XSS Exploitation

In the video i’ll be basically exploiting a windows machine using my ubuntu machine under 4 minutes, i have written the exploit and its dependencies/resources in python, javascript and php. The basic concept is that i will exploit a flaw in a web app and inject my malicious javascript, and when the victim visits the website he will be infected, the payload is staged.
[1] stage-1 is going to hook to browser and grab details of the browser and os info.
[2] stage-2 is going to inject a trojan(reverse shell TCP 4444 -> custom made{Bypass all AV Detections}) which the payload will force download onto the victim’s computer and when executed will give the attacker the shell.finally we will have fun with post exploiting the machine …

Advertisements

One thought on “XSS Exploitation

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s