Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,268 Commits 14 Branches 34 Tags
d5acc6409eb73feff5ace32253d55147a4ff02df
Commit Graph

80 Commits

Author SHA1 Message Date
bcoles
d5acc6409e Added beef.browser.hasPhonegap() 
Added hasPhonegap() and hasGooglegears() to balloon messages

Updated os in module configs from "iPhone" to "iOS"
 2012-06-25 11:04:19 +09:30
bcoles
268ef4588f Added device/hardware detection 2012-06-25 01:35:33 +09:30
bcoles
71133869e4 Added browser details to Hooked Browser balloon messages 
Fixes issue #521
 2012-06-24 20:36:10 +09:30
bcoles
0ac7023df1 Renamed getScreenParams() to getScreenSize() 
Added date stamp to browser hook initialization
 2012-05-29 18:52:43 +09:30
Christian Frichot
3c7686e196 Nested command modules are now also sorted, and sub-folders include children count. Fuck yeah recursion111. Issue #550 2012-05-14 18:12:45 +08:00
Christian Frichot
7d7f6b13b4 Fixes Issue #550 Module categories can include sub-folders. Specify them as an array in their yaml file 2012-05-12 17:37:46 +08:00
antisnatchor
d1e23c2084 Updated admin_ui and console extensions code to reflect the move of initialization extension into the core. 2012-04-18 14:37:44 +01:00
antisnatchor
364575592a Moved BeEF credentials from admin_ui extension to the main config.yaml. Updated both admin_ui and RESTful API to reflect the changes. 2012-04-15 10:53:08 +01:00
bcoles
e52b5101ee Updated logo location 
The favicon is not located at /favicon.ico if web server immitation is enabled
 2012-04-12 17:20:20 +09:30
bcoles
2bca21a41d Minor updates to XSSRays 
Part of issue #47
 2012-03-26 16:29:15 +10:30
Michele Orru
11fbeb3296 Merge pull request #643 from antisnatchor/master 
RESTful API, from antisnatchor with love :D
 2012-03-15 10:33:17 -07:00
antisnatchor
837c1f2db8 Modified BeEF::Module.execute to return the command_id of the persisted command, instead of just returning a boolean. Refactored usages in the code as well. 2012-03-13 12:40:28 +01:00
bcoles
6ef889b0b1 Removed Java from hook initialization: 
- Removed has_java
	- Removed internal_ip
	- Removed internal_hostname

Added function `beef.browser.javaEnabled()`

Patched function `beef.browser.hasJava()`
	- should no longer break the hook in Chrome/Safari

Added `not_working` browsers to History Extraction module
 2012-03-13 00:19:01 +10:30
bcoles
2ab95cc763 Renamed Decoder tab to HackVertor and disabled it for the upcomming 
release
 2012-01-18 23:42:14 +10:30
bcoles
a956bd60ea Added "Decoder" tab draft 2012-01-05 15:49:08 +10:30
bcoles
a6986e3960 Added detection for Chrome 16, updated Chrome Extensions modules and 
split the Details tab "Browser Hook Initialization" into "Hooked Page",
"Browser" and "Host"
 2012-01-04 18:52:34 +10:30
Wade Alcorn
06899ca267 Year updated from 2011 to 2012 2011-12-31 22:24:36 +10:00
bcoles
2439c9d61c Added Page URI to browser hook initialization details 
Fixes issue 543
 2011-12-28 08:47:07 +10:30
bcoles
74ec478449 Added allow_cross_domain to the request object 
By default all requests use allow_cross_domain = "true"

The Proxy component uses allow_cross_domain = "false"

The Forge Request component uses allow_cross_domain = "true"

Fixes issue 87
 2011-12-25 17:37:32 +10:30
bcoles
6ff92f48e0 Added document.referrer to browser hook initialization and tidied some code 2011-12-22 02:43:12 +10:30
bcoles
590e514680 Renamed "Requester" tab to "Rider" 
Added Proxy sub-tab under Rider tab

Part of issue 63
 2011-12-20 22:04:22 +10:30
bcoles
3ee52b82c0 Part of issue 87, issue 63, issue 29, issue 30 
In preperation for creating requester and proxy unit tests:

