Home
Internet

How to Hack a remote Internet browser with XSS Shell

Oct 16, 2008 06:20 PM
634752614540337307.jpg

XSS Shell is a cross-site scripting backdoor into the victim's browser which enables an attacker to issue commands and receive responses. During a normal XSS attack an attacker only has one chance to control a victim's browser; however, the XSS Shell keeps the connection between the attacker and the victim open to allow the attacker to continuously manipulate the victim's browser. XSS Shell works by setting up an XSS Channel, an AJAX application embedded into the victim's browser, that can obtain commands and send back responses. To enable the XSS Shell an attacker needs to inject the XSS Shell's JavaScript reference by utilizing a XSS flaw on a website. Once the victim's browser is infected with the XSS Shell and the XSS Channel is created, the attacker can issue instructions to the infected browser. Also, the attacker can use a XSS Tunnel to transfer HTTP traffic through the XSS Channel and the victim's browser; in turn, exploiting the victim's credentials to bypass authentications and IP Restrictions. The XSS Tunnel is a HTTP Proxy that sits on an attacker's computer, and any tool that is configured to use it will tunnel its traffic through the XSS Channel. For detailed, step-by-step instructions on using this XSS hack yourself, take a look!

Related Articles

How to Hack Almost Any Unprotected Webcam with Google

637306744662886707.jpg

Hi, My DEFY 600 UMS Oven Stopped Working.

Comments

No Comments Exist

Be the first, drop a comment!