Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,170 Commits 14 Branches 34 Tags
052d25a36bfabde2d8d22e53477e7a1d6262a4ba
Commit Graph

74 Commits

Author SHA1 Message Date
antisnatchor
d1e23c2084 Updated admin_ui and console extensions code to reflect the move of initialization extension into the core. 2012-04-18 14:37:44 +01:00
antisnatchor
364575592a Moved BeEF credentials from admin_ui extension to the main config.yaml. Updated both admin_ui and RESTful API to reflect the changes. 2012-04-15 10:53:08 +01:00
bcoles
e52b5101ee Updated logo location 
The favicon is not located at /favicon.ico if web server immitation is enabled
 2012-04-12 17:20:20 +09:30
bcoles
2bca21a41d Minor updates to XSSRays 
Part of issue #47
 2012-03-26 16:29:15 +10:30
Michele Orru
11fbeb3296 Merge pull request #643 from antisnatchor/master 
RESTful API, from antisnatchor with love :D
 2012-03-15 10:33:17 -07:00
antisnatchor
837c1f2db8 Modified BeEF::Module.execute to return the command_id of the persisted command, instead of just returning a boolean. Refactored usages in the code as well. 2012-03-13 12:40:28 +01:00
bcoles
6ef889b0b1 Removed Java from hook initialization: 
- Removed has_java
	- Removed internal_ip
	- Removed internal_hostname

Added function `beef.browser.javaEnabled()`

Patched function `beef.browser.hasJava()`
	- should no longer break the hook in Chrome/Safari

Added `not_working` browsers to History Extraction module
 2012-03-13 00:19:01 +10:30
bcoles
2ab95cc763 Renamed Decoder tab to HackVertor and disabled it for the upcomming 
release
 2012-01-18 23:42:14 +10:30
bcoles
a956bd60ea Added "Decoder" tab draft 2012-01-05 15:49:08 +10:30
bcoles
a6986e3960 Added detection for Chrome 16, updated Chrome Extensions modules and 
split the Details tab "Browser Hook Initialization" into "Hooked Page",
"Browser" and "Host"
 2012-01-04 18:52:34 +10:30
Wade Alcorn
06899ca267 Year updated from 2011 to 2012 2011-12-31 22:24:36 +10:00
bcoles
2439c9d61c Added Page URI to browser hook initialization details 
Fixes issue 543
 2011-12-28 08:47:07 +10:30
bcoles
74ec478449 Added allow_cross_domain to the request object 
By default all requests use allow_cross_domain = "true"

The Proxy component uses allow_cross_domain = "false"

The Forge Request component uses allow_cross_domain = "true"

Fixes issue 87
 2011-12-25 17:37:32 +10:30
bcoles
6ff92f48e0 Added document.referrer to browser hook initialization and tidied some code 2011-12-22 02:43:12 +10:30
bcoles
590e514680 Renamed "Requester" tab to "Rider" 
Added Proxy sub-tab under Rider tab

Part of issue 63
 2011-12-20 22:04:22 +10:30
bcoles
3ee52b82c0 Part of issue 87, issue 63, issue 29, issue 30 
In preperation for creating requester and proxy unit tests:

  o Tidied up some of the requester and proxy
  o Partially de-coupled requester from proxy
  o Fixed minor bugs:
    o is_valid_uri was not implemented correctly
    o http scheme validation had "http" instead of "https"
 2011-12-20 02:47:50 +10:30
bcoles
47ac45632d Added BeEF logo to panel header 2011-12-15 03:07:43 +10:30
bcoles
120e36d4b4 Added BeEF version to panel header and updated some links from 
code.google.com to github.com
 2011-12-11 20:30:09 +10:30
bcoles
25206bddc8 Added "Submit Bug" link to the Admin UI 
Fixes issue 545
 2011-11-27 02:25:56 +10:30
antisnatchor
18d4b642fe replaced WebRick HttpUtils in requester filters 2011-11-22 10:12:26 +01:00
antisnatchor
edf129d9ea replaced WebRick util method to parse HTTP request in Requester admin_ui controller 2011-11-20 11:49:05 +01:00
antisnatchor
e502882ed3 admin_ui session cookie management now with Rack 2011-11-20 11:12:59 +01:00
antisnatchor
05d06bb94e Removed unuseful Mutexes, refactored all the ugly 'exception-oriented' code that was using WebRick BadRequest, added config.yaml option to enable verbose debugging logs of Thin 2011-11-19 18:02:41 +01:00
antisnatchor
2997540918 rewrote the server core and adjusted the API/classes to use Thin and Rack instead of WebRick. 2011-11-19 15:49:19 +01:00
bcoles@gmail.com
dd5b1f5a81 Added platform and ActiveX detection to the browser hook initialization 
o Platform often provides the architecture (ie, 32bit) and can 
	be useful in identifying devices / smart phones

	o ActiveX detection was added for obscure browsers (ie, such as 
	software using an embedded browsing engine built on the IE COM)
	Normally ActiveX would only be detected on a hooked IE browser.

