New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add detect_antivirus module, merging the old bitdefender module #1315

Merged
merged 2 commits into from Oct 25, 2016

Conversation

Projects
None yet
2 participants
@phosphore
Contributor

phosphore commented Oct 24, 2016

Refactored code merging @vah13's AVDetection and the old BitDefender 2012 detection module by @Nbblrr.

@bcoles

This comment has been minimized.

Show comment
Hide comment
@bcoles

bcoles Oct 24, 2016

Collaborator

Thanks @phosphore

This looks good. I'll give it a sanity check tonight.

A couple of things stand out from eyeballing the code.


What does this do? Why is it needed? Do some AV require a body tag; or is this so you can append to body later if it doesn't exist?

var image = "<body><img src='x'/></body>"


var iframe = document.createElement("iframe"); can be replaced with var iframe = beef.dom.createInvisibleIframe();

A quick grep createInvisible modules/* will show plenty of examples for using this part of the BeEF API.


iframe.contentWindow.document.open(); probably won't work in older versions of IE.

Something like var iframeDoc = iframe.contentDocument || iframe.contentWindow.document; should be used.

Collaborator

bcoles commented Oct 24, 2016

Thanks @phosphore

This looks good. I'll give it a sanity check tonight.

A couple of things stand out from eyeballing the code.


What does this do? Why is it needed? Do some AV require a body tag; or is this so you can append to body later if it doesn't exist?

var image = "<body><img src='x'/></body>"


var iframe = document.createElement("iframe"); can be replaced with var iframe = beef.dom.createInvisibleIframe();

A quick grep createInvisible modules/* will show plenty of examples for using this part of the BeEF API.


iframe.contentWindow.document.open(); probably won't work in older versions of IE.

Something like var iframeDoc = iframe.contentDocument || iframe.contentWindow.document; should be used.

@phosphore

This comment has been minimized.

Show comment
Hide comment
@phosphore

phosphore Oct 25, 2016

Contributor

var image = "<body><img src='x'/></body>"
that is for the Kaspersky addon, injecting the attribute kasperskylab_antibanner in every img tag.

Contributor

phosphore commented Oct 25, 2016

var image = "<body><img src='x'/></body>"
that is for the Kaspersky addon, injecting the attribute kasperskylab_antibanner in every img tag.

@bcoles bcoles merged commit 7319868 into beefproject:master Oct 25, 2016

@bcoles

This comment has been minimized.

Show comment
Hide comment
@bcoles

bcoles Oct 25, 2016

Collaborator

Thanks @phosphore. Changes look good. Merged.

Collaborator

bcoles commented Oct 25, 2016

Thanks @phosphore. Changes look good. Merged.

@bcoles bcoles self-assigned this Oct 25, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment