Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,560 Commits 14 Branches 34 Tags
d81dc8044e2d5f6c5cab60af13949695b6ba6782
Commit Graph

509 Commits

Author SHA1 Message Date
root
0f40a0fb9a Merge branch 'master' of https://github.com/beefproject/beef 2013-01-07 01:32:29 -05:00
root
6c16a89328 Added simple adblock checks for IE from issue #803 2013-01-07 01:30:44 -05:00
bcoles
e275e4001c Add SQLiteManager XSS module 2013-01-07 12:30:24 +10:30
Brendan Coles
644a53cb2c Merge pull request #816 from Nbblrr/master 
Pull Request : Module Detect extensions on Firefox
 2013-01-06 13:50:53 -08:00
Nbblrr
87afb9a31b Improved extension detection with the old Firefox hack #815 2013-01-06 22:39:43 +01:00
bcoles
bd2b002314 Fix a few typos 2013-01-07 05:17:55 +10:30
Wade Alcorn
fe40038441 Updated copyright year to 2013 2012-12-30 12:47:43 +10:00
bcoles
bdab1028f5 Added Detect Virtual Machine module 2012-12-16 16:22:41 +10:30
bcoles
4e7e1129bb Added Detect Default Browser module 2012-12-13 18:04:16 +10:30
bcoles
acb09efd32 Fixed a few typos in BeEFLive.sh 
Moved avant_steal_history module to 'browser' category
 2012-12-10 23:59:45 +10:30
Michele Orru
4d097aa55d Merge pull request #773 from malerisch/avant_browser 
Avant Browser History Stealing
 2012-12-05 15:39:00 -08:00
bcoles
75532ffe44 Add PHP 5.3.9 DoS (CVE-2012-0830) module 
Has not been tested
 2012-11-29 18:34:07 +10:30
Roberto Suggi Liverani
9546e88113 Avant Browser History Stealing 
Avant Browser History Stealing module - Advisory:
http://blog.malerisch.net/2012/11/avant-browser-same-of-origin-policy.html
 2012-11-28 14:11:04 +13:00
bcoles
9083586135 Updated supported browser list for CORS debug module 2012-11-26 16:38:07 +10:30
bcoles
3152f41a18 Add beef.net.cors.request 
Returns a response object with HTTP status, headers and body

Add 'Test CORS Request' debug module
 2012-11-26 02:50:27 +10:30
antisnatchor
b050af529f Removed console.log from read_gmail module. Some browser do not support that. 2012-11-25 11:52:54 +00:00
antisnatchor
d580ff44ed Merge branch 'master' of https://github.com/beefproject/beef 2012-11-21 13:39:28 +00:00
antisnatchor
c2185d2cec Refactoring session.js moving the iframe persistence technique in dom.js. Updated iframe_above to use the new component. 2012-11-21 05:10:52 +00:00
Mike Haworth
624f704240 added module to pull email messages content from gmails atom feed, useful if running the in context of mail.google.com 2012-11-20 20:46:04 +13:00
Jean-Louis Huynen
6e44d5c641 remove hardcoded linked image to an inline one in credential.js template- (this template need some work btw) 2012-11-19 11:14:24 +01:00
bcoles
05e31fd250 Add Zenoss 3.x command execution exploit 2012-11-11 21:40:50 +10:30
bcoles
f5b4a413f6 Added WAN Emulator command execution exploit 2012-11-04 17:37:42 +10:30
Wade Alcorn
d2188b230c More changed license headers 2012-11-02 15:27:01 +10:00
Wade Alcorn
23f09b919f Changed license header 2012-11-02 14:26:10 +10:00
Wade Alcorn
b68df3d024 Changed license header 2012-11-02 14:05:15 +10:00
bcoles
b756065d2a Update Inter-Protocol IRC module to use beef.dom.createIframeIpecForm 2012-10-31 00:04:54 +10:30
bcoles
210dc1366a Add QNX QCONN exploit 2012-10-27 18:55:33 +10:30
bcoles
d7f0a590b7 Fix typo in popup detection 2012-10-27 18:53:04 +10:30
bcoles
7c7fc5ae6e Small modifications to a few modules 
Updated a few default IP addresses to 127.0.0.1

Updated a few module names

Fixed config.yaml whitespace bug
 2012-10-22 23:26:33 +10:30
antisnatchor
636fee9607 Modified Fake_flash_update module (with drop-down menu) to support Firefox Extension delivery. 2012-10-22 17:25:16 +11:00
antisnatchor
79bf6f4a9f Added BeEF_bind send_command module: this is used to communicate with the BeEF_bind shellcode (including in the IPEC admin_ui shell). 2012-10-22 16:07:31 +11:00
antisnatchor
e257f8bb52 Added BeEF_bind deployer module: send both shellcode stager and stage to a specific target. Eudora IMAP 3 (Win) is the only available exploit atm. 2012-10-22 16:03:47 +11:00
bmantra
03da56fc7d HP uCMDB CSRF add user module 2012-10-05 13:23:24 +02:00
Jean-Louis Huynen
7e43e15838 modified config.yaml of simple_hijacker to activate chromecertbeggar2.js template 2012-10-01 16:11:18 +02:00
Jean-Louis Huynen
104f8189d3 added chromecertbeggar2.js 2012-10-01 16:06:45 +02:00
bcoles
ba20f17831 Ugh. Apparently target can't be null. Fixed. 2012-09-30 18:50:28 +09:30
bcoles
a135e9f51f Update supported browsers for multiple modules 
Pretty Theft module does not work in IE

Multiple exploit modules haven't been tested
 2012-09-29 17:39:14 +09:30
Brendan Coles
256f63d28a Merge pull request #748 from pwndizzle/master 
Update to Pretty_Theft module
 2012-09-23 00:18:49 -07:00
bcoles
95f5d78acc Update supported browsers for lcamtuf download module 
Opera blocks the `data:` URL popup by default.

Safari is no longer listed as either supported nor unsupported pending
further testing.
 2012-09-23 16:04:25 +09:30
pwndizzle
483683ca78 Added Facebook and Linkedin popups, also some code/logic improvements 2012-09-22 18:38:09 +08:00
Jean-Louis Huynen
68bfb46bc7 remplace setInterval by setTimeout in chromecerbeggar.js template 2012-09-20 11:26:27 +02:00
bmantra
9b62ae83dc fix jboss exploit with forge_request 2012-09-18 20:59:54 +02:00
Rich Lundeen
0b852dd308 Made namespaces consistent and expanded body 
Adding feedback I missed earlier regarding namespaces. Also since
we're using body instead of window (for IE support), expanding the
body so that the mouse follows everywhere.
 2012-09-11 23:17:50 -07:00
Rich Lundeen
2720a5a8b9 Better reliability in IE 2012-09-11 13:09:37 -07:00
Rich Lundeen
bcf842587f Fixed several minor bugs 2012-09-10 15:36:57 -07:00
Rich Lundeen
cef72c9518 Improved Clickjacking Module 
Rewrite of bcole's module. Adds support for multiple clicks, Javascript
event feedback, some basic framebusting evasion, and IE support
 2012-09-10 14:25:46 -07:00
bcoles
9e47942d3f Added FreeNAS remote reverse root shell CSRF module 
For more information see: http://support.freenas.org/ticket/1788
 2012-09-09 21:05:16 +09:30
bcoles
384fe7bcab Fix issue #741 2012-09-07 23:00:24 +09:30
Jean-Louis Huynen
716e7fe712 Change stupid code that made this module unusable with the API to something less stupid (i hope) 2012-09-05 15:16:21 +02:00
Jean-Louis Huynen
05d7fe3adf Adding the Simple Hijacker module in social engineering (route clicks on some links to javascript code) 2012-09-04 17:47:59 +02:00