Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8e6125f8c6cc22d85183622c3ab02d8b56e657e2
beef/modules/exploits/firephp/config.yaml
Brendan Coles abe1370a50 Add FirePHP <= 0.7.1 RCE module 
@Wireghoul

Fixes issue #885
2014-05-05 10:32:59 +00:00

20 lines
1.0 KiB
YAML
Raw Blame History

#
# Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
###
# Exploit: http://www.justanotherhacker.com/advisories/jahx132.html
###
beef:
module:
firephp_code_exec:
enable: true
category: "Exploits"
name: "Firephp 0.7.1 RCE"
description: "Exploit FirePHP <= 0.7.1 to execute arbitrary JavaScript within the trusted 'chrome://' zone.<br/><br/>This module forces the browser to load '/firephp' on the public BeEF interface.<br/><br/>The payload is executed silently once the user moves the mouse over the array returned for 'http://[BeEF]/firephp' in Firebug.<br/><br/><b>Note:</b> Use msfpayload to generate JavaScript payloads. The default payload binds a shell on port 4444.<br/>See 'modules/exploits/firephp/payload.js'"
authors: ["Wireghoul", "bcoles"]
target:
user_notify: ["FF"]
not_working: ["All"]
Reference in New Issue View Git Blame Copy Permalink