Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c8595b09b766c64255be9535a3a511c466ff1621
beef/modules/social_engineering/gmail_phishing/module.rb
wheatley b6425e4a90 Release 0.5.2.0 (#2166) 
* fixed offline zombie not deleting

* Bump jsdoc-to-markdown from 6.0.1 to 7.0.1 (#2161)

Bumps [jsdoc-to-markdown](https://github.com/jsdoc2md/jsdoc-to-markdown) from 6.0.1 to 7.0.1.
- [Release notes](https://github.com/jsdoc2md/jsdoc-to-markdown/releases)
- [Commits](https://github.com/jsdoc2md/jsdoc-to-markdown/compare/v6.0.1...v7.0.1)

---
updated-dependencies:
- dependency-name: jsdoc-to-markdown
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bug: Core - 1785 Fixed public hook url configuration settings (#2163)

* added spec file for testing changes

* added local host getter to configuration class

* added default value 0.0.0.0 for local host if it's not set

* added port config getter with default

* added port config getter with default

* fixed spelling errors for port

* added public configuration values and validation

* removed logic from public port as it was not required

* added beef host to configuration class

* added beef port to configuration class and removed default http.port logic from public_port

* fixed rubocop errors and refactored spec tests

* added beef host configuration values used for external resources

* added beef url to configuration

* added spec file for testing changes

* added local host getter to configuration class

* added default value 0.0.0.0 for local host if it's not set

* added port config getter with default

* added port config getter with default

* fixed spelling errors for port

* added public configuration values and validation

* removed logic from public port as it was not required

* added beef host to configuration class

* added beef port to configuration class and removed default http.port logic from public_port

* fixed rubocop errors and refactored spec tests

* added beef host configuration values used for external resources

* added beef url to configuration

* created command spec file

* add before statement to load all enabled modules to test command class

* add spec to check if configuration instance exists by setting and accessing a config variable

* updated http proto for beef host

* reverting changes on this file, dev values set

* removed some unessessary checks

* fixed grammar test now we're only testing one configuration attribute

* added hook url for contextual usage

* refactoring admin_ui with new code usage

* fixed issue with the location of the beef.http.https.public_enabled

* refactored powershell module and extension

* adding the new config setting for public https beign enabled

* refactor qrcode extension

* replace video fake plugin refactor

* social engineering refactoring

* phonegap module refactoring

* exploit refactoing

* network module refactoing

* ipec module refactoring

* host module refactoring

* debug refactoring

* browser refactoring

* social engineering extension refactoring

* core main server refactoring

* core main console banner refactoring

* removing dev test

* fixed area with location of http.https.enabled

* changed the hook url definition to return the hook file path

* updated banners to use new configuration getters

* updated extensions and modules with the hook url change

* added new public.host configuration settings and validations for depicated usage of public

* updated to use public.port configuration

* added validation for old configuration public_port

* updated to use public https configuration setting

* updated config with new settings format

* fixed get to point to new locations

* fixed pointer to hook_file_path

* Update extensions/social_engineering/web_cloner/web_cloner.rb

Co-authored-by: bcoles <bcoles@gmail.com>

* updated enabled to enable

* making sure default configuration file does not have preset values

Co-authored-by: bcoles <bcoles@gmail.com>

* bumped versions to 0.5.2.0

* Usability: #2145. Added user input request for beef update within 'beef' install script (#2162)

* added user input request for beef update

* swaped git pull from system to backticks

* flags added for auto update and timout to input

* updated install.txt to reference the update-beef script (#2160)

Co-authored-by: Andrew Wheatley <a@andrews-mini.home>
Co-authored-by: Isaac Powell <36595182+DeezyE@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: bcoles <bcoles@gmail.com>
2021-09-12 21:33:02 +10:00

45 lines
1.7 KiB
Ruby
Raw Blame History

#
# Copyright (c) 2006-2021 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Gmail_phishing < BeEF::Core::Command
def self.options
@configuration = BeEF::Core::Configuration.instance
proto = @configuration.beef_proto
beef_host = @configuration.beef_host
beef_port = @configuration.beef_port
base_host = "#{proto}://#{beef_host}:#{beef_port}"
xss_hook_url = "#{base_host}/demos/basic.html"
logout_gmail_interval = 10000
wait_seconds_before_redirect = 1000
return [
{'name' => 'xss_hook_url',
'description' => 'The URI including the XSS to hook a browser. If the XSS is not exploitable via an URI, simply leave this field empty, but this means you will loose the hooked browser after executing this module.',
'ui_label' => 'XSS hook URI',
'value' => xss_hook_url,
'width' => '300px' }, {
'name' => 'logout_gmail_interval',
'description' => 'The victim is continuously loged out of Gmail. This is the interval in ms.',
'ui_label' => 'Gmail logout interval (ms)',
'value' => logout_gmail_interval,
'width' => '100px' }, {
'name' => 'wait_seconds_before_redirect',
'description' => 'When the user submits his credentials on the phishing page, we have to wait (in ms) before we redirect to the real Gmail page, so that BeEF gets the credentials in time.',
'ui_label' => 'Redirect delay (ms)',
'value' => wait_seconds_before_redirect,
'width' => '100px' }
]
end
def post_execute
content = {}
content['Result'] = @datastore['result']
save content
end
end
Reference in New Issue View Git Blame Copy Permalink