Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • a22926bc53 Merge remote-tracking branch 'origin/master' Christian Frichot 2013-07-08 19:41:10 +08:00
  • 2c2b9a85f4 Update browser fingerprinting module firefox signatures bcoles 2013-07-08 10:57:02 +09:30
  • dd811ca234 Add proxy detection using http headers to browser details bcoles 2013-07-08 00:25:49 +09:30
  • acfdf45d16 Merge remote-tracking branch 'origin/master' Christian Frichot 2013-07-06 15:10:43 +08:00
  • e88c3c1f86 Add fake_notification_c module bcoles 2013-07-05 01:17:20 +09:30
  • 32b48e5172 Add some client-side debugging to browser.js bcoles 2013-07-04 23:50:34 +09:30
  • b16d7e3563 Add fake_notification_ff module bcoles 2013-07-04 23:12:01 +09:30
  • 7e73c0a532 Merge remote-tracking branch 'origin/master' Christian Frichot 2013-07-04 20:14:29 +08:00
  • 1bddb00ec8 Add Replace Video (Fake Plugin) module bcoles 2013-07-04 11:54:52 +09:30
  • 9daacd799e Update version to beef-0.4.4.7 bcoles 2013-07-04 08:20:05 +09:30
  • 4fe51dcd28 Update version to '0.4.4.6.1-alpha' bug fix edition beef-0.4.4.6.1 bcoles 2013-07-04 08:17:17 +09:30
  • af6cf9e5d4 Add Firefox 23 and 24 support for Firefox aurora/beta users bcoles 2013-07-04 07:39:23 +09:30
  • 3705009982 LiveCD - updade bundles during beef update BWZ 2013-07-02 18:19:34 +10:00
  • 7f1473ccbf Added detection for Firefox 22 (and improved detection of FF 21/22 with a new DOM object). antisnatchor 2013-07-01 17:32:00 +01:00
  • f869d2924a Fixed an XSS discovered by Mario in the default keylogger. antisnatchor 2013-07-01 15:24:36 +01:00
  • 0b1c753bd3 Merge remote-tracking branch 'origin/master' Christian Frichot 2013-07-01 16:22:20 +08:00
  • f6ebe9fac0 Revert "Add Unity Web Player detection" gcatt 2013-07-01 10:11:20 +02:00
  • 570a8266ed Merge remote-tracking branch 'origin/master' Christian Frichot 2013-07-01 16:10:33 +08:00
  • 696e3715fe Add Unity Web Player detection gcatt 2013-06-18 23:59:43 +02:00
  • 53536d9d86 Merge remote-tracking branch 'origin/master' Christian Frichot 2013-07-01 07:04:42 +08:00
  • e61b266921 update version bcoles 2013-07-01 00:42:47 +09:30
  • 8cf17b01a5 Merge pull request #916 from bmantra/master beef-0.4.4.6 bmantra 2013-06-28 11:43:27 -07:00
  • 164ff5bea6 added option for LF only, to use with Linux bmantra 2013-06-28 20:42:53 +02:00
  • 6c6a33db50 Merge pull request #915 from Nbblrr/master Michele Orru 2013-06-28 05:48:54 -07:00
  • e95c74b5e1 DNS Enumeration module does not consider the user timeout parameter Nbblrr 2013-06-28 14:33:33 +02:00
  • d9f7af2721 Reference point for broken unit tests. NoMethodError and NameError are present. soh_cah_toa 2013-06-22 03:32:42 -04:00
  • c70fa80468 Merge pull request #911 from gcattani/910-HasUnity Michele Orru 2013-06-19 03:06:42 -07:00
  • 1be8ec12fd Add Unity Web Player detection gcatt 2013-06-18 23:59:43 +02:00
  • 0dd499c71a Updated browser detection to capture Chrome under iOS. See Issue #909 Christian Frichot 2013-06-16 16:19:58 +08:00
  • dab58f0e61 Updated hardware constants better detects and displays pure Nexus phones. Issue #908 Christian Frichot 2013-06-16 14:49:39 +08:00
  • 2e68470d23 Android OS Icon should now display. See Issue #907 Christian Frichot 2013-06-16 14:27:12 +08:00
