- /api/admin/login (added by Christian) which will get the api token by passing BeEF user/pass. As a consequence of this, the BeEF credentials have been moved to the main config.yaml. (they were in the config.yaml of the admin_ui extension before)
- /api/hooks/:session gets all the hooked browser details (like plugins, technologies enabled and so on)
Also, he's made XSSRays work with IE now, too (IE6 through IE9). A special thanks to Brendan for helping in testing.
Really, there have been a slew of other changes Michele has made, including:
- The initialization extension has been moved into the core.
- Added get_internal_ip module. Using an unsigned applet we can detect the internal ip of the victim. The previous module (Beffeine) had issues and this is the new replacement that works great.
- Every HTTP endpoint of the framework, except for the admin_ui and the XssRays extension, now extends the Router class. This means that routes are managed by Sinatra, and when the web_imitation features are turned on those handlers will respond like an IIS or Apache server.
But, Michele isn't the only contributor to BeEF! For example, Brendan has given us the ability to detect whether anyone is using any of the 1,000 most popular Chrome extensions with the Get Chrome Extensions module. And, we now log a copy of the clipboard whenever a user copies or pastes text (IE6 only) with the Event Logger.
So, here's a shout out to all of the BeEF contributors, and the folks who inspire us. If you want to read more about the release or those who contributed, download the new version, or help out, check out our github or visit the project website.
Thank you for keeping up with us! Please let us know what you want to see, and what you find useful. We want your feedback, too!
So, here's a shout out to all of the BeEF contributors, and the folks who inspire us. If you want to read more about the release or those who contributed, download the new version, or help out, check out our github or visit the project website.
No comments:
Post a Comment