Closed zero77 closed 3 weeks ago
Hey there, could you elaborate and provide relevant sources regarding cash poisoning
? I presume you mean cache poisoning => https://github.com/beefproject/beef/wiki/Persistence
Currently injectify has two levels of persistence
Yes I was meaning cache poisoning, for example:
This example is done by a MITM ARP Poisoning to inject beef/js code in browser cash. https://media.blackhat.com/bh-us-12/Briefings/Ocepek/BH_US_12_Ocepek_Linn_BeEF_MITM_WP.pdf
This uses different MITM method also to inject beef/js code in browser cash. https://github.com/byt3bl33d3r/MITMf
I know this is all done by network MITM attacks but, I am still looking for examples of any in browser MITM attacks.
This may be similar to what I am meaning, what cache are you meaning and and is it only loaded if the same hooked page is visited.
Core Cache - the Payload is safely stored in the browsers localstorage
Can you please introduce a cash poisoning module, that injects iframes of the payload into cash and changes the expiry date. Thanks