Moved the `is_valid_yes_no' filter from browser.rb to base.rb



git-svn-id: https://beef.googlecode.com/svn/trunk@1368 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-16 20:56:23 +00:00
buherator@gmail.com
caad2d5437 Displaying zombie domain and port on Requester tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1367 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-16 20:19:03 +00:00
buherator@gmail.com
ed866886f7 Storing port of HookedBrowser, fixing value of HookedBrowser.domain 
git-svn-id: https://beef.googlecode.com/svn/trunk@1365 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-15 22:04:08 +00:00
buherator@gmail.com
7447015901 sorting commands by status and name 
git-svn-id: https://beef.googlecode.com/svn/trunk@1364 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-15 14:25:50 +00:00
antisnatchor
e22332e1f8 (Fixes issue 467) rewrote from scratch the XssRays handler, refactored JS and Ruby code, improved the whole thing. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1361 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-12 14:56:50 +00:00
antisnatchor
20f07a5b04 prevent BeEF to be auto-BeEFed :-) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1357 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-07 13:07:07 +00:00
sussurro@happypacket.net
6658eff14c fixkup for metasploit to make payloads options be dynamic again. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1311 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-26 04:00:02 +00:00
A.M.Saafan@gmail.com
0362c536e5 Truncate response data larger than 100K. Fixes issue 463 
git-svn-id: https://beef.googlecode.com/svn/trunk@1297 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-17 13:04:50 +00:00
antisnatchor
3556268718 (Fixes issue 401): added one-to-many relationship between xssrays_scan and xssrays_details models. Updated code that use them accordingly. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1252 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 10:43:41 +00:00
antisnatchor
b4cb58346e Fixed proxy: the new filters where causing problems. Removed all of them except the method and version checks. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1240 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-29 09:18:24 +00:00
bcoles@gmail.com
7a4b07ef2e Added "Has WebSockets" to initialization / details tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1237 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-26 13:28:53 +00:00
bcoles@gmail.com
72c6bf87b0 Added port column to Requester History tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1214 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-19 14:49:43 +00:00
bcoles@gmail.com
b1de14dcf1 Added HEAD, OPTIONS, PUT and DELETE methods 
Fixes issue 356

Added HTTP request validation to proxy extension

	Fixes issue 429



git-svn-id: https://beef.googlecode.com/svn/trunk@1212 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-19 09:24:31 +00:00
passbe
8fe714881a Module execution functionality is now decoupled from the admin_ui. See BeEF::Module.execute(). Added Hooked Browser Manager skeleton. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1196 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-17 02:17:19 +00:00
bcoles@gmail.com
22941a51b4 Augmented beef.net.request to support port_status 
Only "open" and "closed" are supported currently

Part of issue 286



git-svn-id: https://beef.googlecode.com/svn/trunk@1177 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-10 09:47:01 +00:00
antisnatchor
381d083895 Issue 384: added XssRays "Scan config" tab, to configure crossDomain and cleanTimeout options. Added defaults to xssrays config file, also to prevent printing console.log statements if debug=false. Minor changes to xssrays_scan model. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1164 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-03 11:59:13 +00:00
yori.kvitchko
a70de4dbf8 Added get cookies to on-initialize. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1162 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-03 06:36:50 +00:00
wade@bindshell.net
d7930dc9da These changes clean up (a little) the details tab. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1136 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:54:21 +00:00
wade@bindshell.net
a817fe14c4 These changes clean up the details tab (Fixes issue 398). 
git-svn-id: https://beef.googlecode.com/svn/trunk@1135 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:53:57 +00:00
wade@bindshell.net
72703c605f removed the double display of browser name in the details tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1134 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:53:32 +00:00
antisnatchor
62672b2159 Issue 384: added escape_for_html function to escape PoC data before rendering in ExtJs UI 
git-svn-id: https://beef.googlecode.com/svn/trunk@1125 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-28 13:29:38 +00:00
antisnatchor
91577429af Issue 384: removed old field update in hb table (not used anymore, was even preventing xssrays to start) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1123 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-28 12:43:30 +00:00
bcoles@gmail.com
73ae24b029 Added Detect Cookie Support to initialization and details tab 
M	extensions/admin_ui/controllers/modules/modules.rb
M	extensions/initialization/handler.rb
M	core/main/client/browser.js

Example output on details tab:

	Session Cookies: Yes
	Persistent Cookies: Yes

Fixes Issue 380



git-svn-id: https://beef.googlecode.com/svn/trunk@1122 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-28 05:06:53 +00:00
passbe
5b4ff61909 Final changes to convert from old super() method to new configuration system. Fixes Issue 329 
git-svn-id: https://beef.googlecode.com/svn/trunk@1119 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-28 00:50:04 +00:00
passbe
a137a7be9b Hacked the admin_ui to use the new configuration target system. This commit renders all dynamic modules as VERIFIED UNKNOWN 
git-svn-id: https://beef.googlecode.com/svn/trunk@1117 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-27 01:03:45 +00:00
antisnatchor
a14fe4ba0a Issue 384: First draft of XssRays (admin UI): extjs UI 
git-svn-id: https://beef.googlecode.com/svn/trunk@1113 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-26 18:35:46 +00:00