1
#
2
# Copyright (c) 2006-2025 Wade Alcorn - [email protected]
3
# Browser Exploitation Framework (BeEF) - https://beefproject.com
4
# See the file 'doc/COPYING' for copying permission
5
#
6
# local_file_theft
7
#
8
# Shamelessly plagurised from kos.io/xsspwn
9

10
class Local_file_theft < BeEF::Core::Command
11
  def self.options
12
    [
13
      { 'name' => 'target_file',
14
        'description' => 'The full path to the local file to steal e.g. file:///var/mobile/Library/AddressBook/AddressBook.sqlitedb',
15
        'ui_label' => 'Target file',
16
        'value' => 'autodetect' }
17
    ]
18
  end
19

20
  def post_execute
21
    content = {}
22
    content['result'] = @datastore['result']
23
    save content
24
  end
25
end
26

27