Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,824 Commits 14 Branches 34 Tags
71a67defd48a2da48ebc3048b6172d26bbf58014
Commit Graph

80 Commits

Author SHA1 Message Date
bmantra
fa95ac5b55 initial commit of the beef bind shellcode 2013-09-28 21:18:23 +02:00
bcoles
21417dc3e2 Update BeEF server protocol for multiple modules to use 
`beef.http.https.enable`

Now uses the `beef.net.httpproto` value rather than a hard-coded
protocol string.

Part of issue #745
 2013-08-09 13:21:33 +09:30
bmantra
164ff5bea6 added option for LF only, to use with Linux 2013-06-28 20:42:53 +02:00
Christian Frichot
473f349394 Missing apostrophe in PHP-5.3.9-dos module.rb. This was breaking Rake. Make sure you run rake peeps before pushing! 2013-06-15 13:48:05 +08:00
bcoles
d40486c391 Add airlive_ip_camera_csrf module 2013-06-14 15:28:35 +09:30
James Otten
f2efa533c8 Added Actiontec Q1000 CSRF module 2013-05-30 15:49:47 -05:00
bcoles
1dc59f7b01 Add D-Link ShareCenter command execution exploit module 2013-05-27 13:50:12 +09:30
bcoles
ff620d42f4 Add belkin_dns_csrf DNS hijack module 
Part of issue #538
 2013-05-27 12:50:06 +09:30
bcoles
61e6337046 Remove zenoss_daemon_csrf module 2013-05-27 12:14:27 +09:30
bcoles
639d0611a6 Add command_id to embedded iframe/img IDs for router exploits 
This prevents a race condition where duplicate iframes/imgs are
created if a module is run twice simultaneously. The second iframe/img
was not being removed during `cleanup()`.
 2013-05-27 11:56:01 +09:30
bcoles
704b979054 minor syntax changes to php-5.3.9-dos module 2013-05-26 02:48:04 +09:30
bcoles
0dfab0e348 Add EXTRAnet Collaboration Tool Command Execution exploit module 2013-05-24 16:40:02 +09:30
bcoles
018a849e14 Add 'path' argument for beef.dom.createIframeIpecForm() 2013-05-24 14:01:21 +09:30
bcoles
717f63ff0c Add ruby-nntpd Command Execution exploit module 2013-05-24 13:50:04 +09:30
bcoles
2dae1d4c07 Add /bin/sh -c to default command 2013-05-22 14:37:01 +09:30
bcoles
7de48ceafb Add GroovyShell Server Command Execution IPEC exploit module 2013-05-22 02:32:27 +09:30
bcoles
59951959f1 Add Opencart password reset CSRF module 
This module hasn't been tested against an Opencart instance
 2013-04-19 09:18:05 +09:30
bcoles
a172362452 Part of issue #862 - Add beef.debug() for client-side debugging 
Add `beef.debug()` function - wraps `console.log()`

Debug messages are suppressed for browsers which don't support `console.log()`

Update './core/*' to use `beef.debug()` instead of `console.log()`
Update './modules/*' to use `beef.debug()` instead of `console.log()`
Update './extensions/*' to use `beef.debug()` instead of `console.log()`

