Browser Rider – a testing tool for browser exploitation

What is this about?
“Browser Rider” is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit.

Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out there are unmainted, not updated and not documented. Browser Rider wants to fill those gaps by providing a better alternative.

What are the features?
^ Easily create powerful payloads and plugins
^ Manage payloads automatically with plugins
^ All data can be saved in a database
^ Obfuscation
^ Polymorphisme
^ Control more than one zombie at a time
^ Simple administration panel

Why create Browser Rider?
› Fun
› The challenge of creating something better than what is already existing
› Browser Rider can be used as a better XSS tunnel than the other tools during a pentest
› General hacking
Technical requirements
› PHP 5, with json installed
› Mysql
› Apache with url_rewrite on
› Targets must have Javascript turned on
Download it!
Browser Rider v20081124 (changelog)
Browser Rider v20080908 (changelog)
Browser Rider v20080627 beta
Online demo
To test the framework, first open this page in a new window and do not close it. You can then go on the administration panel and you should see your ip in the zombie list.
The documentation for the project can be found on our mediawiki.
Public payloads

append an iframe to the target’s DOM

automatically reload BrowserRider to check for updates

load an alert box

load a prompt box to ask something and save the answer

automatically steals your zombies’ cookie

executes some javascript code

downloads the victim page’s DOM

puts targets in a frame

Public plugins

Automatically attach a zombie to certain payloads if comes from a certain referer

Public obfuscators

Dean Edwards

Public tools

Helps you generate malicious javascript codes using the packers provided by the application.

This tool is an extension to the get_DOM payload that searches for known web applications within the stolen Html pages.

Note from the developpers
› One of the challenges we are facing is browser compatibility. We cannot guaranty that Browser Rider will be compatible with each and every browser out there.

› You’ll understand that with the current legislations on computer security that we cannot provide you public awesome payloads. However we will discuss on the forum and the blog, new security flows, where some concepts may be explained. Feel free to then develop your own proof of concept and test them in a safe environment.

Read more…