Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,140 Commits 14 Branches 34 Tags
93b053b5a956557451cf2fa758daf82fde3a59b1
Commit Graph

2140 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
antisnatchor
93b053b5a9 Changed default obfuscation techniques for the evasion extension. 2014-07-01 16:10:36 +02:00
antisnatchor
811b490615 Added a new string to be scrambled by default if evasion extension is enabled. 2014-07-01 16:05:48 +02:00
antisnatchor
b16d35232a Improved HTA_powershell module. Now using @mattifestation payload and supporting x86 and x86_64 targets. 2014-07-01 11:58:32 +02:00
antisnatchor
6b93b09c2f #970 Updated DNS tunnel debug module config.yaml description 2014-06-29 13:20:11 +02:00
antisnatchor
d1688395ae #970 Added string to DNS requests to differentiate between normal and data-extrusion DNS requests 2014-06-29 13:04:51 +02:00
antisnatchor
f7df45ebd1 #970 Modified dns.js to support the current way we send data from client to server using DNS. 2014-06-29 12:31:59 +02:00
antisnatchor
2c9633f08f #970 Added debug module to test DNS tunnel (client-to-server). 2014-06-29 12:31:06 +02:00
antisnatchor
015693038a Merge branch 'master' of https://github.com/beefproject/beef 2014-06-29 11:38:34 +02:00
antisnatchor
aafceec4cb Disabled legacy DNS-tunnel IPC module. 2014-06-29 11:37:55 +02:00
Michele Orru
1681f69511 Merge pull request #1027 from soh-cah-toa/master 
DD-WRT v24 SP1 CSRF and RCE Modules
 2014-06-28 17:20:23 +02:00
antisnatchor
fb0cd7a195 #970 started working on client-to-server DNS channel. 2014-06-28 15:23:50 +02:00
antisnatchor
cf4252585a Added HTA-powershell client-side attack (IE only). 2014-06-27 11:44:39 +02:00
antisnatchor
9f76913b11 Fixed bug that was preventing dynamic payload options to be set with metasploit modules. 2014-06-25 13:27:07 +02:00
soh_cah_toa
f490faa858 Added module for DD-WRT v24 SP1 RCE vulnerability (issue #1006). 2014-06-16 09:56:27 -04:00
soh_cah_toa
fd46915bf2 Added module for DD-WRT v24 SP1 CSRF vulnerability (issue #1006). 2014-06-16 09:48:14 -04:00
soh_cah_toa
ce8e943be7 Merge branch 'master' of git://github.com/beefproject/beef 2014-06-16 09:44:53 -04:00
BWZ
76d750681f livecd fix for permission issues 2014-06-15 18:15:57 +10:00
BWZ
055b5eec32 fixes bug in enabling livecd ssh 2014-06-15 17:14:36 +10:00
Brendan Coles
8e55545abd Add support for Firefox 30 & 31 2014-06-12 09:26:19 +00:00
Michele Orru
a4cbb9f74d Merge pull request #1023 from Nbblrr/master 
Fixes the bug in rickroll module (#1017)
 2014-06-05 11:04:20 +02:00
Nbblrr
d0fbba2e2d Fixes bug in rickroll module (#1017) 2014-06-05 10:53:20 +02:00
Brendan Coles
32fab589d6 Add Asus RT Series Get Info module 2014-05-20 16:59:40 +00:00
Brendan Coles
dbeedb1d92 Use beef.net for URI 2014-05-10 09:50:38 +00:00
Brendan Coles
195e2ab830 return error message 
prevents HTTP 404 iframe for '/lp/indexFF.html'
 2014-05-10 19:01:00 +10:00
Christian Frichot
6e50384719 Fake Chrome Evernote Clipper Extension authentication dialog. A new SE module 2014-05-07 19:13:04 +08:00
Christian Frichot
55e36ff095 Detect the presense of Evernotes Clipper Extension in Chrome 2014-05-07 19:11:27 +08:00
Christian Frichot
0ec566ac95 Updates to Fake Lastpass module. New impersonates updated Chrome extension. No longer pretends to target FF 2014-05-07 19:09:07 +08:00
Christian Frichot
f628ce7ae9 Browser Module to remove the BeEF hook.js script element 2014-05-07 18:57:26 +08:00
Michele Orru
8e6125f8c6 Merge pull request #1013 from bcoles/firephp 
Add FirePHP <= 0.7.1 RCE module
 2014-05-05 14:39:20 +02:00
Brendan Coles
abe1370a50 Add FirePHP <= 0.7.1 RCE module 
@Wireghoul

Fixes issue #885
 2014-05-05 10:32:59 +00:00
Michele Orru
4c2f80a3bc Merge pull request #1009 from soh-cah-toa/master 
DNS Extension 2.0 Reimplementation
 2014-05-05 12:11:38 +02:00
Brendan Coles
cd311b00e9 Merge pull request #1011 from thialfihar/make-curl-follow-redirects-on-github 
Make curl follow redirects on github @thialfihar
 2014-05-05 04:08:58 +10:00
Thialfihar
9068f91a63 Make curl follow redirects on github 
GitHub has started to redirect raw.github.com to
raw.githubusercontent.com, breaking the installation scripts.
Paramter -L makes curl follow the redirect.
 2014-05-04 13:16:58 +02:00
soh_cah_toa
bac0b5c57f Merge remote-tracking branch 'upstream/master' 2014-05-04 00:28:29 -04:00
soh_cah_toa
07f1594a7a Removed old DNS RESTful API temporary test suite. 
Previously, this was used to make writing tests easier without having to
run the entire integration test suite (of which it is still a part of).
Somehow it accidentally got committed.
 2014-05-03 20:42:40 -04:00
soh_cah_toa
6bf0f9d648 Updated DNS spoofer in social engineering extension. 2014-05-02 22:21:56 -04:00
Brendan Coles
e8e4180eee Fix regex 2014-05-01 16:36:01 +10:00
Brendan Coles
c61dee7275 Add support for Firefox 29 
* https://developer.mozilla.org/en-US/Firefox/Releases/29
* https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/codePointAt
 2014-05-01 02:33:43 +10:00
Michele Orru
5d3df16dc7 Merge pull request #1005 from zeroSteiner/rest-api-version 
Support pulling the server version through the REST API
 2014-04-29 11:18:24 +02:00
soh_cah_toa
8dac5c95eb Fixed #is_valid_domain? regex to include appended dot. 2014-04-28 22:21:39 -04:00
soh_cah_toa
e1c27f4feb Removed support for TXT resource record. 
Like the HINFO and MINFO RR's, TXT is vulnerable to RCE attacks and has
no purpose at the moment. TXT may be needed in the future (e.g. data
exfiltration) which is why it has been removed separately.
 2014-04-28 20:34:56 -04:00
soh_cah_toa
26cd0f08ad Removed support for HINFO and MINFO resource records. 
These RR's are very difficult to validate and, in their current state,
are vulnerable to RCE attacks. Furthermore, BeEF does not have a use for
these RR's.
 2014-04-28 20:28:47 -04:00
soh_cah_toa
c63a55962a Added unless modifier to prevent displaying no upstream servers. 
Even though #print_more will display nothing since ''.split("\n").each()
iterates 0 times, it will still be called without this modifier which is
unnecessary.
 2014-04-28 20:20:32 -04:00
Kevin Polulak
e8fc288ff7 Merge pull request #2 from bcoles/patch-2 
Update model.rb - Throw 'UnknownDnsResourceError'
 2014-04-28 20:14:48 -04:00
Kevin Polulak
fc024c8a8c Merge pull request #1 from bcoles/patch-1 
use up_protocol in banner
 2014-04-28 20:10:22 -04:00
Spencer McIntyre
76c09aa38a Support pulling the server version through the REST API 2014-04-28 15:35:01 -04:00
Christian Frichot
fe14601dfc Added -i --interactive option at commandline to launch console shell 2014-04-27 07:12:53 +08:00
Brendan Coles
e6b74d5186 Update model.rb - Throw 'UnknownDnsResourceError' 
Throw `UnknownDnsResourceError` instead of `InvalidDnsResourceError`

Prevents `[20:30:55][!] Internal error while adding DNS rule (uninitialized constant BeEF::Core::Models::Dns::Rule::InvalidDnsResourceError)` for invalid user supplied DNS response types.

'BeEF::Core::Models::Dns::Rule::InvalidDnsResourceError' does not exist, and it's unlikely we'll need to differentiate between invalid and unknown resource types.
 2014-04-27 00:14:25 +10:00
Brendan Coles
0438cf422f use up_protocol in banner 2014-04-26 21:50:46 +10:00
soh_cah_toa
3b3d7fe95e Moved Thread/EventMachine creation inside of #run. 
This cleans up the API a bit by removing the requirement of placing #run
inside a Thread.new {EventMachine.next_tick {}} block. That should not
be the caller's responsibility.
 2014-04-25 13:14:43 -04:00