Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,004 Commits 14 Branches 34 Tags
8ea4e7773a69c2469d3eb63c755d476d2486b2d8
Commit Graph

683 Commits

Author SHA1 Message Date
Brendan Coles
d1f114d103 Add X-Frame-Options to admin UI 2018-02-10 06:24:24 +00:00
Brendan Coles
67e3605e16 Encourage reading 2018-02-10 05:48:40 +00:00
Matthew C Jones
870afd617e add https support to bind_powershell 2018-01-17 18:37:16 -05:00
Bucky Wilson
190b425a30 Update epiphany browser icon, and let it be seen 
New epiphany icon from : https://wiki.gnome.org/Apps/Web
Resized to 10% for space.

Added discovery details, to constants and models.

    modified:   core/main/models/browserdetails.rb
    modified:   extensions/admin_ui/constants/agents.rb
    modified:   extensions/admin_ui/media/images/icons/epiphany.png
 2018-01-06 13:12:46 +10:00
Wade Alcorn
fca5279f17 Updated Copyright dates 2018-01-04 09:12:47 +10:00
Brendan Coles
903d364450 Remove experimental extensions from config.yaml 2017-12-08 18:14:32 +00:00
Jonathan Echavarria
3e34834c78 Fixed rescuing Exception 2017-10-16 11:19:32 -04:00
Jonathan Echavarria
509d1ac086 Fixing typo 2017-10-16 11:10:29 -04:00
Jonathan Echavarria
7099238f15 added error notifications to pushover notification channel 2017-10-16 11:04:13 -04:00
Brendan Coles
c62050249d Add Slack notifications to Notifications extension 2017-10-15 11:18:40 +00:00
Brendan Coles
7b682bde4b Merge pull request #1452 from Und3rf10w/pushover 
Add Pushover notification channel
 2017-10-15 21:44:57 +11:00
Brendan Coles
2749d6620a Add rubydns dependency to extension 2017-10-15 08:56:19 +00:00
Jonathan Echavarria
63e9e72194 add gem install warning to notifications config 2017-10-05 09:47:43 -04:00
Jonathan Echavarria
1b5e56e4a6 removed debug line from pushover notification channel 2017-10-05 09:45:59 -04:00
Jonathan Echavarria
27d1166869 set pushover to be disabled by default 2017-10-05 09:44:35 -04:00
Jonathan Echavarria
409d9962bb modified the notifications extenion to add pushover support 2017-10-05 09:43:11 -04:00
Jonathan Echavarria
d47303f0e7 changed config.yaml to add pushover support 2017-10-05 09:40:36 -04:00
Jonathan Echavarria
c01febbe9b added pushover channel 2017-10-05 09:39:39 -04:00
Brendan Coles
0311b317b7 Revert "html_escape prevent code execution ." 2017-08-30 16:25:04 +10:00
Brendan Coles
aa3c0932ce Use in msf-exploits.cache path 2017-08-29 07:24:03 +00:00
Brendan Coles
9ab7461ac5 Merge pull request #1436 from touhidshaikh/patch-1 
html_escape prevent code execution .
 2017-08-29 17:00:53 +10:00
Touhid M Shaikh
098b9a24bf html_escape prevent code execution . 
I noticed when i put HTML content in "beef-xss/config.yaml" file in Version Field.
And Restart Beef(beef_start.png) and Go to Admin Panel in my browser, then my html interpreter and execute.
This issue occurs bcz of "/beef-xss/extensions/admin_ui/controllers/panel/index.html" in this file insecure code implementetion.

NOW html_escape prevent code execution.
 2017-08-25 15:41:31 +05:30
Greg Molnar
2d7cfd73f4 detect microsoft edge 2017-08-23 13:37:38 +02:00
Brendan Coles
50a97d3e36 Fix XSSRays when evasion is enabled - Fix #1426 2017-08-06 23:28:13 +00:00
Brendan Coles
14e788e574 Fix requester when evasion is enabled - Fix #1386 2017-08-06 22:16:40 +00:00
Brendan Coles
4f153c2de3 Support empty output messages to DNS logger 2017-08-06 22:02:55 +00:00
Brendan Coles
8cbe15deaa Add comment warning not to use the console extension 2017-06-30 06:31:11 +00:00
Brendan Coles
5f4cc87d13 Show errors from msfrpc-client 2017-06-18 03:13:23 +00:00
Brendan Coles
7ef36039a4 Add detection for WebGL support to BrowserDetails 2017-05-13 06:36:58 +00:00
Brendan Coles
2c43328614 Add detection for Web Worker support to BrowserDetails 2017-05-13 06:18:20 +00:00
Brendan Coles
9a9b826364 Update browser details from module post_execute 2017-05-12 14:24:14 +00:00
Brendan Coles
686d202efa Update links on demo pages 2017-04-28 11:37:33 +00:00
Brendan Coles
b65dec0449 Update AdminUI jQuery to 1.12.4 2017-04-27 11:42:00 +00:00
Brendan Coles
8b9e8f02d3 Strip Windows support from auto msfrpcd 2017-04-26 10:21:02 +00:00
Brendan Coles
cc260598d3 Load URL from ui_base_path 2017-04-23 03:44:16 +00:00
Brendan Coles
9ad5ddf534 Add method to delete response from requester history 2017-04-23 01:45:30 +00:00
Brendan Coles
9b57435d5e Add placeholder for requester REST endpoints 2017-04-23 01:43:57 +00:00
Brendan Coles
c191a50f3c Force UTF-8 encoding for requester responses - Fix #1340 2017-04-22 02:10:48 +00:00
Brendan Coles
127b1d56e7 Add UTF-8 characters to demo pages for testing purposes 2017-04-22 01:52:13 +00:00
Brendan Coles
275153be38 Remove todo note 2017-04-20 19:56:31 +00:00
Brendan Coles
530962ea29 Cleanup and fix proxy/requester 2017-04-16 14:29:28 +00:00
Brendan Coles
08f5cf3e29 Cleanup and fix proxy/requester 2017-04-16 14:28:45 +00:00
Brendan Coles
f7a26556e9 Update hook jQuery to 1.12.4 - Fix #1133 2017-04-15 10:50:26 +00:00
Matt Metzger
f0fdc3d537 Omit Transfer-Encoding header in proxy responses 
Beef automatically calculates and inserts a Content-Length header when
sending proxy responses. If the Transfer-Encoding header is not
stripped, many browsers treat this as a Content-Length of 0, thus
rendering an empty body.
 2017-04-09 01:20:32 -04:00
Brendan Coles
06263790c8 Test if supplied IP address is valid dot-decimal format 2017-02-04 22:20:48 +00:00
Brendan Coles
8820ddc294 Store NetworkHost :lastseen as integer - Fix #1348 2017-02-03 19:53:44 +00:00
Wade Alcorn
91cc7ed873 Updated Copyright information 2016-12-29 15:50:13 +10:00
TheJambo
cb3a62ba5d Update WelcomeTab.js 2016-12-22 09:32:35 +00:00
TheJambo
6c103cfac7 Updated to include IPEC 2016-12-22 09:14:11 +00:00
Brendan Coles
ff83871d44 Add console events to event logger 2016-10-08 18:27:19 +00:00