Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,062 Commits 14 Branches 34 Tags
5d3df16dc7a7e0864aba16da2fad7f228b442c63
Commit Graph

660 Commits

Author SHA1 Message Date
Brendan Coles
a317b223ca Update description 2014-04-25 03:52:57 +10:00
RootPrivileges
5ddb88db73 Add a Windows prompt to the pretty_theft module 2014-04-14 10:23:30 +01:00
ecneladis
6044de5604 Adding module for getting battery status 2014-03-24 12:46:43 +01:00
bcoles
7d6eb4b714 Add 'beef.os.getDefaultBrowser' 2014-03-20 02:49:08 +10:30
bcoles
97898d453c Moved Detect Default Browser module to Host category 2014-03-20 00:58:16 +10:30
bcoles
fab0bf6b24 Add Detect HP module 2014-03-20 00:52:25 +10:30
bcoles
4a603b9f00 Add IE10 resource URL browser fingerprint 2014-03-19 23:49:21 +10:30
bcoles
ee1e29341e Move firefox extension modules to social engineering directory 2014-03-16 18:18:18 +10:30
antisnatchor
05979af3a2 Treating IE9 and 10 as the same for the ui_abuse_ie attack 2014-03-14 13:22:16 +00:00
antisnatchor
4a733a6f74 Finishing ui_abuse_ie module development. Minor fix on one animated gif remains. Tested on IE9/10 on Win7 successfully. 2014-03-13 17:37:04 +00:00
antisnatchor
d4fd537108 Continued working on ui_abuse_ie module 2014-03-12 20:58:39 +00:00
antisnatchor
14f1991542 Fixed config.yaml issue in ui_abuse_ie module. 2014-03-12 17:15:22 +00:00
antisnatchor
1c055febeb Working on new exploit module that abuses UI expectations on IE9/10 tricking the user to run a (signed) exe. Based on Rosario Valotta research. 2014-03-12 16:59:09 +00:00
Kosta Xynos
44058f0025 Remove stuck iframes and get html from page and iframes modules 2014-03-09 21:55:21 +00:00
Kosta Xynos
25550f9cfa Add Asus RT-N66U and DSL-N66U Command Execution via CSRF support 2014-03-06 16:20:44 +00:00
bcoles
32d30a8176 Remove the method from a couple of 'beef.dom.createIframe' calls 
Part of issue #969
 2014-02-28 23:49:27 +10:30
Phil Grohe
f274001a65 Revised comments on beef.dom.createIframe() to reflect removal of 'method' parameter & form submitting behavior. Updated existing function calls to beef.dom.createIframe() to remove 'method' parameter. 2014-02-22 11:57:56 -05:00
bcoles
563296f67b Add malicious FF extension (reverse shell) module 2014-01-27 08:30:37 +10:30
bcoles
d230cfa593 trivial edits for consistency 2014-01-27 07:29:00 +10:30
bcoles
2b44c9184d Add malicious FF bindshell module 2014-01-27 07:21:44 +10:30
bmantra
0e57fb0be1 Inital version of CookieJar overflow module. And minor bugfix of active fax overflow module. 2014-01-19 19:58:14 +01:00
bcoles
83ed8558b7 Add encoding type argument 'enctype' to 'createIframeXsrfForm()' 2014-01-12 02:34:24 +10:30
bcoles
e50d681a64 Add BozoCrack module 2014-01-11 23:27:13 +10:30
bcoles
1f83c2a63f Add Redis IPEC module 2014-01-08 22:22:22 +10:30
bcoles
7c977ef1aa Move 'modules/exploits/sqlitemanager_xss/' to 'modules/exploits/xss/' directory 2014-01-04 11:48:10 +10:30
bcoles
f97087c37a Change hard-coded 'hook.js' to 'beef.http.hook_file' 2014-01-04 11:33:58 +10:30
Wade Alcorn
8003f1a47f Updated the copyright year to 2014 2014-01-01 16:34:15 +10:00
bcoles
b307891364 Add 'IE MS13-069 CCaret Use-After-Free' exploit module from MSF 2013-12-30 22:53:18 +10:30
bcoles
f0d989f6e9 Update description 2013-12-30 22:48:51 +10:30
bcoles
fe37a14adc Add 'IE MS12-004 midiOutPlayNextPolyEvent Heap Overflow' exploit module from MSF 2013-12-30 10:59:25 +10:30
bcoles
bece5c1438 Add wifi_pineapple_csrf module (untested and disabled) 2013-12-30 07:58:07 +10:30
bcoles
1862870b11 Get all input fields 
Update 'Get Form Values' module to retrieve all input fields
on the hooked page - not just input fields inside of form elements.

This makes more sense.
 2013-12-30 07:19:37 +10:30
bcoles
02e6d4db11 Rescue StandardError rather than Exception 2013-12-30 06:41:07 +10:30
bmantra
94e98f2fbb 2 seconds is more than enough to send a fax :p 2013-11-29 21:25:35 +01:00
bmantra
7afa52ec99 add module for Cross-Site Faxing (XSF) 2013-11-29 21:06:36 +01:00
bmantra
d7116b8f08 add IPE with ActiveFax 5.01 2013-11-29 19:18:37 +01:00
gcatt
612d0d91bb Module Update: Fake LastPass 
Updated Firefox frame in order to look more similar to the real one.
 2013-11-04 15:41:31 +01:00
bcoles
05502a3c91 fix bug preventing loading of 'replace_video_fake_plugin' module 2013-11-04 15:52:54 +10:30
gcatt
f1df608f64 Module Update: lcamtuf Download 
Updated Adobe Flash Player URL to the current one.
 2013-10-30 18:29:44 +01:00
gcatt
9987f0781f Module Update: Fake Flash Update 
Updated the prompted picture and part of the module.
 2013-10-30 17:05:01 +01:00
bcoles
41bfb8e995 Fix bug with Unity Web Player detection 
Fix issue #910
 2013-10-17 17:54:16 +10:30
gcatt
d4c69f2bfd Module: Detect Unity Web Player 2013-10-15 15:47:47 +02:00
bcoles
8e6751611d Add beef.browser.getPageHead() and beef.browser.getPageBody() 
Update 'Get Page HTML' module to use these functions

Tested on IE6, FF22, C28

Fix issue #518
 2013-10-13 03:37:15 +10:30
bcoles
09443675cc Fix bug in fake_notification_ff module 2013-10-12 00:43:54 +10:30
bcoles
70cac51a5d Add error check for missing dropper 2013-10-11 23:14:56 +10:30
antisnatchor
050da281ac Modified Gemfile. Added missing directory for Firefox Extension dropper module. 2013-10-10 20:47:14 +01:00
antisnatchor
5dd46ffd72 From antisnatchor with love. New module: malicious Firefox Extension dropper. Based on @mihi42 FF extension. 2013-10-10 15:18:03 +01:00
antisnatchor
b280d099f8 From antisnatchor with love. New module: Signed Java Applet dropper (win only for now). 2013-10-08 17:02:02 +01:00
bmantra
fa95ac5b55 initial commit of the beef bind shellcode 2013-09-28 21:18:23 +02:00
bcoles
5942138aba Update spyder eye module 
* file error handling
* render the screenshot in the admin UI
* log screenshot filename to master logs
 2013-09-12 18:29:56 +09:30