Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSER: From XSS to RCE 3.0
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Hans-Michael Varbaek
March 28, 2019
Technology
0
170
XSSER: From XSS to RCE 3.0
OWASP Copenhagen
Hans-Michael Varbaek
March 28, 2019
Tweet
Share
More Decks by Hans-Michael Varbaek
See All by Hans-Michael Varbaek
Attack & Defense Methods
varbaek
0
44
Attack and Defense Methods for Traffic Light Systems
varbaek
0
29
So you want to be a pentester?
varbaek
2
1.5k
From XSS to RCE 2.5 - Alt33c3
varbaek
0
200
XSSing Your Way to Shell
varbaek
2
2k
Botnets of the Web – How to Hijack One
varbaek
1
240
Other Decks in Technology
See All in Technology
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
0gm
2
3.1k
プロダクト成長を支える開発基盤とスケールに伴う課題
yuu26
4
1.4k
Greatest Disaster Hits in Web Performance
guaca
0
280
配列に見る bash と zsh の違い
kazzpapa3
3
170
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.6k
Why Organizations Fail: ノーベル経済学賞「国家はなぜ衰退するのか」から考えるアジャイル組織論
kawaguti
PRO
1
180
Agent Skils
dip_tech
PRO
0
130
こんなところでも(地味に)活躍するImage Modeさんを知ってるかい?- Image Mode for OpenShift -
tsukaman
1
170
Webhook best practices for rock solid and resilient deployments
glaforge
2
310
Kiro IDEのドキュメントを全部読んだので地味だけどちょっと嬉しい機能を紹介する
khmoryz
0
210
Red Hat OpenStack Services on OpenShift
tamemiya
0
130
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
mikimatsumoto
0
270
Featured
See All Featured
Measuring Dark Social's Impact On Conversion and Attribution
stephenakadiri
1
130
Technical Leadership for Architectural Decision Making
baasie
2
250
Darren the Foodie - Storyboard
khoart
PRO
2
2.4k
GraphQLとの向き合い方2022年版
quramy
50
14k
It's Worth the Effort
3n
188
29k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
590
A Tale of Four Properties
chriscoyier
162
24k
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
310
Google's AI Overviews - The New Search
badams
0
910
Color Theory Basics | Prateek | Gurzu
gurzu
0
200
Transcript
XSSER: From XSS to RCE 3.0 OWASP Copenhagen Chapter 28
March 2019
About me ➢ ISP Red Team – Copenhagen ➢ Presented
at Black Hat Europe, Kiwicon, Hack in the Box, etc. ➢ Full-time security consultant career began in Sydney, Australia
Shodan: port:80
How many web servers globally? ➢ 85 million approximately (Shodan
– Port:80) How many of them run PHP? ➢ 8.1 million approximately (Shodan – PHP) However..
What about virtual hosting? ➢ 1.4 billion websites ➢ 232
million unique domains ➢ 27 million websites running WordPress That’s a lot more attack surface for adversaries (Netcraft March 2019 Survey)
Classic XSS Attacks ➢ Cookie Stealing ➢ Prevented by “HttpOnly”
flag ➢ Defacements ➢ Phishing ➢ Session Hijacking (e.g. BeEF, XSSER, etc.)
None
None
None
None
XSSER
XSSER What and why? ➢ Can automate XSS attacks to
obtain RCE ➢ Meant for educational purposes ➢ Fully open source and available on GitHub
Demo
References https://github.com/Varbaek/xsser https://shodan.io https://news.netcraft.com/archives/cat egory/web-server-survey/
Questions?
varbaek
0gm
yuu26
guaca
kazzpapa3
oracle4engineer
kawaguti
dip_tech
tsukaman
glaforge
khmoryz
tamemiya
mikimatsumoto
stephenakadiri
baasie
khoart
quramy
3n
chriscoyier
denniskardys
garrettdimon
reverentgeek
badams
gurzu
