Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,031 Commits 14 Branches 34 Tags
4e3f0366bf4ebe0532012dc2d73d2e2e04e38ca1
Commit Graph

64 Commits

Author SHA1 Message Date
bcoles
ee1e29341e Move firefox extension modules to social engineering directory 2014-03-16 18:18:18 +10:30
antisnatchor
05979af3a2 Treating IE9 and 10 as the same for the ui_abuse_ie attack 2014-03-14 13:22:16 +00:00
antisnatchor
4a733a6f74 Finishing ui_abuse_ie module development. Minor fix on one animated gif remains. Tested on IE9/10 on Win7 successfully. 2014-03-13 17:37:04 +00:00
antisnatchor
d4fd537108 Continued working on ui_abuse_ie module 2014-03-12 20:58:39 +00:00
antisnatchor
14f1991542 Fixed config.yaml issue in ui_abuse_ie module. 2014-03-12 17:15:22 +00:00
antisnatchor
1c055febeb Working on new exploit module that abuses UI expectations on IE9/10 tricking the user to run a (signed) exe. Based on Rosario Valotta research. 2014-03-12 16:59:09 +00:00
bcoles
32d30a8176 Remove the method from a couple of 'beef.dom.createIframe' calls 
Part of issue #969
 2014-02-28 23:49:27 +10:30
Phil Grohe
f274001a65 Revised comments on beef.dom.createIframe() to reflect removal of 'method' parameter & form submitting behavior. Updated existing function calls to beef.dom.createIframe() to remove 'method' parameter. 2014-02-22 11:57:56 -05:00
Wade Alcorn
8003f1a47f Updated the copyright year to 2014 2014-01-01 16:34:15 +10:00
gcatt
612d0d91bb Module Update: Fake LastPass 
Updated Firefox frame in order to look more similar to the real one.
 2013-11-04 15:41:31 +01:00
bcoles
05502a3c91 fix bug preventing loading of 'replace_video_fake_plugin' module 2013-11-04 15:52:54 +10:30
gcatt
f1df608f64 Module Update: lcamtuf Download 
Updated Adobe Flash Player URL to the current one.
 2013-10-30 18:29:44 +01:00
gcatt
9987f0781f Module Update: Fake Flash Update 
Updated the prompted picture and part of the module.
 2013-10-30 17:05:01 +01:00
bcoles
09443675cc Fix bug in fake_notification_ff module 2013-10-12 00:43:54 +10:30
bcoles
21417dc3e2 Update BeEF server protocol for multiple modules to use 
`beef.http.https.enable`

Now uses the `beef.net.httpproto` value rather than a hard-coded
protocol string.

Part of issue #745
 2013-08-09 13:21:33 +09:30
Christian Frichot
7f64c94e03 New Module - Fake LastPass Dialog 2013-07-21 13:53:44 +08:00
bcoles
e88c3c1f86 Add fake_notification_c module 
Part of issue #695
 2013-07-05 01:17:20 +09:30
bcoles
b16d7e3563 Add fake_notification_ff module 
Rename fake_notification module to fake_notification_ie
 2013-07-04 23:12:01 +09:30
bcoles
1bddb00ec8 Add Replace Video (Fake Plugin) module 
Fix issue #695
 2013-07-04 11:54:52 +09:30
bcoles
da763df110 Uncommented several instances of beef.debug() - Part of issue #862 2013-04-17 22:12:35 +09:30
bcoles
a172362452 Part of issue #862 - Add beef.debug() for client-side debugging 
Add `beef.debug()` function - wraps `console.log()`

Debug messages are suppressed for browsers which don't support `console.log()`

Update './core/*' to use `beef.debug()` instead of `console.log()`
Update './modules/*' to use `beef.debug()` instead of `console.log()`
Update './extensions/*' to use `beef.debug()` instead of `console.log()`

