Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,170 Commits 14 Branches 34 Tags
052d25a36bfabde2d8d22e53477e7a1d6262a4ba
Commit Graph

143 Commits

Author SHA1 Message Date
antisnatchor
052d25a36b Fixed another bug when parsing the BeEF hook cookie in Js. now using beef.session.get_hook_session_id(). Should be the last fix. 2012-05-11 14:22:13 +01:00
antisnatchor
96a16fa683 Fix issue 675 (added erubis parsing for Websocket config options) 2012-05-11 11:45:13 +01:00
antisnatchor
fdad068ee5 Fix issue 674 (NilClass issue) 2012-05-10 13:54:40 +01:00
antisnatchor
925e744194 Merge remote-tracking branch 'upstream/master' 
Resolved conflicts:
	core/main/client/net.js
	core/main/handlers/modules/beefjs.rb
 2012-05-10 10:19:22 +01:00
antisnatchor
e426b3fb13 Added iframe XSRF form in beef.dom (Fixes issue 104) 2012-05-09 14:07:13 +01:00
Brendan Coles
f221f93ebb Merge pull request #652 from ebababi/master 
Introduce public port setting
 2012-05-07 01:09:22 -07:00
bcoles
99d47351b7 Patched newline issue in request() in net.js 
See commit c3435ee345 for more info
 2012-05-03 15:54:46 +09:30
antisnatchor
72ba526cbc merged changes of net.js to fix the requester/tunneling proxy 2012-05-02 14:28:30 +03:00
antisnatchor
c3435ee345 Fixed a nasty bug in net.js forgeRequest. Stripping line breaks from request domain: prevented the requester/tunneling proxy to work (always cross-domain fails) 2012-05-02 14:25:31 +03:00
antisnatchor
2c19a3a8d8 Fixed issue when hooking a browser that contains other cookies than BEEFHOOK. now "alive" send back only the BeEF session value 2012-05-02 14:01:04 +03:00
antisnatchor
9ae0929a8c Merge remote-tracking branch 'upstream/master' 2012-05-02 13:04:51 +03:00
bcoles
75cf67a6c4 Re-categorized some modules 
Fixed a couple of typos
 2012-04-27 10:35:17 +09:30
bcoles
b5b5f0cd1a Fixed bug in IE version detection 2012-04-23 14:44:03 +09:30
antisnatchor
6cb8eb68fe Fixed bug on IE9 detection 2012-04-22 13:17:55 +01:00
Graziano Felline
97c2649e36 Corrected issues on IE browser (IE8 IE9) to check IE6 -IE7 
Corrected Issues whit character encoding
 2012-04-20 19:17:34 +02:00
antisnatchor
f8cd395e21 Added additional check on pathname for XssRays Issue 657 2012-04-20 11:40:28 +01:00
Graziano Felline
c83e7d584e Now the Alive check is by ws Timer 5 second 
Tested And work
 2012-04-19 19:30:19 +02:00
antisnatchor
cf3587e2b1 Fix issue 657: the damn IE doesn't contain a forward slash on pathname 2012-04-19 18:08:16 +01:00
Graziano Felline
656262c0f4 Basic response recv system implemented 
todo ping-pong for alive host. thread's content is  in websocket.rb
todo setting up a separate handler for via ws answer's
 2012-04-18 12:00:17 +02:00
antisnatchor
2198c69aa8 Merge remote-tracking branch 'upstream/master'. Fixed conflicts on config.yaml. 2012-04-14 20:44:17 +01:00
Graziano Felline
2755c6449c Deleted some stuff that does not work correctly in old browser (IE 8) 
Better check for FF
Cleand up inside the code
 2012-04-14 19:42:53 +02:00
antisnatchor
185b1be30f Fixed issue with command execution. Now commands are executed correctly via WebSocket. 2012-04-13 13:35:29 +01:00
Graziano Felline
65138db207 Commands are now sent through websocket 
Trouble with eval function in websocket.js
 2012-04-13 12:45:48 +02:00
Graziano Felline
23f782b8d8 Hook.js load websocket.js only if specifield in beef configuration file 
if websocket is disabled all work normally
 if websocket is enabled have trouble in command.rb
 2012-04-12 19:01:49 +02:00
bcoles
0c0027e06f Event Logger now logs form submissions 
Fixes issue #141
 2012-04-12 12:27:28 +09:30
Graziano Felline
af9b3c97b5 Added polling stop if websocket is up in updater.js 
added hash for websocket in websocket.rb
added check for websocket existence in command.rb and net.js
added a POC onmessage function in websocket.js
added check for websocket support in init.js
added a POC send to send command output to server in beef.js
 2012-04-11 20:52:47 +02:00
bcoles
6af55c7e33 Event Logger now logs clipboard events (in IE6 only) 
Fixes issue# 653

Tidied up the 'submit' handler a bit. Part of issue #141
 2012-04-11 14:06:56 +09:30
Graziano Felline
302512e172 Added FF11 support 2012-04-08 13:21:12 +02:00
Graziano Felline
85b3a59441 The connection and helo to server correctly work. 2012-04-08 12:46:57 +02:00
antisnatchor
8f7caff30f changed websocket.js structure with closures. 2012-04-07 14:19:56 +01:00
antisnatchor
296d0161c9 fixed issue with FF detectionon websockets 2012-04-07 13:48:10 +01:00
antisnatchor
faae01a9aa Changed default websocket port 2012-04-07 13:34:21 +01:00
Graziano Felline
bcd0ff154f Added websocket.js in beefjs.rb 2012-04-07 14:20:47 +02:00
Graziano Felline
d3e2e1eb30 Inserted module in bootstrap 2012-04-07 12:56:06 +02:00
Graziano Felline
736c81573e Setting up structures and server/client environment. 
A lot of TODO
 2012-04-06 02:21:40 +02:00
bcoles
cce8cf451c Added XssRays vectors: 
o URL encoded
	o Double URL encoded
	o Double nibble URL encoded

Fixes issue #65

Part of issue #47
 2012-04-05 14:26:30 +09:30
bcoles
f852b87b2b Added detection for Chrome 18 and 19 2012-04-05 12:45:10 +09:30
bcoles
2bca21a41d Minor updates to XSSRays 
Part of issue #47
 2012-03-26 16:29:15 +10:30
Nikolaos Anastopoulos
e4d4edba75 Public port setting affects URI scheme 2012-03-23 20:42:12 +02:00
bcoles
45475d625b Updated IE version detection 
No longer modifies the DOM for every call to:
	`isIE8()`
	`isIE9()`
	`isIE()`
 2012-03-22 19:27:36 +10:30
bcoles
5329d5c147 Added support for Firefox 11 2012-03-16 13:11:20 +10:30
bcoles
e52779e72e Fixed javaEnabled() in BeEF hook 
- It was breaking the hook in IE6

Also fixed a couple of typos in the Local File Theft module description
 2012-03-16 12:40:13 +10:30
Graziano Felline
b02bdbaaa7 ISSUE 625 - corrected the bug. Added li's elements poison 2012-03-14 15:41:10 +01:00
Graziano Felline
8795c5770a ISSUE 625 - corrected the bug. Added li's elements poison 2012-03-14 15:34:46 +01:00
bcoles
6ef889b0b1 Removed Java from hook initialization: 
- Removed has_java
	- Removed internal_ip
	- Removed internal_hostname

Added function `beef.browser.javaEnabled()`

Patched function `beef.browser.hasJava()`
	- should no longer break the hook in Chrome/Safari

Added `not_working` browsers to History Extraction module
 2012-03-13 00:19:01 +10:30
bcoles
9735a7b66f Merge branch 'master' of https://github.com/beefproject/beef 2012-03-12 11:41:08 +10:30
radoen
a0c11fa695 Added support to intercept dynamic requests 2012-03-11 10:26:56 +01:00
unknown
dbd6baa7b0 Temporary fix to prevent hook error on Safari. I will implement a final fix tomorrow. 2012-03-07 16:19:06 +01:00
antisnatchor
8c3afcf2b9 Minor changes related to Java detection with the unsigned applet: if the browser is Chrome, we simply rely on window.navigator. 2012-03-06 19:56:58 +01:00
Keith Lee
cc9756cf59 Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:46:51 +08:00