Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
XSSER: From XSS to RCE 3.0
Search
Hans-Michael Varbaek
March 28, 2019
Technology
0
160
XSSER: From XSS to RCE 3.0
OWASP Copenhagen
Hans-Michael Varbaek
March 28, 2019
Tweet
Share
More Decks by Hans-Michael Varbaek
See All by Hans-Michael Varbaek
Attack & Defense Methods
varbaek
0
42
Attack and Defense Methods for Traffic Light Systems
varbaek
0
28
So you want to be a pentester?
varbaek
2
1.5k
From XSS to RCE 2.5 - Alt33c3
varbaek
0
190
XSSing Your Way to Shell
varbaek
2
2k
Botnets of the Web – How to Hijack One
varbaek
1
240
Other Decks in Technology
See All in Technology
20251102 WordCamp Kansai 2025
chiilog
1
480
NOT A HOTEL SOFTWARE DECK (2025/11/04)
notahotel
0
1.1k
文字列操作の達人になる ~ Kotlinの文字列の便利な世界 ~ - Kotlin fest 2025
tomorrowkey
2
390
CloudComposerによる大規模ETL 「制御と実行の分離」の実践
leveragestech
0
120
GTC 2025 : 가속되고 있는 미래
inureyes
PRO
0
150
.NET 10のBlazorの期待の新機能
htkym
0
180
ストレージエンジニアの仕事と、近年の計算機について / 第58回 情報科学若手の会
pfn
PRO
4
950
DSPy入門
tomehirata
6
850
JAWS UG AI/ML #32 Amazon BedrockモデルのライフサイクルとEOL対応/How Amazon Bedrock Model Lifecycle Works
quiver
1
650
SRE × マネジメントレイヤーが挑戦した組織・会社のオブザーバビリティ改革 ― ビジネス価値と信頼性を両立するリアルな挑戦
coconala_engineer
0
420
IBC 2025 動画技術関連レポート / IBC 2025 Report
cyberagentdevelopers
PRO
2
240
猫でもわかるAmazon Q Developer CLI 解体新書
kentapapa
1
270
Featured
See All Featured
How STYLIGHT went responsive
nonsquared
100
5.9k
Producing Creativity
orderedlist
PRO
348
40k
GraphQLとの向き合い方2022年版
quramy
49
14k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.2k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
231
22k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.5k
Six Lessons from altMBA
skipperchong
29
4k
Into the Great Unknown - MozCon
thekraken
40
2.1k
Product Roadmaps are Hard
iamctodd
PRO
55
11k
It's Worth the Effort
3n
187
28k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.5k
Transcript
XSSER: From XSS to RCE 3.0 OWASP Copenhagen Chapter 28
March 2019
About me ➢ ISP Red Team – Copenhagen ➢ Presented
at Black Hat Europe, Kiwicon, Hack in the Box, etc. ➢ Full-time security consultant career began in Sydney, Australia
Shodan: port:80
How many web servers globally? ➢ 85 million approximately (Shodan
– Port:80) How many of them run PHP? ➢ 8.1 million approximately (Shodan – PHP) However..
What about virtual hosting? ➢ 1.4 billion websites ➢ 232
million unique domains ➢ 27 million websites running WordPress That’s a lot more attack surface for adversaries (Netcraft March 2019 Survey)
Classic XSS Attacks ➢ Cookie Stealing ➢ Prevented by “HttpOnly”
flag ➢ Defacements ➢ Phishing ➢ Session Hijacking (e.g. BeEF, XSSER, etc.)
None
None
None
None
XSSER
XSSER What and why? ➢ Can automate XSS attacks to
obtain RCE ➢ Meant for educational purposes ➢ Fully open source and available on GitHub
Demo
References https://github.com/Varbaek/xsser https://shodan.io https://news.netcraft.com/archives/cat egory/web-server-survey/
Questions?
varbaek
chiilog
notahotel
tomorrowkey
leveragestech
inureyes
htkym
pfn
tomehirata
quiver
coconala_engineer
cyberagentdevelopers
kentapapa
nonsquared
orderedlist
quramy
cassininazir
sergeychernyshev
danielanewman
jcasabona
skipperchong
thekraken
iamctodd
3n
bcantrill
