From bcf842587f3e570bce75e4ca94d900fdfe53457e Mon Sep 17 00:00:00 2001
From: Rich Lundeen <richard.lundeen@gmail.com>
Date: Mon, 10 Sep 2012 15:36:57 -0700
Subject: [PATCH] Fixed several minor bugs

---
 .../html/clickjacking/clickjack_attack.html   |  9 +++--
 .../clickjacking/command.js                   | 34 ++++++++++---------
 .../clickjacking/config.yaml                  |  1 +
 3 files changed, 23 insertions(+), 21 deletions(-)

diff --git a/extensions/demos/html/clickjacking/clickjack_attack.html b/extensions/demos/html/clickjacking/clickjack_attack.html
index 9b09b4275..ef4ce8135 100644
--- a/extensions/demos/html/clickjacking/clickjack_attack.html
+++ b/extensions/demos/html/clickjacking/clickjack_attack.html
@@ -57,6 +57,7 @@ margin-top:40px;
 padding:5px 0;
 }
 .inner .footnote > a{
+/*
 display:inline-block;
 width:100px;
 background:#09C;
@@ -68,10 +69,12 @@ line-height:30px;
 border-radius5px;
 border:1p solid #999;
 text-decoration:none;
+*/
+display:none;
 margin-top:5px;
 }
 .inner .footnote > span{
-display:none;
+/*display:none;*/
 }
 .click-thru{
 color:#333;
@@ -144,10 +147,6 @@ quotes[5] = {title: "You are a sad strange little man, and you have my pity.", f
 $(".more-quotes").live("click", function(){
 	var random = Math.floor(Math.random()*(quotes.length));
 	$(".text").html(quotes[random].title);
-	//It's easy to add arbitrary actions, commented out is an example
-	//$(".footnote > span").html(quotes[random].footnote).hide();
-	//$(".footnote > a").show();
-
 	$(".footnote > span").html(quotes[random].footnote).show();
 	$(".footnote > a").hide();
 });
diff --git a/modules/social_engineering/clickjacking/command.js b/modules/social_engineering/clickjacking/command.js
index d3ce04af4..b11e81325 100644
--- a/modules/social_engineering/clickjacking/command.js
+++ b/modules/social_engineering/clickjacking/command.js
@@ -95,26 +95,28 @@ beef.execute(function() {
 	function iframeClicked(){
 		clicked++;
 		var jsfunc = '';
-		try{
-			//check if there's an action to perform
-			if (isNaN(parseInt(clicks[clicked-1].posTop))) {
-				removeAll(elems);
-				throw "No more clicks.";
-			}
-			jsfunc = clicks[clicked-1].js;
-			innerPos.top = clicks[clicked].posTop;
-			innerPos.left = clicks[clicked].posLeft;
-			eval(unescape(jsfunc));
-			setTimeout(function(){
-				updateIframePosition();
-			}, <%= @clickDelay %>);
-		} catch(e) {
-			cjLog(e);
-		}
+		jsfunc = clicks[clicked-1].js;
+		innerPos.top = clicks[clicked].posTop;
+		innerPos.left = clicks[clicked].posLeft;
+		eval(unescape(jsfunc));
+		setTimeout(function(){
+			updateIframePosition();
+		}, <%= @clickDelay %>);
+
 		setTimeout(function(){
 			var btnSelector = "#" + elems.btn;
 			var btnObj = $(btnSelector);
 			$(btnObj).focus();
+
+			//check if there are any more actions to perform
+			try {
+				if (isNaN(parseInt(clicks[clicked].posTop))) {
+					removeAll(elems);
+					throw "No more clicks.";
+				}
+			} catch(e) {
+				cjLog(e);
+			}
 		}, 200);
 	}
 
diff --git a/modules/social_engineering/clickjacking/config.yaml b/modules/social_engineering/clickjacking/config.yaml
index c69230044..8243cf0dc 100644
--- a/modules/social_engineering/clickjacking/config.yaml
+++ b/modules/social_engineering/clickjacking/config.yaml
@@ -11,6 +11,7 @@
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
+
 beef:
     module:
         clickjacking: