beefproject/beef

Error in ActiveX Command Execution module - urlencoded command

Open

#1 854 ouverte le 14 janv. 2020

Voir sur GitHub
 (2 commentaires) (0 réactions) (0 assignés)JavaScript (1 992 forks)batch import
Good First IssueMediumModule

Métriques du dépôt

Stars
 (8 637 stars)
Métriques de merge PR
 (Merge moyen 11h 55m) (19 PRs mergées en 30 j)

Description

Module ActiveX Command Execution not works with "Initialize and script ActiveX controls not marked as safe for scripting" enabled. beef-0.5.0.0

Environment

What version/revision of BeEF are you using?

0.5.0.0

On what versionof Ruby?

ruby 2.5.7p206 (2019-10-01 revision 67816) [x86_64-linux-gnu]

On what browser?

IE11, with enabled initialize and scptring ...

On what operating system?

Win10 <- victim kali linux 2019 with latest updates <- beef framework

Configuration

Are you using a non-default configuration? no

Summary

Error in ActiveX Command Execution module. Only standalone commands execute. Command with space or any special characters not works.

Expected Behaviour

execute command on victim: cmd.exe /c "echo Hello from BeEF! & pause"

Actual Behaviour

not execute command

Additional Information

Resolve propose: in file https://github.com/beefproject/beef/blob/master/modules/exploits/local_host/activex_command_execution/command.js text in cmd variable is urlcoded. I changed line 9 to urldecode: var cmd = decodeURIComponent(beef.encode.base64.decode('<%= Base64.strict_encode64(@cmd) %>')); to resolve issue. Now it works.

Guide contributeur