Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSER: From XSS to RCE 3.0
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Hans-Michael Varbaek
March 28, 2019
Technology
180
0
Share
XSSER: From XSS to RCE 3.0
OWASP Copenhagen
Hans-Michael Varbaek
March 28, 2019
More Decks by Hans-Michael Varbaek
See All by Hans-Michael Varbaek
Attack & Defense Methods
varbaek
0
48
Attack and Defense Methods for Traffic Light Systems
varbaek
0
33
So you want to be a pentester?
varbaek
2
1.5k
From XSS to RCE 2.5 - Alt33c3
varbaek
0
200
XSSing Your Way to Shell
varbaek
2
2k
Botnets of the Web – How to Hijack One
varbaek
1
250
Other Decks in Technology
See All in Technology
Agent Skillsで実現する記憶領域の運用とその後
yamadashy
2
1.9k
"スキルファースト"で作る、AIの自走環境
subroh0508
0
520
100マイクロサービスのTerraform/Kubernetes管理地獄から抜け出すためのAI活用術
markie1009
0
160
Purview 勉強会報告 Microsoft Purview 入門しようとしてみた
masakichixo
1
430
Gaussian Splattingの表現力を拡張する — 高周波再構成とインタラクションへのアプローチ —
gpuunite_official
0
180
今だから言える(?) Q Developer Pro のクレジットが神ってた話
mu7889yoon
0
100
セキュリティ対策、何からはじめる? CloudNative環境の脅威モデリングと リスク評価実践入門 #cloudnativekaigi
varu3
5
950
マンション備え付けのネットワークとLTE回線を組み合わせた ネットワークの安定化の考案
harutiro
1
130
2026-05-14 要件定義からソース管理まで!IBM Bob基礎ハンズオン
yutanonaka
0
160
「強制アップデート」か「チームの自律」か?エンタープライズが辿り着いたプラットフォームのハイブリッド運用/cloudnative-kaigi-hybrid-platform-operations
mhrtech
0
200
ECSのTerraformモジュールにコントリビュートした話
harukasakihara
0
210
Databricks 月刊サービスアップデートまとめ 2026年04月号
tyosi1212
0
130
Featured
See All Featured
Art, The Web, and Tiny UX
lynnandtonic
304
21k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
800
Believing is Seeing
oripsolob
1
120
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.7k
Reality Check: Gamification 10 Years Later
codingconduct
0
2.1k
Jess Joyce - The Pitfalls of Following Frameworks
techseoconnect
PRO
1
150
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
4.2k
The browser strikes back
jonoalderson
0
1k
Git: the NoSQL Database
bkeepers
PRO
432
67k
Exploring anti-patterns in Rails
aemeredith
3
350
Transcript
XSSER: From XSS to RCE 3.0 OWASP Copenhagen Chapter 28
March 2019
About me ➢ ISP Red Team – Copenhagen ➢ Presented
at Black Hat Europe, Kiwicon, Hack in the Box, etc. ➢ Full-time security consultant career began in Sydney, Australia
Shodan: port:80
How many web servers globally? ➢ 85 million approximately (Shodan
– Port:80) How many of them run PHP? ➢ 8.1 million approximately (Shodan – PHP) However..
What about virtual hosting? ➢ 1.4 billion websites ➢ 232
million unique domains ➢ 27 million websites running WordPress That’s a lot more attack surface for adversaries (Netcraft March 2019 Survey)
Classic XSS Attacks ➢ Cookie Stealing ➢ Prevented by “HttpOnly”
flag ➢ Defacements ➢ Phishing ➢ Session Hijacking (e.g. BeEF, XSSER, etc.)
None
None
None
None
XSSER
XSSER What and why? ➢ Can automate XSS attacks to
obtain RCE ➢ Meant for educational purposes ➢ Fully open source and available on GitHub
Demo
References https://github.com/Varbaek/xsser https://shodan.io https://news.netcraft.com/archives/cat egory/web-server-survey/
Questions?
varbaek
yamadashy
subroh0508
markie1009
masakichixo
gpuunite_official
mu7889yoon
varu3
harutiro
yutanonaka
mhrtech
harukasakihara
tyosi1212
lynnandtonic
tomoyanonymous
oripsolob
hatefulcrawdad
jcasabona
codingconduct
techseoconnect
samlambert
ipullrank
jonoalderson
bkeepers
aemeredith
