Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
988 Commits 14 Branches 34 Tags
e1652bf52eeadace729f9c17029f5c605b59a7a9
Commit Graph

342 Commits

Author SHA1 Message Date
Keith Lee
f2401d3f39 Issue 86 - Working for Firefox. Support for Chrome+Opera+IE still pending. 2012-03-11 10:26:56 +01:00
asaafan
76e881dce9 Delete Skype XSS stub from main branch 2012-03-11 10:26:56 +01:00
unknown
ea199f5c55 Adding stub for Skype XSS module 2012-03-11 10:26:56 +01:00
bcoles
11870710e8 Added a couple of 0day CSRF exploits for Zenoss Core <= 3.2.1 2012-03-08 20:28:38 +01:00
Keith Lee
95f7e92011 Changes to command module and get_physical location so that @datastore['cid'] , @datastore['results'] and @datastore['beefhook'] can be called from the modules 2012-03-05 03:40:46 +08:00
bcoles
753299e758 Updated Get Page HTML module: 
o Now returns head and body in one beef.send() request
o Now stores results correctly
 2012-03-04 20:24:04 +10:30
bcoles
0485a1ab7e Added 3x router CSRF exploits: 
o Comtrend CT5367
o Comtrend CT5624
o D-Link DSL500T
 2012-03-04 14:55:00 +10:30
bcoles
5c678a2550 Added cleanup() function to router exploits 
Removed `username:password@` portion of example target URLs as
unfortunately this triggers warnings in most modern browsers. The
modules target CSRF vulnerabilities and it's expected and
acceptable behaviour to rely on the user having an authorized session by
default.

"Advanced users" will be familiar with the `username:password@` trick
and can add it to the URL if they desire.
 2012-03-03 20:43:56 +10:30
antisnatchor
e7dd04977e Added getPhysicalLocation module written by @keith55. Adjusted config.yaml description and browser support. 2012-02-26 09:53:16 +01:00
bcoles
b6ce0cf611 Updated Detect Firebug module description 2012-02-22 20:10:38 +10:30
bcoles
d50b07ac56 Added Unhook module. Fixes issue #525. 2012-02-18 19:10:02 +10:30
bcoles
a9e276f50a Added Detect Firebug module. Fixes issue 497 
Moved Detect Software module from Browser to Host category
 2012-02-18 17:43:20 +10:30
Christian Frichot
791b34863e Renamed / tidied up some of the config. See Issue #82 2012-02-18 10:06:47 +08:00
Christian Frichot
15932efcb3 Made some minor adjustments to 'os' key rating in core/module.rb. See issue #72 2012-02-18 09:06:46 +08:00
Mike Haworth
106e2dbd2d added detect software module 2012-02-18 12:22:17 +13:00
bcoles
591cef0732 Removed "notes:" node from three module config.yaml files 2012-02-09 23:01:14 +10:30
bcoles
ec0dacce28 Added fingerprints to Fingerprint Network module 2012-02-01 23:11:05 +10:30
antisnatchor
b9b5bc3840 moved imap ipec modules in a proper directory, added a note to imap ipec module about portbanning. 2012-01-24 19:59:15 +01:00
Juan Galiana
ee65dd1f6c Added IPEC IMAP module. Fixed issue 64 
IPEC IMAP module ported from BeEF-0.4.0.0
 2012-01-21 18:13:15 +00:00
Mike Haworth
ee1f4df1ea added local file theft module 2012-01-20 23:14:38 +13:00
bcoles
7478a2fe9d Added Detect CUPS module 2012-01-20 16:17:02 +10:30
bcoles
8a885c4145 Added a few fingerprints to the Fingerprint Network module 2012-01-19 00:53:36 +10:30
bcoles
62bf8abd19 Added Detect Google Desktop module 2012-01-18 23:29:39 +10:30
bcoles
a87a161bc1 Added module Detect Unsafe ActiveX 2012-01-10 17:33:26 +10:30
bcoles
bfd6f764aa Added module Mozilla nsIProcess XPCOM Interface 
This module is a port of the same module from BeEF-0.4.0.0

It has not been tested. It is currently disabled.