  • 473f349394 Missing apostrophe in PHP-5.3.9-dos module.rb. This was breaking Rake. Make sure you run rake peeps before pushing! Christian Frichot 2013-06-15 13:48:05 +08:00
  • dbebf12d27 Update to browser_filter. See Issue #906 Christian Frichot 2013-06-15 13:45:24 +08:00
  • 96f763b7e0 Chrome 27/28 detection. Fixes Issue #905 Christian Frichot 2013-06-15 13:41:41 +08:00
  • d40486c391 Add airlive_ip_camera_csrf module bcoles 2013-06-14 15:28:35 +09:30
  • d43f443555 Merge pull request #904 from Nbblrr/master Brendan Coles 2013-06-13 22:38:37 -07:00
  • 2b473bfda9 Add module which detect MS Office version. Closes #903 Nbblrr 2013-06-14 00:39:39 +02:00
  • a2b627c8ae Add module to detect bitdefender 2012. Closes #902 Nbblrr 2013-06-14 00:07:00 +02:00
  • d45bff3a59 Improved #check_dns_response to use config file for address/port. soh_cah_toa 2013-06-10 18:11:36 -04:00
  • d2ac9e0f7a Included broken DNS unit tests so others can help debug. Temporary 'dns' and 'dns_rest' Rake tasks make it easier to run tests. soh_cah_toa 2013-06-08 23:25:23 -04:00
  • 9e1ec69e40 Added tests for GET /api/dns/ruleset handler. soh_cah_toa 2013-06-08 22:44:51 -04:00
  • e775748603 Added more tests for GET /api/dns/rule/:id with invalid input. Also changed handler to return 404 when rule isn't found. soh_cah_toa 2013-06-08 21:58:28 -04:00
  • 3b58518cfd Added tests for GET /api/dns/rule/:id handler. Fixed #parse_response so that these tests pass. soh_cah_toa 2013-06-08 19:04:42 -04:00
  • b9d64f0b89 Significantly refactored code in #test_3_add_rule_types. soh_cah_toa 2013-06-07 23:56:19 -04:00
  • e527f1ae09 Refactored redundant code in #test_1_add_rule_good. soh_cah_toa 2013-06-07 23:09:07 -04:00
  • 68e56fa8c0 Added tests for NS, PTR, SOA, TXT, WKS, and invalid RR types. All RR's are now tested. Though the tests are yet to be optimized. soh_cah_toa 2013-06-07 23:03:10 -04:00
  • eccbdd6958 Added tests for AAAA, CNAME, HINFO, MINFO, and MX RR types. Also fixed #format_response to properly format MS records. soh_cah_toa 2013-06-07 18:32:29 -04:00
  • 019ec2f6ed Added new test for attempting to add an existing rule. soh_cah_toa 2013-06-07 00:05:15 -04:00
  • cfa9177af1 Added 4 new tests for bad POST /api/dns/rule requests. soh_cah_toa 2013-06-06 23:58:12 -04:00
  • 1f37ceec9f Began first integration tests for DNS RESTful API interface. First test is for POST /api/dns/rule handler. soh_cah_toa 2013-06-06 23:16:40 -04:00
  • 6901581ae7 Moved #format_response call to before when RR type is evaled. Since #format_response throws an exception for unknown RR types, calling it first will ensure bad Resolv::DNS::Resource names will never be evaled. soh_cah_toa 2013-06-06 22:59:54 -04:00
  • 09ec09601e Changed hash key syntax from previous commit. Besides being consistent, Sinatra actually requires the string syntax. soh_cah_toa 2013-06-05 18:33:08 -04:00
  • fc6f0aface Changed DELETE handler to return JSON "success" key. Prior to this, nothing was returned. This will allow users to determine whether or not a rule was removed as expected. soh_cah_toa 2013-06-05 18:29:18 -04:00
