xss-shell-payloads icon indicating copy to clipboard operation
xss-shell-payloads copied to clipboard

Published 20 hours ago verified publisher icon Varbaek

Metadata

XSSing Your Way to Shell

XSS Shell Payloads

Presentation

  • XSSing Your Way to Shell

Slides

  • http://www.slideshare.net/HansMichaelVarbaek/xssing-your-way-to-shell
  • https://speakerdeck.com/varbaek/xssing-your-way-to-shell

Demo

  • https://www.youtube.com/playlist?list=PLIjb28IYMQgoZaHaHUYCc8VsFETfHl4i3

Requirements

  • Python (vBSEO Exploit)

Payload Compatibility

  • Firefox (Confirmed)

WordPress Lab

  • WordPress http://wordpress.org/
  • Better WP Security http://www.exploit-db.com/wp-content/themes/exploit/applications/c6d6beb3c11bc58856e15218d512b851-better-wp-security.3.5.3.zip
  • WPSEO https://yoast.com/wordpress/plugins/seo/

WordPress Exploit

  • http://www.exploit-db.com/exploits/27290/

Directories

  • WordPress: Contains xss.js used during the live demo.
  • vBulletin: Contains the newest version of the vbseo.py

Developed By

  • Hans-Michael Varbaek

Credits

  • MaXe / InterN0T

Code Design

  • It works!
  • WordPress xss.js has re-usable functions!

Metadata

32
Stars
20
Forks
Watchers

Owner

verified publisher icon Varbaek

Metadata

XSSing Your Way to Shell

Back