Add 'modules/debug/test_beef_debug/' module
 2013-04-15 16:49:01 +09:30
antisnatchor
222cff3f1d Added a README file for the JavaPaylod signed applet exploit. 2013-04-06 12:29:05 +01:00
gcatt
6abb21ac53 Module: Apache HTTP Server cookie disclosure (exploit) 2013-03-19 17:29:48 +01:00
bmantra
de2bd15769 module for m0n0wall csrf reverse root shell #824 2013-03-06 19:34:27 +01:00
bmantra
8cd570c62d pfsense reverse root shell exploit #812 2013-01-25 21:05:43 +01:00
bcoles
e275e4001c Add SQLiteManager XSS module 2013-01-07 12:30:24 +10:30
Wade Alcorn
fe40038441 Updated copyright year to 2013 2012-12-30 12:47:43 +10:00
bcoles
acb09efd32 Fixed a few typos in BeEFLive.sh 
Moved avant_steal_history module to 'browser' category
 2012-12-10 23:59:45 +10:30
Michele Orru
4d097aa55d Merge pull request #773 from malerisch/avant_browser 
Avant Browser History Stealing
 2012-12-05 15:39:00 -08:00
bcoles
75532ffe44 Add PHP 5.3.9 DoS (CVE-2012-0830) module 
Has not been tested
 2012-11-29 18:34:07 +10:30
Roberto Suggi Liverani
9546e88113 Avant Browser History Stealing 
Avant Browser History Stealing module - Advisory:
http://blog.malerisch.net/2012/11/avant-browser-same-of-origin-policy.html
 2012-11-28 14:11:04 +13:00
bcoles
05e31fd250 Add Zenoss 3.x command execution exploit 2012-11-11 21:40:50 +10:30
bcoles
f5b4a413f6 Added WAN Emulator command execution exploit 2012-11-04 17:37:42 +10:30
Wade Alcorn
d2188b230c More changed license headers 2012-11-02 15:27:01 +10:00
Wade Alcorn
b68df3d024 Changed license header 2012-11-02 14:05:15 +10:00
bcoles
210dc1366a Add QNX QCONN exploit 2012-10-27 18:55:33 +10:30
bcoles
7c7fc5ae6e Small modifications to a few modules 
Updated a few default IP addresses to 127.0.0.1

Updated a few module names

Fixed config.yaml whitespace bug
 2012-10-22 23:26:33 +10:30
antisnatchor
79bf6f4a9f Added BeEF_bind send_command module: this is used to communicate with the BeEF_bind shellcode (including in the IPEC admin_ui shell). 2012-10-22 16:07:31 +11:00
antisnatchor
e257f8bb52 Added BeEF_bind deployer module: send both shellcode stager and stage to a specific target. Eudora IMAP 3 (Win) is the only available exploit atm. 2012-10-22 16:03:47 +11:00
bmantra
03da56fc7d HP uCMDB CSRF add user module 2012-10-05 13:23:24 +02:00
bcoles
ba20f17831 Ugh. Apparently target can't be null. Fixed. 2012-09-30 18:50:28 +09:30
bcoles
a135e9f51f Update supported browsers for multiple modules 
Pretty Theft module does not work in IE

Multiple exploit modules haven't been tested
 2012-09-29 17:39:14 +09:30
bmantra
9b62ae83dc fix jboss exploit with forge_request 2012-09-18 20:59:54 +02:00
bcoles
9e47942d3f Added FreeNAS remote reverse root shell CSRF module 
For more information see: http://support.freenas.org/ticket/1788
 2012-09-09 21:05:16 +09:30
bcoles
384fe7bcab Fix issue #741 2012-09-07 23:00:24 +09:30
bcoles
a4e74aaad0 Added AlienVault OSSIM 3.1 XSS module 2012-07-24 10:55:28 +09:30
bcoles
7f0026fc79 Added Linksys WVC series wireless camera CSRF module 2012-07-15 19:18:37 +09:30
bcoles
40f7145531 Updated D-Link DIR-615 router module 2012-07-15 19:01:09 +09:30
bcoles
d8adf26827 Added Asmax AR-804gu Command Execution module 2012-07-15 00:49:19 +09:30
bcoles
c380ca75ed Added 3COM OfficeConnect Command Execution module 2012-07-15 00:16:11 +09:30
bcoles
9d2022531c Added Cisco E2400 CSRF router module 2012-07-14 22:44:58 +09:30
bcoles
29ba7dbf38 Added spaces to two config.yaml files 
Fixes bug with parsing yaml on some versions of Ruby
 2012-06-29 08:42:21 +09:30
antisnatchor
e54ec1e569 Updated authors, sorry dude (n0x00). issue #711 2012-06-28 13:28:18 +01:00