  o Tidied up some of the requester and proxy
  o Partially de-coupled requester from proxy
  o Fixed minor bugs:
    o is_valid_uri was not implemented correctly
    o http scheme validation had "http" instead of "https"
 2011-12-20 02:47:50 +10:30
bcoles
47ac45632d Added BeEF logo to panel header 2011-12-15 03:07:43 +10:30
bcoles
120e36d4b4 Added BeEF version to panel header and updated some links from 
code.google.com to github.com
 2011-12-11 20:30:09 +10:30
bcoles
25206bddc8 Added "Submit Bug" link to the Admin UI 
Fixes issue 545
 2011-11-27 02:25:56 +10:30
antisnatchor
18d4b642fe replaced WebRick HttpUtils in requester filters 2011-11-22 10:12:26 +01:00
antisnatchor
edf129d9ea replaced WebRick util method to parse HTTP request in Requester admin_ui controller 2011-11-20 11:49:05 +01:00
antisnatchor
e502882ed3 admin_ui session cookie management now with Rack 2011-11-20 11:12:59 +01:00
antisnatchor
05d06bb94e Removed unuseful Mutexes, refactored all the ugly 'exception-oriented' code that was using WebRick BadRequest, added config.yaml option to enable verbose debugging logs of Thin 2011-11-19 18:02:41 +01:00
antisnatchor
2997540918 rewrote the server core and adjusted the API/classes to use Thin and Rack instead of WebRick. 2011-11-19 15:49:19 +01:00
bcoles@gmail.com
dd5b1f5a81 Added platform and ActiveX detection to the browser hook initialization 
o Platform often provides the architecture (ie, 32bit) and can 
	be useful in identifying devices / smart phones

	o ActiveX detection was added for obscure browsers (ie, such as 
	software using an embedded browsing engine built on the IE COM)
	Normally ActiveX would only be detected on a hooked IE browser.

Moved the `is_valid_yes_no' filter from browser.rb to base.rb



git-svn-id: https://beef.googlecode.com/svn/trunk@1368 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-16 20:56:23 +00:00
buherator@gmail.com
caad2d5437 Displaying zombie domain and port on Requester tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1367 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-16 20:19:03 +00:00
buherator@gmail.com
ed866886f7 Storing port of HookedBrowser, fixing value of HookedBrowser.domain 
git-svn-id: https://beef.googlecode.com/svn/trunk@1365 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-15 22:04:08 +00:00
buherator@gmail.com
7447015901 sorting commands by status and name 
git-svn-id: https://beef.googlecode.com/svn/trunk@1364 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-15 14:25:50 +00:00
antisnatchor
e22332e1f8 (Fixes issue 467) rewrote from scratch the XssRays handler, refactored JS and Ruby code, improved the whole thing. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1361 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-12 14:56:50 +00:00
antisnatchor
20f07a5b04 prevent BeEF to be auto-BeEFed :-) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1357 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-07 13:07:07 +00:00
sussurro@happypacket.net
6658eff14c fixkup for metasploit to make payloads options be dynamic again. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1311 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-26 04:00:02 +00:00
A.M.Saafan@gmail.com
0362c536e5 Truncate response data larger than 100K. Fixes issue 463 
git-svn-id: https://beef.googlecode.com/svn/trunk@1297 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-17 13:04:50 +00:00
antisnatchor
3556268718 (Fixes issue 401): added one-to-many relationship between xssrays_scan and xssrays_details models. Updated code that use them accordingly. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1252 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 10:43:41 +00:00
antisnatchor
b4cb58346e Fixed proxy: the new filters where causing problems. Removed all of them except the method and version checks. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1240 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-29 09:18:24 +00:00
bcoles@gmail.com
7a4b07ef2e Added "Has WebSockets" to initialization / details tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1237 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-26 13:28:53 +00:00
bcoles@gmail.com
72c6bf87b0 Added port column to Requester History tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1214 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-19 14:49:43 +00:00
bcoles@gmail.com
b1de14dcf1 Added HEAD, OPTIONS, PUT and DELETE methods 
Fixes issue 356

Added HTTP request validation to proxy extension

	Fixes issue 429



git-svn-id: https://beef.googlecode.com/svn/trunk@1212 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-19 09:24:31 +00:00
passbe
8fe714881a Module execution functionality is now decoupled from the admin_ui. See BeEF::Module.execute(). Added Hooked Browser Manager skeleton. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1196 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-17 02:17:19 +00:00
bcoles@gmail.com
22941a51b4 Augmented beef.net.request to support port_status 
Only "open" and "closed" are supported currently

Part of issue 286



git-svn-id: https://beef.googlecode.com/svn/trunk@1177 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-10 09:47:01 +00:00
antisnatchor
381d083895 Issue 384: added XssRays "Scan config" tab, to configure crossDomain and cleanTimeout options. Added defaults to xssrays config file, also to prevent printing console.log statements if debug=false. Minor changes to xssrays_scan model. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1164 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-03 11:59:13 +00:00
yori.kvitchko
a70de4dbf8 Added get cookies to on-initialize. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1162 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-03 06:36:50 +00:00
wade@bindshell.net
d7930dc9da These changes clean up (a little) the details tab. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1136 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:54:21 +00:00
wade@bindshell.net
a817fe14c4 These changes clean up the details tab (Fixes issue 398). 
git-svn-id: https://beef.googlecode.com/svn/trunk@1135 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:53:57 +00:00
wade@bindshell.net
72703c605f removed the double display of browser name in the details tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1134 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:53:32 +00:00