Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,639 Commits 14 Branches 34 Tags
1449913c65d4496ce816f3109f35b0488b7b4333
Commit Graph

2639 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
mgeeky
1449913c65 Added four new ARE rules 2016-05-02 10:11:25 +02:00
mgeeky
b383dc2108 Pollished the code a little 2016-05-02 09:57:31 +02:00
mgeeky
2cf6504912 Revert "Added three new Autorun rules" 
This reverts commit 010867cf24.
 2016-05-02 09:43:26 +02:00
mgeeky
4058381f9a Revert "Added record_snapshots autorun rule" 
This reverts commit abdb5462cf.
 2016-05-02 09:43:12 +02:00
mgeeky
bf523dc57a Revert "Added get-token.sh utility useful when doing some manual RESTful api calls" 
This reverts commit 89d11819ee.
 2016-04-18 11:15:59 +02:00
mgeeky
89d11819ee Added get-token.sh utility useful when doing some manual RESTful api calls 2016-04-18 11:14:53 +02:00
mgeeky
abdb5462cf Added record_snapshots autorun rule 2016-04-18 11:11:42 +02:00
mgeeky
3edd291064 Forgot about scaling desired delay between consecutive snapshots... 2016-04-18 10:29:18 +02:00
mgeeky
ffdb942cf1 Added hyphen to separate ip and date in screenshot filename 2016-04-15 10:09:21 +02:00
mgeeky
6cc5a822d7 Applied some of @bcoles ideas regarding post_execute handler, also added beef.debug and parseInt base conversion 2016-04-15 10:03:37 +02:00
mgeeky
ae2488e7bd Working on repeated snapshot taking. At the moment, this will result in multiple screenshots being stored in the file system, but the module will present only the most recent one in WebGUI. Which is not exactly what I wanted to accomplish 2016-04-14 16:14:33 +02:00
mgeeky
ad4cb31864 Oops, forgot to remove those debugging alerts 2016-04-14 15:35:25 +02:00
mgeeky
d58f979395 Update html2canvas component in the spyder_eye module from 0.4 to 0.5.0-alpha1 which resulted in much more detailed screenshot, as can be seen in: http://imgur.com/a/Sm9OG . Also, armored a bit the code running in the zombie' browser. Branch is called 'get_snapshot' as I didn't know that there is already a module utilizing terrific html2canvas. 2016-04-14 15:31:08 +02:00
mgeeky
9ebb5abe18 Added exception handling in some subtle conditions when Javascript minifying could fail (as it happened to me once)w 2016-04-13 21:42:32 +02:00
mgeeky
010867cf24 Added three new Autorun rules 2016-04-13 21:38:25 +02:00
mgeeky
261c9ee5aa Changed default custom domains variable to a safe-for-work one. :-) 2016-04-07 14:25:22 +02:00
mgeeky
d5e041e3e3 Added 'top' ports scannig set according to Fyoodr's nmap-realted resarch (gathered from nmap-services) 2016-04-06 12:03:58 +02:00
mgeeky
ede4ce46d6 Extend Get Visited Domains module's description to include format of the visited domains text box 2016-03-31 12:29:08 +02:00
mgeeky
617a30f80e Added functionality to specify custom static resources paths for Get Visited Domains module. 2016-03-31 12:25:27 +02:00
mgeeky
a677e9c746 Added checkbox specyfing whether to create a pop-under at user's tab closing event (module confirm_close_tab). Also extracted static confirmation message to the module's options. 2016-03-08 15:32:36 +01:00
mgeeky
8ab9716a44 Firefox has forbidden access to the chrome:// scheme rendering "Detect Extensions" module useless. The code has been trying to fingerprint installed extensions by creating image which would load extension-specific url and then in onload' event would send such information to the BeeF server. Unfortunately there was no code handling onerror' situation, therefore end user wasn't getting any status from this module (stating that it failed). The below commit adds such functionality. 2016-03-08 14:49:29 +01:00
