XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 07-31-2014, 01:36 AM
#1
phyrrus9, 1996-2021. Rest in Peace.
The stories and information posted here are artistic works of fiction and falsehood. Only a fool would take anything posted here as fact.
XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress filter_list | |
RE: XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 07-31-2014, 11:05 PM
#2
I'm surprised there aren't any replies. Interesting video. I like how you've taken what would normally be a minor vulnerability and turned it into a major one. I don't know a load about Wordpress, but I will be looking at the source. Nice share!
Edit: Lol wowo nice
Edit: Lol wowo nice
RE: XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 08-01-2014, 06:40 AM
#3
So if there is an xss on a wordpress theme, executing this via scr="foreginhost.com/out.js" would cause a shell on the wp site?
#MakeSinisterlySexyAgain
RE: XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 08-01-2014, 07:27 AM
#4
Props for the filthy frank background song. Good shit Dyme.
RE: XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 08-01-2014, 05:36 PM
#6
So this allows you to get a shell from any XSS vulnerability? Seems like not many people have seen it yet. Awesome share!
RE: XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 08-01-2014, 06:08 PM
#7
Zeekill mentioned something similar (if not the same thing) to this the other day on HF. It had to do with executing php inside the alert box.
Thanks for not being a dick and sharing this with everyone.
Thanks for not being a dick and sharing this with everyone.
XMPP - wrath@xmpp.jp
RE: XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 08-01-2014, 07:03 PM
#8
Here's some public wordpress vulns that you guys can go through and try and find xss in here. http://www.exploit-db.com/search/?action...filter_cve=
#MakeSinisterlySexyAgain
RE: XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 08-01-2014, 07:43 PM
#9
(08-01-2014, 07:03 PM)Adorapuff Wrote: Here's some public wordpress vulns that you guys can go through and try and find xss in here. http://www.exploit-db.com/search/?action...filter_cve=
I was going to post just that.
RE: XSS2SHELL - Leverage XSS to RCE in a matter of seconds on Wordpress 08-04-2014, 06:52 AM
#10
(08-01-2014, 06:08 PM)Crypt Wrote: Zeekill mentioned something similar (if not the same thing) to this the other day on HF. It had to do with executing php inside the alert box.
Thanks for not being a dick and sharing this with everyone.
hes on hf again? jeez
Unleash the lead from my pistol into my head bumpin' crystal
Users browsing this thread: 1 Guest(s)