Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,049 Commits 14 Branches 34 Tags
e168a059367068bf0ec2494009c8db08dfd65e36
Commit Graph

71 Commits

Author SHA1 Message Date
bcoles
2bca21a41d Minor updates to XSSRays 
Part of issue #47
 2012-03-26 16:29:15 +10:30
Michele Orru
11fbeb3296 Merge pull request #643 from antisnatchor/master 
RESTful API, from antisnatchor with love :D
 2012-03-15 10:33:17 -07:00
antisnatchor
837c1f2db8 Modified BeEF::Module.execute to return the command_id of the persisted command, instead of just returning a boolean. Refactored usages in the code as well. 2012-03-13 12:40:28 +01:00
bcoles
6ef889b0b1 Removed Java from hook initialization: 
- Removed has_java
	- Removed internal_ip
	- Removed internal_hostname

Added function `beef.browser.javaEnabled()`

Patched function `beef.browser.hasJava()`
	- should no longer break the hook in Chrome/Safari

Added `not_working` browsers to History Extraction module
 2012-03-13 00:19:01 +10:30
bcoles
2ab95cc763 Renamed Decoder tab to HackVertor and disabled it for the upcomming 
release
 2012-01-18 23:42:14 +10:30
bcoles
a956bd60ea Added "Decoder" tab draft 2012-01-05 15:49:08 +10:30
bcoles
a6986e3960 Added detection for Chrome 16, updated Chrome Extensions modules and 
split the Details tab "Browser Hook Initialization" into "Hooked Page",
"Browser" and "Host"
 2012-01-04 18:52:34 +10:30
Wade Alcorn
06899ca267 Year updated from 2011 to 2012 2011-12-31 22:24:36 +10:00
bcoles
2439c9d61c Added Page URI to browser hook initialization details 
Fixes issue 543
 2011-12-28 08:47:07 +10:30
bcoles
74ec478449 Added allow_cross_domain to the request object 
By default all requests use allow_cross_domain = "true"

The Proxy component uses allow_cross_domain = "false"

The Forge Request component uses allow_cross_domain = "true"

Fixes issue 87
 2011-12-25 17:37:32 +10:30
bcoles
6ff92f48e0 Added document.referrer to browser hook initialization and tidied some code 2011-12-22 02:43:12 +10:30
bcoles
590e514680 Renamed "Requester" tab to "Rider" 
Added Proxy sub-tab under Rider tab

Part of issue 63
 2011-12-20 22:04:22 +10:30
bcoles
3ee52b82c0 Part of issue 87, issue 63, issue 29, issue 30 
In preperation for creating requester and proxy unit tests:

  o Tidied up some of the requester and proxy
  o Partially de-coupled requester from proxy
  o Fixed minor bugs:
    o is_valid_uri was not implemented correctly
    o http scheme validation had "http" instead of "https"
 2011-12-20 02:47:50 +10:30
bcoles
47ac45632d Added BeEF logo to panel header 2011-12-15 03:07:43 +10:30
bcoles
120e36d4b4 Added BeEF version to panel header and updated some links from 
code.google.com to github.com
 2011-12-11 20:30:09 +10:30
bcoles
25206bddc8 Added "Submit Bug" link to the Admin UI 
Fixes issue 545
 2011-11-27 02:25:56 +10:30
antisnatchor
18d4b642fe replaced WebRick HttpUtils in requester filters 2011-11-22 10:12:26 +01:00
antisnatchor
edf129d9ea replaced WebRick util method to parse HTTP request in Requester admin_ui controller 2011-11-20 11:49:05 +01:00
antisnatchor
e502882ed3 admin_ui session cookie management now with Rack 2011-11-20 11:12:59 +01:00
antisnatchor
05d06bb94e Removed unuseful Mutexes, refactored all the ugly 'exception-oriented' code that was using WebRick BadRequest, added config.yaml option to enable verbose debugging logs of Thin 2011-11-19 18:02:41 +01:00
antisnatchor
2997540918 rewrote the server core and adjusted the API/classes to use Thin and Rack instead of WebRick. 2011-11-19 15:49:19 +01:00
bcoles@gmail.com
dd5b1f5a81 Added platform and ActiveX detection to the browser hook initialization 
o Platform often provides the architecture (ie, 32bit) and can 
	be useful in identifying devices / smart phones

	o ActiveX detection was added for obscure browsers (ie, such as 
	software using an embedded browsing engine built on the IE COM)
	Normally ActiveX would only be detected on a hooked IE browser.

