17 lines
1.0 KiB
YAML
17 lines
1.0 KiB
YAML
#
|
|
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
|
|
# Browser Exploitation Framework (BeEF) - https://beefproject.com
|
|
# See the file 'doc/COPYING' for copying permission
|
|
#
|
|
beef:
|
|
module:
|
|
hijack_opener:
|
|
enable: true
|
|
category: "Persistence"
|
|
name: "Hijack Opener Window"
|
|
description: "This module abuses window.location.opener to hijack the opening window, replacing it with a BeEF hook and 100% * 100% iframe containing the referring web page. Note that the iframe will be blank if the origin makes use of a restrictive X-Frame-Origin directive.<br/><br/>This attack will only work if the opener did not make use of the <i>noopener</i> and <i>noreferrer</i> directives. Refer to <a href='https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/'>Target=_blank - the most underestimated vulnerability ever</a> for more information."
|
|
authors: ["bcoles"]
|
|
target:
|
|
user_notify: ["All"]
|
|
not_working: ["O"]
|