bfd6f764aa
This module is a port of the same module from BeEF-0.4.0.0 It has not been tested. It is currently disabled. Part of issue 506
32 lines
1.6 KiB
YAML
32 lines
1.6 KiB
YAML
#
|
|
# Copyright 2012 Wade Alcorn wade@bindshell.net
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
beef:
|
|
module:
|
|
mozilla_nsiprocess_interface:
|
|
enable: false
|
|
category: "Exploits"
|
|
name: "Mozilla nsIProcess XPCOM Interface (Windows)"
|
|
description: "The nsIProcess XPCOM interface represents an executable process. JavaScript code with chrome privileges can use the nsIProcess interface to launch executable files. In this module, nsIProcess is combined with the Windows command prompt cmd.exe<br /><br />Any XSS injection in a chrome privileged zone (e.g. typically in Firefox extensions) allows this module to execute arbitrary commands on the victim machine."
|
|
authors: ["wade", "bcoles", "roberto.suggi@security-assessment.com", "nick.freeman@security-assessment.com"]
|
|
target:
|
|
working:
|
|
FF:
|
|
min_ver: 1
|
|
# It's actually 3.5 but min_ver only supports integers
|
|
max_ver: 3
|
|
not_working: ["All"]
|
|
|