Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,135 Commits 14 Branches 34 Tags
2c19a3a8d8dde58fe14ca2406bbaba3d5b0beb9d
Commit Graph

133 Commits

Author SHA1 Message Date
antisnatchor
2c19a3a8d8 Fixed issue when hooking a browser that contains other cookies than BEEFHOOK. now "alive" send back only the BeEF session value 2012-05-02 14:01:04 +03:00
antisnatchor
9ae0929a8c Merge remote-tracking branch 'upstream/master' 2012-05-02 13:04:51 +03:00
bcoles
75cf67a6c4 Re-categorized some modules 
Fixed a couple of typos
 2012-04-27 10:35:17 +09:30
bcoles
b5b5f0cd1a Fixed bug in IE version detection 2012-04-23 14:44:03 +09:30
antisnatchor
6cb8eb68fe Fixed bug on IE9 detection 2012-04-22 13:17:55 +01:00
Graziano Felline
97c2649e36 Corrected issues on IE browser (IE8 IE9) to check IE6 -IE7 
Corrected Issues whit character encoding
 2012-04-20 19:17:34 +02:00
antisnatchor
f8cd395e21 Added additional check on pathname for XssRays Issue 657 2012-04-20 11:40:28 +01:00
Graziano Felline
c83e7d584e Now the Alive check is by ws Timer 5 second 
Tested And work
 2012-04-19 19:30:19 +02:00
antisnatchor
cf3587e2b1 Fix issue 657: the damn IE doesn't contain a forward slash on pathname 2012-04-19 18:08:16 +01:00
Graziano Felline
656262c0f4 Basic response recv system implemented 
todo ping-pong for alive host. thread's content is  in websocket.rb
todo setting up a separate handler for via ws answer's
 2012-04-18 12:00:17 +02:00
antisnatchor
2198c69aa8 Merge remote-tracking branch 'upstream/master'. Fixed conflicts on config.yaml. 2012-04-14 20:44:17 +01:00
Graziano Felline
2755c6449c Deleted some stuff that does not work correctly in old browser (IE 8) 
Better check for FF
Cleand up inside the code
 2012-04-14 19:42:53 +02:00
antisnatchor
185b1be30f Fixed issue with command execution. Now commands are executed correctly via WebSocket. 2012-04-13 13:35:29 +01:00
Graziano Felline
65138db207 Commands are now sent through websocket 
Trouble with eval function in websocket.js
 2012-04-13 12:45:48 +02:00
Graziano Felline
23f782b8d8 Hook.js load websocket.js only if specifield in beef configuration file 
if websocket is disabled all work normally
 if websocket is enabled have trouble in command.rb
 2012-04-12 19:01:49 +02:00
bcoles
0c0027e06f Event Logger now logs form submissions 
Fixes issue #141
 2012-04-12 12:27:28 +09:30
Graziano Felline
af9b3c97b5 Added polling stop if websocket is up in updater.js 
added hash for websocket in websocket.rb
added check for websocket existence in command.rb and net.js
added a POC onmessage function in websocket.js
added check for websocket support in init.js
added a POC send to send command output to server in beef.js
 2012-04-11 20:52:47 +02:00
bcoles
6af55c7e33 Event Logger now logs clipboard events (in IE6 only) 
Fixes issue# 653

Tidied up the 'submit' handler a bit. Part of issue #141
 2012-04-11 14:06:56 +09:30
Graziano Felline
302512e172 Added FF11 support 2012-04-08 13:21:12 +02:00
Graziano Felline
85b3a59441 The connection and helo to server correctly work. 2012-04-08 12:46:57 +02:00
antisnatchor
8f7caff30f changed websocket.js structure with closures. 2012-04-07 14:19:56 +01:00
antisnatchor
296d0161c9 fixed issue with FF detectionon websockets 2012-04-07 13:48:10 +01:00
antisnatchor
faae01a9aa Changed default websocket port 2012-04-07 13:34:21 +01:00
Graziano Felline
bcd0ff154f Added websocket.js in beefjs.rb 2012-04-07 14:20:47 +02:00
Graziano Felline
d3e2e1eb30 Inserted module in bootstrap 2012-04-07 12:56:06 +02:00
Graziano Felline
736c81573e Setting up structures and server/client environment. 
A lot of TODO
 2012-04-06 02:21:40 +02:00
bcoles
cce8cf451c Added XssRays vectors: 
o URL encoded
	o Double URL encoded
	o Double nibble URL encoded

