"]="934";MAP_ENTITY_TO_CHAR["&Chi"]="935";MAP_ENTITY_TO_CHAR["&Psi"]="936";MAP_ENTITY_TO_CHAR["&Omega"]="937";MAP_ENTITY_TO_CHAR["&alpha"]="945";MAP_ENTITY_TO_CHAR["&beta"]="946";MAP_ENTITY_TO_CHAR["&gamma"]="947";MAP_ENTITY_TO_CHAR["&delta"]="948";MAP_ENTITY_TO_CHAR["&epsilon"]="949";MAP_ENTITY_TO_CHAR["&zeta"]="950";MAP_ENTITY_TO_CHAR["&eta"]="951";MAP_ENTITY_TO_CHAR["&theta"]="952";MAP_ENTITY_TO_CHAR["&iota"]="953";MAP_ENTITY_TO_CHAR["&kappa"]="954";MAP_ENTITY_TO_CHAR["&lambda"]="955";MAP_ENTITY_TO_CHAR["&mu"]="956";MAP_ENTITY_TO_CHAR["&nu"]="957";MAP_ENTITY_TO_CHAR["&xi"]="958";MAP_ENTITY_TO_CHAR["&omicron"]="959";MAP_ENTITY_TO_CHAR["&pi"]="960";MAP_ENTITY_TO_CHAR["&rho"]="961";MAP_ENTITY_TO_CHAR["&sigmaf"]="962";MAP_ENTITY_TO_CHAR["&sigma"]="963";MAP_ENTITY_TO_CHAR["&tau"]="964";MAP_ENTITY_TO_CHAR["&upsilon"]="965";MAP_ENTITY_TO_CHAR["&phi"]="966";MAP_ENTITY_TO_CHAR["&chi"]="967";MAP_ENTITY_TO_CHAR["&psi"]="968";MAP_ENTITY_TO_CHAR["&omega"]="969";MAP_ENTITY_TO_CHAR["&thetasym"]="977";MAP_ENTITY_TO_CHAR["&upsih"]="978";MAP_ENTITY_TO_CHAR["&piv"]="982";MAP_ENTITY_TO_CHAR["&ensp"]="8194";MAP_ENTITY_TO_CHAR["&emsp"]="8195";MAP_ENTITY_TO_CHAR["&thinsp"]="8201";MAP_ENTITY_TO_CHAR["&zwnj"]="8204";MAP_ENTITY_TO_CHAR["&zwj"]="8205";MAP_ENTITY_TO_CHAR["&lrm"]="8206";MAP_ENTITY_TO_CHAR["&rlm"]="8207";MAP_ENTITY_TO_CHAR["&ndash"]="8211";MAP_ENTITY_TO_CHAR["&mdash"]="8212";MAP_ENTITY_TO_CHAR["&lsquo"]="8216";MAP_ENTITY_TO_CHAR["&rsquo"]="8217";MAP_ENTITY_TO_CHAR["&sbquo"]="8218";MAP_ENTITY_TO_CHAR["&ldquo"]="8220";MAP_ENTITY_TO_CHAR["&rdquo"]="8221";MAP_ENTITY_TO_CHAR["&bdquo"]="8222";MAP_ENTITY_TO_CHAR["&dagger"]="8224";MAP_ENTITY_TO_CHAR["&Dagger"]="8225";MAP_ENTITY_TO_CHAR["&bull"]="8226";MAP_ENTITY_TO_CHAR["&hellip"]="8230";MAP_ENTITY_TO_CHAR["&permil"]="8240";MAP_ENTITY_TO_CHAR["&prime"]="8242";MAP_ENTITY_TO_CHAR["&Prime"]="8243";MAP_ENTITY_TO_CHAR["&lsaquo"]="8249";MAP_ENTITY_TO_CHAR["&rsaquo"]="8250";MAP_ENTITY_TO_CHAR["&oline"]="8254";MAP_ENTITY_TO_CHAR["&frasl"]="8260";MAP_ENTITY_TO_CHAR["&euro"]="8364";MAP_ENTITY_TO_CHAR["&image"]="8365";MAP_ENTITY_TO_CHAR["&weierp"]="8472";MAP_ENTITY_TO_CHAR["&real"]="8476";MAP_ENTITY_TO_CHAR["&trade"]="8482";MAP_ENTITY_TO_CHAR["&alefsym"]="8501";MAP_ENTITY_TO_CHAR["&larr"]="8592";MAP_ENTITY_TO_CHAR["&uarr"]="8593";MAP_ENTITY_TO_CHAR["&rarr"]="8594";MAP_ENTITY_TO_CHAR["&darr"]="8595";MAP_ENTITY_TO_CHAR["&harr"]="8596";MAP_ENTITY_TO_CHAR["&crarr"]="8629";MAP_ENTITY_TO_CHAR["&lArr"]="8656";MAP_ENTITY_TO_CHAR["&uArr"]="8657";MAP_ENTITY_TO_CHAR["&rArr"]="8658";MAP_ENTITY_TO_CHAR["&dArr"]="8659";MAP_ENTITY_TO_CHAR["&hArr"]="8660";MAP_ENTITY_TO_CHAR["&forall"]="8704";MAP_ENTITY_TO_CHAR["&part"]="8706";MAP_ENTITY_TO_CHAR["&exist"]="8707";MAP_ENTITY_TO_CHAR["&empty"]="8709";MAP_ENTITY_TO_CHAR["&nabla"]="8711";MAP_ENTITY_TO_CHAR["&isin"]="8712";MAP_ENTITY_TO_CHAR["¬in"]="8713";MAP_ENTITY_TO_CHAR["&ni"]="8715";MAP_ENTITY_TO_CHAR["&prod"]="8719";MAP_ENTITY_TO_CHAR["&sum"]="8721";MAP_ENTITY_TO_CHAR["&minus"]="8722";MAP_ENTITY_TO_CHAR["&lowast"]="8727";MAP_ENTITY_TO_CHAR["&radic"]="8730";MAP_ENTITY_TO_CHAR["&prop"]="8733";MAP_ENTITY_TO_CHAR["&infin"]="8734";MAP_ENTITY_TO_CHAR["&ang"]="8736";MAP_ENTITY_TO_CHAR["&and"]="8743";MAP_ENTITY_TO_CHAR["&or"]="8744";MAP_ENTITY_TO_CHAR["&cap"]="8745";MAP_ENTITY_TO_CHAR["&cup"]="8746";MAP_ENTITY_TO_CHAR["&int"]="8747";MAP_ENTITY_TO_CHAR["&there4"]="8756";MAP_ENTITY_TO_CHAR["&sim"]="8764";MAP_ENTITY_TO_CHAR["&cong"]="8773";MAP_ENTITY_TO_CHAR["&asymp"]="8776";MAP_ENTITY_TO_CHAR["&ne"]="8800";MAP_ENTITY_TO_CHAR["&equiv"]="8801";MAP_ENTITY_TO_CHAR["&le"]="8804";MAP_ENTITY_TO_CHAR["&ge"]="8805";MAP_ENTITY_TO_CHAR["&sub"]="8834";MAP_ENTITY_TO_CHAR["&sup"]="8835";MAP_ENTITY_TO_CHAR["&nsub"]="8836";MAP_ENTITY_TO_CHAR["&sube"]="8838";MAP_ENTITY_TO_CHAR["&supe"]="8839";MAP_ENTITY_TO_CHAR["&oplus"]="8853";MAP_ENTITY_TO_CHAR["&otimes"]="8855";MAP_ENTITY_TO_CHAR["&perp"]="8869";MAP_ENTITY_TO_CHAR["&sdot"]="8901";MAP_ENTITY_TO_CHAR["&lceil"]="8968";MAP_ENTITY_TO_CHAR["&rceil"]="8969";MAP_ENTITY_TO_CHAR["&lfloor"]="8970";MAP_ENTITY_TO_CHAR["&rfloor"]="8971";MAP_ENTITY_TO_CHAR["&lang"]="9001";MAP_ENTITY_TO_CHAR["&rang"]="9002";MAP_ENTITY_TO_CHAR["&loz"]="9674";MAP_ENTITY_TO_CHAR["&spades"]="9824";MAP_ENTITY_TO_CHAR["&clubs"]="9827";MAP_ENTITY_TO_CHAR["&hearts"]="9829";MAP_ENTITY_TO_CHAR["&diams"]="9830";for(var entity in MAP_ENTITY_TO_CHAR){if(!