Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,249 Commits 14 Branches 34 Tags
dae01474ab8a986e88cb658b7ae4a1e49780da2d
Commit Graph

251 Commits

Author SHA1 Message Date
bcoles
9e2ac56ea6 Added clickjacking module 
Fixes issue 105
 2012-05-30 19:40:29 +09:30
Mike Haworth
4e75c869ff Merge branch 'master' of github.com:beefproject/beef 2012-05-29 22:44:52 +12:00
Mike Haworth
172ec56be6 Got a better splash image, added cookies permission, added some brief documentation 2012-05-29 22:42:58 +12:00
bcoles
0ac7023df1 Renamed getScreenParams() to getScreenSize() 
Added date stamp to browser hook initialization
 2012-05-29 18:52:43 +09:30
Mike Haworth
dc040a51ac added fake flash player module and chrome extension 2012-05-28 00:17:53 +12:00
antisnatchor
b3f8504a2e Evasion: added support to scramble cookies as well. 2012-05-25 12:02:28 +01:00
antisnatchor
c79a2ee6f1 Evasion: Added bootstrapper functionality. Added support for obfuscate modules with the same techniques used for the hook. 2012-05-23 15:23:15 +01:00
antisnatchor
c1d021a7e8 Evasion: Fixed bug in scrambler. 2012-05-23 15:01:02 +01:00
antisnatchor
aee0b1e50f Evasion: scramble now stores random values in the config object, in order to be re-used later on in a consistent way. 2012-05-23 13:44:41 +01:00
antisnatchor
b7f6073631 Evasion: added helper module for common methods (random_string) 2012-05-23 13:43:28 +01:00
antisnatchor
0ce3490420 Don't use eval when evaluating the base64'ed blob in the Evasion extension. It was also triggering BeEF "static analysis" tests LOL 2012-05-22 17:37:36 +01:00
antisnatchor
8d805c550f Started working on the Evasion/Obfuscation extension. Added scrambler, minifier and base64 encoder in the chain. 2012-05-22 16:41:29 +01:00
antisnatchor
51b27709dd Merge remote-tracking branch 'upstream/master'. WS: added stringifying command results in beef.net.send 2012-05-19 19:19:03 +01:00
Christian Frichot
a6a7536e73 Issue #678 - Custom Hook Point Extension initial commit 2012-05-17 18:52:35 +08:00
Christian Frichot
3c7686e196 Nested command modules are now also sorted, and sub-folders include children count. Fuck yeah recursion111. Issue #550 2012-05-14 18:12:45 +08:00
Mike Haworth
1fd66bce1e Issue #666 Proxy now uses forge_request, allowing cross domaian requests, for instances where SOP bypass is available 2012-05-13 13:08:13 +12:00
Christian Frichot
7d7f6b13b4 Fixes Issue #550 Module categories can include sub-folders. Specify them as an array in their yaml file 2012-05-12 17:37:46 +08:00
antisnatchor
925e744194 Merge remote-tracking branch 'upstream/master' 
Resolved conflicts:
	core/main/client/net.js
	core/main/handlers/modules/beefjs.rb
 2012-05-10 10:19:22 +01:00
Wade Alcorn
e88be79134 Updated demo page 2012-05-06 06:11:44 +10:00
antisnatchor
9ae0929a8c Merge remote-tracking branch 'upstream/master' 2012-05-02 13:04:51 +03:00
bcoles
923921b92b Added skeleton for custom hooks 
Part of issue #101
 2012-04-23 19:33:19 +09:30
bcoles
fa59e633b0 Popunder window now loads a plain page 2012-04-23 17:36:25 +09:30
antisnatchor
37c5edf2c2 Added strict doctype for /demos/basic.html page 2012-04-22 13:23:48 +01:00
antisnatchor
f697e92c95 Decresed default XssRays iframe removal timeout, enhanced comments 2012-04-19 18:10:17 +01:00
antisnatchor
de68a00c75 Fix issue 658: removed content-type response header when replying to a successful founded Ray vector 2012-04-19 18:09:17 +01:00
antisnatchor
6f73dd6a82 Merge remote-tracking branch 'upstream/master' 
Conflicts:
	config.yaml
 2012-04-18 15:27:22 +01:00
antisnatchor
d1e23c2084 Updated admin_ui and console extensions code to reflect the move of initialization extension into the core. 2012-04-18 14:37:44 +01:00
antisnatchor
cd4fce7887 Moved initialization extension into the core. BrowserDetails are a vital component of BeEF. There is no reason to don't have it in the core. 2012-04-18 12:54:48 +01:00
antisnatchor
364575592a Moved BeEF credentials from admin_ui extension to the main config.yaml. Updated both admin_ui and RESTful API to reflect the changes. 2012-04-15 10:53:08 +01:00
antisnatchor
2198c69aa8 Merge remote-tracking branch 'upstream/master'. Fixed conflicts on config.yaml. 2012-04-14 20:44:17 +01:00
bcoles
e52b5101ee Updated logo location 
The favicon is not located at /favicon.ico if web server immitation is enabled
 2012-04-12 17:20:20 +09:30
bcoles
6af55c7e33 Event Logger now logs clipboard events (in IE6 only) 
Fixes issue# 653

