From 22ead243f8cc19287c27b5413371815728db9032 Mon Sep 17 00:00:00 2001 From: sinn3r Date: Mon, 28 Jul 2014 14:21:31 -0700 Subject: [PATCH] Updated How to write a browser exploit using BrowserExploitServer (markdown) --- How-to-write-a-browser-exploit-using-BrowserExploitServer.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/How-to-write-a-browser-exploit-using-BrowserExploitServer.md b/How-to-write-a-browser-exploit-using-BrowserExploitServer.md index dc77b9999d..66a77f7c96 100644 --- a/How-to-write-a-browser-exploit-using-BrowserExploitServer.md +++ b/How-to-write-a-browser-exploit-using-BrowserExploitServer.md @@ -1,3 +1,5 @@ +### Introduction + The Metasploit Framework provides different mixins you can use to develop a browser exploit, mainly they are: Msf::Exploit::Remote::HttpServer, which is the most basic form of a HTTP server. Msf::Exploit::Remote::HttpServer::HTML, which provides Javascript functions that the module can use when crafting HTML contents. And Msf::Exploit::Remote::BrowserExploitServer, which includes features from both HttpServer and HttpServer::HTML, but with even more goodies. This writeup covers the BrowserExploitServer mixin. The BrowserExploitServer mixin is the only mixin specially designed for browser exploitation. Before you use this mixin, you should understand what it does behind the scenes for you: