Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSER: From XSS to RCE 3.0
Search
Hans-Michael Varbaek
March 28, 2019
Technology
180
0
Share
XSSER: From XSS to RCE 3.0
OWASP Copenhagen
Hans-Michael Varbaek
March 28, 2019
More Decks by Hans-Michael Varbaek
See All by Hans-Michael Varbaek
Attack & Defense Methods
varbaek
0
45
Attack and Defense Methods for Traffic Light Systems
varbaek
0
33
So you want to be a pentester?
varbaek
2
1.5k
From XSS to RCE 2.5 - Alt33c3
varbaek
0
200
XSSing Your Way to Shell
varbaek
2
2k
Botnets of the Web – How to Hijack One
varbaek
1
250
Other Decks in Technology
See All in Technology
PostgreSQL 18のNOT ENFORCEDな制約とDEFERRABLEの関係
yahonda
1
200
AWSで2番目にリリースされたサービスについてお話しします(諸説あります)
yama3133
0
110
JSTQB Expert Levelシラバス 「テストマネジメント」日本語版のご紹介
ymty
0
110
Zephyr(RTOS)でARMとRISC-Vのコア間通信をしてみた
iotengineer22
0
120
CloudFrontのHost Header転送設定でパケットの中身はどう変わるのか?
nagisa53
1
240
VSCode中心だった自分がターミナル沼に入門した話
sanogemaru
0
890
ハーネスエンジニアリング×AI適応開発
aictokamiya
3
1.3k
互換性のある(らしい)DBへの移行など考えるにあたってたいへんざっくり
sejima
PRO
0
520
自分をひらくと次のチャレンジの敷居が下がる
sudoakiy
5
1.6k
OpenClawでPM業務を自動化
knishioka
2
370
第26回FA設備技術勉強会 - Claude/Claude_codeでデータ分析 -
happysamurai294
0
330
Oracle AI Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
5
1.3k
Featured
See All Featured
[SF Ruby Conf 2025] Rails X
palkan
2
880
Art, The Web, and Tiny UX
lynnandtonic
304
21k
Music & Morning Musume
bryan
47
7.1k
Skip the Path - Find Your Career Trail
mkilby
1
93
Site-Speed That Sticks
csswizardry
13
1.1k
Practical Orchestrator
shlominoach
191
11k
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.7k
Bash Introduction
62gerente
615
210k
How STYLIGHT went responsive
nonsquared
100
6k
HDC tutorial
michielstock
1
600
Building a A Zero-Code AI SEO Workflow
portentint
PRO
0
420
Transcript
XSSER: From XSS to RCE 3.0 OWASP Copenhagen Chapter 28
March 2019
About me ➢ ISP Red Team – Copenhagen ➢ Presented
at Black Hat Europe, Kiwicon, Hack in the Box, etc. ➢ Full-time security consultant career began in Sydney, Australia
Shodan: port:80
How many web servers globally? ➢ 85 million approximately (Shodan
– Port:80) How many of them run PHP? ➢ 8.1 million approximately (Shodan – PHP) However..
What about virtual hosting? ➢ 1.4 billion websites ➢ 232
million unique domains ➢ 27 million websites running WordPress That’s a lot more attack surface for adversaries (Netcraft March 2019 Survey)
Classic XSS Attacks ➢ Cookie Stealing ➢ Prevented by “HttpOnly”
flag ➢ Defacements ➢ Phishing ➢ Session Hijacking (e.g. BeEF, XSSER, etc.)
None
None
None
None
XSSER
XSSER What and why? ➢ Can automate XSS attacks to
obtain RCE ➢ Meant for educational purposes ➢ Fully open source and available on GitHub
Demo
References https://github.com/Varbaek/xsser https://shodan.io https://news.netcraft.com/archives/cat egory/web-server-survey/
Questions?
varbaek
yahonda
yama3133
ymty
iotengineer22
nagisa53
sanogemaru
aictokamiya
sejima
sudoakiy
knishioka
happysamurai294
oracle4engineer
palkan
lynnandtonic
bryan
mkilby
csswizardry
shlominoach
wjessup
marktimemedia
62gerente
nonsquared
michielstock
portentint
