Module: IE Unsafe ActiveX Control Detection

Events: Submitted by Wade on 26-Apr-09 at 04:04am

Remote detection through IE (of the availability) of unsafe ActiveX controls is achievable. A script can attempt to access an unsafe control and then check if it succeeds. That is exactly what this new BeEF module does.

Module: IE VM Detection

Events: Submitted by Wade on 19-Apr-09 at 06:19am

Under some circumstances in Internet Explorer, JavaScript can determine if the browser is in a virtual machine. Scripting can do this by checking the MAC address. For a successful detection (and worse) the configuration option "Initialize and script ActiveX controls not marked as safe for scripting" must be enabled. When enabled, Internet Explorer will alert the user of the insecure configuration. So this is not exactly stealthy.

I have a BeEF module that will do the detection. Just decompress it and put the module into the 'module/symmetric' directory. The menu option will automatically be displayed in the modules menu.