Moved the `is_valid_yes_no' filter from browser.rb to base.rb



git-svn-id: https://beef.googlecode.com/svn/trunk@1368 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-16 20:56:23 +00:00
buherator@gmail.com
caad2d5437 Displaying zombie domain and port on Requester tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1367 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-16 20:19:03 +00:00
buherator@gmail.com
ed866886f7 Storing port of HookedBrowser, fixing value of HookedBrowser.domain 
git-svn-id: https://beef.googlecode.com/svn/trunk@1365 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-15 22:04:08 +00:00
buherator@gmail.com
7447015901 sorting commands by status and name 
git-svn-id: https://beef.googlecode.com/svn/trunk@1364 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-15 14:25:50 +00:00
antisnatchor
e22332e1f8 (Fixes issue 467) rewrote from scratch the XssRays handler, refactored JS and Ruby code, improved the whole thing. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1361 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-12 14:56:50 +00:00
antisnatchor
20f07a5b04 prevent BeEF to be auto-BeEFed :-) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1357 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-10-07 13:07:07 +00:00
sussurro@happypacket.net
6658eff14c fixkup for metasploit to make payloads options be dynamic again. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1311 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-26 04:00:02 +00:00
A.M.Saafan@gmail.com
0362c536e5 Truncate response data larger than 100K. Fixes issue 463 
git-svn-id: https://beef.googlecode.com/svn/trunk@1297 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-17 13:04:50 +00:00
antisnatchor
3556268718 (Fixes issue 401): added one-to-many relationship between xssrays_scan and xssrays_details models. Updated code that use them accordingly. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1252 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-09-02 10:43:41 +00:00
antisnatchor
b4cb58346e Fixed proxy: the new filters where causing problems. Removed all of them except the method and version checks. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1240 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-29 09:18:24 +00:00
bcoles@gmail.com
7a4b07ef2e Added "Has WebSockets" to initialization / details tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1237 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-26 13:28:53 +00:00
bcoles@gmail.com
72c6bf87b0 Added port column to Requester History tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1214 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-19 14:49:43 +00:00
bcoles@gmail.com
b1de14dcf1 Added HEAD, OPTIONS, PUT and DELETE methods 
Fixes issue 356

Added HTTP request validation to proxy extension

	Fixes issue 429



git-svn-id: https://beef.googlecode.com/svn/trunk@1212 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-19 09:24:31 +00:00
passbe
8fe714881a Module execution functionality is now decoupled from the admin_ui. See BeEF::Module.execute(). Added Hooked Browser Manager skeleton. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1196 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-17 02:17:19 +00:00
bcoles@gmail.com
22941a51b4 Augmented beef.net.request to support port_status 
Only "open" and "closed" are supported currently

Part of issue 286



git-svn-id: https://beef.googlecode.com/svn/trunk@1177 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-10 09:47:01 +00:00
antisnatchor
381d083895 Issue 384: added XssRays "Scan config" tab, to configure crossDomain and cleanTimeout options. Added defaults to xssrays config file, also to prevent printing console.log statements if debug=false. Minor changes to xssrays_scan model. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1164 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-03 11:59:13 +00:00
yori.kvitchko
a70de4dbf8 Added get cookies to on-initialize. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1162 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-08-03 06:36:50 +00:00
wade@bindshell.net
d7930dc9da These changes clean up (a little) the details tab. 
git-svn-id: https://beef.googlecode.com/svn/trunk@1136 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:54:21 +00:00
wade@bindshell.net
a817fe14c4 These changes clean up the details tab (Fixes issue 398). 
git-svn-id: https://beef.googlecode.com/svn/trunk@1135 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:53:57 +00:00
wade@bindshell.net
72703c605f removed the double display of browser name in the details tab 
git-svn-id: https://beef.googlecode.com/svn/trunk@1134 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-29 14:53:32 +00:00
antisnatchor
62672b2159 Issue 384: added escape_for_html function to escape PoC data before rendering in ExtJs UI 
git-svn-id: https://beef.googlecode.com/svn/trunk@1125 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-28 13:29:38 +00:00
antisnatchor
91577429af Issue 384: removed old field update in hb table (not used anymore, was even preventing xssrays to start) 
git-svn-id: https://beef.googlecode.com/svn/trunk@1123 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-28 12:43:30 +00:00
bcoles@gmail.com
73ae24b029 Added Detect Cookie Support to initialization and details tab 
M	extensions/admin_ui/controllers/modules/modules.rb
M	extensions/initialization/handler.rb
M	core/main/client/browser.js

Example output on details tab:

	Session Cookies: Yes
	Persistent Cookies: Yes

Fixes Issue 380



git-svn-id: https://beef.googlecode.com/svn/trunk@1122 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-28 05:06:53 +00:00
passbe
5b4ff61909 Final changes to convert from old super() method to new configuration system. Fixes Issue 329 
git-svn-id: https://beef.googlecode.com/svn/trunk@1119 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-28 00:50:04 +00:00
passbe
a137a7be9b Hacked the admin_ui to use the new configuration target system. This commit renders all dynamic modules as VERIFIED UNKNOWN 
git-svn-id: https://beef.googlecode.com/svn/trunk@1117 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-27 01:03:45 +00:00
antisnatchor
a14fe4ba0a Issue 384: First draft of XssRays (admin UI): extjs UI 
git-svn-id: https://beef.googlecode.com/svn/trunk@1113 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-26 18:35:46 +00:00
scotty.b.brown@gmail.com
98a0f50e93 More work #329 
git-svn-id: https://beef.googlecode.com/svn/trunk@1108 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-26 10:51:58 +00:00
bcoles@gmail.com
a9d983b898 Added Browser Type to initialization and default tab 
M extensions/admin_ui/controllers/modules/modules.rb
	M extensions/initialization/handler.rb
	M core/main/client/browser.js 

Example output on details tab:

	Browser Type: {"FF5":true, "FF":true}

Fixes Issue 377


git-svn-id: https://beef.googlecode.com/svn/trunk@1070 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-18 22:09:26 +00:00
bcoles@gmail.com
569fec02cd Added Detect Scripts Support to initialization and details tab 
M extensions/admin_ui/controllers/modules/modules.rb
M extensions/initialization/handler.rb
M core/main/client/browser.js 

Example output on details tab:

Java Enabled: No
VBScript Enabled: No
Has Flash: Yes
Has GoogleGears: No

Fixes Issue 383 # https://code.google.com/p/beef/issues/detail?id=383



git-svn-id: https://beef.googlecode.com/svn/trunk@1069 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
 2011-07-18 04:16:54 +00:00