DESKTOP-NQLQSKD

2019-11-04T21:08:31
ID EXPLOITPACK:ED227749E0CDED769457D0E3A4EDD6D1
Type exploitpack
Reporter Exploit Pack
Modified 2019-11-04T21:08:31

Description

A Remote Browser's Agent ( XSS ) is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity. Malicious XSS agent software is typically injected without the victim's knowledge, often as payload on a website, and will try to hide its operation from the victim and from security software.

                                        
                                            // This is your JS payload that will be sent to the Browser Agent
// Useful commands available in the built-in Browser Agent:
// ------------------------------------------------------------
// Commands list for the agent:
// showAlert(message) - To display a message
// Dialog(message) - To display a Dialog and receive the answer
// GetCredentials(credentials) - Collect user's credentials
// GetSession() - Get user's sessions
// Freeze() - Infinite loop the remote browser
// PersistAggresive() - Persist the session on the remote browser
// redirectSite(url) - Redirect the user to the desired URL
// execJS(code) - Execute your JS on inside a script tag
// monster() - Call the Cookie monster on the user's browser
// tabKiller() - Kill the current tab ( Firefox, Chrome )
// PersistOnClick() - Persist the agent on an OnClick event
// jokeImages() - Make spin the images of the open pages
// protectMySite() - Activate the keylogging function and block XSS and SQLi attempts
// xssProtect() - Activate the XSS client-side protection on the desired browser 
// sqlProtect() - Activate the SQLi client-side protection on the desired browser 
// banIP(ip) - Add the desired IP/Hostname to your blacklist 
// addIPtoBanList() - Add the current IP/Hostname to your blacklist 
// antiCopyPaste() - Prevent the remote user of copy/paste the page 
// noCTRL() - Deactivate the CTRL functions 
// scanEngine(host) - Launch a discover scan from the remote browser 
// portScanner(host) - Launch a portscan from the remote browser to a specific host 
// launchWindow(id) - Create a new windows with the specified height, width 
// exploitThis(exploitName) - Execute an exploit ( Browser ) from the agent 
// scanForThreats() - Discover remote plugins and useful information for testing 
// Plugins() - Obtains a list of running plugins on the remote host 
// ScreenSize() - Calculate and retrieve current Window size 
// ------------------------------
// Your commands or code goes here: 
// Example: alert(1);
// ------------------------------------------------------------

OS=whoami