Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,267 Commits 14 Branches 34 Tags
268ef4588f54635462829def863ad2532ffec5b3
Commit Graph

421 Commits

Author SHA1 Message Date
bcoles
9440afacc9 Removed duplicate / from a few CSRF URLs 
Just in case it causes issues
 2012-06-25 00:57:26 +09:30
bcoles
7fde875d8a Changed default target IP address to http://192.168.100.1/ for the 
virgin_superhub_csrf module
 2012-06-24 22:21:19 +09:30
bcoles
ebe205ad36 Updated a couple of module configs 
modules/exploits/router/virgin_superhub_csrf/config.yaml
modules/misc/local_file_theft/config.yaml
 2012-06-24 20:44:06 +09:30
bcoles
1bf9061c1a Added a couple of CSRF modules: 
o ./modules/exploits/boastmachine_3_1_add_user_csrf/
	o ./modules/exploits/axous_1_1_1_add_user_csrf/

Updated a few exploit titles
 2012-06-24 17:10:37 +09:30
bcoles
771d6d60f9 Added Virgin Superhub CSRF module 
Fixes issue #703
 2012-06-24 15:22:35 +09:30
bcoles
40f8b528aa Moved a few modules from modules/exploits/ to modules/exploits/local_host: 
activex_command_execution
	mozilla_nsiprocess_interface
	window_mail_client_dos
	java_payload
	safari_launch_app

Added a couple of XSS modules:
	cisco_collaboration_server_5_xss
	serendipity_1.6_xss
 2012-06-24 03:10:54 +09:30
bcoles
853b4c5bcb Added Spring Framework Malicious JAR module 
Fixes issue #526
 2012-06-23 22:45:48 +09:30
Mike Haworth
37e42b50d0 Moved screenshot module to correct location 2012-06-14 06:09:44 +12:00
Michele Orru
dae01474ab Merge pull request #700 from bmantra/master 
Closes #699
 2012-06-13 04:54:30 -07:00
bmantra
ece65e9841 added fingerprint for Glassfish server 2012-06-13 13:38:48 +02:00
Mike Haworth
cb9125eb1a added a chrome_extension module that takes a screenshot of the current tab, image returned as dataurl for now 2012-06-13 21:33:47 +12:00
bmantra
3accb24b2b Does not work in Opera due to cross domain issues. And cannot work in IE due to lack of sendAsBinary-functionality in xmlhttprequest. So removed the Base64-library and used atob instead. 2012-06-13 10:00:45 +02:00
bcoles
99c6a819f3 Updated module description for webcam and gmail phishing modules 
Updated gmail phishing module to hide the polling image

Fixed a couple of typos
 2012-06-07 13:56:26 +09:30
Brendan Coles
3430de2a03 Merge pull request #691 from floyd-fuh/master 
Webcam and Gmail Phishing plugin
 2012-06-06 21:36:45 -07:00
bcoles
6f3298235f Added IE to not_working for glassfish_war_upload_xsrf module 2012-06-07 13:29:59 +09:30
floyd
475cc4e40d Added Gmail phishing module 2012-06-06 18:49:17 +01:00
floyd
dbae1f60dd Added webcam module 2012-06-06 18:47:48 +01:00
bcoles
6396f7aa5a Fixes issue #688 
Added spaces to comma delemetered data in config.yaml files

This should fix an issue reported to affect Ruby 1.9.2
 2012-06-05 23:27:21 +09:30
Michele Orru
1d13368644 Merge pull request #689 from bmantra/master 
fixes #661. Ported @malerish PoC for GlassFish (deploy WAR through XSRF)
 2012-06-03 15:30:20 -07:00
root
8e7e546ef9 fixes #661 2012-06-03 19:53:33 +02:00
bcoles
729336df53 Added debug mode to clickjacking module 2012-06-01 10:49:46 +09:30
bcoles
9e2ac56ea6 Added clickjacking module 
Fixes issue 105
 2012-05-30 19:40:29 +09:30
bcoles
fdd9d2c555 Added Cross-Site Printing module 2012-05-30 17:11:34 +09:30
bcoles
1b9153485e Removed Induce Seizure module 
There is no reason what so ever for browsers to be able to cause the
screen to flicker. This issue has been known for a very long time.