Fixes issue #65

Part of issue #47
 2012-04-05 14:26:30 +09:30
bcoles
f852b87b2b Added detection for Chrome 18 and 19 2012-04-05 12:45:10 +09:30
bcoles
2bca21a41d Minor updates to XSSRays 
Part of issue #47
 2012-03-26 16:29:15 +10:30
bcoles
45475d625b Updated IE version detection 
No longer modifies the DOM for every call to:
	`isIE8()`
	`isIE9()`
	`isIE()`
 2012-03-22 19:27:36 +10:30
bcoles
5329d5c147 Added support for Firefox 11 2012-03-16 13:11:20 +10:30
bcoles
e52779e72e Fixed javaEnabled() in BeEF hook 
- It was breaking the hook in IE6

Also fixed a couple of typos in the Local File Theft module description
 2012-03-16 12:40:13 +10:30
Graziano Felline
b02bdbaaa7 ISSUE 625 - corrected the bug. Added li's elements poison 2012-03-14 15:41:10 +01:00
Graziano Felline
8795c5770a ISSUE 625 - corrected the bug. Added li's elements poison 2012-03-14 15:34:46 +01:00
bcoles
6ef889b0b1 Removed Java from hook initialization: 
- Removed has_java
	- Removed internal_ip
	- Removed internal_hostname

Added function `beef.browser.javaEnabled()`

Patched function `beef.browser.hasJava()`
	- should no longer break the hook in Chrome/Safari

Added `not_working` browsers to History Extraction module
 2012-03-13 00:19:01 +10:30
bcoles
9735a7b66f Merge branch 'master' of https://github.com/beefproject/beef 2012-03-12 11:41:08 +10:30
radoen
a0c11fa695 Added support to intercept dynamic requests 2012-03-11 10:26:56 +01:00
unknown
dbd6baa7b0 Temporary fix to prevent hook error on Safari. I will implement a final fix tomorrow. 2012-03-07 16:19:06 +01:00
antisnatchor
8c3afcf2b9 Minor changes related to Java detection with the unsigned applet: if the browser is Chrome, we simply rely on window.navigator. 2012-03-06 19:56:58 +01:00
Keith Lee
cc9756cf59 Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:46:51 +08:00
Keith Lee
97672966df Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:41:27 +08:00
Mike Haworth
5e138395d4 Partial fix for issue #100, now detects build version of flash 2012-02-18 14:17:12 +13:00
antisnatchor
5bc6745e03 Fixed issue 66: base64'ed the iframe src in case of Chrome/Safari to bypass the webkit anti-XSS filter 2012-02-15 16:01:46 +01:00
antisnatchor
58f2b4f7a1 Added detection of Chrome 17 2012-02-15 16:01:45 +01:00
antisnatchor
1d74d7eeab Fixed a serious bug in beef.net.request when sending cross-domain POST data. jQuery is automatically changing the method to GET if the dataType (that was hardcoded in our code) is set to 'script'. 2012-02-15 16:00:38 +01:00
bcoles
a6986e3960 Added detection for Chrome 16, updated Chrome Extensions modules and 
split the Details tab "Browser Hook Initialization" into "Hooked Page",
"Browser" and "Host"
 2012-01-04 18:52:34 +10:30
Wade Alcorn
06899ca267 Year updated from 2011 to 2012 2011-12-31 22:24:36 +10:00
bcoles
2439c9d61c Added Page URI to browser hook initialization details 
Fixes issue 543
 2011-12-28 08:47:07 +10:30
bcoles
33289bc023 Fixed bug in cross-domain request detection 
Same-domain requests on a non-standard HTTP port were incorrectly
identified as cross-domain requests
 2011-12-27 17:56:18 +10:30
bcoles
74ec478449 Added allow_cross_domain to the request object 
By default all requests use allow_cross_domain = "true"

The Proxy component uses allow_cross_domain = "false"

The Forge Request component uses allow_cross_domain = "true"

Fixes issue 87
 2011-12-25 17:37:32 +10:30