(typeof MAP_ENTITY_TO_CHAR[entity]=='function')&&MAP_ENTITY_TO_CHAR.hasOwnProperty(entity)){MAP_CHAR_TO_ENTITY[MAP_ENTITY_TO_CHAR[entity]]=entity;}} -for(var c in MAP_CHAR_TO_ENTITY){if(!(typeof MAP_CHAR_TO_ENTITY[c]=='function')&&MAP_CHAR_TO_ENTITY.hasOwnProperty(c)){var ent=MAP_CHAR_TO_ENTITY[c].toLowerCase().substr(1);ENTITY_TO_CHAR_TRIE.put(ent,String.fromCharCode(c));}}})();if(Object.freeze){$.encoder=Object.freeze($.encoder);$.fn.encode=Object.freeze($.fn.encode);}else if(Object.seal){$.encoder=Object.seal($.encoder);$.fn.encode=Object.seal($.fn.encode);}else if(Object.preventExtensions){$.encoder=Object.preventExtensions($.encoder);$.fn.encode=Object.preventExtensions($.fn.encode);}})(jQuery); \ No newline at end of file +for(var c in MAP_CHAR_TO_ENTITY){if(!(typeof MAP_CHAR_TO_ENTITY[c]=='function')&&MAP_CHAR_TO_ENTITY.hasOwnProperty(c)){var ent=MAP_CHAR_TO_ENTITY[c].toLowerCase().substr(1);ENTITY_TO_CHAR_TRIE.put(ent,String.fromCharCode(c));}}})();if(Object.freeze){$.encoder=Object.freeze($.encoder);$.fn.encode=Object.freeze($.fn.encode);}else if(Object.seal){$.encoder=Object.seal($.encoder);$.fn.encode=Object.seal($.fn.encode);}else if(Object.preventExtensions){$.encoder=Object.preventExtensions($.encoder);$.fn.encode=Object.preventExtensions($.fn.encode);}})(jQuery); + + +var $jEncoder = jQuery.noConflict(); \ No newline at end of file diff --git a/extensions/admin_ui/media/javascript/ext-beef.js b/extensions/admin_ui/media/javascript/ext-beef.js deleted file mode 100644 index 568a27412..000000000 --- a/extensions/admin_ui/media/javascript/ext-beef.js +++ /dev/null @@ -1,36 +0,0 @@ -// -// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net -// Browser Exploitation Framework (BeEF) - http://beefproject.com -// See the file 'doc/COPYING' for copying permission -// - -Ext.beef = function(){ - var msgCt; - - function createBox(t, s){ - return ['
', - '
', - '

