20 lines
1.0 KiB
YAML
20 lines
1.0 KiB
YAML
#
|
|
# Copyright (c) 2006-2024 Wade Alcorn - wade@bindshell.net
|
|
# Browser Exploitation Framework (BeEF) - http://beefproject.com
|
|
# See the file 'doc/COPYING' for copying permission
|
|
#
|
|
###
|
|
# Exploit: http://www.justanotherhacker.com/advisories/jahx132.html
|
|
###
|
|
beef:
|
|
module:
|
|
firephp_code_exec:
|
|
enable: true
|
|
category: "Exploits"
|
|
name: "Firephp 0.7.1 RCE"
|
|
description: "Exploit FirePHP <= 0.7.1 to execute arbitrary JavaScript within the trusted 'chrome://' zone.<br/><br/>This module forces the browser to load '/firephp' on the BeEF server.<br/><br/>The payload is executed silently once the user moves the mouse over the array returned for 'http://[BeEF]/firephp' in Firebug.<br/><br/><b>Note:</b> Use msfpayload to generate JavaScript payloads. The default payload binds a shell on port 4444.<br/>See 'modules/exploits/firephp/payload.js'"
|
|
authors: ["Wireghoul", "bcoles"]
|
|
target:
|
|
user_notify: ["FF"]
|
|
not_working: ["All"]
|