Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,693 Commits 14 Branches 34 Tags
6e0f7a266edb9fe4b2ca0edd1fe400a74390df77
Commit Graph

63 Commits

Author SHA1 Message Date
bcoles
a172362452 Part of issue #862 - Add beef.debug() for client-side debugging 
Add `beef.debug()` function - wraps `console.log()`

Debug messages are suppressed for browsers which don't support `console.log()`

Update './core/*' to use `beef.debug()` instead of `console.log()`
Update './modules/*' to use `beef.debug()` instead of `console.log()`
Update './extensions/*' to use `beef.debug()` instead of `console.log()`

Add 'modules/debug/test_beef_debug/' module
 2013-04-15 16:49:01 +09:30
antisnatchor
222cff3f1d Added a README file for the JavaPaylod signed applet exploit. 2013-04-06 12:29:05 +01:00
gcatt
6abb21ac53 Module: Apache HTTP Server cookie disclosure (exploit) 2013-03-19 17:29:48 +01:00
bmantra
de2bd15769 module for m0n0wall csrf reverse root shell #824 2013-03-06 19:34:27 +01:00
bmantra
8cd570c62d pfsense reverse root shell exploit #812 2013-01-25 21:05:43 +01:00
bcoles
e275e4001c Add SQLiteManager XSS module 2013-01-07 12:30:24 +10:30
Wade Alcorn
fe40038441 Updated copyright year to 2013 2012-12-30 12:47:43 +10:00
bcoles
acb09efd32 Fixed a few typos in BeEFLive.sh 
Moved avant_steal_history module to 'browser' category
 2012-12-10 23:59:45 +10:30
Michele Orru
4d097aa55d Merge pull request #773 from malerisch/avant_browser 
Avant Browser History Stealing
 2012-12-05 15:39:00 -08:00
bcoles
75532ffe44 Add PHP 5.3.9 DoS (CVE-2012-0830) module 
Has not been tested
 2012-11-29 18:34:07 +10:30
Roberto Suggi Liverani
9546e88113 Avant Browser History Stealing 
Avant Browser History Stealing module - Advisory:
http://blog.malerisch.net/2012/11/avant-browser-same-of-origin-policy.html
 2012-11-28 14:11:04 +13:00
bcoles
05e31fd250 Add Zenoss 3.x command execution exploit 2012-11-11 21:40:50 +10:30
bcoles
f5b4a413f6 Added WAN Emulator command execution exploit 2012-11-04 17:37:42 +10:30
Wade Alcorn
d2188b230c More changed license headers 2012-11-02 15:27:01 +10:00
Wade Alcorn
b68df3d024 Changed license header 2012-11-02 14:05:15 +10:00
bcoles
210dc1366a Add QNX QCONN exploit 2012-10-27 18:55:33 +10:30
bcoles
7c7fc5ae6e Small modifications to a few modules 
Updated a few default IP addresses to 127.0.0.1

Updated a few module names

Fixed config.yaml whitespace bug
 2012-10-22 23:26:33 +10:30
antisnatchor
79bf6f4a9f Added BeEF_bind send_command module: this is used to communicate with the BeEF_bind shellcode (including in the IPEC admin_ui shell). 2012-10-22 16:07:31 +11:00
antisnatchor
e257f8bb52 Added BeEF_bind deployer module: send both shellcode stager and stage to a specific target. Eudora IMAP 3 (Win) is the only available exploit atm. 2012-10-22 16:03:47 +11:00
bmantra
03da56fc7d HP uCMDB CSRF add user module 2012-10-05 13:23:24 +02:00
bcoles
ba20f17831 Ugh. Apparently target can't be null. Fixed. 2012-09-30 18:50:28 +09:30
bcoles
a135e9f51f Update supported browsers for multiple modules 
Pretty Theft module does not work in IE

