Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

Saturday, March 25, 2017

From XSS to RCE - XSSER



From XSS to RCE 2.5 - Black Hat Europe Arsenal 2016

Demo

Requirements
  • Python (2.7.*, version 2.7.11 was used for development and demo)
  • Gnome
  • Bash
  • Msfconsole (accessible via environment variables)
  • Netcat (nc)
  • cURL (curl) [NEW]
  • PyGame (apt-get install python-pygame) [NEW]

Payload Compatibility
  • Chrome (14 Nov 2015) - This should still work.
  • Firefox (04 Nov 2016) - Tested live at Black Hat Arsenal 2016

WordPress Lab

WordPress Exploit

Joomla Lab

Joomla Exploit

Directories
  • Audio: Contains remixed audio notifications.
  • Exploits: Contains DirtyCow (DCOW) privilege escalation exploits.
  • Joomla_Backdoor: Contains a sample Joomla extension backdoor which can be uploaded as an administrator and subsequently used to execute arbitrary commands on the system with system($_GET['c']).
  • Payloads/javascript: Contains the JavaScript payloads. Contains a new "add new admin" payload for Joomla.
  • Shells: Contains the PHP shells to inject, including a slightly modified version of pentestmonkey's shell that connects back via wget.

Developed By
  • Hans-Michael Varbaek
  • Sense of Security

Credits
  • MaXe / InterN0T

Share:

0 comentários:

Post a Comment

Note: Only a member of this blog may post a comment.

Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition