Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,967 Commits 14 Branches 34 Tags
3e1266fe42909ae7bb39049b6b0d1dcabaea96fb
Commit Graph

2967 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bucky Wilson
3e1266fe42 FIXED #1333 Rate limit calls. 
Clean-up duplicate functionality.
EOL whitespace removed

Changes to be committed:
	modified:   extensions/admin_ui/controllers/authentication/authentication.rb
 2017-11-24 17:05:22 +10:00
Bucky Wilson
2f749b78c9 1333: Rate Limit API - 1 in user defined value 
Allow api connection every api_attempt_delay milliseconds.
Currently 50 mSec

Uses the same process as ui/admin rate limiting.

Changes to be committed:
	modified:   config.yaml
	modified:   core/main/rest/api.rb
	modified:   core/main/router/router.rb
 2017-11-24 17:00:58 +10:00
Bucky Wilson
1f7565e417 Gemfile - whitespace, added dev group: pry 2017-11-24 09:26:29 +10:00
Bucky Wilson
1fe6ee1dcb And then removing these lines - still no error 
Error maynot be solved by the introduction of db_pool/db_timeout
Restarting - may resolve issues.
 2017-11-21 13:52:18 +10:00
Bucky Wilson
1ba0ddfefb Fixed: 'DataObjects::ConnectionError - database is locked:' error 
Getting error using sqlite database.
Added: db_pool, and db_timeout to correct.
 2017-11-21 13:47:51 +10:00
Brendan Coles
22e7ded355 Merge pull request #1458 from Und3rf10w/pushover 
Add error messages to pushover notification channel
 2017-10-17 11:32:00 +11:00
Jonathan Echavarria
3e34834c78 Fixed rescuing Exception 2017-10-16 11:19:32 -04:00
Jonathan Echavarria
509d1ac086 Fixing typo 2017-10-16 11:10:29 -04:00
Jonathan Echavarria
7099238f15 added error notifications to pushover notification channel 2017-10-16 11:04:13 -04:00
Brendan Coles
45fd6abade Merge pull request #1457 from bcoles/slack_notifications 
Add Slack notifications to Notifications extension
 2017-10-15 22:21:03 +11:00
Brendan Coles
c62050249d Add Slack notifications to Notifications extension 2017-10-15 11:18:40 +00:00
Brendan Coles
7b682bde4b Merge pull request #1452 from Und3rf10w/pushover 
Add Pushover notification channel
 2017-10-15 21:44:57 +11:00
Brendan Coles
9d8a311e72 Add geoip dependency to BrowserDetails 2017-10-15 09:27:00 +00:00
Brendan Coles
2749d6620a Add rubydns dependency to extension 2017-10-15 08:56:19 +00:00
Brendan Coles
e1760d74c8 Remove gem deps from core/loader 2017-10-15 08:47:13 +00:00
Brendan Coles
6c21da3cf5 Add rushover dependency to Gemfile 2017-10-15 06:02:07 +00:00
Brendan Coles
16973ccd48 Add Coinhive Miner ARE rule 2017-10-14 17:01:25 +00:00
Brendan Coles
8905ea2ce4 Update dependencies 2017-10-14 16:42:20 +00:00
Brendan Coles
f4cca7a479 Fix IE plugin detection 2017-10-14 15:59:11 +00:00
Brendan Coles
68099ddf17 Add checks for mobile devices and browser capabilities 2017-10-14 12:32:57 +00:00
Brendan Coles
b700039979 Update hardware detection 2017-10-14 09:48:03 +00:00
Brendan Coles
dbb5055391 Update mdetect library 2017-10-14 09:22:34 +00:00
Brendan Coles
118fcc7d6f Add mode option 2017-10-14 08:10:06 +00:00
Brendan Coles
9bbf92de68 Fix #1453 2017-10-13 16:22:34 +00:00
Brendan Coles
45847d139f Merge pull request #1454 from bcoles/coinhive_miner 
Add Coinhive Miner module
 2017-10-14 03:06:49 +11:00
Brendan Coles
c1a7cd11bd Add Coinhive Miner module 2017-10-13 16:02:47 +00:00
Jonathan Echavarria
63e9e72194 add gem install warning to notifications config 2017-10-05 09:47:43 -04:00
Jonathan Echavarria
1b5e56e4a6 removed debug line from pushover notification channel 2017-10-05 09:45:59 -04:00
Jonathan Echavarria
27d1166869 set pushover to be disabled by default 2017-10-05 09:44:35 -04:00
Jonathan Echavarria
409d9962bb modified the notifications extenion to add pushover support 2017-10-05 09:43:11 -04:00
Jonathan Echavarria
d47303f0e7 changed config.yaml to add pushover support 2017-10-05 09:40:36 -04:00
Jonathan Echavarria
c01febbe9b added pushover channel 2017-10-05 09:39:39 -04:00
Brendan Coles
16647337e7 Add support for Firefox 56 2017-10-01 05:43:45 +00:00
Brendan Coles
75247c60a1 Merge pull request #1448 from wanton1950/1444_high_risk 
#1444 high risk
 2017-09-25 16:19:42 +10:00
Bucky Wilson
60108af685 Passphrase issues made clearer. 2017-09-25 15:24:14 +10:00
Bucky Wilson
b7fc40247c Capture limited password stupidity 2017-09-25 12:24:23 +10:00
Bucky Wilson
675c6a9edb Create temporary password in-lieu of using default 2017-09-25 12:00:32 +10:00
Brendan Coles
de144a0e45 Move credentials to top of config.yaml file 2017-09-24 15:15:55 +10:00
Brendan Coles
82172351e1 Add link to wiki configuration page 2017-09-24 14:49:35 +10:00
Brendan Coles
69aa2a31c1 Merge pull request #1437 from beefproject/revert-1436-patch-1 
Revert "html_escape prevent code execution ."
 2017-08-30 16:25:23 +10:00
Brendan Coles
0311b317b7 Revert "html_escape prevent code execution ." 2017-08-30 16:25:04 +10:00
Brendan Coles
aa3c0932ce Use in msf-exploits.cache path 2017-08-29 07:24:03 +00:00
Brendan Coles
9ab7461ac5 Merge pull request #1436 from touhidshaikh/patch-1 
html_escape prevent code execution .
 2017-08-29 17:00:53 +10:00
Brendan Coles
e52a1af148 Merge pull request #1434 from gregmolnar/edge_detection 
detect microsoft edge
 2017-08-29 16:56:42 +10:00
Touhid M Shaikh
098b9a24bf html_escape prevent code execution . 
I noticed when i put HTML content in "beef-xss/config.yaml" file in Version Field.
And Restart Beef(beef_start.png) and Go to Admin Panel in my browser, then my html interpreter and execute.
This issue occurs bcz of "/beef-xss/extensions/admin_ui/controllers/panel/index.html" in this file insecure code implementetion.

NOW html_escape prevent code execution.
 2017-08-25 15:41:31 +05:30
Greg Molnar
2d7cfd73f4 detect microsoft edge 2017-08-23 13:37:38 +02:00
Brendan Coles
f245d12da3 Downgrade therubyracer to 1.12.2 2017-08-15 10:35:35 +00:00
Brendan Coles
c86bdc2cfe Merge pull request #1429 from fabianfrz/fabianfrz-fix-gemfile 
fix gemfile; closes #1428
 2017-08-15 19:59:57 +10:00
Fabian Franz
12800215f9 fix gemfile 2017-08-15 11:03:21 +02:00
Brendan Coles
b58875c952 Add support for Firefox 54 and 55 2017-08-12 02:19:26 +00:00