From 8e033aac838c5ea04e94cedaee28e16a61769bda Mon Sep 17 00:00:00 2001 From: passbe Date: Thu, 21 Apr 2011 04:59:55 +0000 Subject: [PATCH] Moved module configuration elements into thier config.yaml. File and Data keys have not been moved yet. When migration is started the module's database elements are pushed into their config hash. This is in preperation for the admin_ui refactor git-svn-id: https://beef.googlecode.com/svn/trunk@915 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9 --- core/main/migration.rb | 15 ++++++++++++++- core/main/models/commandmodule.rb | 4 ++-- core/modules.rb | 2 ++ modules/browser/detect_details/config.yaml | 5 +++++ modules/browser/detect_plugins/config.yaml | 5 +++++ modules/browser/detect_screen_details/config.yaml | 5 +++++ .../browser/detect_scripts_support/config.yaml | 5 +++++ modules/browser/detect_visited_urls/config.yaml | 5 +++++ modules/browser/link_rewrite/config.yaml | 5 +++++ modules/browser/site_redirect/config.yaml | 5 +++++ modules/browser/site_redirect_iframe/config.yaml | 5 +++++ modules/host/insecure_url_skype/config.yaml | 6 ++++++ modules/host/iphone_tel/config.yaml | 5 +++++ modules/host/physical_location/config.yaml | 5 +++++ modules/misc/alert_dialog/config.yaml | 5 +++++ modules/misc/deface_web_page/config.yaml | 5 +++++ modules/misc/prompt_dialog/config.yaml | 5 +++++ modules/misc/raw_javascript/config.yaml | 5 +++++ modules/misc/replace_video/config.yaml | 5 +++++ modules/misc/rickroll/config.yaml | 5 +++++ modules/network/detect_local_settings/config.yaml | 12 ++++++++++++ modules/network/inter-protocol/config.yaml | 1 + modules/network/linksys_befsr41_csrf/config.yaml | 5 +++++ modules/network/linksys_wrt54g2_csrf/config.yaml | 5 +++++ modules/network/linksys_wrt54g_csrf/config.yaml | 5 +++++ .../network/vtiger_crm_upload_exploit/config.yaml | 5 +++++ modules/persistence/iframe_above/config.yaml | 5 +++++ modules/persistence/popunder_window/config.yaml | 5 +++++ modules/recon/collect_links/config.yaml | 5 +++++ modules/recon/detect_cookies_support/config.yaml | 5 +++++ modules/recon/detect_soc_nets/config.yaml | 5 +++++ modules/recon/detect_tor/config.yaml | 5 +++++ 32 files changed, 167 insertions(+), 3 deletions(-) diff --git a/core/main/migration.rb b/core/main/migration.rb index afec7e843..e7f973cef 100644 --- a/core/main/migration.rb +++ b/core/main/migration.rb @@ -21,6 +21,7 @@ module Core # def update_commands! db_commands = [], folders = '' + config = BeEF::Core::Configuration.instance BeEF::Core::Models::CommandModule.all.each {|db_command| db_commands.push(db_command.path) @@ -34,9 +35,21 @@ module Core Dir["#{$root_dir}/modules/**/*.rb"].each do |command| if (command = command.match(regex)[0]) - BeEF::Core::Models::CommandModule.new(:path => command, :name => /.*\/(\w+)\.rb/.match(command).to_a[1]).save if not db_commands.include? command + name = '' + path = command.split(File::SEPARATOR).reverse + if path.size >= 1 + name = path[1].to_s + end + BeEF::Core::Models::CommandModule.new(:name => name, :path => command).save if not db_commands.include? command end end + + BeEF::Core::Models::CommandModule.all.each{|mod| + if config.get('beef.module.'+mod.name) != nil + config.set('beef.module.'+mod.name+'.db.id', mod.id) + config.set('beef.module.'