CoCalc -- config.yaml

GitHub Repository: beefproject/beef
Path: blob/master/modules/social_engineering/edge_wscript_wsh_injection/config.yaml
¹⁸⁷⁴ views

1
#
2
# Copyright (c) 2006-2026 Wade Alcorn - [email protected]
3
# Browser Exploitation Framework (BeEF) - https://beefproject.com
4
# See the file 'doc/COPYING' for copying permission
5
#
6
beef:
7
  module:
8
    edge_wscript_wsh_injection:
9
      enable: true
10
      category: ["Social Engineering"]
11
      name: "Edge WScript WSH Injection"
12
      description: "Prompts the user to run \"Microsoft Windows Based Script Host\" (WScript.exe).<br/><br/>Uses <a href='https://leucosite.com/Microsoft-Edge-RCE/'>wshfile protocol handler</a> technique to load pubprn.vbs and <a href='https://enigma0x3.net/2017/08/03/wsh-injection-a-case-study/'>WSH injection in pubprn.vbs</a> to execute arbitrary code.<br/><br/>If the user allows execution, a VBS payload is downloaded from BeEF, and the specified commands are executed."
13
      authors: [
14
        "@qab",       # wshfile protocol handler + traversal technique, and exploit
15
        "@enigma0x3", # pubprn.vbs technique and exploit
16
        "bcoles"      # BeEF
17
      ]
18
      target:
19
        user_notify: ["E"]
20
        not_working: ["ALL"]
21

22

Product

Resources

Company