Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
826 Commits 14 Branches 34 Tags
db2be8ba16f2cbcf306aef9bc7d03ecd72bd7afd
Commit Graph

173 Commits

Author SHA1 Message Date
bcoles
2439c9d61c Added Page URI to browser hook initialization details 
Fixes issue 543
 2011-12-28 08:47:07 +10:30
bcoles
33289bc023 Fixed bug in cross-domain request detection 
Same-domain requests on a non-standard HTTP port were incorrectly
identified as cross-domain requests
 2011-12-27 17:56:18 +10:30
bcoles
74ec478449 Added allow_cross_domain to the request object 
By default all requests use allow_cross_domain = "true"

The Proxy component uses allow_cross_domain = "false"

The Forge Request component uses allow_cross_domain = "true"

Fixes issue 87
 2011-12-25 17:37:32 +10:30
bcoles
4543d60570 Added allowCrossDomain functionality to beef.net.requester.send 2011-12-24 13:37:14 +10:30
bcoles
61a34c1c60 Decoupled beef.net.request and beef.net.proxyrequest 
This is part of issue 87
 2011-12-24 04:21:45 +10:30
bcoles
f2d4592941 Added DNS Tunnel first draft 2011-12-23 08:24:10 +10:30
bcoles
6ff92f48e0 Added document.referrer to browser hook initialization and tidied some code 2011-12-22 02:43:12 +10:30
bcoles
2e9ad8b9dc More tidying of requester and proxy in preperation for unit tests 2011-12-21 06:09:30 +10:30
bcoles
3ee52b82c0 Part of issue 87, issue 63, issue 29, issue 30 
In preperation for creating requester and proxy unit tests:

  o Tidied up some of the requester and proxy
  o Partially de-coupled requester from proxy
  o Fixed minor bugs:
    o is_valid_uri was not implemented correctly
    o http scheme validation had "http" instead of "https"
 2011-12-20 02:47:50 +10:30
bcoles
ec7d3134aa Updated browser detection in hook initialization 
Future proofed browser version detection in preperation for double
digit major version numbers

Updated flash detection in Internet Explorer for Flash 11.x
 2011-12-12 00:17:15 +10:30
bcoles
a49d1351e7 Added check for document.documentMode so Internet Explorer 8 and 9 are 
no longer detected as Internet Explorer 7 when operating in compatibility mode.

Fixes issue 589
 2011-12-08 22:34:46 +10:30
bcoles
2ccd421768 Increased max valid user-agent string length from 200 to 300 in 
BeEF::Filters.is_valid_browserstring(str) in core/filters/browser.rb

IE with a few plugins has a user-agent length of ~200
 2011-12-07 20:54:23 +10:30
Christian Frichot
921cf10e55 Migration no longer re-adds existing modules to the database. You can now see previous results after you stop/start BeEF 2011-11-28 07:27:49 +08:00
Ben Passmore
e76909cd4a Added very basic threading to the Network stack. Fixes issue 315. 2011-11-25 20:43:50 +10:00
Christian Frichot
9c7bc0ea51 Removed core dependancy on librex - installer advises, but doesn't install. Beef does NOT require librex, unless you actually enable the console.shell extension 2011-11-24 22:06:21 +08:00
antisnatchor
c37db1e364 (Fixes issue 486): now using the requester (so also the tunneling proxy) you can correctly send POST requests 2011-11-23 17:07:55 +01:00
antisnatchor
4174e9cd5e fixed lame JS error in net.js 2011-11-22 16:15:20 +01:00
antisnatchor
0866b0a8e1 bugfix on the requester, small code change in net.js (optimized cross_domain checks, added check when URI contains schema/domain as well) 2011-11-22 11:18:55 +01:00
antisnatchor
4c1ed2ee2e completely removed WebRick dependency and references in the code!! fuck yeah 2011-11-22 10:20:44 +01:00
antisnatchor
e4cecc27df renabled commented-out Mutex in server initialization. Without this mutex the tunneling proxy cannot start. 2011-11-21 16:45:09 +01:00
Wade
82865f6ffa popup blocker detection added 2011-11-21 17:15:39 +10:00
Wade
48c7123639 Error message updated (Fixes issue 487). 2011-11-21 16:14:33 +10:00
Wade
3f94c72777 Unneeded comments removed 2011-11-21 15:42:38 +10:00
Wade
5045723cf1 Reduce the Thin logging level to match the value set in the config 2011-11-21 15:41:41 +10:00
antisnatchor
88bb429d04 adapted DynamicReconstruction Tests to the new Thin server. Rake => all tests passed 2011-11-19 20:10:10 +01:00
antisnatchor
05d06bb94e Removed unuseful Mutexes, refactored all the ugly 'exception-oriented' code that was using WebRick BadRequest, added config.yaml option to enable verbose debugging logs of Thin 2011-11-19 18:02:41 +01:00
antisnatchor
2997540918 rewrote the server core and adjusted the API/classes to use Thin and Rack instead of WebRick. 2011-11-19 15:49:19 +01:00
bcoles@gmail.com
f7a39098d4 Updated Firefox detection: 
Updated Firefox version detection
	(in preperation for double digit version numbers)

	Added Firefox 9 detection  (the beta is public)

	Added Firefox 10 detection (the beta will be public in ~30 days)



git-svn-id: https://beef.googlecode.com/svn/trunk@1429 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-11-12 02:03:36 +00:00
antisnatchor
a930d11792 Improved Javascript documentation (Rdoc) for dom.js 
git-svn-id: https://beef.googlecode.com/svn/trunk@1390 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-11-02 15:14:00 +00:00
antisnatchor
8a3977ff78 Improved attachApplet JS API function to support codebase attribute 
git-svn-id: https://beef.googlecode.com/svn/trunk@1388 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-11-02 11:04:05 +00:00
antisnatchor
8074443730 Improved attachApplet JS API function to parse array of parameters. Now also use the best way to attach the applet cross-browser. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1386 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-11-01 12:00:46 +00:00
bcoles@gmail.com
5ea6dd9fd2 Added Firefox 8 detection 
In preperation for Firefox 8 (the beta is public)



git-svn-id: https://beef.googlecode.com/svn/trunk@1385 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-30 12:07:17 +00:00
antisnatchor
5f59e198d1 Added Chrome 15 detection 
git-svn-id: https://beef.googlecode.com/svn/trunk@1384 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-29 14:52:59 +00:00
passbe
3b72fe969c Removed incorrect logic from previous testing 
git-svn-id: https://beef.googlecode.com/svn/trunk@1382 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-24 10:21:36 +00:00
passbe
24fe856b0c Module config max_ver now has the ability to use 'latest' 
git-svn-id: https://beef.googlecode.com/svn/trunk@1381 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-24 10:14:01 +00:00
passbe
a1bb393407 Configuration now gracefully fails if there is a problem with *.yaml 
git-svn-id: https://beef.googlecode.com/svn/trunk@1380 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-24 09:54:00 +00:00
passbe
d1201e70a2 Corrected min_ver, max_ver bug. Fixes issue 489. Fixes issue 525. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1379 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-24 07:00:29 +00:00
wade@bindshell.net
801d098e97 Another test added which greps the source base for the eval function. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1375 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-20 13:51:12 +00:00
avlidienbrunn@gmail.com
f3cd6aaeb5 (Fixes issue 450) Ported MITB code from h.ackack.net! 
git-svn-id: https://beef.googlecode.com/svn/trunk@1371 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-19 08:06:36 +00:00
bcoles@gmail.com
dd5b1f5a81 Added platform and ActiveX detection to the browser hook initialization 
o Platform often provides the architecture (ie, 32bit) and can 
	be useful in identifying devices / smart phones

	o ActiveX detection was added for obscure browsers (ie, such as 
	software using an embedded browsing engine built on the IE COM)
	Normally ActiveX would only be detected on a hooked IE browser.

Moved the `is_valid_yes_no' filter from browser.rb to base.rb



git-svn-id: https://beef.googlecode.com/svn/trunk@1368 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-16 20:56:23 +00:00
bcoles@gmail.com
d0f332643e Separated hostname and hostport 
git-svn-id: https://beef.googlecode.com/svn/trunk@1366 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-16 14:25:47 +00:00
buherator@gmail.com
ed866886f7 Storing port of HookedBrowser, fixing value of HookedBrowser.domain 
git-svn-id: https://beef.googlecode.com/svn/trunk@1365 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-15 22:04:08 +00:00
passbe
65b8652f26 Finished commenting BeEF core. From this point on each developer should be commenting their own core changes 
git-svn-id: https://beef.googlecode.com/svn/trunk@1362 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-15 03:59:24 +00:00
antisnatchor
e22332e1f8 (Fixes issue 467) rewrote from scratch the XssRays handler, refactored JS and Ruby code, improved the whole thing. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1361 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-12 14:56:50 +00:00
buherator@gmail.com
ab1ec19a5c Changed BeEF::API::Registra to BeEF::API::Registrar 
git-svn-id: https://beef.googlecode.com/svn/trunk@1358 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-09 15:31:52 +00:00
sussurro@happypacket.net
988e7b010e change override_execute so that it will pass the hooked browser session so we can both override functionality and add commands 
git-svn-id: https://beef.googlecode.com/svn/trunk@1350 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-04 16:57:11 +00:00
wade@bindshell.net
a7fda336fd some functions prevented for security reasons 
git-svn-id: https://beef.googlecode.com/svn/trunk@1333 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-30 13:38:36 +00:00
wade@bindshell.net
352b6ef7a5 insecure eval funtion has been overloaded 
git-svn-id: https://beef.googlecode.com/svn/trunk@1330 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-30 13:18:08 +00:00
passbe
1f61418c87 Commented all ruby patches 
git-svn-id: https://beef.googlecode.com/svn/trunk@1321 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-29 23:48:20 +00:00
bcoles@gmail.com
f7bca3c192 Added Rewrite HREFs (HTTPS) module 
This module will rewrite all the href attributes of HTTPS links to use 
HTTP instead of HTTPS. Links relative to the web root are not rewritten.

Added beef.dom.rewriteLinksProtocol(old_protocol, new_protocol, selector)



git-svn-id: https://beef.googlecode.com/svn/trunk@1317 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-29 09:55:09 +00:00