Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSER: From XSS to RCE 3.0
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Hans-Michael Varbaek
March 28, 2019
Technology
180
0
Share
XSSER: From XSS to RCE 3.0
OWASP Copenhagen
Hans-Michael Varbaek
March 28, 2019
More Decks by Hans-Michael Varbaek
See All by Hans-Michael Varbaek
Attack & Defense Methods
varbaek
0
46
Attack and Defense Methods for Traffic Light Systems
varbaek
0
33
So you want to be a pentester?
varbaek
2
1.5k
From XSS to RCE 2.5 - Alt33c3
varbaek
0
200
XSSing Your Way to Shell
varbaek
2
2k
Botnets of the Web – How to Hijack One
varbaek
1
250
Other Decks in Technology
See All in Technology
AgentCore×VPCでの設計パターンn選と勘所
har1101
3
300
AIコーディング時代における、ソフトウェアサプライチェーン攻撃に対する防衛術(簡易版)
soysoysoyb
0
110
[OpsJAWS 40]リリースしたら終わり、じゃなかった。セキュリティ空白期間をAWS Security Agentで埋める
sh_fk2
3
240
Choose your own adventure in agentic design patterns
glaforge
0
150
Do Vibe Coding ao LLM em Produção para Busca Agêntica - TDC 2026 - Summit IA - São Paulo
jpbonson
3
150
M5Stack CoreS3とZephyr(RTOS)で Edge AIっぽいことしてみた
iotengineer22
0
270
AWS Agent Registry の基礎・概要を理解する/aws-agent-registry-intro
ren8k
3
390
Pure Intonation on Browser: Building a Sequencer with Ruby
nagachika
0
150
Route 53 Global Resolver で高額課金発生!
otanikohei2023
0
110
これからの「データマネジメント」の話をしよう
sansantech
PRO
0
140
自立を加速させる神器 - EMOasis #11
stanby_inc
0
150
Oracle AI Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
4
2.4k
Featured
See All Featured
What’s in a name? Adding method to the madness
productmarketing
PRO
24
4k
Navigating Weather and Climate Data
rabernat
0
170
The Limits of Empathy - UXLibs8
cassininazir
1
310
Making the Leap to Tech Lead
cromwellryan
135
9.8k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
Mobile First: as difficult as doing things right
swwweet
225
10k
Joys of Absence: A Defence of Solitary Play
codingconduct
1
350
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.2k
Designing for Performance
lara
611
70k
RailsConf 2023
tenderlove
30
1.4k
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
62
53k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
250
1.3M
Transcript
XSSER: From XSS to RCE 3.0 OWASP Copenhagen Chapter 28
March 2019
About me ➢ ISP Red Team – Copenhagen ➢ Presented
at Black Hat Europe, Kiwicon, Hack in the Box, etc. ➢ Full-time security consultant career began in Sydney, Australia
Shodan: port:80
How many web servers globally? ➢ 85 million approximately (Shodan
– Port:80) How many of them run PHP? ➢ 8.1 million approximately (Shodan – PHP) However..
What about virtual hosting? ➢ 1.4 billion websites ➢ 232
million unique domains ➢ 27 million websites running WordPress That’s a lot more attack surface for adversaries (Netcraft March 2019 Survey)
Classic XSS Attacks ➢ Cookie Stealing ➢ Prevented by “HttpOnly”
flag ➢ Defacements ➢ Phishing ➢ Session Hijacking (e.g. BeEF, XSSER, etc.)
None
None
None
None
XSSER
XSSER What and why? ➢ Can automate XSS attacks to
obtain RCE ➢ Meant for educational purposes ➢ Fully open source and available on GitHub
Demo
References https://github.com/Varbaek/xsser https://shodan.io https://news.netcraft.com/archives/cat egory/web-server-survey/
Questions?
varbaek
har1101
soysoysoyb
sh_fk2
glaforge
jpbonson
iotengineer22
ren8k
nagachika
otanikohei2023
sansantech
stanby_inc
oracle4engineer
productmarketing
rabernat
cassininazir
cromwellryan
smashingmag
swwweet
codingconduct
danielanewman
lara
tenderlove
madoxten
sugarenia
