1
#
2
# Copyright (c) 2006-2025 Wade Alcorn - [email protected]
3
# Browser Exploitation Framework (BeEF) - https://beefproject.com
4
# See the file 'doc/COPYING' for copying permission
5
#
6
#  local_file_theft
7
#
8
#  Shamelessly plagurised from kos.io/xsspwn
9

10
beef:
11
    module:
12
        local_file_theft:
13
            enable: true
14
            category: "Misc"
15
            name: "Local File Theft"
16
            description: "JavaScript may have filesystem access if we are running from a local resource and using the file:// scheme.<br/>This module checks common locations and cheekily snaches anything it finds. Shamelessly plagurised from http://kos.io/xsspwn. To test this module save the BeEF hook page locally and open in Safari from the your localfile system."
17
            authors: ["mh"]
18
            target:
19
                working: ["S"]
20

21