Skip to content

s0md3v/JShell

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.whitesource
Initial WhiteSource configuration file
May 5, 2019 15:49
README.md
Update README.md
February 26, 2018 19:33
shell.py
Adding OSX compatibility for netcat and using sleep function instead …
July 17, 2018 14:17
JShell Usages Credits, Disclaimer & License

README.md

JShell

JShell - Get a JavaScript shell with XSS.

Usages

Run shell.py
and JShell will automatically try to detect your IP address, default LPORT is 33.

As you can see the payload has been generated and now all you have to do is to deliver this payload to the victim.
As soon as you do that, you will get a JS shell over netcat where you can execute your JavaScript code in victim's browser as soon as the injected page is open.
Here's a screenshot:

Credits, Disclaimer & License

This script uses the method demostrated by Rodolfo Assis
Disclaimer: I am not responsible for the shit you do with this tool.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

About

JShell - Get a JavaScript shell with XSS.

Resources

Readme
Activity

Stars

490 stars

Watchers

25 watching

Forks

144 forks
Report repository

Releases

No releases published

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 2

Languages