Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSER: From XSS to RCE 3.0
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Hans-Michael Varbaek
March 28, 2019
Technology
180
0
Share
XSSER: From XSS to RCE 3.0
OWASP Copenhagen
Hans-Michael Varbaek
March 28, 2019
More Decks by Hans-Michael Varbaek
See All by Hans-Michael Varbaek
Attack & Defense Methods
varbaek
0
48
Attack and Defense Methods for Traffic Light Systems
varbaek
0
34
So you want to be a pentester?
varbaek
2
1.5k
From XSS to RCE 2.5 - Alt33c3
varbaek
0
200
XSSing Your Way to Shell
varbaek
2
2.1k
Botnets of the Web – How to Hijack One
varbaek
1
250
Other Decks in Technology
See All in Technology
Diagnosing performance problems without the guesswork
elenatanasoiu
0
150
実装は速くなった、レビューはどうする? ― 自身のレビューをAIで再現させるサーヴァントエンジニアリングのすゝめ / Implementation got faster. So what about reviews? — An invitation to Servant Engineering: Recreating your own code reviews with AI
nrslib
4
2.2k
JJUG CCC 2026 Spring AI時代の開発こそ標準化を武器に! ― 方式・プロセス・プラットフォームの標準化
s27watanabe
2
670
AI時代の私の技術インプットとアウトプット術
tonkotsuboy_com
16
8.2k
Spring AI × MCP 入門〜AIエージェントへのツール公開、境界設計から始める最小構成 〜
yuyamiyamoto
0
200
Mastering Ruby Box
tagomoris
3
130
TypeScript Compiler APIとPHP-Parserを活用し、TypeScriptとPHPで型を共有する
shuta13
0
320
新規ゲーム開発におけるAI駆動開発のリアル
202409e2
0
1.6k
Claude code Orchestra
ozakiomumkj
3
890
プラットフォームエンジニア ワークショップ/ platform-workshop
databricksjapan
0
170
OCI Oracle AI Database Services新機能アップデート(2026/03-2026/05)
oracle4engineer
PRO
0
120
AI-DLCを活用した高品質・安全なAI駆動開発実践 / AI Driven Development
yoshidashingo
1
300
Featured
See All Featured
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.4k
How to build a perfect <img>
jonoalderson
1
5.6k
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
810
Avoiding the “Bad Training, Faster” Trap in the Age of AI
tmiket
0
160
Learning to Love Humans: Emotional Interface Design
aarron
275
41k
Leading Effective Engineering Teams in the AI Era
addyosmani
9
2k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
150
So, you think you're a good person
axbom
PRO
2
2k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
Navigating Weather and Climate Data
rabernat
0
210
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.8k
Transcript
XSSER: From XSS to RCE 3.0 OWASP Copenhagen Chapter 28
March 2019
About me ➢ ISP Red Team – Copenhagen ➢ Presented
at Black Hat Europe, Kiwicon, Hack in the Box, etc. ➢ Full-time security consultant career began in Sydney, Australia
Shodan: port:80
How many web servers globally? ➢ 85 million approximately (Shodan
– Port:80) How many of them run PHP? ➢ 8.1 million approximately (Shodan – PHP) However..
What about virtual hosting? ➢ 1.4 billion websites ➢ 232
million unique domains ➢ 27 million websites running WordPress That’s a lot more attack surface for adversaries (Netcraft March 2019 Survey)
Classic XSS Attacks ➢ Cookie Stealing ➢ Prevented by “HttpOnly”
flag ➢ Defacements ➢ Phishing ➢ Session Hijacking (e.g. BeEF, XSSER, etc.)
None
None
None
None
XSSER
XSSER What and why? ➢ Can automate XSS attacks to
obtain RCE ➢ Meant for educational purposes ➢ Fully open source and available on GitHub
Demo
References https://github.com/Varbaek/xsser https://shodan.io https://news.netcraft.com/archives/cat egory/web-server-survey/
Questions?
varbaek
elenatanasoiu
nrslib
s27watanabe
tonkotsuboy_com
yuyamiyamoto
tagomoris
shuta13
202409e2
ozakiomumkj
databricksjapan
oracle4engineer
yoshidashingo
irinanazarova
jonoalderson
malarkey
baasie
tmiket
aarron
addyosmani
davidcarrasco
axbom
stephaniewalter
rabernat
jcasabona