mgeeky
faddd76de0 Added try..catch to avoid looped mozRTCSessionDescription undefined exceptions in Firefox (as occured in 43.0). Shouldn't do much havoc I guess. 2016-03-07 18:20:08 +01:00
mgeeky
e14b5f953a Modified the Man-In-The-Browser logic of building query string in form fetching. Previous implementation couldn't handle properly option and submit parameters, therefore a MITB-ed user wasn't sending correct query string which should include those two more fields. For instance, bWAPP application (by IT SEC Games) makes choosing a bug to exploit by submitting form consisting of an option and <button> with type=submit. With this patch an user behind MITB will be able to successfully fetch the form and thus proceed to the next bug. 2016-03-07 18:01:37 +01:00
antisnatchor
815eff8d4e Merge pull request #1220 from ilatypov/master 
Delay form submission to allow the Javascript event loop complete the…
 2016-02-18 15:51:00 +01:00
antisnatchor
39ca52ae8b Merge pull request #1221 from Und3rf10w/patch-1216 
Update loader.rb to include optparse
 2016-02-18 15:49:44 +01:00
Jonathan Echavarria
f1eb8c8723 Update loader.rb 
Includes fixes for #1216 by loading the 'optparse' library
 2016-02-17 09:29:11 -05:00
Ilguiz Latypov
d81db24912 Delay form submission to allow the Javascript event loop complete the transfer of the log. #1215 2016-02-15 16:02:06 -05:00
Brendan Coles
b8afb0e855 Add WS timer to banner 2016-02-13 10:00:47 +00:00
Brendan Coles
d110675c0f Revert 96dfde519a 2016-02-13 09:53:23 +00:00
Brendan Coles
7a668abc0a Update ARE to support Evasion extension - Fix #1219 2016-02-13 07:09:00 +00:00
Brendan Coles
60f046c775 Update jquery version in evasion exclude_core_js 2016-02-13 06:49:54 +00:00
Brendan Coles
d0ca66cbf5 Decrease workers and increase timeout 2016-02-12 14:38:42 +00:00
Brendan Coles
13fded460e assert_equal <expected>,<actual> 2016-02-12 13:59:50 +00:00
Brendan Coles
96dfde519a Remove JSON.stringify(results) from beef.websocket.send - Fix #1210 2016-02-12 13:25:39 +00:00
Brendan Coles
d1d7371ccf Disable console extension 2016-02-12 13:10:23 +00:00
Brendan Coles
ca288fef9f Update gems 2016-02-12 11:23:29 +00:00
Brendan Coles
1a16837182 Remove win32console gem dependency for Windows 2016-02-12 11:03:29 +00:00
Brendan Coles
afd48d8a5f Advise console extension is unavailable 2016-02-12 08:32:00 +00:00
Brendan Coles
8e5991784f Add ARE return status 2016-02-11 12:37:48 +00:00
Brendan Coles
bef0c6dcdd Add support for Windows 10 2016-02-10 07:40:28 +00:00
Brendan Coles
85d87f47b5 Remove HTTP method from beef.dom.persistentIframe - Fix #1211 2016-02-09 14:05:35 +00:00
Brendan Coles
8697c81ffa Replace eval with hard-coded strings 2016-02-08 08:29:52 +00:00
Brendan Coles
fa8464bdd9 Update supported browsers 2016-02-08 03:59:25 +00:00
Brendan Coles
5065a55238 Add lan_http_scan ARE rule 2016-02-07 13:19:35 +00:00
Brendan Coles
bb8fe9d8f8 Fix icon 2016-02-07 12:20:53 +00:00
Brendan Coles
7e6e3bc51d Add lan_flash_scan ARE rule 2016-02-07 12:20:04 +00:00
Brendan Coles
848dc65c6f Add cross_origin_scanner_flash module 2016-02-07 11:20:55 +00:00
Brendan Coles
321aff56f3 Rename cross_origin_scanner to cross_origin_scanner_cors 2016-02-07 10:53:32 +00:00
Brendan Coles
eb9e0a0a68 Add ARE return status 2016-02-07 01:01:02 +00:00
Brendan Coles
83e1f596de unless 2016-02-06 08:04:29 +00:00