Pinterest • The world’s catalog of ideas

Final (Leet) Status in XSSposed

pin 3

Steps (Linux Ubuntu) - 1) Showing vulnerable code. 2) Compiling program w/o stack protector. 3) Assigning it to root. 4) Enabling it to run as root. 5) Creating file w/ shellcode. 6) Placing shellcode w/ a NOP sled into an environment variable. 7) Disabling ASLR. 8) Making the program stack executable. 9) Using GDB to crash the program, confirm EIP overwrite & find the address of shellcode in memory. 10) Exploiting the program using address found in little-endian format, few bytes ahead…

pin 3

Self-Replicating XSS

pin 2
heart 1