Shell of the Future v0.9.0.2 Released

Posted by connection on August 2nd, 2010 | 2 comments
Share

Shell of the Future is a Reverse Web Shell handler. It can be used to hijack sessions where JavaScript can be injected using Cross-site Scripting or through the browser’s address bar. It makes use of HTML5′s Cross Origin Requests and can bypass anti-session hijacking measures like Http-Only cookies and IP address-Session ID binding.

It can be used to:
Demonstrate the severity of XSS and JavaScript injection attacks
Create POCs for XSS vulnerabilities in Penetration test reports
Run automated scans on internal websites from outside by tunneling the traffic through an internal browser

Fixed a SSL Url handling bug in the direct fetch feature

Download: http://www.andlabs.org

Share

Article By

has written 728 articles!

Subscribe to the HackTalk Security feed via RSS or EMAIL to receive instant updates.

You can follow any responses to this entry through the RSS 2.0 feed.

Comments

  1. On August 03, 2010 Rage says:

    WICKED, such a great src to learn javascript from

  2. On September 07, 2010 spetryjep says:

    Very Interesting!
    Thank You!

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

CAPTCHA Image
*

 

Our Sponsors

Become a HackTalk SponsorBecome a HackTalk SponsorBecome a HackTalk SponsorBecome a HackTalk Sponsor
Get Adobe Flash playerPlugin by wpburn.com wordpress themes