Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,331 Commits 14 Branches 34 Tags
dff44bc86536e53d8a4a8eec090a507c19bc055e
Commit Graph

64 Commits

Author SHA1 Message Date
Ben Passmore
9f1e8f5e8d Updated copyright 2019-01-01 11:57:28 +10:00
Wade Alcorn
fca5279f17 Updated Copyright dates 2018-01-04 09:12:47 +10:00
Brendan Coles
173a65be13 Add IP and port validation to beef.net 2017-08-11 06:12:15 +00:00
Brendan Coles
91bfb06f8c Add check for mixed content requests in beef.net.forge_request 2017-04-16 17:17:34 +00:00
Wade Alcorn
91cc7ed873 Updated Copyright information 2016-12-29 15:50:13 +10:00
antisnatchor
c700bb3013 Added ws_connect_timeout option to delay of 500 ms the establishment of the WS channel. This is needed to wait for browser fingerprinting to finish, in order to have all the info needed for triggering ARE rules using WS channel. 2016-04-03 15:16:14 +02:00
Ilguiz Latypov
d81db24912 Delay form submission to allow the Javascript event loop complete the transfer of the log. #1215 2016-02-15 16:02:06 -05:00
Brendan Coles
d110675c0f Revert 96dfde519a 2016-02-13 09:53:23 +00:00
Brendan Coles
96dfde519a Remove JSON.stringify(results) from beef.websocket.send - Fix #1210 2016-02-12 13:25:39 +00:00
Wade Alcorn
ce01d9fa46 updated copyright year 2015-12-30 08:11:57 +10:00
antisnatchor
bdecbd21a0 Merged changed from master branch, disabled ARE rules by default. 2015-07-27 10:44:51 +02:00
antisnatchor
c84e1b88ac Autorun Rule Engine from @antisnatchor with love (alpha version). 2015-07-27 10:34:58 +02:00
Christian Frichot
ba990e2869 beef.net.request JS method now fires callbacks ALWAYS - not just on successful requests. Fixes Issue #1127 2015-06-23 16:21:58 +08:00
antisnatchor
4126a5530e Fixed bug in forge_request that was not adding the POST body to forged requests. 2015-03-21 12:20:07 +01:00
Wade Alcorn
2fbca61368 Updated copyright dates 2014-12-30 07:44:58 +10:00
Wade Alcorn
744b7649e7 Corrected some usages of domain to origin 2014-02-08 09:56:31 +10:00
antisnatchor
6a8a103b8b Final fix for issue #957 2014-01-06 11:03:40 +00:00
antisnatchor
b43fbce044 Fixed issue #957. The requester and proxy now work again after the jquery update. 2014-01-03 13:48:31 +00:00
Wade Alcorn
8003f1a47f Updated the copyright year to 2014 2014-01-01 16:34:15 +10:00
Wade Alcorn
fe40038441 Updated copyright year to 2013 2012-12-30 12:47:43 +10:00
antisnatchor
72a4a127ff Documented (JSdoc) all the net.js methods. 2012-11-21 06:14:59 +00:00
antisnatchor
81f03f0024 Fixed a nasty bug with WebSockets. BrowserDetails are now always sent with XHR-polling, before switching protocols using WebSockets. 2012-11-18 15:45:46 +00:00
Wade Alcorn
b68df3d024 Changed license header 2012-11-02 14:05:15 +10:00
Christian Frichot
b58e9b955e Fixes Issue #733 - Thin SSL support initial release 2012-08-05 16:17:18 +08:00
antisnatchor
1282831af1 Terminating unterminated statements in various JS files. 2012-05-22 13:38:28 +01:00
antisnatchor
51b27709dd Merge remote-tracking branch 'upstream/master'. WS: added stringifying command results in beef.net.send 2012-05-19 19:19:03 +01:00
bcoles
78b88ee09f Changed status/port status info for cross-domain request history 2012-05-14 18:57:44 +09:30
bcoles
2f7d98c7a7 Fixed bug in core/main/client/net.js 
ALL requests (modules, requester, etc) were failing in Firefox since
commit 1fd66bce1e
 2012-05-14 17:45:03 +09:30
Mike Haworth
1fd66bce1e Issue #666 Proxy now uses forge_request, allowing cross domaian requests, for instances where SOP bypass is available 2012-05-13 13:08:13 +12:00
antisnatchor
052d25a36b Fixed another bug when parsing the BeEF hook cookie in Js. now using beef.session.get_hook_session_id(). Should be the last fix. 2012-05-11 14:22:13 +01:00