Tidied up the 'submit' handler a bit. Part of issue #141
 2012-04-11 14:06:56 +09:30
antisnatchor
dd2e522ce4 Issue 654: the XssRays handler is now extending the Router class 2012-04-09 11:36:35 +01:00
Graziano Felline
736c81573e Setting up structures and server/client environment. 
A lot of TODO
 2012-04-06 02:21:40 +02:00
Thomas Mackenzie
e168a05936 added pageerror logo for iis imitation 2012-04-04 20:04:31 +01:00
antisnatchor
67d024441d Added Apache/Centos images for the default root page (web server imitation) 2012-04-04 16:45:39 +01:00
antisnatchor
f5a77a63eb Prevent to mount the favicon.ico if we're imitating a web server. 2012-04-04 16:06:19 +01:00
bcoles
2bca21a41d Minor updates to XSSRays 
Part of issue #47
 2012-03-26 16:29:15 +10:30
Michele Orru
11fbeb3296 Merge pull request #643 from antisnatchor/master 
RESTful API, from antisnatchor with love :D
 2012-03-15 10:33:17 -07:00
antisnatchor
5c96fe2b84 changed return value on override_execute, reformatted code for the metasploit api 2012-03-15 13:32:10 +01:00
Christian Frichot
6541d9fa34 Tidied up some of the Console Shell output handling - Issue #642 2012-03-15 19:52:03 +08:00
Christian Frichot
4f1042a6a3 QRCode extension - minor update to handle the Console in the Core - Issue #641 2012-03-15 19:39:24 +08:00
antisnatchor
8db7ef00b4 Fixed error when attaching to MSF (resetdb? is not there anymore) 2012-03-15 12:25:38 +01:00
antisnatchor
837c1f2db8 Modified BeEF::Module.execute to return the command_id of the persisted command, instead of just returning a boolean. Refactored usages in the code as well. 2012-03-13 12:40:28 +01:00
bcoles
f38c7e5615 Removed "HasJava" from hook initialization 
Updated Get Wireless Keys module description
 2012-03-13 00:50:03 +10:30
bcoles
6ef889b0b1 Removed Java from hook initialization: 
- Removed has_java
	- Removed internal_ip
	- Removed internal_hostname

Added function `beef.browser.javaEnabled()`

Patched function `beef.browser.hasJava()`
	- should no longer break the hook in Chrome/Safari

Added `not_working` browsers to History Extraction module
 2012-03-13 00:19:01 +10:30
Keith Lee
97672966df Fix for issues 567 and also remove multiple calls to beef.browser.hasJava() from /beef/core/main/client/net/local.js 2012-03-07 01:41:27 +08:00
antisnatchor
e9a6049e58 Fixes issue 621: Added 2 new command line options. Now it's psosible to specify a different config.yaml file. Also changed the core load order, adding a new bootstrap module. 2012-03-04 14:55:03 +01:00
Christian Frichot
63805d943d The Console Shell now allows you to drop into an IRB (and then play with the BeEF object if you want) Issue #627 2012-03-03 14:59:59 +08:00
bcoles
cda1659356 Improved proxy error handling. Fixes issue #92. 
The proxy now dies somewhat gracefully when given a malformed request.

The `Content-Length' header is now only matched by the parser if its
value is an integer.

A request with a null or missing HTTP version in the header now defaults
to HTTP/1.0

A request with a null or missing `Host' header returns:
  `ERROR: CrossDomain Request. The request was not sent.'
regardless of whether the host is specified in the URL.
 2012-02-19 03:42:20 +10:30