Error in ActiveX Command Execution module - urlencoded command
#1854 aperta il 14 gen 2020
Metriche repository
- Star
- (8637 star)
- Metriche merge PR
- (Merge medio 11h 55m) (19 PR mergiate in 30 g)
Descrizione
Module ActiveX Command Execution not works with "Initialize and script ActiveX controls not marked as safe for scripting" enabled. beef-0.5.0.0
Environment
What version/revision of BeEF are you using?
0.5.0.0
On what versionof Ruby?
ruby 2.5.7p206 (2019-10-01 revision 67816) [x86_64-linux-gnu]
On what browser?
IE11, with enabled initialize and scptring ...
On what operating system?
Win10 <- victim kali linux 2019 with latest updates <- beef framework
Configuration
Are you using a non-default configuration? no
Summary
Error in ActiveX Command Execution module. Only standalone commands execute. Command with space or any special characters not works.
Expected Behaviour
execute command on victim:
cmd.exe /c "echo Hello from BeEF! & pause"
Actual Behaviour
not execute command
Additional Information
Resolve propose:
in file
https://github.com/beefproject/beef/blob/master/modules/exploits/local_host/activex_command_execution/command.js
text in cmd variable is urlcoded. I changed line 9 to urldecode:
var cmd = decodeURIComponent(beef.encode.base64.decode('<%= Base64.strict_encode64(@cmd) %>'));
to resolve issue. Now it works.