antisnatchor
925e744194 Merge remote-tracking branch 'upstream/master' 
Resolved conflicts:
	core/main/client/net.js
	core/main/handlers/modules/beefjs.rb
 2012-05-10 10:19:22 +01:00
Brendan Coles
f221f93ebb Merge pull request #652 from ebababi/master 
Introduce public port setting
 2012-05-07 01:09:22 -07:00
bcoles
99d47351b7 Patched newline issue in request() in net.js 
See commit c3435ee345 for more info
 2012-05-03 15:54:46 +09:30
antisnatchor
72ba526cbc merged changes of net.js to fix the requester/tunneling proxy 2012-05-02 14:28:30 +03:00
antisnatchor
c3435ee345 Fixed a nasty bug in net.js forgeRequest. Stripping line breaks from request domain: prevented the requester/tunneling proxy to work (always cross-domain fails) 2012-05-02 14:25:31 +03:00
Graziano Felline
97c2649e36 Corrected issues on IE browser (IE8 IE9) to check IE6 -IE7 
Corrected Issues whit character encoding
 2012-04-20 19:17:34 +02:00
Graziano Felline
656262c0f4 Basic response recv system implemented 
todo ping-pong for alive host. thread's content is  in websocket.rb
todo setting up a separate handler for via ws answer's
 2012-04-18 12:00:17 +02:00
Graziano Felline
2755c6449c Deleted some stuff that does not work correctly in old browser (IE 8) 
Better check for FF
Cleand up inside the code
 2012-04-14 19:42:53 +02:00
Graziano Felline
23f782b8d8 Hook.js load websocket.js only if specifield in beef configuration file 
if websocket is disabled all work normally
 if websocket is enabled have trouble in command.rb
 2012-04-12 19:01:49 +02:00
Graziano Felline
af9b3c97b5 Added polling stop if websocket is up in updater.js 
added hash for websocket in websocket.rb
added check for websocket existence in command.rb and net.js
added a POC onmessage function in websocket.js
added check for websocket support in init.js
added a POC send to send command output to server in beef.js
 2012-04-11 20:52:47 +02:00
Nikolaos Anastopoulos
e4d4edba75 Public port setting affects URI scheme 2012-03-23 20:42:12 +02:00
antisnatchor
1d74d7eeab Fixed a serious bug in beef.net.request when sending cross-domain POST data. jQuery is automatically changing the method to GET if the dataType (that was hardcoded in our code) is set to 'script'. 2012-02-15 16:00:38 +01:00
Wade Alcorn
06899ca267 Year updated from 2011 to 2012 2011-12-31 22:24:36 +10:00
bcoles
33289bc023 Fixed bug in cross-domain request detection 
Same-domain requests on a non-standard HTTP port were incorrectly
identified as cross-domain requests
 2011-12-27 17:56:18 +10:30
bcoles
74ec478449 Added allow_cross_domain to the request object 
By default all requests use allow_cross_domain = "true"

The Proxy component uses allow_cross_domain = "false"

The Forge Request component uses allow_cross_domain = "true"

Fixes issue 87
 2011-12-25 17:37:32 +10:30
bcoles
4543d60570 Added allowCrossDomain functionality to beef.net.requester.send 2011-12-24 13:37:14 +10:30
bcoles
61a34c1c60 Decoupled beef.net.request and beef.net.proxyrequest 
This is part of issue 87
 2011-12-24 04:21:45 +10:30
bcoles
2e9ad8b9dc More tidying of requester and proxy in preperation for unit tests 2011-12-21 06:09:30 +10:30
bcoles
3ee52b82c0 Part of issue 87, issue 63, issue 29, issue 30 
In preperation for creating requester and proxy unit tests:

  o Tidied up some of the requester and proxy
  o Partially de-coupled requester from proxy
  o Fixed minor bugs:
    o is_valid_uri was not implemented correctly
    o http scheme validation had "http" instead of "https"
 2011-12-20 02:47:50 +10:30
antisnatchor
c37db1e364 (Fixes issue 486): now using the requester (so also the tunneling proxy) you can correctly send POST requests 2011-11-23 17:07:55 +01:00