Add 'modules/debug/test_beef_debug/' module
 2013-04-15 16:49:01 +09:30
Christian Frichot
fad33dfea7 Fixes #877. New IE Fake Notification Bar Module 2013-04-08 19:36:02 +08:00
Christian Frichot
2ef1b5bab8 Updates gmail phishing command module. Fixes #873 2013-04-06 15:54:55 +08:00
Christian Frichot
07fe3a9c0e Updates to tabnabbing module to use jQuerys wider event handling. #868 2013-04-04 21:33:43 +08:00
Christian Frichot
ae98842ad4 Tiny fix to Clippy so it appears properly. #866 2013-04-04 19:37:08 +08:00
antisnatchor
de1de356f7 Added GoogleWebStore module.rb option. Modified link opener to support data URI injections. 2013-03-12 10:57:07 +00:00
bcoles
4718075b2c Add Yammer template to Pretty Theft module 2013-02-19 16:01:10 +10:30
bcoles
753a78f5fc Add YouTube template to Pretty Theft module 2013-02-19 15:19:27 +10:30
antisnatchor
074a11c85a Updated Chrome sample extension with latest requirements (CSP/version/etc.). Not it works on latest Chrome. Also Updated the fake_flash_update description with more info. 2013-02-12 10:53:19 +00:00
bcoles
19d1827c36 Add 'Steal Autocomplete' module 
Part of issue #601
 2013-02-03 08:51:04 +10:30
Wade Alcorn
fe40038441 Updated copyright year to 2013 2012-12-30 12:47:43 +10:00
Jean-Louis Huynen
6e44d5c641 remove hardcoded linked image to an inline one in credential.js template- (this template need some work btw) 2012-11-19 11:14:24 +01:00
Wade Alcorn
d2188b230c More changed license headers 2012-11-02 15:27:01 +10:00
Wade Alcorn
23f09b919f Changed license header 2012-11-02 14:26:10 +10:00
Wade Alcorn
b68df3d024 Changed license header 2012-11-02 14:05:15 +10:00
antisnatchor
636fee9607 Modified Fake_flash_update module (with drop-down menu) to support Firefox Extension delivery. 2012-10-22 17:25:16 +11:00
Jean-Louis Huynen
7e43e15838 modified config.yaml of simple_hijacker to activate chromecertbeggar2.js template 2012-10-01 16:11:18 +02:00
Jean-Louis Huynen
104f8189d3 added chromecertbeggar2.js 2012-10-01 16:06:45 +02:00
bcoles
a135e9f51f Update supported browsers for multiple modules 
Pretty Theft module does not work in IE

Multiple exploit modules haven't been tested
 2012-09-29 17:39:14 +09:30
Brendan Coles
256f63d28a Merge pull request #748 from pwndizzle/master 
Update to Pretty_Theft module
 2012-09-23 00:18:49 -07:00
bcoles
95f5d78acc Update supported browsers for lcamtuf download module 
Opera blocks the `data:` URL popup by default.

Safari is no longer listed as either supported nor unsupported pending
further testing.
 2012-09-23 16:04:25 +09:30
pwndizzle
483683ca78 Added Facebook and Linkedin popups, also some code/logic improvements 2012-09-22 18:38:09 +08:00
Jean-Louis Huynen
68bfb46bc7 remplace setInterval by setTimeout in chromecerbeggar.js template 2012-09-20 11:26:27 +02:00
Rich Lundeen
0b852dd308 Made namespaces consistent and expanded body 
Adding feedback I missed earlier regarding namespaces. Also since
we're using body instead of window (for IE support), expanding the
body so that the mouse follows everywhere.
 2012-09-11 23:17:50 -07:00
Rich Lundeen
2720a5a8b9 Better reliability in IE 2012-09-11 13:09:37 -07:00
Rich Lundeen
bcf842587f Fixed several minor bugs 2012-09-10 15:36:57 -07:00
Rich Lundeen
cef72c9518 Improved Clickjacking Module 
Rewrite of bcole's module. Adds support for multiple clicks, Javascript
event feedback, some basic framebusting evasion, and IE support
 2012-09-10 14:25:46 -07:00
Jean-Louis Huynen
716e7fe712 Change stupid code that made this module unusable with the API to something less stupid (i hope) 2012-09-05 15:16:21 +02:00
Jean-Louis Huynen
05d7fe3adf Adding the Simple Hijacker module in social engineering (route clicks on some links to javascript code) 2012-09-04 17:47:59 +02:00
bcoles
57f68725bc Moved lcamtuf download module to social engineering category 2012-08-25 18:54:15 +09:30