XSSing Your Way to Shell

Post on 11-Jun-2015

433 views 1 download

Preview:

Click to see full reader

Tags:

description

NOTE: Download the PDF for high-resolution text. (It appears that SlideShare does not handle custom fonts very well.) Alternative Med-Res Source: https://speakerdeck.com/varbaek/xssing-your-way-to-shell Cross-Site Scripting isn’t new, but there is generally a large belief among vendors, corporations and even some hackers that XSS can only be used to conduct client-side attacks such as session hijacking and similar attacks, or with tools such as BeEF. This talk dives into finding a 0day in a web application, creating a basic payload, and then; the development of an idea, that becomes an asynchronous JavaScript payload able to use any administrative feature enabling the attacker to execute arbitrary code on the server. During the talk, custom-built JavaScript payloads enabling arbitrary code execution will be demonstrated. Location: Thursday 29th May 2014 - 12:15 @ Beurs van Berlage - Amsterdam - Netherlands. Bio: Hans-Michael Varbaek is a Security Consultant at Sense of Security and is an active part of the penetration testing team. He is an IT security specialist, independent researcher, and penetration tester. Hans has periodically been invited to help out community driven projects such as The Exploit Database (which he participated actively in by e.g. managing their forums and writing blog entries about web application security). Hans has presented about advanced attack methods (e.g. chained exploits) and secure web application development for numerous clients as well. Along with an IT-Administrator degree, Hans is an Offensive Security Certified Expert (OSCE) and GIAC Penetration Tester (GPEN). Toolkit: https://github.com/Varbaek/xss-shell-payloads YouTube: https://www.youtube.com/playlist?list=PLIjb28IYMQgoZaHaHUYCc8VsFETfHl4i3 Vimeo: https://vimeo.com/varbaek/videos