Penetration Testing mailing list archives

Re: Exploiting XSS

From: "Anthony Cicalla" <anthony.cicalla () gmail com>
Date: Wed, 3 Dec 2008 16:50:51 -0800

xssshell is what your looking for, especially if it's persistant xss.
even if it's not it will still work.

http://www.darknet.org.uk/tag/xssshell/

XSS Shell v0.3.9 - Cross Site Scripting Backdoor Tool
XSS Shell is a powerful XSS backdoor which allows interactively
getting control over a Cross-site Scripting (XSS) vulnerability in a
web application. Demonstrates the real power and damage of Cross-site
Scripting attacks.
WHAT IS XSS SHELL ?
XSS Shell is powerful a XSS backdoor and zombie manager. This concept
first presented by XSS-Proxy (http://xss-proxy.sourceforge.net/).
Normally in XSS [...]
Anthony Cicalla,
CNA,CEH,CISSP,GSNA,MCP,SCTA
9252627565

On Wed, Dec 3, 2008 at 12:01 PM, Baykal, Adnan (CSCIC)
<adnan.baykal () cscic state ny us> wrote:


One thing quick is to use the XSS to steal visitor cookies and
sessionids then do session hijacking. Or use jitko to scan internal
systems. Also grossman described this approach recently.



--------------------------------------------------------

This message may contain confidential information and is intended only for the individual(s) named.  If you are not 
an intended recipient you are not authorized to disseminate, distribute or copy this e-mail.  Please notify the 
sender immediately if you have received this e-mail by mistake and delete this e-mail from your system.
-----Original Message-----

From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Whitehat
Sent: Wednesday, December 03, 2008 12:09 AM
To: pen-test
Subject: Exploiting XSS

Dear List,

I'm doing a WAPT for a website and found many XSS issues (both Stored
and Reflected).
I wanted to do more and show to the customer, apart from normal script
injection  and  getting it popped up.

Consider that u found an XSS issue in a field and your script is
running,

  1. Now what are the further steps for exploiting XSS completely????
  2. How an attacker can really make  use of  it?
  3. How to Compromise ??
  4. What are the real world scenarios can be used

Looking for few good inputs/imlementations/expolits/BooKs ..............

Thanks in advance,

Cheers,
White hat


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------




--
Anthony,

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

Exploiting XSS Whitehat (Dec 03)
- RE: Exploiting XSS Baykal, Adnan (CSCIC) (Dec 03)
  - Re: Exploiting XSS Anthony Cicalla (Dec 05)
  - Re: Exploiting XSS NeZa (Dec 05)
  - Re: Exploiting XSS Durga Prasad Adusumalli (Dec 05)
  - Re: Exploiting XSS Danilo Nascimento (Dec 05)
- Re: Exploiting XSS Adriel T. Desautels (Dec 05)
  - Message not available
    - Re: Exploiting XSS Adriel T. Desautels (Dec 05)
    - Re: Exploiting XSS Paul Melson (Dec 07)
    - Re: Exploiting XSS Adriel T. Desautels (Dec 07)
    - Re: Exploiting XSS xsp (Dec 07)
- Re: Exploiting XSS Guy Mizrahi (Dec 05)
- Re: Exploiting XSS Morning Wood (Dec 05)

(Thread continues...)