XSS Shell Payloads

Presentation

• XSSing Your Way to Shell

Slides

• http://www.slideshare.net/HansMichaelVarbaek/xssing-your-way-to-shell
• https://speakerdeck.com/varbaek/xssing-your-way-to-shell

Demo

• https://www.youtube.com/playlist?list=PLIjb28IYMQgoZaHaHUYCc8VsFETfHl4i3

Requirements

• Python (vBSEO Exploit)

Payload Compatibility

• Firefox (Confirmed)

WordPress Lab

• WordPress http://wordpress.org/
• Better WP Security http://www.exploit-db.com/wp-content/themes/exploit/applications/c6d6beb3c11bc58856e15218d512b851-better-wp-security.3.5.3.zip
• WPSEO https://yoast.com/wordpress/plugins/seo/

WordPress Exploit

• http://www.exploit-db.com/exploits/27290/

Directories

• WordPress: Contains xss.js used during the live demo.
• vBulletin: Contains the newest version of the vbseo.py

Developed By

• Hans-Michael Varbaek

Credits

• MaXe / InterN0T

Code Design

• It works!
• WordPress xss.js has re-usable functions!