  • 89a5d6fdbb Modified #remove_rule to return a boolean value. This is will soon allow the DELETE handler to indicate success or failure. soh_cah_toa 2013-06-05 18:20:48 -04:00
  • 6c61b39d81 Changed 401 status to 403 in filter for non-permitted IP's. 403 Forbidden is more appropriate since 401 Unauthorized only indicates that authentication is needed. In the case of a bad IP, authentication will make no difference which is exactly what 403 is meant for. soh_cah_toa 2013-06-05 17:09:09 -04:00
  • 80ab665054 Added new InvalidParamError class for handling bad named parameters. Previously, InvalidJsonError was being used mistakenly for this which is misleading considering no JSON was involved. soh_cah_toa 2013-06-05 16:56:05 -04:00
  • e56494d486 Renamed /rules GET route to /ruleset for the sake of consistency. Also added new "count" key to result that lists the number of rules. soh_cah_toa 2013-06-05 16:30:24 -04:00
  • 2f5133e11a Changed GET handlers to return recently fixed rule data. Also wrapped all handlers in a begin/end block that catches internal StandardError exceptions. soh_cah_toa 2013-06-05 15:56:33 -04:00
  • fce4c9196d Modified grep test case to allow #eval use in DNS extension. Using #eval is necessary for normal functioning and is now used in a safe manner. soh_cah_toa 2013-06-03 21:53:06 -04:00
  • 0af4029915 Added placeholders necessary to start DNS unit tests. Currently does nothing but assert(true). soh_cah_toa 2013-06-03 21:42:34 -04:00
  • 44622345d0 s/DNS/Dns/g since that is the BeEF style convention. soh_cah_toa 2013-06-03 17:55:58 -04:00
  • 0f8221918b Improved coding style (a la ruby-style-guide and rubocop). Because I'm too tired to start testing and need a little victory. ;) soh_cah_toa 2013-06-03 00:11:41 -04:00
  • c8c9e1e139 Reimplemented POST handler to avoid unsafe use of #eval. Now the desired response is passed an array. Each RR type is handled specially to craft the necessary response. soh_cah_toa 2013-06-02 22:40:58 -04:00
  • 998980b566 Fixed case-statement in #match that prevented adding rules locally. soh_cah_toa 2013-06-02 22:23:27 -04:00
  • dbabb379fb Add Iceweasel detection in browser.js bcoles 2013-06-02 05:14:33 +09:30
  • 5252bea54a Add Get Form Values module bcoles 2013-06-02 05:11:45 +09:30
  • 7fdfcc3ef0 Add beef.browser.isA() to avant_steal_history module bcoles 2013-06-02 03:19:05 +09:30
  • 3c5b68e112 Add beef.browser.isA() to detect Avant Browser bcoles 2013-06-02 03:14:29 +09:30
  • 9e17958268 Merge pull request #900 from james-otten/master Michele Orru 2013-05-31 02:36:40 -07:00
  • f2efa533c8 Added Actiontec Q1000 CSRF module James Otten 2013-05-30 15:49:47 -05:00
  • 9636cb0972 Updated Gmail detection URL. Fixes #Issue 899 Christian Frichot 2013-05-28 20:34:56 +08:00
  • 1dc59f7b01 Add D-Link ShareCenter command execution exploit module bcoles 2013-05-27 13:50:12 +09:30
  • 7f4562945a Added new InvalidJsonError class for handling errors in JSON input. This is better practice than just (ab)using StandardError. soh_cah_toa 2013-05-26 23:46:37 -04:00
  • 38284d5eaa Implemented DELETE handler for removing DNS rules. soh_cah_toa 2013-05-26 23:26:58 -04:00
  • ff620d42f4 Add belkin_dns_csrf DNS hijack module bcoles 2013-05-27 12:50:06 +09:30
