1
#
2
# Copyright (c) 2006-2025 Wade Alcorn - [email protected]
3
# Browser Exploitation Framework (BeEF) - https://beefproject.com
4
# See the file 'doc/COPYING' for copying permission
5
#
6
beef:
7
    module:
8
        mozilla_nsiprocess_interface:
9
            enable: false
10
            category: ["Exploits", "Local Host"]
11
            name: "Mozilla nsIProcess XPCOM Interface (Windows)"
12
            description: "The nsIProcess XPCOM interface represents an executable process. JavaScript code with chrome privileges can use the nsIProcess interface to launch executable files. In this module, nsIProcess is combined with the Windows command prompt cmd.exe<br /><br />Any XSS injection in a chrome privileged zone (e.g. typically in Firefox extensions) allows this module to execute arbitrary commands on the victim machine."
13
            authors: ["wade", "bcoles", "[email protected]", "[email protected]"]
14
            target:
15
                working:
16
                    FF:
17
                        min_ver: 1
18
                        # It's actually 3.5 but min_ver only supports integers
19
                        max_ver: 3
20
                not_working: ["All"]
21

22

23