', t, '

', s, '
', - '
', - '
'].join(''); - } - return { - msg : function(title, format){ - if(!msgCt){ - msgCt = Ext.DomHelper.insertFirst(document.body, {id:'msg-div'}, true); - } - msgCt.alignTo(document, 't-t'); - var s = String.format.apply(String, Array.prototype.slice.call(arguments, 1)); - var m = Ext.DomHelper.append(msgCt, {html:createBox(title, s)}, true); - m.slideIn('t').pause(1).ghost("t", {remove:true}); - }, - - init : function(){ - - var lb = Ext.get('lib-bar'); - if(lb){ - lb.show(); - } - } - }; -}(); \ No newline at end of file diff --git a/extensions/admin_ui/media/javascript/ui/authentication.js b/extensions/admin_ui/media/javascript/ui/authentication.js index 596772e38..1170e92ca 100644 --- a/extensions/admin_ui/media/javascript/ui/authentication.js +++ b/extensions/admin_ui/media/javascript/ui/authentication.js @@ -12,7 +12,7 @@ Ext.onReady(function() { login_form.getForm().submit({ success: function() { - window.location.href = '/ui/panel' + window.location.href = "<%= @base_path %>/panel" }, failure: function() { if(Ext.get('loginError') == null) { diff --git a/extensions/admin_ui/media/javascript/ui/common/beef_common.js b/extensions/admin_ui/media/javascript/ui/common/beef_common.js index 1687dc33f..c95e35a61 100644 --- a/extensions/admin_ui/media/javascript/ui/common/beef_common.js +++ b/extensions/admin_ui/media/javascript/ui/common/beef_common.js @@ -20,7 +20,7 @@ if(typeof beefwui === 'undefined' && typeof window.beefwui === 'undefined') { */ get_rest_token: function() { if(this.rest_token.length == 0){ - var url = "/ui/modules/getRestfulApiToken.json"; + var url = "<%= @base_path %>/modules/getRestfulApiToken.json"; jQuery.ajax({ contentType: 'application/json', dataType: 'json', diff --git a/extensions/admin_ui/media/javascript/ui/panel/Logout.js b/extensions/admin_ui/media/javascript/ui/panel/Logout.js index 9a2f66a4f..d55aa3aa1 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/Logout.js +++ b/extensions/admin_ui/media/javascript/ui/panel/Logout.js @@ -10,12 +10,12 @@ DoLogout = function() { after_logout = function() { // will redirect the UA to the login - window.location.href = '/ui/panel' + window.location.href = '<%= @base_path %>/panel' } button.on('click', function(){ Ext.Ajax.request({ - url: '/ui/authentication/logout', + url: '<%= @base_path %>/authentication/logout', method: 'POST', params: 'nonce=' + Ext.get("nonce").dom.value, success: after_logout, diff --git a/extensions/admin_ui/media/javascript/ui/panel/MainPanel.js b/extensions/admin_ui/media/javascript/ui/panel/MainPanel.js index 0620f95fb..a07e5aa10 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/MainPanel.js +++ b/extensions/admin_ui/media/javascript/ui/panel/MainPanel.js @@ -29,7 +29,7 @@ MainPanel = function(){ } }); - this.grid = new DataGrid('/ui/logs/all.json',30); + this.grid = new DataGrid('<%= @base_path %>/logs/all.json',30); this.grid.border = false; this.welcome_tab = new WelcomeTab; //this.hooks_tab = new HooksTab; diff --git a/extensions/admin_ui/media/javascript/ui/panel/PanelViewer.js b/extensions/admin_ui/media/javascript/ui/panel/PanelViewer.js index 19442d570..22039b15a 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/PanelViewer.js +++ b/extensions/admin_ui/media/javascript/ui/panel/PanelViewer.js @@ -47,7 +47,7 @@ var lastpoll = new Date().getTime(); Ext.TaskMgr.start({ run: function() { Ext.Ajax.request({ - url: '/ui/panel/hooked-browser-tree-update.json', + url: '<%= @base_path %>/panel/hooked-browser-tree-update.json', method: 'POST', success: function(response) { var updates; @@ -56,7 +56,7 @@ Ext.TaskMgr.start({ } catch (e) { //The framework has probably been reset and you're actually logged out var hr = document.getElementById("header-right"); - hr.innerHTML = "You appear to be logged out. Login"; + hr.innerHTML = "You appear to be logged out. Login"; } var distributed_engine_rules = (updates['ditributed-engine-rules']) ? updates['ditributed-engine-rules'] : null; var hooked_browsers = (updates['hooked-browsers']) ? updates['hooked-browsers'] : null; diff --git a/extensions/admin_ui/media/javascript/ui/panel/WelcomeTab.js b/extensions/admin_ui/media/javascript/ui/panel/WelcomeTab.js index 397d24966..cad9c027a 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/WelcomeTab.js +++ b/extensions/admin_ui/media/javascript/ui/panel/WelcomeTab.js @@ -12,7 +12,7 @@ WelcomeTab = function() { welcome = " \
\ -

