Mario
Heiderich, a good friend of mine, spotted a cool issue with the BeEF keylogger. He went “Armin
Meiwes” on our favourite open
source bovine. He found XSS in BeEF using <svg/onload=blah>. Well-done!
The BeEF
team encourages security researchers to help out wherever possible. As such, we
are announcing a BeEF bug bounty program. Each bug will receive a kilogram of
Minotaur rump (depending upon supply ;-). Contact us if you would like to help
out. We want to hear from you!
We're publishing the writeup about the bug Mario found and we're addressing how we fixed it in today's blog post.