Systematic XSS exploitation
Aureliano Calvo
Corelabs Technical Report
Date published
Software agents, penetration testing, network vulnerability assessment, cross site scripting, web application vulnerability assessment, hybrid penetration testing


The cross-site scripting (XSS) vulnerabilities are usually overlooked and their impact is typically underestimated because its analysis requires security skills that are often absent in testers and developers. In this paper I introduce a tool that enables the decoupling of the exploitation and post-exploitation. The tool provides the means to turn a XSS vulnerability into a machine that receives payloads with post-exploitations actions written against a generic API; therefore allowing to asses the full potential of the vulnerability. In particular, I show how can exploited pages be used as vantage points for other kinds of attacks, such as exploitation of binary vulnerabilities and malware distribution. I also include full details into how the tool works and code for its critical functions.