BeEF - The Browser Exploitation Framework


\ +

BeEF - The Browser Exploitation Framework


\

Official website: http://beefproject.com/


\

Getting Started


\

Welcome to BeEF!


\ diff --git a/extensions/admin_ui/media/javascript/ui/panel/ZombiesMgr.js b/extensions/admin_ui/media/javascript/ui/panel/ZombiesMgr.js index edcb09c5e..02c2a4106 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/ZombiesMgr.js +++ b/extensions/admin_ui/media/javascript/ui/panel/ZombiesMgr.js @@ -37,9 +37,9 @@ var ZombiesMgr = function(zombies_tree_lists) { var has_realplayer = zombie_array[index]["has_realplayer"]; var date_stamp = zombie_array[index]["date_stamp"]; - text = " "; - text+= " "; - text+= " "; + text = " "; + text+= " "; + text+= " "; text+= ip; balloon_text = "IP: " + ip; diff --git a/extensions/admin_ui/media/javascript/ui/panel/common.js b/extensions/admin_ui/media/javascript/ui/panel/common.js index d47e97c40..d7a472033 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/common.js +++ b/extensions/admin_ui/media/javascript/ui/panel/common.js @@ -111,7 +111,7 @@ function get_dynamic_payload_details(payload, zombie) { modid = Ext.getCmp( 'form-zombie-'+zombie.session+'-field-mod_id').value Ext.Ajax.request({ loadMask: true, - url: '/ui/modules/select/commandmodule.json', + url: '/<%= @base_path %>/modules/select/commandmodule.json', method: 'POST', params: 'command_module_id=' + modid + '&' + 'payload_name=' + payload, success: function(resp) { @@ -146,7 +146,7 @@ function genExistingExploitPanel(panel, command_id, zombie, sb) { panel.removeAll(); Ext.Ajax.request({ - url: '/ui/modules/select/command.json', + url: '<%= @base_path %>/modules/select/command.json', method: 'POST', params: 'command_id=' + command_id, loadMask: true, @@ -159,7 +159,7 @@ function genExistingExploitPanel(panel, command_id, zombie, sb) { } var form = new Ext.form.FormPanel({ - url: '/ui/modules/commandmodule/reexecute', + url: '<%= @base_path %>/modules/commandmodule/reexecute', id: 'form-command-module-zombie-'+zombie.session, border: false, labelWidth: 75, @@ -208,7 +208,7 @@ function genExistingExploitPanel(panel, command_id, zombie, sb) { }); var grid_store = new Ext.data.JsonStore({ - url: '/ui/modules/select/command_results.json?command_id='+command_id, + url: '<%= @base_path %>/modules/select/command_results.json?command_id='+command_id, storeId: 'command-results-store-zombie-'+zombie.session, root: 'results', remoteSort: false, @@ -320,7 +320,7 @@ function genNewExploitPanel(panel, command_module_id, command_module_name, zombi } else { Ext.Ajax.request({ loadMask: true, - url: '/ui/modules/select/commandmodule.json', + url: '<%= @base_path %>/modules/select/commandmodule.json', method: 'POST', params: 'command_module_id=' + command_module_id, success: function(resp) { @@ -331,9 +331,9 @@ function genNewExploitPanel(panel, command_module_id, command_module_name, zombi return; } - var submiturl = '/ui/modules/commandmodule/new'; + var submiturl = '<%= @base_path %>/modules/commandmodule/new'; if(module.dynamic){ - submiturl = '/ui/modules/commandmodule/dynamicnew'; + submiturl = '<%= @base_path %>/modules/commandmodule/dynamicnew'; } module = module.command_modules[1]; diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabAutorun.