JShell – Get A JavaScript Shell With XSS

Comments Off on JShell – Get A JavaScript Shell With XSS

JShell – Get a JavaScript shell with XSS.

Usages
Run shell.py
and JShell will automatically try to detect your IP address, default LPORT is 33.

As you can see the payload has been generated and now all you have to do is to deliver this payload to the victim.

As soon as you do that, you will get a JS shell over netcat where you can execute your JavaScript code in victim’s browser as soon as the injected page is open.
Here’s a screenshot:

Credits, Disclaimer & License
This script uses the method demostrated by Rodolfo Assis

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress