Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,146 Commits 14 Branches 34 Tags
0da381c4867457e2d29aba8019fefded4682f64f
Commit Graph

678 Commits

Author SHA1 Message Date
antisnatchor
b16d35232a Improved HTA_powershell module. Now using @mattifestation payload and supporting x86 and x86_64 targets. 2014-07-01 11:58:32 +02:00
antisnatchor
6b93b09c2f #970 Updated DNS tunnel debug module config.yaml description 2014-06-29 13:20:11 +02:00
antisnatchor
2c9633f08f #970 Added debug module to test DNS tunnel (client-to-server). 2014-06-29 12:31:06 +02:00
antisnatchor
015693038a Merge branch 'master' of https://github.com/beefproject/beef 2014-06-29 11:38:34 +02:00
antisnatchor
aafceec4cb Disabled legacy DNS-tunnel IPC module. 2014-06-29 11:37:55 +02:00
Michele Orru
1681f69511 Merge pull request #1027 from soh-cah-toa/master 
DD-WRT v24 SP1 CSRF and RCE Modules
 2014-06-28 17:20:23 +02:00
antisnatchor
cf4252585a Added HTA-powershell client-side attack (IE only). 2014-06-27 11:44:39 +02:00
soh_cah_toa
f490faa858 Added module for DD-WRT v24 SP1 RCE vulnerability (issue #1006). 2014-06-16 09:56:27 -04:00
soh_cah_toa
fd46915bf2 Added module for DD-WRT v24 SP1 CSRF vulnerability (issue #1006). 2014-06-16 09:48:14 -04:00
Nbblrr
d0fbba2e2d Fixes bug in rickroll module (#1017) 2014-06-05 10:53:20 +02:00
Brendan Coles
32fab589d6 Add Asus RT Series Get Info module 2014-05-20 16:59:40 +00:00
Brendan Coles
dbeedb1d92 Use beef.net for URI 2014-05-10 09:50:38 +00:00
Brendan Coles
195e2ab830 return error message 
prevents HTTP 404 iframe for '/lp/indexFF.html'
 2014-05-10 19:01:00 +10:00
Christian Frichot
6e50384719 Fake Chrome Evernote Clipper Extension authentication dialog. A new SE module 2014-05-07 19:13:04 +08:00
Christian Frichot
55e36ff095 Detect the presense of Evernotes Clipper Extension in Chrome 2014-05-07 19:11:27 +08:00
Christian Frichot
0ec566ac95 Updates to Fake Lastpass module. New impersonates updated Chrome extension. No longer pretends to target FF 2014-05-07 19:09:07 +08:00
Christian Frichot
f628ce7ae9 Browser Module to remove the BeEF hook.js script element 2014-05-07 18:57:26 +08:00
Brendan Coles
abe1370a50 Add FirePHP <= 0.7.1 RCE module 
@Wireghoul

Fixes issue #885
 2014-05-05 10:32:59 +00:00
Brendan Coles
a317b223ca Update description 2014-04-25 03:52:57 +10:00
RootPrivileges
5ddb88db73 Add a Windows prompt to the pretty_theft module 2014-04-14 10:23:30 +01:00
ecneladis
6044de5604 Adding module for getting battery status 2014-03-24 12:46:43 +01:00
bcoles
7d6eb4b714 Add 'beef.os.getDefaultBrowser' 2014-03-20 02:49:08 +10:30
bcoles
97898d453c Moved Detect Default Browser module to Host category 2014-03-20 00:58:16 +10:30
bcoles
fab0bf6b24 Add Detect HP module 2014-03-20 00:52:25 +10:30
bcoles
4a603b9f00 Add IE10 resource URL browser fingerprint 2014-03-19 23:49:21 +10:30
bcoles
ee1e29341e Move firefox extension modules to social engineering directory 2014-03-16 18:18:18 +10:30
antisnatchor
05979af3a2 Treating IE9 and 10 as the same for the ui_abuse_ie attack 2014-03-14 13:22:16 +00:00
antisnatchor
4a733a6f74 Finishing ui_abuse_ie module development. Minor fix on one animated gif remains. Tested on IE9/10 on Win7 successfully. 2014-03-13 17:37:04 +00:00
antisnatchor
d4fd537108 Continued working on ui_abuse_ie module 2014-03-12 20:58:39 +00:00
antisnatchor
14f1991542 Fixed config.yaml issue in ui_abuse_ie module. 2014-03-12 17:15:22 +00:00
antisnatchor
1c055febeb Working on new exploit module that abuses UI expectations on IE9/10 tricking the user to run a (signed) exe. Based on Rosario Valotta research. 2014-03-12 16:59:09 +00:00
Kosta Xynos
44058f0025 Remove stuck iframes and get html from page and iframes modules 2014-03-09 21:55:21 +00:00
Kosta Xynos
25550f9cfa Add Asus RT-N66U and DSL-N66U Command Execution via CSRF support 2014-03-06 16:20:44 +00:00
bcoles
32d30a8176 Remove the method from a couple of 'beef.dom.createIframe' calls 
Part of issue #969
 2014-02-28 23:49:27 +10:30
Phil Grohe
f274001a65 Revised comments on beef.dom.createIframe() to reflect removal of 'method' parameter & form submitting behavior. Updated existing function calls to beef.dom.createIframe() to remove 'method' parameter. 2014-02-22 11:57:56 -05:00
bcoles
563296f67b Add malicious FF extension (reverse shell) module 2014-01-27 08:30:37 +10:30
bcoles
d230cfa593 trivial edits for consistency 2014-01-27 07:29:00 +10:30
bcoles
2b44c9184d Add malicious FF bindshell module 2014-01-27 07:21:44 +10:30
bmantra
0e57fb0be1 Inital version of CookieJar overflow module. And minor bugfix of active fax overflow module. 2014-01-19 19:58:14 +01:00
bcoles
83ed8558b7 Add encoding type argument 'enctype' to 'createIframeXsrfForm()' 2014-01-12 02:34:24 +10:30
bcoles
e50d681a64 Add BozoCrack module 2014-01-11 23:27:13 +10:30
bcoles
1f83c2a63f Add Redis IPEC module 2014-01-08 22:22:22 +10:30
bcoles
7c977ef1aa Move 'modules/exploits/sqlitemanager_xss/' to 'modules/exploits/xss/' directory 2014-01-04 11:48:10 +10:30
bcoles
f97087c37a Change hard-coded 'hook.js' to 'beef.http.hook_file' 2014-01-04 11:33:58 +10:30
Wade Alcorn
8003f1a47f Updated the copyright year to 2014 2014-01-01 16:34:15 +10:00
bcoles
b307891364 Add 'IE MS13-069 CCaret Use-After-Free' exploit module from MSF 2013-12-30 22:53:18 +10:30
bcoles
f0d989f6e9 Update description 2013-12-30 22:48:51 +10:30
bcoles
fe37a14adc Add 'IE MS12-004 midiOutPlayNextPolyEvent Heap Overflow' exploit module from MSF 2013-12-30 10:59:25 +10:30
bcoles
bece5c1438 Add wifi_pineapple_csrf module (untested and disabled) 2013-12-30 07:58:07 +10:30
bcoles
1862870b11 Get all input fields 
Update 'Get Form Values' module to retrieve all input fields
on the hooked page - not just input fields inside of form elements.

This makes more sense.
 2013-12-30 07:19:37 +10:30