90 Hacking Exposed Web 2.0
The first XSS proxy to be publicly released was XSS-proxy, by Anton Rager at Shmoocon
in 2005. This tool, available at http://xss-proxy.sourceforge.net/, allows an attacker to
monitor a user??™s behavior and force the victim user??™s browser to execute commands sent
by the attacker. If an attacker discovers a XSS vulnerability in a target web application, he
can then use the following steps to perform an attack with XSS-proxy:
1. The attacker should download the XSS-proxy code and then host it on a UNIX
web server under his control, such as www.cybervillians.com. This web server
should have a copy of version 5 of the Perl interpreter (available at www.perl.org).
2. Edit the XSS-Proxy-shmoo_0_0_11.pl ?¬? le. Change the $PORT variable on line
234 if port 80 is already in use. Change the $code_server variable on line 69
to the domain name of the server, in this case http://www.cybervillians.com.
3. Run XSS-proxy with the Perl interpreter by executing perl XSS-Proxyshmoo_
0_0_11.pl. Note that root privileges are needed if the $PORT value is
set to less than 1024.
4. Connect to /admin on the domain and port selected. For example, if $PORT
was set to 1234 and $code_server was set to htt://www.
Pages:
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191