Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,862 Commits 14 Branches 34 Tags
9696b05abaca0ca4ae814b42a8062269fb79ccce
Commit Graph

3862 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
antisnatchor
818f3d207e Retrieving correct browser version with browserDetails BrowserVersion 2012-03-12 17:14:09 +01:00
bcoles
b11502cc84 Added BT Home Hub CSRF module 2012-03-13 00:54:25 +10:30
bcoles
f38c7e5615 Removed "HasJava" from hook initialization 
Updated Get Wireless Keys module description
 2012-03-13 00:50:03 +10:30
bcoles
6ef889b0b1 Removed Java from hook initialization: 
- Removed has_java
	- Removed internal_ip
	- Removed internal_hostname

Added function `beef.browser.javaEnabled()`

Patched function `beef.browser.hasJava()`
	- should no longer break the hook in Chrome/Safari

Added `not_working` browsers to History Extraction module
 2012-03-13 00:19:01 +10:30
antisnatchor
4429ab3df2 Added /api/hooks logic to retrieve online and offline HBs as json 2012-03-12 12:46:04 +01:00
antisnatchor
03cd06a014 Added stubs and registered classes for the 3 main RESTful API endpoints: hooks, modules, logs 2012-03-12 11:55:26 +01:00
antisnatchor
872272645e Added api_token for RESTful api authentication 2012-03-12 10:27:03 +01:00
bcoles
9735a7b66f Merge branch 'master' of https://github.com/beefproject/beef 2012-03-12 11:41:08 +10:30
milo2012
51d6aaa515 Merge remote-tracking branch 'origin/master' 2012-03-12 00:53:07 +08:00
milo2012
5cb1ad3d53 Module for Issue 639 - Retrieving Clear Text Wireless Keys from Compromised Systems 2012-03-12 00:50:02 +08:00
milo2012
daa37293fe Fix Issue 88 - Working for IE and Firefox 2012-03-11 11:57:19 -04:00
root
847b798e0a Fix Issue 88 - Working for IE and Firefox 2012-03-11 11:40:10 -04:00
antisnatchor
7dab21ff7f First skeleton for the RESTful api using Sinatra (modular approach, not classic one). 2012-03-11 16:12:59 +01:00
antisnatchor
e1652bf52e Added sinatra dependency to bundler Gemfile 2012-03-11 10:51:43 +01:00
radoen
a0c11fa695 Added support to intercept dynamic requests 2012-03-11 10:26:56 +01:00
Keith Lee
f2401d3f39 Issue 86 - Working for Firefox. Support for Chrome+Opera+IE still pending. 2012-03-11 10:26:56 +01:00
asaafan
76e881dce9 Delete Skype XSS stub from main branch 2012-03-11 10:26:56 +01:00
unknown
ea199f5c55 Adding stub for Skype XSS module 2012-03-11 10:26:56 +01:00
Saafan
a5e7823588 Adding the JS code of the Skype XSS exploit 2012-03-10 20:46:04 +02:00
asaafan
8c74fdd680 Adding branch for Skype XSS module 2012-03-09 01:55:44 +02:00
asaafan
f10cf3eb5b Delete Skype XSS stub from main branch 2012-03-09 01:53:07 +02:00
asaafan
1333e48d3a Merge branch 'master' of https://github.com/beefproject/beef 2012-03-09 01:51:18 +02:00
asaafan
05b7eab56c Delete Skype XSS stub from main branch 2012-03-09 01:46:11 +02:00
unknown
006719768a Adding stub for Skype XSS module 2012-03-09 01:38:37 +02:00
bcoles
11870710e8 Added a couple of 0day CSRF exploits for Zenoss Core <= 3.2.1 2012-03-08 20:28:38 +01:00
unknown
dbd6baa7b0 Temporary fix to prevent hook error on Safari. I will implement a final fix tomorrow. 2012-03-07 16:19:06 +01:00
bcoles
c1975691f4 Added a couple of 0day CSRF exploits for Zenoss Core <= 3.2.1 2012-03-07 15:02:12 +10:30
antisnatchor
