Skip to content

Universal xss PoC with multiple target sites (CVE-2015-0072)

License

Notifications You must be signed in to change notification settings

dbellavista/uxss-poc

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Universal Cross Site Scripting PoC

This is a PoC for CVE-2015-0072 for sequentialy get the targeted websites cookies.

Disclaimer

This Proof of Concept is for educational purpose only. Please do not use it against any system without prior permission. You are responsible for yourself for what you do with this code.

Improvement

In order for the exploit to work, the javascript injection inside the first frame location must occur after the second frame redirect. The first solution, proposed in the other PoC, deployed sleeps and timeouts. However, if the server syncronize the redirect and sleep requestes, one can exploit the vulnerability without sleeps.

Actually there is a little setTimeout, but 500 ms is big improvement from the previous 5000! Note: this code is a PoC, it was never tested outside my test environment.

Usage

npm install
node app.js

For basic logging launch

node app.js > cookies.txt

Configuration

In conf.json, set host to the value of your public host and targets to the sites to retrieve the cookies.

Note that targets must not set the HTTP header x-frame-options.

References

About

Universal xss PoC with multiple target sites (CVE-2015-0072)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published