  • 61e6337046 Remove zenoss_daemon_csrf module bcoles 2013-05-27 12:14:27 +09:30
  • 27b1b530ef Implemented POST handler for /api/dns/rule which adds a new rule. A host of other changes got roped into this as well. #match now silently handles blocks passed as a String in order to handle the 'block' JSON parameter. This is because sourcify doesn't work with eval'd data. soh_cah_toa 2013-05-26 22:44:11 -04:00
  • 639d0611a6 Add command_id to embedded iframe/img IDs for router exploits bcoles 2013-05-27 11:56:01 +09:30
  • ab7a62e8a4 Update version bcoles 2013-05-27 10:40:58 +09:30
  • 71f04d82f5 Merge pull request #849 from geefunkmasterpro/master beef-0.4.4.5 Michele Orru 2013-05-26 04:58:57 -07:00
  • 704b979054 minor syntax changes to php-5.3.9-dos module bcoles 2013-05-26 02:48:04 +09:30
  • 7aaafc79aa Remove bi-directional communication from IPEC win bindshell module bcoles 2013-05-26 02:41:04 +09:30
  • f90ad4a261 Add detection for WebRTC support bcoles 2013-05-24 17:06:36 +09:30
  • 0dfab0e348 Add EXTRAnet Collaboration Tool Command Execution exploit module bcoles 2013-05-24 16:40:02 +09:30
  • 018a849e14 Add 'path' argument for beef.dom.createIframeIpecForm() bcoles 2013-05-24 14:01:21 +09:30
  • 717f63ff0c Add ruby-nntpd Command Execution exploit module bcoles 2013-05-24 13:50:04 +09:30
  • 9bac6b4fc1 Add support for Firefox 21 bcoles 2013-05-24 13:47:31 +09:30
  • 2dae1d4c07 Add /bin/sh -c to default command bcoles 2013-05-22 14:37:01 +09:30
  • 7de48ceafb Add GroovyShell Server Command Execution IPEC exploit module bcoles 2013-05-22 02:32:27 +09:30
  • c6f38324d1 Refactored #get_ruleset to be part of RubyDNS. All database logic should be inside RubyDNS since BeEF's DNS class is mostly just a wrapper around it. soh_cah_toa 2013-05-18 21:00:22 -04:00
  • 054767c898 Added RESTful API route for /api/dns/rule/:id. This will return a single rule given its unique id. soh_cah_toa 2013-05-17 23:02:40 -04:00
  • 702595c04c Improved a lot of documentation for BeEF::Extension::DNS::DNS. soh_cah_toa 2013-05-17 19:12:05 -04:00
  • c70037f9f4 Began adding support for RESTful API beginning with /api/dns/rules. soh_cah_toa 2013-05-17 18:25:22 -04:00
  • 13001b9642 Updated README.mkd to mention rubydns and sourcify dependencies. This was forgettin in commit 872ce2e. soh_cah_toa 2013-05-16 23:24:23 -04:00
  • 18a78b57b2 Fixed load_rules() to rebuild 'pattern' and 'type' as an array. This was forgotten in the previous commit. soh_cah_toa 2013-05-16 23:20:04 -04:00
  • 24f7e5b6cd Separated 'pattern' and 'type' properties in DNS model. This will expose the resource type to the RESTful API (coming soon). soh_cah_toa 2013-05-16 23:14:29 -04:00
  • 6d2a771084 Changed model name to BeEF::Core::Models::DNS::Rule. This is more descriptive and follows the singular name convention. soh_cah_toa 2013-05-15 22:29:42 -04:00
  • 271b2b8e85 Removed RubyDNS::Server#rules attribute accessor since it's unused. soh_cah_toa 2013-05-15 22:19:58 -04:00
  • 35f25bbeb9 Removed load_rules() and parse_type() since they're unused. soh_cah_toa 2013-05-15 22:18:16 -04:00
  • 872ce2e92f Updated README to mention rubydns and sourcify dependencies. soh_cah_toa 2013-05-15 22:15:50 -04:00