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabAutorun.js index 2257ee14e..1819b919c 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabAutorun.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabAutorun.js @@ -248,7 +248,7 @@ ZombieTab_Autorun = function(zombie) { } }})], loader: new Ext.tree.TreeLoader({ - dataUrl: '/ui/modules/select/commandmodules/tree.json', + dataUrl: '<%= @base_path %>/modules/select/commandmodules/tree.json', baseParams: {zombie_session: zombie.session}, createNode: function(attr) { if(attr.checked == null){attr.checked = false;} diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabCommands.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabCommands.js index 3ae049d09..296c425b3 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabCommands.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabCommands.js @@ -19,7 +19,7 @@ ZombieTab_Commands = function(zombie) { var command_module_grid = new Ext.grid.GridPanel({ store: new Ext.data.JsonStore({ - url: '/ui/modules/commandmodule/commands.json', + url: '<%= @base_path %>/modules/commandmodule/commands.json', params: { // insert the nonce with the form nonce: Ext.get ("nonce").dom.value }, @@ -107,7 +107,7 @@ ZombieTab_Commands = function(zombie) { rootVisible: false, root: {nodeType: 'async'}, loader: new Ext.tree.TreeLoader({ - dataUrl: '/ui/modules/select/commandmodules/tree.json', + dataUrl: '<%= @base_path %>/modules/select/commandmodules/tree.json', baseParams: {zombie_session: zombie.session}, listeners:{ beforeload: function(treeloader, node, callback) { diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabDetails.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabDetails.js index 072fb143f..2da5a2335 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabDetails.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabDetails.js @@ -10,7 +10,7 @@ ZombieTab_DetailsTab = function(zombie) { var store_summary = new Ext.data.GroupingStore({ - url: '/ui/modules/select/zombie_summary.json', + url: '<%= @base_path %>/modules/select/zombie_summary.json', baseParams: {zombie_session: zombie.session} , reader: new Ext.data.JsonReader({ root: 'results' diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabLogs.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabLogs.js index 8d39aaafe..b7a319158 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabLogs.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabLogs.js @@ -9,7 +9,7 @@ */ ZombieTab_LogTab = function(zombie) { - var zombieLog = new DataGrid('/ui/logs/zombie.json',30,{session:zombie.session}); + var zombieLog = new DataGrid('<%= @base_path %>/logs/zombie.json',30,{session:zombie.session}); zombieLog.border = false; ZombieTab_LogTab.superclass.constructor.call(this, { diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js index 4973ae7e6..a17ed9c88 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabRider.js @@ -32,7 +32,7 @@ ZombieTab_Requester = function(zombie) { title: 'Proxy', layout: 'fit', padding: '10 10 10 10', - html: "

