Skip to content
/ xss2shell Public

Tool for abusing XSS vulnerabilities on Wordpress and Joomla! installations

71 stars 20 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Prochainezo/xss2shell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
README.md
README.md
 
 
joomla.js
joomla.js
 
 
wordpress.js
wordpress.js
 
 
xss2shell.py
xss2shell.py
 
 

Repository files navigation

XSS2SHELL v3

Changelog:
v3 - "Hello Dolly" plugin is now used for backdooring WP; Themes are no longer used.
V2 - Added Joomla support

Videos:
Exploiting CVE-2014-9031 with XSS2SHELL (V3): http://youtu.be/hRIuaLQfOhs
XSS2SHELL - Video Walkthrough & Introduction (V1): http://youtu.be/-EGUfPgK_lw

XSS2SHELL is a piece of software which allows you to get instant php code execution on WordPress and Joomla! installations via XSS vulnerabilities. The tool is designed to operate as follows:

  1. User generates his javascript payload by using the python builder
  2. User uploads the payload and injects it into an existing XSS vuln
  3. Payload is triggerd by a WP/Joomla! admin, and the attacker's php is evaled

Some notes:

  1. The WordPress payload is always saved to "/wp-content/plugins/hello.php"
  2. The Joomla! payload is always saved to "/administrator/templates/isis/pay.php"

Feel free to contribute to this repo by reporting bugs or making productive pull requests.

About

Tool for abusing XSS vulnerabilities on Wordpress and Joomla! installations

Resources

Readme
Activity

Stars

71 stars

Watchers

11 watching

Forks

20 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages