Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,105 Commits 14 Branches 34 Tags
c83e7d584ed4e693137d9e14dae658ae366fd0f7
Commit Graph

125 Commits

Author SHA1 Message Date
Graziano Felline
c83e7d584e Now the Alive check is by ws Timer 5 second 
Tested And work
 2012-04-19 19:30:19 +02:00
Graziano Felline
656262c0f4 Basic response recv system implemented 
todo ping-pong for alive host. thread's content is  in websocket.rb
todo setting up a separate handler for via ws answer's
 2012-04-18 12:00:17 +02:00
antisnatchor
2198c69aa8 Merge remote-tracking branch 'upstream/master'. Fixed conflicts on config.yaml. 2012-04-14 20:44:17 +01:00
Graziano Felline
2755c6449c Deleted some stuff that does not work correctly in old browser (IE 8) 
Better check for FF
Cleand up inside the code
 2012-04-14 19:42:53 +02:00
antisnatchor
185b1be30f Fixed issue with command execution. Now commands are executed correctly via WebSocket. 2012-04-13 13:35:29 +01:00
Graziano Felline
65138db207 Commands are now sent through websocket 
Trouble with eval function in websocket.js
 2012-04-13 12:45:48 +02:00
Graziano Felline
23f782b8d8 Hook.js load websocket.js only if specifield in beef configuration file 
if websocket is disabled all work normally
 if websocket is enabled have trouble in command.rb
 2012-04-12 19:01:49 +02:00
bcoles
0c0027e06f Event Logger now logs form submissions 
Fixes issue #141
 2012-04-12 12:27:28 +09:30
Graziano Felline
af9b3c97b5 Added polling stop if websocket is up in updater.js 
added hash for websocket in websocket.rb
added check for websocket existence in command.rb and net.js
added a POC onmessage function in websocket.js
added check for websocket support in init.js
added a POC send to send command output to server in beef.js
 2012-04-11 20:52:47 +02:00
bcoles
6af55c7e33 Event Logger now logs clipboard events (in IE6 only) 
Fixes issue# 653

Tidied up the 'submit' handler a bit. Part of issue #141
 2012-04-11 14:06:56 +09:30
Graziano Felline
302512e172 Added FF11 support 2012-04-08 13:21:12 +02:00
Graziano Felline
85b3a59441 The connection and helo to server correctly work. 2012-04-08 12:46:57 +02:00
antisnatchor
8f7caff30f changed websocket.js structure with closures. 2012-04-07 14:19:56 +01:00
antisnatchor
296d0161c9 fixed issue with FF detectionon websockets 2012-04-07 13:48:10 +01:00
antisnatchor
faae01a9aa Changed default websocket port 2012-04-07 13:34:21 +01:00
Graziano Felline
bcd0ff154f Added websocket.js in beefjs.rb 2012-04-07 14:20:47 +02:00
Graziano Felline
d3e2e1eb30 Inserted module in bootstrap 2012-04-07 12:56:06 +02:00
Graziano Felline
736c81573e Setting up structures and server/client environment. 
A lot of TODO
 2012-04-06 02:21:40 +02:00
bcoles
cce8cf451c Added XssRays vectors: 
o URL encoded
	o Double URL encoded
	o Double nibble URL encoded

Fixes issue #65

Part of issue #47
 2012-04-05 14:26:30 +09:30
bcoles
f852b87b2b Added detection for Chrome 18 and 19 2012-04-05 12:45:10 +09:30
bcoles
2bca21a41d Minor updates to XSSRays 
Part of issue #47
 2012-03-26 16:29:15 +10:30
bcoles
45475d625b Updated IE version detection 
No longer modifies the DOM for every call to:
	`isIE8()`
	`isIE9()`
	`isIE()`
 2012-03-22 19:27:36 +10:30
bcoles
5329d5c147 Added support for Firefox 11 2012-03-16 13:11:20 +10:30
bcoles
e52779e72e Fixed javaEnabled() in BeEF hook 
- It was breaking the hook in IE6

Also fixed a couple of typos in the Local File Theft module description
 2012-03-16 12:40:13 +10:30
Graziano Felline
b02bdbaaa7 ISSUE 625 - corrected the bug. Added li's elements poison 2012-03-14 15:41:10 +01:00
Graziano Felline
8795c5770a ISSUE 625 - corrected the bug. Added li's elements poison 2012-03-14 15:34:46 +01:00
bcoles
6ef889b0b1 Removed Java from hook initialization: 
- Removed has_java
	- Removed internal_ip
	- Removed internal_hostname

Added function `beef.browser.javaEnabled()`

Patched function `beef.browser.hasJava()`
	- should no longer break the hook in Chrome/Safari

Added `not_working` browsers to History Extraction module
 2012-03-13 00:19:01 +10:30
bcoles
9735a7b66f Merge branch 'master' of https://github.com/beefproject/beef 2012-03-12 11:41:08 +10:30
radoen
a0c11fa695 Added support to intercept dynamic requests 2012-03-11 10:26:56 +01:00
unknown
dbd6baa7b0 Temporary fix to prevent hook error on Safari. I will implement a final fix tomorrow. 2012-03-07 16:19:06 +01:00
antisnatchor
8c3afcf2b9 Minor changes related to Java detection with the unsigned applet: if the browser is Chrome, we simply rely on window.navigator. 2012-03-06 19:56:58 +01:00
Keith Lee
cc9756cf59 Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:46:51 +08:00
Keith Lee
97672966df Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:41:27 +08:00
Mike Haworth
5e138395d4 Partial fix for issue #100, now detects build version of flash 2012-02-18 14:17:12 +13:00
antisnatchor
5bc6745e03 Fixed issue 66: base64'ed the iframe src in case of Chrome/Safari to bypass the webkit anti-XSS filter 2012-02-15 16:01:46 +01:00
antisnatchor
58f2b4f7a1 Added detection of Chrome 17 2012-02-15 16:01:45 +01:00
antisnatchor
1d74d7eeab Fixed a serious bug in beef.net.request when sending cross-domain POST data. jQuery is automatically changing the method to GET if the dataType (that was hardcoded in our code) is set to 'script'. 2012-02-15 16:00:38 +01:00
bcoles
a6986e3960 Added detection for Chrome 16, updated Chrome Extensions modules and 
split the Details tab "Browser Hook Initialization" into "Hooked Page",
"Browser" and "Host"
 2012-01-04 18:52:34 +10:30
Wade Alcorn
06899ca267 Year updated from 2011 to 2012 2011-12-31 22:24:36 +10:00
bcoles
2439c9d61c Added Page URI to browser hook initialization details 
Fixes issue 543
 2011-12-28 08:47:07 +10:30
bcoles
33289bc023 Fixed bug in cross-domain request detection 
Same-domain requests on a non-standard HTTP port were incorrectly
identified as cross-domain requests
 2011-12-27 17:56:18 +10:30
bcoles
74ec478449 Added allow_cross_domain to the request object 
By default all requests use allow_cross_domain = "true"

The Proxy component uses allow_cross_domain = "false"

The Forge Request component uses allow_cross_domain = "true"

Fixes issue 87
 2011-12-25 17:37:32 +10:30
bcoles
4543d60570 Added allowCrossDomain functionality to beef.net.requester.send 2011-12-24 13:37:14 +10:30
bcoles
61a34c1c60 Decoupled beef.net.request and beef.net.proxyrequest 
This is part of issue 87
 2011-12-24 04:21:45 +10:30
bcoles
f2d4592941 Added DNS Tunnel first draft 2011-12-23 08:24:10 +10:30
bcoles
6ff92f48e0 Added document.referrer to browser hook initialization and tidied some code 2011-12-22 02:43:12 +10:30
bcoles
2e9ad8b9dc More tidying of requester and proxy in preperation for unit tests 2011-12-21 06:09:30 +10:30
bcoles
3ee52b82c0 Part of issue 87, issue 63, issue 29, issue 30 
In preperation for creating requester and proxy unit tests:

  o Tidied up some of the requester and proxy
  o Partially de-coupled requester from proxy
  o Fixed minor bugs:
    o is_valid_uri was not implemented correctly
    o http scheme validation had "http" instead of "https"
 2011-12-20 02:47:50 +10:30
bcoles
ec7d3134aa Updated browser detection in hook initialization 
Future proofed browser version detection in preperation for double
digit major version numbers

Updated flash detection in Internet Explorer for Flash 11.x
 2011-12-12 00:17:15 +10:30
bcoles
a49d1351e7 Added check for document.documentMode so Internet Explorer 8 and 9 are 
no longer detected as Internet Explorer 7 when operating in compatibility mode.

Fixes issue 589
 2011-12-08 22:34:46 +10:30