Month: <span>March 2018</span>

Microsoft Word upload to Stored XSS

March 25, 2018
ExploitPentesting
0 Comment

Anytime I find a file upload form I test it.  Best case scenario is that I can upload a reverse shell in a scripting language available on the webserver.  If the application is running in PHP or ASP for example, it becomes quite easy.  If I can’t get a backdoor uploaded, I will attempt to…

Read More

Exploiting complex XSS payloads in a constrained parameter

March 19, 2018
Pentesting
0 Comment

When identifying XSS (Cross-site Scripting) within a target application, I often choose to go beyond a proof-of-concept exploit such as popping an alert box.  I find that the best payloads are those which exploit functionality within the application which require authentication, such as adding a new user when logged in as an administrator.  Other useful…

Read More