beefproject/beef

Error in ActiveX Command Execution module - urlencoded command

Open

#1,854 创建于 2020年1月14日

在 GitHub 查看
 (2 评论) (0 反应) (0 负责人)JavaScript (1,992 fork)batch import
Good First IssueMediumModule

仓库指标

Star
 (8,637 star)
PR 合并指标
 (平均合并 11小时 55分钟) (30 天内合并 19 个 PR)

描述

Module ActiveX Command Execution not works with "Initialize and script ActiveX controls not marked as safe for scripting" enabled. beef-0.5.0.0

Environment

What version/revision of BeEF are you using?

0.5.0.0

On what versionof Ruby?

ruby 2.5.7p206 (2019-10-01 revision 67816) [x86_64-linux-gnu]

On what browser?

IE11, with enabled initialize and scptring ...

On what operating system?

Win10 <- victim kali linux 2019 with latest updates <- beef framework

Configuration

Are you using a non-default configuration? no

Summary

Error in ActiveX Command Execution module. Only standalone commands execute. Command with space or any special characters not works.

Expected Behaviour

execute command on victim: cmd.exe /c "echo Hello from BeEF! & pause"

Actual Behaviour

not execute command

Additional Information

Resolve propose: in file https://github.com/beefproject/beef/blob/master/modules/exploits/local_host/activex_command_execution/command.js text in cmd variable is urlcoded. I changed line 9 to urldecode: var cmd = decodeURIComponent(beef.encode.base64.decode('<%= Base64.strict_encode64(@cmd) %>')); to resolve issue. Now it works.

贡献者指南