- Notifications
You must be signed in to change notification settings - Fork84
From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
License
NotificationsYou must be signed in to change notification settings
Varbaek/xsser
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017
- Version 2.0 - 2015:https://www.youtube.com/playlist?list=PLIjb28IYMQgqqqApoGRCZ_O40vP-eKsgf
- Version 2.5 - 2016:https://www.youtube.com/playlist?list=PLRic6PgcrsWGkgacL6WFnSQKVRZIoofRj
- Version 2.75 - 2017: None Currently Available
- Python (2.7.*, version
2.7.14was used for development and testing) - Msfconsole (accessible via environment variables)
- Netcat (nc)
- PyGame (pip install pygame)
- jsmin (new dependency - pip install jsmin)
- xterm (previously gnome and bash)
To install the Python dependencies, you can run the following command:
pip install -r requirements.txt
If you're using a virtual environment, then you may need to use the full list:
pip install -r requirements-all-libraries-used.txt
For installation instructions on Ubuntu 16.04.1 LTS, please refer to the wiki:https://github.com/Varbaek/xsser/wiki
- Gnome (switched to xterm)
- Bash (only tested in bash, but should work in other terminals)
- cURL (switched to native python requests)
- Chrome (2018) - Tested live at Black Hat Arsenal 2017 and during extras development.
- Firefox - Untested - Should still work as available JS features are almost the same.
- WordPresshttp://wordpress.org/
- Better WP Security 3.5.3http://www.exploit-db.com/wp-content/themes/exploit/applications/c6d6beb3c11bc58856e15218d512b851-better-wp-security.3.5.3.zip
- Optional: WPSEOhttps://yoast.com/wordpress/plugins/seo/
- Joomlahttps://www.joomla.org/
- SecurityCheck 2.8.9https://www.exploit-db.com/apps/543ccd00b06d24be139d7e18212a0916-com_securitycheck_j3x-2.8.9.zip
- Audio: Contains remixed audio notifications.
- Exploits: Contains DirtyCow (DCOW) privilege escalation exploits.
- Hello_Shell: Contains a Joomla extension backdoor, which can be uploaded as an administrator andsubsequently used to execute arbitrary commands on the system with ?c=ls or ?c64=base64_here.This directory was originally placed in "Joomla_Backdoor".
- Payloads/#"auto">
Developed By
- Hans-Michael Varbaek
- VarBITS
- MaXe / InterN0T
- Sense of Security (Versions 2.0 - 2.5)
- It works! (Again!)
- Still spaghetti code, but now with almost complete
PEP8and possible refactoring in the future. - Just-In-Time for Black Hat Europe 2017
About
From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Topics
Resources
License
Stars
Watchers
Forks
Packages0
No packages published