Home
Latest images
Search
Register
Log inShell of the Future – Reverse Web Shell Handler for XSS Exploitation
Page 1 of 1
Shell of the Future – Reverse Web Shell Handler for XSS Exploitation
andry Tue Nov 16, 2010 12:12 am
Shell of the Future is a Reverse Web Shell handler. It can be used to hijack sessions where JavaScript can be injected using Cross-site Scripting or through the browser's address bar. It makes use of HTML5's Cross Origin Requests and can bypass anti-session hijacking measures like Http-Only cookies and IP address-Session ID binding.
It can be used to:
Demonstrate the severity of XSS and JavaScript injection attacks
Create POCs for XSS vulnerabilities in Penetration test reports
Run automated scans on internal websites from outside by tunneling the traffc through an internal browser
For download and more info check http://blog.andlabs.org
It can be used to:
Demonstrate the severity of XSS and JavaScript injection attacks
Create POCs for XSS vulnerabilities in Penetration test reports
Run automated scans on internal websites from outside by tunneling the traffc through an internal browser
For download and more info check http://blog.andlabs.org
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics» Shell of the Future v0.9.0.2 is available for download
» Safari Integer Overflow Aids Inter Protocol Exploitation
» Security Shell login without password
» Shocking News in PHP Exploitation
» Automated detection of CSRF-worthy HTML forms through 4-pass reverse-Diff analysis
» Safari Integer Overflow Aids Inter Protocol Exploitation
» Security Shell login without password
» Shocking News in PHP Exploitation
» Automated detection of CSRF-worthy HTML forms through 4-pass reverse-Diff analysis
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|