Part of issue 506
 2012-01-10 17:29:07 +10:30
bcoles
fa3ba26e47 Added more fingerprints to Fingerprint Network module 2012-01-08 15:47:15 +10:30
bcoles
a6986e3960 Added detection for Chrome 16, updated Chrome Extensions modules and 
split the Details tab "Browser Hook Initialization" into "Hooked Page",
"Browser" and "Host"
 2012-01-04 18:52:34 +10:30
Wade Alcorn
06899ca267 Year updated from 2011 to 2012 2011-12-31 22:24:36 +10:00
bcoles
e8fba4f414 Updated hard coded file path 
whoops - not the first time this has happened -_-
 2011-12-27 07:32:47 +10:30
bcoles
d5dd4f4894 Added Get Stored Credentials module 
Part of issue 558
 2011-12-27 07:03:21 +10:30
bcoles
0f62af06dc Ess eue double see E double ess eff eue el 2011-12-26 12:22:08 +10:30
bcoles
dcf31850fe Updated a few module names 
Added mailing list signup form to the advanced demo page in preperation for the stored password theft module
 2011-12-26 12:03:22 +10:30
bcoles
a2eb35f19d Added TabNabbing module 2011-12-25 20:52:49 +10:30
bcoles
04ea42bb9d Added Debug -> Text Network Request module 
Moved DNS Tunnel module to the IPEC category
 2011-12-24 16:33:34 +10:30
bcoles
f2d4592941 Added DNS Tunnel first draft 2011-12-23 08:24:10 +10:30
bcoles
ff0cf9f9ae Minor spelling/grammatical changes 2011-12-21 23:27:40 +10:30
bcoles
8a1a5259c0 Minor updates to PhoneGap modules: 
o Fixed bug in the Detect PhoneGap module
		o No longer fails to return if PhoneGap is not present

	o Some minor module name and description updates
 2011-12-21 23:02:45 +10:30
Mike Haworth
815140ac0d removed readme 2011-12-21 21:33:42 +13:00
Mike Haworth
3abe9e4a4e changed name of phonegap modules dir back to original 2011-12-21 21:22:38 +13:00
Mike Haworth
6a57322745 changed name of phonegap modules dir back to original 2011-12-21 21:22:00 +13:00
Mike Haworth
d2b69738b7 renamed phonegap modules dir 2011-12-21 21:19:58 +13:00
Mike Haworth
e694e5a019 phonegap modules added 2011-12-21 09:22:56 +13:00
bcoles
a72c096e0f Fixed bug in the get_page_html module where nothing was returned if the 
hooked page was malformed
 2011-12-10 16:45:44 +10:30
bcoles
63e7f8c349 Updated browser min_ver/max_ver for several modules: 
modules/browser/extract_local_storage/
	modules/browser/extract_session_storage/
	modules/host/physical_location/
 2011-12-08 19:21:56 +10:30
bcoles
b306abeb8f Fixed typo in module name 2011-12-03 15:14:23 +10:30
bcoles
455f862e11 Fixes issue 450 
The selector field has been removed from the Replace HREFs (HTTPS) module
 2011-11-27 02:06:34 +10:30
Christian Frichot
ab0cca2818 (Fixes issue 561): My first commit didn't take my modifications 2011-11-24 22:08:40 +08:00
Christian Frichot
02d25cc82b (Fixes issue 561): Pretty Theft module added (and tidied up a bit, can now run multiple times, and enter key submits form) 2011-11-24 21:23:43 +08:00
Christian Frichot
a52bd5dac2 (Fixes issue 572): iPhone telephone module does not use skype, use hidden iframe dom code 2011-11-24 20:48:42 +08:00
Christian Frichot
b90d88968e Merge branch 'master' of https://code.google.com/p/beef 2011-11-24 20:42:14 +08:00