Security and Technology

XSSER – From XSS to RCE

From XSS to RCE 2.5 – Black Hat Europe Arsenal 2016Demo

Version 2.0 – 2015: https://www.youtube.com/playlist?list=PLIjb28IYMQgqqqApoGRCZ_O40vP-eKsgf

Version 2.5 – 2016: https://www.youtube.com/playlist?list=PLRic6PgcrsWGkgacL6WFnSQKVRZIoofRj

Requirements

Python (2.7.*, version 2.7.11 was used for development and demo)

Gnome

Bash

Msfconsole (accessible via environment variables)

Netcat (nc)

cURL (curl) [NEW]

PyGame (apt-get install python-pygame) [NEW]

Payload Compatibility

Chrome (14 Nov 2015) – This should still work.

Firefox (04 Nov 2016) – Tested live at Black Hat Arsenal 2016

WordPress Lab

WordPress http://wordpress.org/

Better WP Security 3.5.3 http://ift.tt/2fD3Ob2

Optional: WPSEO http://ift.tt/1blM6kR

WordPress Exploit

http://ift.tt/2gJHokL

Joomla Lab

Joomla https://www.joomla.org/

SecurityCheck 2.8.9 http://ift.tt/2fD3rNY

Joomla Exploit

http://ift.tt/2gJJvVG

Directories

Audio: Contains remixed audio notifications.

Exploits: Contains DirtyCow (DCOW) privilege escalation exploits.

Joomla_Backdoor: Contains a sample Joomla extension backdoor which can be uploaded as an administrator and subsequently used to execute arbitrary commands on the system with system($_GET[‘c’]).

Payloads/javascript: Contains the JavaScript payloads. Contains a new “add new admin” payload for Joomla.

Shells: Contains the PHP shells to inject, including a slightly modified version of pentestmonkey’s shell that connects back via wget.

Developed By

Hans-Michael Varbaek

Sense of Security

Credits

MaXe / InterN0T

Download XSSER http://ift.tt/2gJK0Pt http://ift.tt/2aM8QhC

Deixe uma resposta

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s