Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,443 Commits 14 Branches 34 Tags
b89ca6baa3cfd0fa877fac43da6883f9f07ff8a4
Commit Graph

86 Commits

Author SHA1 Message Date
antisnatchor
bdecbd21a0 Merged changed from master branch, disabled ARE rules by default. 2015-07-27 10:44:51 +02:00
antisnatchor
c84e1b88ac Autorun Rule Engine from @antisnatchor with love (alpha version). 2015-07-27 10:34:58 +02:00
Brendan Coles
799e5d9626 Use local dropper URL 2015-07-19 10:32:04 +00:00
Brendan Coles
13428e6ff7 Host clippy images locally 2015-07-18 06:48:10 +00:00
Brendan Coles
7f29e676b3 Use public URL 2015-07-10 22:36:14 +00:00
Jonathan Echavarria
6bdf829126 updated hta_powershell to use updated powersploit so it can properly create sessions 2015-06-12 19:07:02 +00:00
Brendan Coles
2220b95b49 Use NAT address - Fix #1116 
Thanks @danilo-massa
 2015-05-09 18:33:28 +00:00
Brendan Coles
f5d2c2028b Replace 'console.log' with 'beef.debug' 2015-02-07 05:35:09 +00:00
Brendan Coles
c0fe6dfcfa Add not_working to module 2015-01-09 21:04:40 +00:00
Wade Alcorn
2fbca61368 Updated copyright dates 2014-12-30 07:44:58 +10:00
Brendan Coles
faf1884a4c Load gmail images from HTTPS 2014-11-30 07:25:01 +00:00
Brendan Coles
38fa28658f Update LinkedIn logo 2014-11-30 07:08:54 +00:00
Brendan Coles
53dd7ee5fb rescue StandardError 2014-10-28 08:18:26 +00:00
Brendan Coles
9266cc9e41 Fix Fake Flash module 
* Fix bug where UI wasn't hidden onclick
* Gray out browser window on popup
* Re-indent
 2014-09-14 16:34:09 +00:00
antisnatchor
ec203935de Simplified HTA-powershell attack module 2014-09-08 14:28:04 +02:00
antisnatchor
c24a8c2ec5 Added @insertscript module to break-out from SiteKiosk 2014-09-07 23:18:41 +02:00
antisnatchor
b16d35232a Improved HTA_powershell module. Now using @mattifestation payload and supporting x86 and x86_64 targets. 2014-07-01 11:58:32 +02:00
antisnatchor
cf4252585a Added HTA-powershell client-side attack (IE only). 2014-06-27 11:44:39 +02:00
Brendan Coles
195e2ab830 return error message 
prevents HTTP 404 iframe for '/lp/indexFF.html'
 2014-05-10 19:01:00 +10:00
Christian Frichot
6e50384719 Fake Chrome Evernote Clipper Extension authentication dialog. A new SE module 2014-05-07 19:13:04 +08:00
Christian Frichot
0ec566ac95 Updates to Fake Lastpass module. New impersonates updated Chrome extension. No longer pretends to target FF 2014-05-07 19:09:07 +08:00
RootPrivileges
5ddb88db73 Add a Windows prompt to the pretty_theft module 2014-04-14 10:23:30 +01:00
bcoles
ee1e29341e Move firefox extension modules to social engineering directory 2014-03-16 18:18:18 +10:30
antisnatchor
05979af3a2 Treating IE9 and 10 as the same for the ui_abuse_ie attack 2014-03-14 13:22:16 +00:00
antisnatchor
4a733a6f74 Finishing ui_abuse_ie module development. Minor fix on one animated gif remains. Tested on IE9/10 on Win7 successfully. 2014-03-13 17:37:04 +00:00
antisnatchor
d4fd537108 Continued working on ui_abuse_ie module 2014-03-12 20:58:39 +00:00
antisnatchor
14f1991542 Fixed config.yaml issue in ui_abuse_ie module. 2014-03-12 17:15:22 +00:00
antisnatchor
1c055febeb Working on new exploit module that abuses UI expectations on IE9/10 tricking the user to run a (signed) exe. Based on Rosario Valotta research. 2014-03-12 16:59:09 +00:00
bcoles
32d30a8176 Remove the method from a couple of 'beef.dom.createIframe' calls 
Part of issue #969
 2014-02-28 23:49:27 +10:30
Phil Grohe
f274001a65 Revised comments on beef.dom.createIframe() to reflect removal of 'method' parameter & form submitting behavior. Updated existing function calls to beef.dom.createIframe() to remove 'method' parameter. 2014-02-22 11:57:56 -05:00
Wade Alcorn
8003f1a47f Updated the copyright year to 2014 2014-01-01 16:34:15 +10:00
gcatt
612d0d91bb Module Update: Fake LastPass 
Updated Firefox frame in order to look more similar to the real one.
 2013-11-04 15:41:31 +01:00
bcoles
05502a3c91 fix bug preventing loading of 'replace_video_fake_plugin' module 2013-11-04 15:52:54 +10:30
gcatt
f1df608f64 Module Update: lcamtuf Download 
Updated Adobe Flash Player URL to the current one.
 2013-10-30 18:29:44 +01:00
gcatt
9987f0781f Module Update: Fake Flash Update 
Updated the prompted picture and part of the module.
 2013-10-30 17:05:01 +01:00
bcoles
09443675cc Fix bug in fake_notification_ff module 2013-10-12 00:43:54 +10:30
bcoles
21417dc3e2 Update BeEF server protocol for multiple modules to use 
`beef.http.https.enable`

Now uses the `beef.net.httpproto` value rather than a hard-coded
protocol string.

Part of issue #745
 2013-08-09 13:21:33 +09:30
Christian Frichot
7f64c94e03 New Module - Fake LastPass Dialog 2013-07-21 13:53:44 +08:00
bcoles
e88c3c1f86 Add fake_notification_c module 
Part of issue #695
 2013-07-05 01:17:20 +09:30
bcoles
b16d7e3563 Add fake_notification_ff module 
Rename fake_notification module to fake_notification_ie
 2013-07-04 23:12:01 +09:30
bcoles
1bddb00ec8 Add Replace Video (Fake Plugin) module 
Fix issue #695
 2013-07-04 11:54:52 +09:30
bcoles
da763df110 Uncommented several instances of beef.debug() - Part of issue #862 2013-04-17 22:12:35 +09:30
bcoles
a172362452 Part of issue #862 - Add beef.debug() for client-side debugging 
Add `beef.debug()` function - wraps `console.log()`

Debug messages are suppressed for browsers which don't support `console.log()`

Update './core/*' to use `beef.debug()` instead of `console.log()`
Update './modules/*' to use `beef.debug()` instead of `console.log()`
Update './extensions/*' to use `beef.debug()` instead of `console.log()`

Add 'modules/debug/test_beef_debug/' module
 2013-04-15 16:49:01 +09:30
Christian Frichot
fad33dfea7 Fixes #877. New IE Fake Notification Bar Module 2013-04-08 19:36:02 +08:00
Christian Frichot
2ef1b5bab8 Updates gmail phishing command module. Fixes #873 2013-04-06 15:54:55 +08:00
Christian Frichot
07fe3a9c0e Updates to tabnabbing module to use jQuerys wider event handling. #868 2013-04-04 21:33:43 +08:00
Christian Frichot
ae98842ad4 Tiny fix to Clippy so it appears properly. #866 2013-04-04 19:37:08 +08:00
antisnatchor
de1de356f7 Added GoogleWebStore module.rb option. Modified link opener to support data URI injections. 2013-03-12 10:57:07 +00:00
bcoles
4718075b2c Add Yammer template to Pretty Theft module 2013-02-19 16:01:10 +10:30
bcoles
753a78f5fc Add YouTube template to Pretty Theft module 2013-02-19 15:19:27 +10:30