The Tunneling Proxy allows you to use a hooked browser as a proxy. Simply right-click a browser from the Hooked Browsers tree to the left and select \"Use as Proxy\".

The proxy runs on localhost port 6789 by default. Each request sent through the Proxy is recorded in the History panel in the Rider tab. Click a history item to view the HTTP headers and HTML source of the HTTP response.

To manually forge an arbitrary HTTP request use the \"Forge Request\" tab from the Rider tab.

For more information see: https://github.com/beefproject/beef/wiki/Tunneling

", + html: "

The Tunneling Proxy allows you to use a hooked browser as a proxy. Simply right-click a browser from the Hooked Browsers tree to the left and select \"Use as Proxy\".

The proxy runs on localhost port 6789 by default. Each request sent through the Proxy is recorded in the History panel in the Rider tab. Click a history item to view the HTTP headers and HTML source of the HTTP response.

To manually forge an arbitrary HTTP request use the \"Forge Request\" tab from the Rider tab.

For more information see: https://github.com/beefproject/beef/wiki/Tunneling

", listeners: { activate: function(proxy_panel) { // to do: refresh list of hooked browsers @@ -56,7 +56,7 @@ ZombieTab_Requester = function(zombie) { ********************************************/ var history_panel_store = new Ext.ux.data.PagingJsonStore({ storeId: 'requester-history-store-zombie-'+zombie.session, - url: '/ui/requester/history.json', + url: '<%= @base_path %>/requester/history.json', remoteSort: false, autoDestroy: true, autoLoad: false, @@ -169,7 +169,7 @@ ZombieTab_Requester = function(zombie) { listeners: { activate: function(history_panel) { - history_panel.items.items[0].store.reload({params:{url:'/ui/requester/history.json'}}); + history_panel.items.items[0].store.reload({params:{url:'<%= @base_path %>/requester/history.json'}}); } } }); @@ -190,7 +190,7 @@ ZombieTab_Requester = function(zombie) { var form = new Ext.FormPanel({ title: 'Forge Raw HTTP Request', id: 'requester-request-form-zombie'+zombie.session, - url: '/ui/requester/send', + url: '<%= @base_path %>/requester/send', hideLabels : true, border: false, padding: '3px 5px 0 5px', @@ -251,7 +251,7 @@ ZombieTab_Requester = function(zombie) { bar.update_sending('Getting response...'); Ext.Ajax.request({ - url: '/ui/requester/response.json', + url: '<%= @base_path %>/requester/response.json', loadMask: true, params: { diff --git a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabXssRays.js b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabXssRays.js index 882aea26b..1cf5dbd1d 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabXssRays.js +++ b/extensions/admin_ui/media/javascript/ui/panel/tabs/ZombieTabXssRays.js @@ -23,7 +23,7 @@ ZombieTab_XssRaysTab = function(zombie) { var xssrays_logs_store = new Ext.ux.data.PagingJsonStore({ storeId: 'xssrays-logs-store-zombie-' + zombie.session, - url: '/ui/xssrays/zombie.json', + url: '/<%= @base_path %>/xssrays/zombie.json', remoteSort: false, autoDestroy: true, autoLoad: false, @@ -94,7 +94,7 @@ ZombieTab_XssRaysTab = function(zombie) { var form = new Ext.FormPanel({ title: 'Scan settings', id: 'xssrays-config-form-zombie'+zombie.session, - url: '/ui/xssrays/createNewScan', + url: '<%= @base_path %>/xssrays/createNewScan', labelWidth: 230, border: false, padding: '3px 5px 0 5px', diff --git a/extensions/admin_ui/media/javascript/ui/panel/zombiesTreeList.js b/extensions/admin_ui/media/javascript/ui/panel/zombiesTreeList.js index d499d9a78..cd589f11f 100644 --- a/extensions/admin_ui/media/javascript/ui/panel/zombiesTreeList.js +++ b/extensions/admin_ui/media/javascript/ui/panel/zombiesTreeList.js @@ -85,14 +85,14 @@ Ext.extend(zombiesTreeList, Ext.tree.TreePanel, { switch (item.id) { case 'use_as_proxy': Ext.Ajax.request({ - url: '/ui/proxy/setTargetZombie', + url: '<%= @base_path %>/proxy/setTargetZombie', method: 'POST', params: 'hb_id=' + escape(hb_id) }); break; case 'xssrays_hooked_domain': Ext.Ajax.request({ - url: '/ui/xssrays/set_scan_target', + url: '<%= @base_path %>/xssrays/set_scan_target', method: 'POST', params: 'hb_id=' + escape(hb_id) }); diff --git a/extensions/admin_ui/media/javascript/wterm/wterm.jquery.js b/extensions/admin_ui/media/javascript/wterm/wterm.jquery.js index 3818da8b1..81986d5ad 100644 --- a/extensions/admin_ui/media/javascript/wterm/wterm.jquery.js +++ b/extensions/admin_ui/media/javascript/wterm/wterm.jquery.js @@ -422,3 +422,6 @@ }; })( jQuery ); + + +var $jwterm = jQuery.noConflict(); \ No newline at end of file diff --git a/extensions/demos/html/basic.html b/extensions/demos/html/basic.html index 58e3e103d..180cc3517 100644 --- a/extensions/demos/html/basic.html +++ b/extensions/demos/html/basic.html @@ -19,7 +19,6 @@ Have fun while your browser is working against you.

-

These links are for demonstrating the "Get Page HREFs" command module

-

Have a go at the event logger.
  

diff --git a/extensions/evasion/obfuscation/minify.rb b/extensions/evasion/obfuscation/minify.rb index 054f60efc..05b97ed22 100644 --- a/extensions/evasion/obfuscation/minify.rb +++ b/extensions/evasion/obfuscation/minify.rb @@ -6,7 +6,7 @@ module BeEF module Extension module Evasion - require 'jsmin' + require 'uglifier' class Minify include Singleton @@ -15,7 +15,7 @@ module BeEF end def execute(input, config) - input = JSMin.minify(input) + input = Uglifier.compile(input) print_debug "[OBFUSCATION - MINIFIER] Javascript has been minified" input end