8c3afcf2b9 Minor changes related to Java detection with the unsigned applet: if the browser is Chrome, we simply rely on window.navigator. 2012-03-06 19:56:58 +01:00
Michele Orru
03604a7e93 Merge pull request #632 from milo2012/master 
Fixes Issue 567: if browser != Chrome, an unsigned java applet is injected in the DOM to verify if Java is really enabled and working.
 2012-03-06 10:44:34 -08:00
Keith Lee
cc9756cf59 Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:46:51 +08:00
Keith Lee
97672966df Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:41:27 +08:00
Saafan
3bd06ebf82 Merge pull request #631 from asaafan/master 
Testing Fork/Merge
 2012-03-05 07:51:04 -08:00
Saafan
c1ad9d7b04 Testing fork/merge 2012-03-05 17:47:14 +02:00
Michele Orru
2796e384b3 Merge pull request #630 from milo2012/master 
changes to command.rb and commands.rb so that that @datastore[cid'] , @datastore['results'] and @datastore['beefhook'] can be called from the modules
 2012-03-05 01:37:19 -08:00
Keith Lee
95f7e92011 Changes to command module and get_physical location so that @datastore['cid'] , @datastore['results'] and @datastore['beefhook'] can be called from the modules 2012-03-05 03:40:46 +08:00
antisnatchor
698e01bb83 reverted back test_contants definition. 2012-03-04 16:36:08 +01:00
antisnatchor
08d50512e9 Added bootstrap unit tests. 2012-03-04 16:22:37 +01:00
antisnatchor
e9a6049e58 Fixes issue 621: Added 2 new command line options. Now it's psosible to specify a different config.yaml file. Also changed the core load order, adding a new bootstrap module. 2012-03-04 14:55:03 +01:00
Wade Alcorn
3f06f6db18 Commented yaml bug fix 2012-03-04 22:12:04 +10:00
Wade Alcorn
487227b945 Version updated 2012-03-04 22:11:21 +10:00
Wade Alcorn
6c7624805c Update delay to test jenkins 2012-03-04 21:46:03 +10:00
bcoles
753299e758 Updated Get Page HTML module: 
o Now returns head and body in one beef.send() request
o Now stores results correctly
 2012-03-04 20:24:04 +10:30
bcoles
0485a1ab7e Added 3x router CSRF exploits: 
o Comtrend CT5367
o Comtrend CT5624
o D-Link DSL500T
 2012-03-04 14:55:00 +10:30
Christian Frichot
52d06e40a2 Removed the dev/null output in the Rake Install task Issue #629 2012-03-03 22:44:05 +08:00
bcoles
5c678a2550 Added cleanup() function to router exploits 
Removed `username:password@` portion of example target URLs as
unfortunately this triggers warnings in most modern browsers. The
modules target CSRF vulnerabilities and it's expected and
acceptable behaviour to rely on the user having an authorized session by
default.

"Advanced users" will be familiar with the `username:password@` trick
and can add it to the URL if they desire.
 2012-03-03 20:43:56 +10:30
Christian Frichot
63805d943d The Console Shell now allows you to drop into an IRB (and then play with the BeEF object if you want) Issue #627 2012-03-03 14:59:59 +08:00
Ben Waugh
302bb27212 Revert 041ed2b47a27655cad360397b6ca43401a027504^..HEAD beef-0.4.3.2 2012-02-28 09:01:29 +10:00
Ben Waugh
041ed2b47a Jenkins Test Change 2012-02-28 07:32:02 +10:00
Wade Alcorn
df0458d62e Merge branch 'master' of github.com:beefproject/beef 2012-02-26 21:35:25 +10:00
Wade Alcorn
275bbfaad2 Updates to test jenkins 2012-02-26 21:35:03 +10:00