+mod.name+'.db.path', mod.path) + end + } # We use the API to execute the migration code for each extensions that needs it. # For example, the metasploit extensions requires to add new commands into the database. diff --git a/core/main/models/commandmodule.rb b/core/main/models/commandmodule.rb index d3e591dc9..d0ff498e5 100644 --- a/core/main/models/commandmodule.rb +++ b/core/main/models/commandmodule.rb @@ -9,8 +9,8 @@ module Models storage_names[:default] = 'core.command_modules' property :id, Serial - property :path, Text, :lazy => false property :name, Text, :lazy => false + property :path, Text, :lazy => false has n, :commands has 1, :dynamic_command_info @@ -19,4 +19,4 @@ module Models end end -end \ No newline at end of file +end diff --git a/core/modules.rb b/core/modules.rb index e30afb8b5..676dd0185 100644 --- a/core/modules.rb +++ b/core/modules.rb @@ -19,6 +19,7 @@ modules = config.get('beef.module').select{|key, mod| mod['enable'] == true and mod['category'] != nil } +# Include each module modules.each{ |k,v| cat = BeEF::Module.safe_category(v['category']) if File.exists?('modules/'+cat+'/'+k+'/module.rb') @@ -26,3 +27,4 @@ modules.each{ |k,v| config.set('beef.module.'+k+'.loaded', true) end } + diff --git a/modules/browser/detect_details/config.yaml b/modules/browser/detect_details/config.yaml index 6c4f1ed4a..5d816008b 100644 --- a/modules/browser/detect_details/config.yaml +++ b/modules/browser/detect_details/config.yaml @@ -3,3 +3,8 @@ beef: detect_details: enable: true category: "Browser" + name: "Browser Type" + description: "This module will retrieve the selected hooked browser details." + authors: ["wade", "vo", "passbe", "saafan"] + target: + working: ['ALL'] diff --git a/modules/browser/detect_plugins/config.yaml b/modules/browser/detect_plugins/config.yaml index ac6dcefd7..512b48448 100644 --- a/modules/browser/detect_plugins/config.yaml +++ b/modules/browser/detect_plugins/config.yaml @@ -3,3 +3,8 @@ beef: detect_plugins: enable: true category: "Browser" + name: "Installed Plugins" + description: "This module will retrieve the selected hooked browser plugins." + authors: ["wade", "vo", "passbe", "saafan"] + target: + working: ["ALL"] diff --git a/modules/browser/detect_screen_details/config.yaml b/modules/browser/detect_screen_details/config.yaml index 41a1ecf36..faa224f90 100644 --- a/modules/browser/detect_screen_details/config.yaml +++ b/modules/browser/detect_screen_details/config.yaml @@ -3,3 +3,8 @@ beef: detect_screen_details: enable: true category: "Browser" + name: "Screen Details" + description: "This module will retrieve the selected hooked browser screen dimensions." + authors: ["wade", "vo", "passbe", "saafan"] + target: + working: ["ALL"] diff --git a/modules/browser/detect_scripts_support/config.yaml b/modules/browser/detect_scripts_support/config.yaml index eb81ed1a9..47447ea7c 100644 --- a/modules/browser/detect_scripts_support/config.yaml +++ b/modules/browser/detect_scripts_support/config.yaml @@ -3,3 +3,8 @@ beef: detect_scripts_support: enable: true category: "Browser" + name: "Scripts Support" + description: "This module will retrieve the selected hooked browser scripting engines." + authors: ["wade", "vo", "passbe", "saafan"] + target: + working: ["ALL"] diff --git a/modules/browser/detect_visited_urls/config.yaml b/modules/browser/detect_visited_urls/config.yaml index 30a19232d..2185f624e 100644 --- a/modules/browser/detect_visited_urls/config.yaml +++ b/modules/browser/detect_visited_urls/config.yaml @@ -3,3 +3,8 @@ beef: detect_visited_urls: enable: true category: "Browser" + name: "Detect Visited URLs" + description: "This module will detect whether or not the zombie has visited the specified URL(s)" + authors: ["passbe"] + target: + working: ["ALL"] diff --git a/modules/browser/link_rewrite/config.yaml b/modules/browser/link_rewrite/config.yaml index e998c2cb0..0480663c9 100644 --- a/modules/browser/link_rewrite/config.yaml +++ b/modules/browser/link_rewrite/config.yaml @@ -3,3 +3,8 @@ beef: link_rewrite: enable: true category: "Browser" + name: "Link Rewriter" + description: "This module will rewrite all the href attributes of all matched links.

The jQuery selector field can be used to limit the selection of links. eg: a[href=\"http://www.bindshell.net\"]. For more information please see: http://api.jquery.com/category/selectors/" + authors: ["passbe"] + target: + working: ["ALL"] diff --git a/modules/browser/site_redirect/config.yaml b/modules/browser/site_redirect/config.yaml index 764f51215..7f2f09b9f 100644 --- a/modules/browser/site_redirect/config.yaml +++ b/modules/browser/site_redirect/config.yaml @@ -3,3 +3,8 @@ beef: site_redirect: enable: true category: "Browser" + name: "Site Redirect" + description: "This module will redirect the selected hooked browser to the address specified in the 'Redirect URL' input." + authors: ["wade", "vo"] + target: + user_notify: ["ALL"] diff --git a/modules/browser/site_redirect_iframe/config.yaml b/modules/browser/site_redirect_iframe/config.yaml index b7d6e988b..b2bcfac2a 100644 --- a/modules/browser/site_redirect_iframe/config.yaml +++ b/modules/browser/site_redirect_iframe/config.yaml @@ -3,3 +3,8 @@ beef: site_redirect_iframe: enable: true category: "Browser" + name: "Site Redirect (iframe)" + description: "This module will redirect the selected hooked browser to the address specified in the 'Redirect URL' input. It creates a 100% x 100% overlaying iframe to keep the victim hooked and changes the page title to the provided value which should be set to the title of the redirect URL." + authors: ["ethicalhack3r", "Yori Kvitchko"] + target: + user_notify: ["ALL"] diff --git a/modules/host/insecure_url_skype/config.yaml b/modules/host/insecure_url_skype/config.yaml index f3f91a92c..3ab24f733 100644 --- a/modules/host/insecure_url_skype/config.yaml +++ b/modules/host/insecure_url_skype/config.yaml @@ -3,3 +3,9 @@ beef: insecure_url_skype: enable: true category: "Host" + name: "Insecure URL Handling - Skype Call" + description: "This module will force the browser to attempt a skype call. It will exploit the insecure handling of URL schemes

The protocol handler used will be: skype." + authors: ["xntrik", "Nitesh Dhanjani"] + target: + working: ['S'] + user_notify: ['C', 'FF', 'O'] diff --git a/modules/host/iphone_tel/config.yaml b/modules/host/iphone_tel/config.yaml index d24dd08c5..1d9830b38 100644 --- a/modules/host/iphone_tel/config.yaml +++ b/modules/host/iphone_tel/config.yaml @@ -3,3 +3,8 @@ beef: iphone_tel: enable: true category: "Host" + name: "iPhone Telephone URL" + description: "This module will force the browser to attempt a skype call. It will exploit the insecure handling of URL schemes in iOS.

The protocol handler used will be: tel" + authors: ["xntrik", "Nitesh Dhanjani"] + target: + working: ['S'] diff --git a/modules/host/physical_location/config.yaml b/modules/host/physical_location/config.yaml index 8f4d979e4..26d6bdc9a 100644 --- a/modules/host/physical_location/config.yaml +++ b/modules/host/physical_location/config.yaml @@ -3,3 +3,8 @@ beef: physical_location: enable: true category: "Host" + name: "Physical Location" + description: "This module will retrieve the physical location of the hooked browser using the geolocation API." + authors: ["antisnatchor"] + target: + user_notify: ['ALL'] diff --git a/modules/misc/alert_dialog/config.yaml b/modules/misc/alert_dialog/config.yaml index d989f2420..a1114ccb6 100644 --- a/modules/misc/alert_dialog/config.yaml +++ b/modules/misc/alert_dialog/config.yaml @@ -3,3 +3,8 @@ beef: alert_dialog: enable: true category: "Misc" + name: "Alert Dialog" + description: "Sends an alert dialog to the hooked browser." + authors: ["bm"] + target: + user_notify: ['ALL'] diff --git a/modules/misc/deface_web_page/config.yaml b/modules/misc/deface_web_page/config.yaml index b82e468ad..a3d68de05 100644 --- a/modules/misc/deface_web_page/config.yaml +++ b/modules/misc/deface_web_page/config.yaml @@ -3,3 +3,8 @@ beef: deface_web_page: enable: true category: "Misc" + name: "Deface Web Page" + description: "Overwrite the body of the page the hooked browser is on with the 'Deface Content' string." + authors: ["antisnatchor"] + target: + user_notify: ['ALL'] diff --git a/modules/misc/prompt_dialog/config.yaml b/modules/misc/prompt_dialog/config.yaml index 0c3a856bd..d909d6d19 100644 --- a/modules/misc/prompt_dialog/config.yaml +++ b/modules/misc/prompt_dialog/config.yaml @@ -3,3 +3,8 @@ beef: prompt_dialog: enable: true category: "Misc" + name: "Prompt Dialog" + description: "Sends a prompt dialog to the hooked browser." + authors: ["bm"] + target: + user_notify: ['ALL'] diff --git a/modules/misc/raw_javascript/config.yaml b/modules/misc/raw_javascript/config.yaml index 8f2f2b1eb..1d079353c 100644 --- a/modules/misc/raw_javascript/config.yaml +++ b/modules/misc/raw_javascript/config.yaml @@ -3,3 +3,8 @@ beef: raw_javascript: enable: true category: "Misc" + name: "Raw JavaScript" + description: "This module will send the code entered in the 'JavaScript Code' section to the selected zombie browsers where it will be executed. Code is run inside an anonymous function and the return value is passed to the framework. Multiline scripts are allowed, no special encoding is required." + authors: ["wade", "vo"] + target: + working: ['ALL'] diff --git a/modules/misc/replace_video/config.yaml b/modules/misc/replace_video/config.yaml index be02f57c9..218bfafad 100644 --- a/modules/misc/replace_video/config.yaml +++ b/modules/misc/replace_video/config.yaml @@ -3,3 +3,8 @@ beef: replace_video: enable: true category: "Misc" + name: "Replace Video" + description: "Replaces an object selected with jQuery (all embed tags by default) with an embed tag containing the youtube video of your choice (rickroll by default)." + authors: ["Yori Kvitchko"] + target: + user_notify: ['ALL'] diff --git a/modules/misc/rickroll/config.yaml b/modules/misc/rickroll/config.yaml index 7534f34e8..0a640e169 100644 --- a/modules/misc/rickroll/config.yaml +++ b/modules/misc/rickroll/config.yaml @@ -3,3 +3,8 @@ beef: rickroll: enable: true category: "Misc" + name: "Rickroll" + description: "Overwrite the body of the page the victim is on with a full screen Rickroll." + authors: ["Yori Kvitchko"] + target: + user_notify: ['ALL'] diff --git a/modules/network/detect_local_settings/config.yaml b/modules/network/detect_local_settings/config.yaml index ea7baf9fe..5970ed7c4 100644 --- a/modules/network/detect_local_settings/config.yaml +++ b/modules/network/detect_local_settings/config.yaml @@ -3,6 +3,18 @@ beef: detect_local_settings: enable: true category: "Network" + name: "Detect local settings" + description: "Grab the local network settings (ie internal ip address)." + authors: ["pdp", "wade", "bm"] + target: + working: ["FF", "C"] + not_working: ["IE"] fingerprint_local_network: enable: false category: "Network" + name: "Fingerprint local network" + description: "Scan common local network IP addresses for embedded devices." + authors: ["bcoles@gmail.com", "wade"] + target: + user_notify: ["FF", "IE"] + not_working: ["O"] diff --git a/modules/network/inter-protocol/config.yaml b/modules/network/inter-protocol/config.yaml index d59c02e7d..b0ea9617f 100644 --- a/modules/network/inter-protocol/config.yaml +++ b/modules/network/inter-protocol/config.yaml @@ -3,3 +3,4 @@ beef: inter-protocol: enable: false category: "Network" + name: "Inter-Protocol" diff --git a/modules/network/linksys_befsr41_csrf/config.yaml b/modules/network/linksys_befsr41_csrf/config.yaml index b10440575..4b07754af 100644 --- a/modules/network/linksys_befsr41_csrf/config.yaml +++ b/modules/network/linksys_befsr41_csrf/config.yaml @@ -3,3 +3,8 @@ beef: linksys_befsr41_csrf: enable: true category: "Network" + name: "Linksys BEFSR41 CSRF Exploit" + description: "Attempts to enable remote administration and change the password on a Linksys BEFSR41 router." + authors: ["Martin Barbella"] + target: + working: ["ALL"] diff --git a/modules/network/linksys_wrt54g2_csrf/config.yaml b/modules/network/linksys_wrt54g2_csrf/config.yaml index a8ca254cd..9f1fd1aa2 100644 --- a/modules/network/linksys_wrt54g2_csrf/config.yaml +++ b/modules/network/linksys_wrt54g2_csrf/config.yaml @@ -3,3 +3,8 @@ beef: linksys_wrt54g2_csrf: enable: true category: "Network" + name: "Linksys WRT54G2 CSRF Exploit" + description: "Attempts to enable remote administration and change the password on a Linksys WRT54G2 router." + authors: ["Martin Barbella"] + target: + working: ["ALL"] diff --git a/modules/network/linksys_wrt54g_csrf/config.yaml b/modules/network/linksys_wrt54g_csrf/config.yaml