Lucene search
K

jpvdYKiLAUi4eai

🗓️ 04 Nov 2019 21:07:32Reported by Exploit PackType 
exploitpack
 exploitpack
👁 17 Views

Javascript command to execute a malicious JS payload on the browser agent and list of available command

Code
Flow("executed")// This is your JS payload that will be sent to the Browser Agent
// Useful commands available in the built-in Browser Agent:
// ------------------------------------------------------------
// Commands list for the agent:
// showAlert(message) - To display a message
// Dialog(message) - To display a Dialog and receive the answer
// GetCredentials(credentials) - Collect user's credentials
// GetSession() - Get user's sessions
// Freeze() - Infinite loop the remote browser
// PersistAggresive() - Persist the session on the remote browser
// redirectSite(url) - Redirect the user to the desired URL
// execJS(code) - Execute your JS on inside a script tag
// monster() - Call the Cookie monster on the user's browser
// tabKiller() - Kill the current tab ( Firefox, Chrome )
// PersistOnClick() - Persist the agent on an OnClick event
// jokeImages() - Make spin the images of the open pages
// protectMySite() - Activate the keylogging function and block XSS and SQLi attempts
// xssProtect() - Activate the XSS client-side protection on the desired browser 
// sqlProtect() - Activate the SQLi client-side protection on the desired browser 
// banIP(ip) - Add the desired IP/Hostname to your blacklist 
// addIPtoBanList() - Add the current IP/Hostname to your blacklist 
// antiCopyPaste() - Prevent the remote user of copy/paste the page 
// noCTRL() - Deactivate the CTRL functions 
// scanEngine(host) - Launch a discover scan from the remote browser 
// portScanner(host) - Launch a portscan from the remote browser to a specific host 
// launchWindow(id) - Create a new windows with the specified height, width 
// exploitThis(exploitName) - Execute an exploit ( Browser ) from the agent 
// scanForThreats() - Discover remote plugins and useful information for testing 
// Plugins() - Obtains a list of running plugins on the remote host 
// ScreenSize() - Calculate and retrieve current Window size 
// ------------------------------
// Your commands or code goes here: 
// Example: alert(1);
// ------------------------------------------------------------
Dialog("hola")

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Nov 2019 21:07Current
0.4Low risk
Vulners AI Score0.4
17