Multiple exploit modules haven't been tested
 2012-09-29 17:39:14 +09:30
bmantra
9b62ae83dc fix jboss exploit with forge_request 2012-09-18 20:59:54 +02:00
bcoles
9e47942d3f Added FreeNAS remote reverse root shell CSRF module 
For more information see: http://support.freenas.org/ticket/1788
 2012-09-09 21:05:16 +09:30
bcoles
384fe7bcab Fix issue #741 2012-09-07 23:00:24 +09:30
bcoles
a4e74aaad0 Added AlienVault OSSIM 3.1 XSS module 2012-07-24 10:55:28 +09:30
bcoles
7f0026fc79 Added Linksys WVC series wireless camera CSRF module 2012-07-15 19:18:37 +09:30
bcoles
40f7145531 Updated D-Link DIR-615 router module 2012-07-15 19:01:09 +09:30
bcoles
d8adf26827 Added Asmax AR-804gu Command Execution module 2012-07-15 00:49:19 +09:30
bcoles
c380ca75ed Added 3COM OfficeConnect Command Execution module 2012-07-15 00:16:11 +09:30
bcoles
9d2022531c Added Cisco E2400 CSRF router module 2012-07-14 22:44:58 +09:30
bcoles
29ba7dbf38 Added spaces to two config.yaml files 
Fixes bug with parsing yaml on some versions of Ruby
 2012-06-29 08:42:21 +09:30
antisnatchor
e54ec1e569 Updated authors, sorry dude (n0x00). issue #711 2012-06-28 13:28:18 +01:00
antisnatchor
2ef1492eed Added comment in config.yaml for #711 2012-06-28 09:55:44 +01:00
antisnatchor
cc29a4434f Added PAssword wipe XSRF for Dlink DIR-615 (issue #711) 2012-06-28 09:53:59 +01:00
bcoles
123b81b2b4 Updated virgin_superhub_csrf module 
Now disables firewall and enabled remote administration

Fixes issue #705
Fixes issue #706
Fixes issue #707
 2012-06-25 11:18:28 +09:30
bcoles
9440afacc9 Removed duplicate / from a few CSRF URLs 
Just in case it causes issues
 2012-06-25 00:57:26 +09:30
bcoles
7fde875d8a Changed default target IP address to http://192.168.100.1/ for the 
virgin_superhub_csrf module
 2012-06-24 22:21:19 +09:30
bcoles
ebe205ad36 Updated a couple of module configs 
modules/exploits/router/virgin_superhub_csrf/config.yaml
modules/misc/local_file_theft/config.yaml
 2012-06-24 20:44:06 +09:30
bcoles
1bf9061c1a Added a couple of CSRF modules: 
o ./modules/exploits/boastmachine_3_1_add_user_csrf/
	o ./modules/exploits/axous_1_1_1_add_user_csrf/

Updated a few exploit titles
 2012-06-24 17:10:37 +09:30
bcoles
771d6d60f9 Added Virgin Superhub CSRF module 
Fixes issue #703
 2012-06-24 15:22:35 +09:30
bcoles
40f8b528aa Moved a few modules from modules/exploits/ to modules/exploits/local_host: 
activex_command_execution
	mozilla_nsiprocess_interface
	window_mail_client_dos
	java_payload
	safari_launch_app

Added a couple of XSS modules:
	cisco_collaboration_server_5_xss
	serendipity_1.6_xss
 2012-06-24 03:10:54 +09:30
bcoles
853b4c5bcb Added Spring Framework Malicious JAR module 
Fixes issue #526
 2012-06-23 22:45:48 +09:30
bmantra
3accb24b2b Does not work in Opera due to cross domain issues. And cannot work in IE due to lack of sendAsBinary-functionality in xmlhttprequest. So removed the Base64-library and used atob instead. 2012-06-13 10:00:45 +02:00
bcoles
6f3298235f Added IE to not_working for glassfish_war_upload_xsrf module 2012-06-07 13:29:59 +09:30
bcoles
6396f7aa5a Fixes issue #688 
Added spaces to comma delemetered data in config.yaml files

This should fix an issue reported to affect Ruby 1.9.2
 2012-06-05 23:27:21 +09:30
root
8e7e546ef9 fixes #661 2012-06-03 19:53:33 +02:00
bcoles
981b13ce7b Added huawei_smartax_mt880 CSRF module 2012-05-22 17:52:36 +09:30
bcoles
6739094f57 Added dlink_dcs_series_csrf module 2012-05-22 17:22:20 +09:30
bcoles
f8eba21cb4 Moved a few more modules and updated some module descriptions 2012-05-20 18:50:10 +09:30