index 5d7a540cd..982457ced 100644 --- a/modules/network/linksys_wrt54g_csrf/config.yaml +++ b/modules/network/linksys_wrt54g_csrf/config.yaml @@ -3,3 +3,8 @@ beef: linksys_wrt54g_csrf: enable: true category: "Network" + name: "Linksys WRT54G CSRF Exploit" + description: "Attempts to enable remote administration and change the password on a Linksys WRT54G router." + authors: ["Martin Barbella"] + target: + working: ["ALL"] diff --git a/modules/network/vtiger_crm_upload_exploit/config.yaml b/modules/network/vtiger_crm_upload_exploit/config.yaml index e2e464b78..5d1d01a51 100644 --- a/modules/network/vtiger_crm_upload_exploit/config.yaml +++ b/modules/network/vtiger_crm_upload_exploit/config.yaml @@ -3,3 +3,8 @@ beef: vtiger_crm_upload_exploit: enable: true category: "Network" + name: "VTiger CRM Upload Exploit" + description: "This module demonstrates chained exploitation. It will upload and execute a reverse bindshell. The vulnerability is exploited in the CRM vtiger 5.0.4
The default PHP requires a listener, so don't forget to start one, for example: nc -l 8888." + authors: ["wade", "bm", "pipes", "xntrik"] + target: + working: ["ALL"] diff --git a/modules/persistence/iframe_above/config.yaml b/modules/persistence/iframe_above/config.yaml index e2d30722a..b48bf13d1 100644 --- a/modules/persistence/iframe_above/config.yaml +++ b/modules/persistence/iframe_above/config.yaml @@ -3,3 +3,8 @@ beef: iframe_above: enable: true category: "Persistence" + name: "iFrame Persistance" + description: "Rewrites all links on the webpage to spawn a 100% by 100% iFrame with a source relative to the selected link." + authors: ["passbe"] + target: + user_notify: ["ALL"] diff --git a/modules/persistence/popunder_window/config.yaml b/modules/persistence/popunder_window/config.yaml index fa296ab79..216fb31bb 100644 --- a/modules/persistence/popunder_window/config.yaml +++ b/modules/persistence/popunder_window/config.yaml @@ -3,3 +3,8 @@ beef: popunder_window: enable: true category: "Persistence" + name: "Pop Under Window" + description: "Creates a new discrete pop under window with the beef hook included.

This module will add another browser node to the tree. It will be a duplicate. This will be addressed in a future release" + authors: ["ethicalhack3r"] + target: + user_notify: ["ALL"] diff --git a/modules/recon/collect_links/config.yaml b/modules/recon/collect_links/config.yaml index 99f02aa41..e05457df4 100644 --- a/modules/recon/collect_links/config.yaml +++ b/modules/recon/collect_links/config.yaml @@ -3,3 +3,8 @@ beef: collect_links: enable: true category: "Recon" + name: "Collect Links" + description: "This module will retrieve HREFs from the target page." + authors: ["vo"] + target: + working: ["ALL"] diff --git a/modules/recon/detect_cookies_support/config.yaml b/modules/recon/detect_cookies_support/config.yaml index 66b8387a8..ebe4f7075 100644 --- a/modules/recon/detect_cookies_support/config.yaml +++ b/modules/recon/detect_cookies_support/config.yaml @@ -3,3 +3,8 @@ beef: detect_cookies_support: enable: true category: "Recon" + name: "Detect Cookie Support" + description: "This module will check if the browser allows a cookie with the specified name to be set." + authors: ["vo"] + target: + working: ["ALL"] diff --git a/modules/recon/detect_soc_nets/config.yaml b/modules/recon/detect_soc_nets/config.yaml index 2d4e64036..814893d9e 100644 --- a/modules/recon/detect_soc_nets/config.yaml +++ b/modules/recon/detect_soc_nets/config.yaml @@ -3,3 +3,8 @@ beef: detect_soc_nets: enable: true category: "Recon" + name: "Detect Social Networks" + description: "This module will detect if the Hooked Browser is currently authenticated to GMail, Facebook and Twitter." + authors: ["xntrik", "Mike Cardwell"] + target: + working: ["ALL"] diff --git a/modules/recon/detect_tor/config.yaml b/modules/recon/detect_tor/config.yaml index 5651ecf4a..7a2ecb513 100644 --- a/modules/recon/detect_tor/config.yaml +++ b/modules/recon/detect_tor/config.yaml @@ -3,3 +3,8 @@ beef: detect_tor: enable: true category: "Recon" + name: "Detect Tor" + description: "This module will detect if the zombie is currently using TOR (The Onion Router)." + authors: ["wade", "pdp", "bm", "xntrik"] + target: + working: ["ALL"]