Maybe it's time browser developers consider the health of their users.

---

Can cows get epilepsy? Breeds such as Swedish Red Cattle, Hereford and
Angus have been reported to suffer epilepsy. Source:
http://www.kgbanswers.co.uk/can-cows-get-epilepsy/2217549

Think of the cows.
 2012-05-29 20:41:41 +09:30
bcoles
8dc4261094 Updated get_all_cookies module description 2012-05-29 20:37:14 +09:30
bcoles
1c9310f89f Added Induce Seizure module 
Disabled by default
 2012-05-29 20:02:16 +09:30
Mike Haworth
5aa2cefc43 Chrome extension module for stealling cookies inc. HTTPonly 2012-05-29 22:44:03 +12:00
Mike Haworth
172ec56be6 Got a better splash image, added cookies permission, added some brief documentation 2012-05-29 22:42:58 +12:00
bcoles
75315f8622 Added support for Firefox 13 
Added return message for fake flash update module
 2012-05-29 16:40:15 +09:30
bcoles
53b0781961 Updated supported browsers and module description for: 
o modules/misc/iframe_sniffer/config.yaml
o modules/social_engineering/fake_flash_update/config.yaml
 2012-05-28 10:28:31 +09:30
Mike Haworth
dc040a51ac added fake flash player module and chrome extension 2012-05-28 00:17:53 +12:00
root
e4ea5dfff9 Closes #644 but needs to be tested on other browsers 2012-05-17 18:09:00 +02:00
bcoles
981b13ce7b Added huawei_smartax_mt880 CSRF module 2012-05-22 17:52:36 +09:30
bcoles
6739094f57 Added dlink_dcs_series_csrf module 2012-05-22 17:22:20 +09:30
bcoles
f8eba21cb4 Moved a few more modules and updated some module descriptions 2012-05-20 18:50:10 +09:30
bcoles
460b619cc1 Moved Router and Switch categories under Exploits category 
Added Social Engineering category
 2012-05-20 18:32:44 +09:30
Brendan Coles
56443cfdf4 Merge pull request #680 from bmantra/master 
module to change password of a netgear GS108t managed switch
 2012-05-19 21:14:16 -07:00
Brendan Coles
c92ef02a7a Merge pull request #679 from 0x7674/master 
'Clippy' Module
 2012-05-19 00:43:29 -07:00
vt
b8ba48af25 Updated module.rb with a more sane respawn time 2012-05-18 00:12:43 +12:00
vt
6ea46e72da Updated command.js to support IE6 properly 2012-05-18 00:12:03 +12:00
root
6279658888 integrated remarks from bcoles and antisnatchor 2012-05-17 04:57:38 +02:00
bcoles
74a3eef225 Moved mobilesafari_address_spoofing module to 
modules/browser/hooked_domain directory
 2012-05-17 08:53:01 +09:30
root
d354e66a3d Added module for GS108t managed switch 2012-05-17 00:47:33 +02:00
Christian Frichot
1a85b6bc92 Issue #650 - forgot the license on the js file - my bad 2012-05-16 22:41:51 +08:00
Christian Frichot
e8ea3a3cd7 Merge branch 'master' of github.com:beefproject/beef 2012-05-16 22:36:33 +08:00
Christian Frichot
8f1aae97c8 Fixes Issue #650 - iOS Safari Address Bar Spoofing Command Module 2012-05-16 22:36:21 +08:00
bcoles
594e745694 Added favicon support to deface_web_page and site_redirect_iframe modules 
Fixes issue #491
 2012-05-15 17:47:05 +09:30
antisnatchor
6eacf97b80 Moved "hooked_browser" category inside "Browser", now as a sub-category. 2012-05-12 12:13:57 +01:00
vt
9a5af8f7d1 Slightly less clunky js 2012-05-11 00:26:26 +12:00
antisnatchor
46a19ee0b9 Updated lynksys_wrt54g_xsrf (second one) to use the new beef.dom.createIframeXsrfForm JS api 2012-05-09 14:39:18 +01:00